From 66cec45960ce1d9c794e9399de15c138acb18aed Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 18:03:42 +0200 Subject: Adding upstream version 7.3.0+dfsg. Signed-off-by: Daniel Baumann --- ansible_collections/cisco/ise/.DS_Store | Bin 0 -> 10244 bytes .../cisco/ise/.github/ISSUE_TEMPLATE/bug_report.md | 31 + .../cisco/ise/.github/ISSUE_TEMPLATE/config.yml | 1 + .../ise/.github/ISSUE_TEMPLATE/feature_request.md | 20 + .../cisco/ise/.github/workflows/docs.yml | 39 + .../cisco/ise/.github/workflows/sanity_tests.yml | 39 + ansible_collections/cisco/ise/.gitignore | 20 + ansible_collections/cisco/ise/.vscode/launch.json | 16 + .../cisco/ise/.vscode/settings.json | 3 + ansible_collections/cisco/ise/FILES.json | 6424 ++++++++++++++++++++ ansible_collections/cisco/ise/LICENSE | 677 +++ ansible_collections/cisco/ise/MANIFEST.json | 39 + ansible_collections/cisco/ise/Makefile | 58 + ansible_collections/cisco/ise/README.md | 273 + .../cisco/ise/changelogs/changelog.yaml | 922 +++ ansible_collections/cisco/ise/docs/Makefile | 20 + .../cisco/ise/docs/_gh_include/footer.inc | 4 + .../cisco/ise/docs/_gh_include/header.inc | 17 + ansible_collections/cisco/ise/docs/conf.py | 154 + ansible_collections/cisco/ise/docs/index.rst | 21 + .../cisco/ise/docs/requirements.txt | 6 + .../cisco/ise/docs/roles.rst.template | 3 + ansible_collections/cisco/ise/hosts | 8 + ansible_collections/cisco/ise/meta/runtime.yml | 2 + .../cisco/ise/playbooks/aci_settings.yml | 51 + .../cisco/ise/playbooks/active_directory.yml | 85 + .../cisco/ise/playbooks/allowed_protocols.yml | 62 + .../cisco/ise/playbooks/anc_policy.yml | 30 + .../cisco/ise/playbooks/authorization_profile.yml | 43 + .../cisco/ise/playbooks/aws_deployment.yml | 25 + .../cisco/ise/playbooks/azure_deployment.yml | 46 + ansible_collections/cisco/ise/playbooks/b.yml | 130 + .../cisco/ise/playbooks/backup_create.yml | 45 + .../cisco/ise/playbooks/backup_restore.yml | 16 + .../cisco/ise/playbooks/backup_schedule.yml | 21 + .../cisco/ise/playbooks/byod_portal.yml | 288 + .../cisco/ise/playbooks/certificate_management.yml | 75 + .../cisco/ise/playbooks/certificate_profile.yml | 24 + .../cisco/ise/playbooks/certificates.yml | 49 + .../cisco/ise/playbooks/credentials.template | 10 + .../cisco/ise/playbooks/credentials.yml | 19 + .../cisco/ise/playbooks/csr_export.yml | 59 + .../cisco/ise/playbooks/deployment_info.yml | 16 + .../device_administration_authentication_rules.yml | 64 + ...dministration_authorization_exception_rules.yml | 59 + ...ration_authorization_global_exception_rules.yml | 55 + .../device_administration_authorization_rules.yml | 56 + .../device_administration_network_conditions.yml | 50 + .../playbooks/device_administration_policy_set.yml | 65 + .../device_administration_time_date_conditions.yml | 57 + .../cisco/ise/playbooks/downloadable_acl.yml | 41 + .../cisco/ise/playbooks/egress_matrix_cell.yml | 66 + .../cisco/ise/playbooks/endpoint.yml | 45 + .../cisco/ise/playbooks/endpoint_certificate.yml | 22 + .../cisco/ise/playbooks/endpoint_group.yml | 17 + .../cisco/ise/playbooks/filter_policy.yml | 59 + .../cisco/ise/playbooks/group_vars/ise_servers | 10 + ansible_collections/cisco/ise/playbooks/hosts | 8 + .../cisco/ise/playbooks/identity_group.yml | 32 + .../cisco/ise/playbooks/internal_user.yml | 100 + .../cisco/ise/playbooks/my_device_portal.yml | 19 + .../ise/playbooks/native_supplicant_profile.yml | 23 + .../network_access_authentication_rules.yml | 56 + ...etwork_access_authorization_exception_rules.yml | 58 + ...access_authorization_global_exception_rules.yml | 55 + .../network_access_authorization_rules.yml | 56 + .../ise/playbooks/network_access_conditions.yml | 78 + .../ise/playbooks/network_access_dictionary.yml | 42 + .../network_access_dictionary_attribute.yml | 43 + .../playbooks/network_access_network_condition.yml | 49 + .../ise/playbooks/network_access_policy_set.yml | 59 + .../network_access_time_date_conditions.yml | 58 + .../cisco/ise/playbooks/network_device.yml | 72 + .../cisco/ise/playbooks/network_device_group.yml | 62 + .../playbooks/network_device_group_deparments.yml | 173 + .../cisco/ise/playbooks/personas_deployment.yml | 20 + .../cisco/ise/playbooks/playbookstest.yml | 183 + .../cisco/ise/playbooks/portal_global_setting.yml | 32 + .../cisco/ise/playbooks/portal_theme.yml | 31 + .../cisco/ise/playbooks/profiler-services.yml | 40 + .../cisco/ise/playbooks/radius_server_sequence.yml | 52 + .../cisco/ise/playbooks/sponsor_portal.yml | 1096 ++++ .../cisco/ise/playbooks/support_bundle.yml | 57 + .../cisco/ise/playbooks/system_certificate.yml | 67 + .../cisco/ise/playbooks/trustsec_nbarapp.yml | 106 + .../cisco/ise/playbooks/trustsec_sg_vn_mapping.yml | 81 + .../cisco/ise/playbooks/trustsec_vn.yml | 90 + .../ise/playbooks/trustsec_vn_vlan_mapping.yml | 86 + .../device_administration_time_date_conditions.yml | 16 + .../cisco/ise/plugins/action/aci_bindings_info.py | 130 + .../cisco/ise/plugins/action/aci_settings.py | 253 + .../cisco/ise/plugins/action/aci_settings_info.py | 90 + .../ise/plugins/action/aci_test_connectivity.py | 86 + .../cisco/ise/plugins/action/active_directory.py | 233 + .../plugins/action/active_directory_add_groups.py | 104 + .../active_directory_groups_by_domain_info.py | 94 + .../ise/plugins/action/active_directory_info.py | 144 + ...ctive_directory_is_user_member_of_group_info.py | 94 + .../plugins/action/active_directory_join_domain.py | 90 + .../active_directory_join_domain_with_all_nodes.py | 90 + .../action/active_directory_leave_domain.py | 90 + ...active_directory_leave_domain_with_all_nodes.py | 90 + .../active_directory_trusted_domains_info.py | 92 + .../action/active_directory_user_groups_info.py | 94 + .../cisco/ise/plugins/action/admin_user_info.py | 141 + .../cisco/ise/plugins/action/allowed_protocols.py | 308 + .../ise/plugins/action/allowed_protocols_info.py | 144 + .../cisco/ise/plugins/action/anc_endpoint_apply.py | 88 + .../anc_endpoint_bulk_monitor_status_info.py | 98 + .../plugins/action/anc_endpoint_bulk_request.py | 90 + .../cisco/ise/plugins/action/anc_endpoint_clear.py | 88 + .../cisco/ise/plugins/action/anc_endpoint_info.py | 141 + .../cisco/ise/plugins/action/anc_policy.py | 242 + .../action/anc_policy_bulk_monitor_status_info.py | 98 + .../ise/plugins/action/anc_policy_bulk_request.py | 90 + .../cisco/ise/plugins/action/anc_policy_info.py | 152 + .../ise/plugins/action/authorization_profile.py | 317 + .../plugins/action/authorization_profile_info.py | 144 + .../cisco/ise/plugins/action/backup_cancel.py | 86 + .../cisco/ise/plugins/action/backup_config.py | 92 + .../ise/plugins/action/backup_last_status_info.py | 90 + .../cisco/ise/plugins/action/backup_restore.py | 94 + .../ise/plugins/action/backup_schedule_config.py | 108 + .../action/backup_schedule_config_update.py | 108 + .../ise/plugins/action/bind_signed_certificate.py | 120 + .../cisco/ise/plugins/action/byod_portal.py | 270 + .../cisco/ise/plugins/action/byod_portal_info.py | 141 + .../ise/plugins/action/certificate_profile.py | 232 + .../ise/plugins/action/certificate_profile_info.py | 144 + .../plugins/action/certificate_template_info.py | 144 + .../cisco/ise/plugins/action/csr_delete.py | 90 + .../cisco/ise/plugins/action/csr_export_info.py | 112 + .../cisco/ise/plugins/action/csr_generate.py | 122 + .../plugins/action/csr_generate_intermediate_ca.py | 86 + .../cisco/ise/plugins/action/csr_info.py | 143 + .../cisco/ise/plugins/action/deployment_info.py | 92 + ...administration_authentication_reset_hitcount.py | 88 + .../device_administration_authentication_rules.py | 269 + ...ice_administration_authentication_rules_info.py | 103 + ..._administration_authorization_reset_hitcount.py | 88 + .../device_administration_authorization_rules.py | 263 + ...vice_administration_authorization_rules_info.py | 103 + .../device_administration_command_set_info.py | 90 + .../action/device_administration_conditions.py | 287 + ...tion_conditions_for_authentication_rule_info.py | 90 + ...ation_conditions_for_authorization_rule_info.py | 90 + ...dministration_conditions_for_policy_set_info.py | 90 + .../device_administration_conditions_info.py | 112 + ...on_dictionary_attributes_authentication_info.py | 90 + ...ion_dictionary_attributes_authorization_info.py | 90 + ...ration_dictionary_attributes_policy_set_info.py | 90 + ...device_administration_global_exception_rules.py | 254 + ...e_administration_global_exception_rules_info.py | 101 + ...ration_global_exception_rules_reset_hitcount.py | 86 + .../device_administration_identity_stores_info.py | 90 + .../device_administration_local_exception_rules.py | 263 + ...ce_administration_local_exception_rules_info.py | 103 + ...tration_local_exception_rules_reset_hitcount.py | 88 + .../device_administration_network_conditions.py | 241 + ...evice_administration_network_conditions_info.py | 101 + .../action/device_administration_policy_set.py | 256 + .../device_administration_policy_set_info.py | 101 + ...ice_administration_policy_set_reset_hitcount.py | 86 + .../action/device_administration_profiles_info.py | 90 + .../device_administration_service_names_info.py | 90 + .../device_administration_time_date_conditions.py | 277 + ...ice_administration_time_date_conditions_info.py | 101 + .../cisco/ise/plugins/action/downloadable_acl.py | 264 + .../ise/plugins/action/downloadable_acl_info.py | 133 + .../cisco/ise/plugins/action/egress_matrix_cell.py | 273 + .../egress_matrix_cell_bulk_monitor_status_info.py | 98 + .../action/egress_matrix_cell_bulk_request.py | 90 + .../plugins/action/egress_matrix_cell_clear_all.py | 86 + .../ise/plugins/action/egress_matrix_cell_clone.py | 92 + .../ise/plugins/action/egress_matrix_cell_info.py | 141 + .../action/egress_matrix_cell_set_all_status.py | 88 + .../cisco/ise/plugins/action/endpoint.py | 275 + .../action/endpoint_bulk_monitor_status_info.py | 98 + .../ise/plugins/action/endpoint_bulk_request.py | 90 + .../ise/plugins/action/endpoint_certificate.py | 106 + .../ise/plugins/action/endpoint_deregister.py | 88 + .../action/endpoint_get_rejected_endpoints_info.py | 90 + .../cisco/ise/plugins/action/endpoint_group.py | 245 + .../ise/plugins/action/endpoint_group_info.py | 152 + .../cisco/ise/plugins/action/endpoint_info.py | 152 + .../cisco/ise/plugins/action/endpoint_register.py | 112 + .../action/endpoint_release_rejected_endpoint.py | 88 + .../ise/plugins/action/external_radius_server.py | 275 + .../plugins/action/external_radius_server_info.py | 144 + .../cisco/ise/plugins/action/filter_policy.py | 362 ++ .../cisco/ise/plugins/action/filter_policy_info.py | 133 + .../ise/plugins/action/guest_location_info.py | 141 + .../action/guest_smtp_notification_settings.py | 255 + .../guest_smtp_notification_settings_info.py | 141 + .../cisco/ise/plugins/action/guest_ssid.py | 255 + .../cisco/ise/plugins/action/guest_ssid_info.py | 141 + .../cisco/ise/plugins/action/guest_type.py | 273 + .../cisco/ise/plugins/action/guest_type_email.py | 90 + .../cisco/ise/plugins/action/guest_type_info.py | 141 + .../cisco/ise/plugins/action/guest_type_sms.py | 90 + .../cisco/ise/plugins/action/guest_user.py | 280 + .../cisco/ise/plugins/action/guest_user_approve.py | 88 + .../action/guest_user_bulk_monitor_status_info.py | 98 + .../ise/plugins/action/guest_user_bulk_request.py | 90 + .../action/guest_user_change_sponsor_password.py | 90 + .../cisco/ise/plugins/action/guest_user_deny.py | 88 + .../cisco/ise/plugins/action/guest_user_email.py | 92 + .../cisco/ise/plugins/action/guest_user_info.py | 152 + .../ise/plugins/action/guest_user_reinstate.py | 90 + .../plugins/action/guest_user_reset_password.py | 88 + .../cisco/ise/plugins/action/guest_user_sms.py | 90 + .../cisco/ise/plugins/action/guest_user_suspend.py | 92 + .../cisco/ise/plugins/action/hotpatch_info.py | 90 + .../cisco/ise/plugins/action/hotpatch_install.py | 90 + .../cisco/ise/plugins/action/hotpatch_rollback.py | 90 + .../cisco/ise/plugins/action/hotspot_portal.py | 270 + .../ise/plugins/action/hotspot_portal_info.py | 141 + .../cisco/ise/plugins/action/id_store_sequence.py | 254 + .../ise/plugins/action/id_store_sequence_info.py | 144 + .../cisco/ise/plugins/action/identity_group.py | 220 + .../ise/plugins/action/identity_group_info.py | 152 + .../cisco/ise/plugins/action/internal_user.py | 338 + .../cisco/ise/plugins/action/internal_user_info.py | 152 + .../ise/plugins/action/ise_root_ca_regenerate.py | 88 + .../action/licensing_connection_type_info.py | 90 + .../plugins/action/licensing_eval_license_info.py | 90 + .../licensing_feature_to_tier_mapping_info.py | 90 + .../action/licensing_registration_create.py | 96 + .../plugins/action/licensing_registration_info.py | 90 + .../plugins/action/licensing_smart_state_create.py | 86 + .../plugins/action/licensing_smart_state_info.py | 90 + .../plugins/action/licensing_tier_state_create.py | 88 + .../plugins/action/licensing_tier_state_info.py | 90 + .../ise/plugins/action/mnt_account_status_info.py | 100 + .../action/mnt_athentication_status_info.py | 96 + .../action/mnt_authentication_status_info.py | 96 + .../ise/plugins/action/mnt_failure_reasons_info.py | 90 + .../action/mnt_session_active_count_info.py | 90 + .../plugins/action/mnt_session_active_list_info.py | 90 + .../plugins/action/mnt_session_auth_list_info.py | 90 + .../ise/plugins/action/mnt_session_by_ip_info.py | 98 + .../ise/plugins/action/mnt_session_by_mac_info.py | 98 + .../plugins/action/mnt_session_by_nas_ip_info.py | 98 + .../plugins/action/mnt_session_by_username_info.py | 98 + .../ise/plugins/action/mnt_session_delete_all.py | 86 + .../plugins/action/mnt_session_disconnect_info.py | 106 + .../action/mnt_session_posture_count_info.py | 90 + .../action/mnt_session_profiler_count_info.py | 90 + .../action/mnt_session_reauthentication_info.py | 102 + .../action/mnt_sessions_by_session_id_info.py | 92 + .../cisco/ise/plugins/action/mnt_version_info.py | 90 + .../cisco/ise/plugins/action/my_device_portal.py | 270 + .../ise/plugins/action/my_device_portal_info.py | 141 + .../plugins/action/native_supplicant_profile.py | 248 + .../action/native_supplicant_profile_info.py | 133 + .../action/network_access_authentication_rules.py | 269 + .../network_access_authentication_rules_info.py | 103 + ...k_access_authentication_rules_reset_hitcount.py | 88 + .../action/network_access_authorization_rules.py | 269 + .../network_access_authorization_rules_info.py | 103 + ...rk_access_authorization_rules_reset_hitcount.py | 88 + .../plugins/action/network_access_conditions.py | 287 + ...cess_conditions_for_authentication_rule_info.py | 90 + ...ccess_conditions_for_authorization_rule_info.py | 90 + ...etwork_access_conditions_for_policy_set_info.py | 90 + .../action/network_access_conditions_info.py | 112 + .../plugins/action/network_access_dictionary.py | 235 + .../action/network_access_dictionary_attribute.py | 232 + .../network_access_dictionary_attribute_info.py | 103 + ...ss_dictionary_attributes_authentication_info.py | 90 + ...ess_dictionary_attributes_authorization_info.py | 90 + ...access_dictionary_attributes_policy_set_info.py | 90 + .../action/network_access_dictionary_info.py | 101 + .../network_access_global_exception_rules.py | 254 + .../network_access_global_exception_rules_info.py | 101 + ...access_global_exception_rules_reset_hitcount.py | 86 + .../action/network_access_identity_stores_info.py | 90 + .../action/network_access_local_exception_rules.py | 263 + .../network_access_local_exception_rules_info.py | 103 + ...access_local_exception_rules_reset_hitcounts.py | 88 + .../action/network_access_network_condition.py | 253 + .../network_access_network_condition_info.py | 101 + .../plugins/action/network_access_policy_set.py | 256 + .../action/network_access_policy_set_info.py | 101 + .../network_access_policy_set_reset_hitcount.py | 86 + .../plugins/action/network_access_profiles_info.py | 90 + .../action/network_access_security_groups_info.py | 90 + .../action/network_access_service_name_info.py | 90 + .../action/network_access_time_date_conditions.py | 277 + .../network_access_time_date_conditions_info.py | 101 + .../cisco/ise/plugins/action/network_device.py | 283 + .../network_device_bulk_monitor_status_info.py | 98 + .../plugins/action/network_device_bulk_request.py | 90 + .../ise/plugins/action/network_device_group.py | 248 + .../plugins/action/network_device_group_info.py | 154 + .../ise/plugins/action/network_device_info.py | 152 + .../cisco/ise/plugins/action/node_deployment.py | 226 + .../ise/plugins/action/node_deployment_info.py | 105 + .../ise/plugins/action/node_deployment_sync.py | 88 + .../cisco/ise/plugins/action/node_group.py | 220 + .../cisco/ise/plugins/action/node_group_info.py | 101 + .../ise/plugins/action/node_group_node_create.py | 90 + .../ise/plugins/action/node_group_node_delete.py | 90 + .../ise/plugins/action/node_group_node_info.py | 92 + .../cisco/ise/plugins/action/node_info.py | 148 + .../plugins/action/node_primary_to_standalone.py | 168 + .../cisco/ise/plugins/action/node_promotion.py | 88 + .../plugins/action/node_replication_status_info.py | 98 + .../plugins/action/node_secondary_to_primary.py | 168 + .../action/node_services_interfaces_info.py | 98 + .../action/node_services_profiler_probe_config.py | 219 + .../node_services_profiler_probe_config_info.py | 98 + .../plugins/action/node_services_sxp_interfaces.py | 172 + .../action/node_services_sxp_interfaces_info.py | 92 + .../plugins/action/node_standalone_to_primary.py | 167 + .../cisco/ise/plugins/action/node_sync.py | 88 + .../cisco/ise/plugins/action/pan_ha.py | 197 + .../cisco/ise/plugins/action/pan_ha_info.py | 90 + .../cisco/ise/plugins/action/pan_ha_update.py | 96 + .../cisco/ise/plugins/action/patch_info.py | 90 + .../cisco/ise/plugins/action/patch_install.py | 90 + .../cisco/ise/plugins/action/patch_rollback.py | 88 + .../plugins/action/personas_check_standalone.py | 92 + .../ise/plugins/action/personas_export_certs.py | 99 + .../ise/plugins/action/personas_promote_primary.py | 86 + .../ise/plugins/action/personas_register_node.py | 103 + .../action/personas_update_roles_services.py | 115 + .../ise/plugins/action/portal_global_setting.py | 219 + .../plugins/action/portal_global_setting_info.py | 141 + .../cisco/ise/plugins/action/portal_info.py | 141 + .../cisco/ise/plugins/action/portal_theme.py | 261 + .../cisco/ise/plugins/action/portal_theme_info.py | 141 + .../ise/plugins/action/profiler_profile_info.py | 141 + .../plugins/action/proxy_connection_settings.py | 183 + .../action/proxy_connection_settings_info.py | 90 + .../ise/plugins/action/px_grid_node_approve.py | 88 + .../ise/plugins/action/px_grid_node_delete.py | 88 + .../cisco/ise/plugins/action/px_grid_node_info.py | 144 + .../action/px_grid_settings_auto_approve.py | 90 + .../ise/plugins/action/pxgrid_access_secret.py | 88 + .../ise/plugins/action/pxgrid_account_activate.py | 88 + .../ise/plugins/action/pxgrid_account_create.py | 88 + .../ise/plugins/action/pxgrid_authorization.py | 86 + .../ise/plugins/action/pxgrid_bindings_info.py | 88 + .../plugins/action/pxgrid_egress_matrices_info.py | 88 + .../plugins/action/pxgrid_egress_policies_info.py | 88 + .../plugins/action/pxgrid_endpoint_by_mac_info.py | 88 + .../action/pxgrid_endpoints_by_os_type_info.py | 88 + .../action/pxgrid_endpoints_by_type_info.py | 88 + .../ise/plugins/action/pxgrid_endpoints_info.py | 88 + .../ise/plugins/action/pxgrid_failures_info.py | 90 + .../ise/plugins/action/pxgrid_healths_info.py | 88 + .../ise/plugins/action/pxgrid_node_approve.py | 88 + .../cisco/ise/plugins/action/pxgrid_node_delete.py | 88 + .../cisco/ise/plugins/action/pxgrid_node_info.py | 144 + .../ise/plugins/action/pxgrid_performances_info.py | 88 + .../ise/plugins/action/pxgrid_profiles_info.py | 88 + .../action/pxgrid_security_group_acls_info.py | 88 + .../plugins/action/pxgrid_security_groups_info.py | 88 + .../ise/plugins/action/pxgrid_service_lookup.py | 88 + .../ise/plugins/action/pxgrid_service_register.py | 88 + .../plugins/action/pxgrid_service_reregister.py | 86 + .../plugins/action/pxgrid_service_unregister.py | 86 + .../plugins/action/pxgrid_session_by_ip_info.py | 88 + .../plugins/action/pxgrid_session_by_mac_info.py | 88 + .../action/pxgrid_session_for_recovery_info.py | 88 + .../ise/plugins/action/pxgrid_sessions_info.py | 88 + .../plugins/action/pxgrid_settings_auto_approve.py | 90 + .../action/pxgrid_user_group_by_username_info.py | 88 + .../ise/plugins/action/pxgrid_user_groups_info.py | 88 + .../ise/plugins/action/radius_server_sequence.py | 294 + .../plugins/action/radius_server_sequence_info.py | 133 + .../cisco/ise/plugins/action/renew_certificate.py | 88 + .../cisco/ise/plugins/action/repository.py | 241 + .../ise/plugins/action/repository_files_info.py | 101 + .../cisco/ise/plugins/action/repository_info.py | 101 + .../ise/plugins/action/resource_version_info.py | 92 + .../cisco/ise/plugins/action/rest_id_store.py | 253 + .../cisco/ise/plugins/action/rest_id_store_info.py | 152 + .../ise/plugins/action/self_registered_portal.py | 270 + .../plugins/action/self_registered_portal_info.py | 141 + .../action/selfsigned_certificate_generate.py | 150 + .../plugins/action/session_service_node_info.py | 144 + .../cisco/ise/plugins/action/sg_acl.py | 273 + .../action/sg_acl_bulk_monitor_status_info.py | 98 + .../ise/plugins/action/sg_acl_bulk_request.py | 90 + .../cisco/ise/plugins/action/sg_acl_info.py | 141 + .../cisco/ise/plugins/action/sg_mapping.py | 273 + .../action/sg_mapping_bulk_monitor_status_info.py | 98 + .../ise/plugins/action/sg_mapping_bulk_request.py | 90 + .../cisco/ise/plugins/action/sg_mapping_deploy.py | 88 + .../ise/plugins/action/sg_mapping_deploy_all.py | 86 + .../action/sg_mapping_deploy_status_info.py | 90 + .../cisco/ise/plugins/action/sg_mapping_group.py | 264 + .../sg_mapping_group_bulk_monitor_status_info.py | 98 + .../action/sg_mapping_group_bulk_request.py | 90 + .../ise/plugins/action/sg_mapping_group_deploy.py | 88 + .../plugins/action/sg_mapping_group_deploy_all.py | 86 + .../action/sg_mapping_group_deploy_status_info.py | 90 + .../ise/plugins/action/sg_mapping_group_info.py | 141 + .../cisco/ise/plugins/action/sg_mapping_info.py | 141 + .../cisco/ise/plugins/action/sg_to_vn_to_vlan.py | 264 + .../sg_to_vn_to_vlan_bulk_monitor_status_info.py | 98 + .../action/sg_to_vn_to_vlan_bulk_request.py | 90 + .../ise/plugins/action/sg_to_vn_to_vlan_info.py | 137 + .../cisco/ise/plugins/action/sgt.py | 274 + .../plugins/action/sgt_bulk_monitor_status_info.py | 98 + .../cisco/ise/plugins/action/sgt_bulk_request.py | 90 + .../cisco/ise/plugins/action/sgt_info.py | 141 + .../cisco/ise/plugins/action/sms_provider_info.py | 130 + .../cisco/ise/plugins/action/sponsor_group.py | 285 + .../cisco/ise/plugins/action/sponsor_group_info.py | 141 + .../plugins/action/sponsor_group_member_info.py | 130 + .../cisco/ise/plugins/action/sponsor_portal.py | 270 + .../ise/plugins/action/sponsor_portal_info.py | 141 + .../ise/plugins/action/sponsored_guest_portal.py | 270 + .../plugins/action/sponsored_guest_portal_info.py | 141 + .../cisco/ise/plugins/action/support_bundle.py | 94 + .../ise/plugins/action/support_bundle_download.py | 100 + .../plugins/action/support_bundle_status_info.py | 133 + .../cisco/ise/plugins/action/sxp_connections.py | 275 + .../sxp_connections_bulk_monitor_status_info.py | 98 + .../plugins/action/sxp_connections_bulk_request.py | 90 + .../ise/plugins/action/sxp_connections_info.py | 141 + .../cisco/ise/plugins/action/sxp_local_bindings.py | 270 + .../sxp_local_bindings_bulk_monitor_status_info.py | 98 + .../action/sxp_local_bindings_bulk_request.py | 90 + .../ise/plugins/action/sxp_local_bindings_info.py | 141 + .../cisco/ise/plugins/action/sxp_vpns.py | 227 + .../action/sxp_vpns_bulk_monitor_status_info.py | 98 + .../ise/plugins/action/sxp_vpns_bulk_request.py | 90 + .../cisco/ise/plugins/action/sxp_vpns_info.py | 141 + .../cisco/ise/plugins/action/system_certificate.py | 268 + .../plugins/action/system_certificate_create.py | 90 + .../action/system_certificate_export_info.py | 106 + .../plugins/action/system_certificate_import.py | 128 + .../ise/plugins/action/system_certificate_info.py | 152 + .../plugins/action/system_config_version_info.py | 90 + .../ise/plugins/action/tacacs_command_sets.py | 248 + .../ise/plugins/action/tacacs_command_sets_info.py | 144 + .../ise/plugins/action/tacacs_external_servers.py | 257 + .../plugins/action/tacacs_external_servers_info.py | 144 + .../cisco/ise/plugins/action/tacacs_profile.py | 245 + .../ise/plugins/action/tacacs_profile_info.py | 144 + .../ise/plugins/action/tacacs_server_sequence.py | 263 + .../plugins/action/tacacs_server_sequence_info.py | 144 + .../cisco/ise/plugins/action/tasks_info.py | 101 + .../cisco/ise/plugins/action/telemetry_info.py | 137 + .../plugins/action/threat_vulnerabilities_clear.py | 88 + .../plugins/action/transport_gateway_settings.py | 171 + .../action/transport_gateway_settings_info.py | 90 + .../ise/plugins/action/trusted_certificate.py | 300 + .../action/trusted_certificate_export_info.py | 110 + .../plugins/action/trusted_certificate_import.py | 108 + .../ise/plugins/action/trusted_certificate_info.py | 141 + .../cisco/ise/plugins/action/trustsec_nbar_app.py | 256 + .../ise/plugins/action/trustsec_nbar_app_info.py | 141 + .../ise/plugins/action/trustsec_sg_vn_mapping.py | 267 + .../action/trustsec_sg_vn_mapping_bulk_create.py | 88 + .../action/trustsec_sg_vn_mapping_bulk_delete.py | 88 + .../action/trustsec_sg_vn_mapping_bulk_update.py | 88 + .../plugins/action/trustsec_sg_vn_mapping_info.py | 141 + .../cisco/ise/plugins/action/trustsec_vn.py | 256 + .../ise/plugins/action/trustsec_vn_bulk_create.py | 88 + .../ise/plugins/action/trustsec_vn_bulk_delete.py | 88 + .../ise/plugins/action/trustsec_vn_bulk_update.py | 88 + .../cisco/ise/plugins/action/trustsec_vn_info.py | 141 + .../ise/plugins/action/trustsec_vn_vlan_mapping.py | 268 + .../action/trustsec_vn_vlan_mapping_bulk_create.py | 88 + .../action/trustsec_vn_vlan_mapping_bulk_delete.py | 88 + .../action/trustsec_vn_vlan_mapping_bulk_update.py | 88 + .../action/trustsec_vn_vlan_mapping_info.py | 141 + .../cisco/ise/plugins/doc_fragments/__init__.py | 0 .../cisco/ise/plugins/doc_fragments/module.py | 72 + .../cisco/ise/plugins/doc_fragments/module_info.py | 72 + .../cisco/ise/plugins/modules/__init__.py | 0 .../cisco/ise/plugins/modules/aci_bindings_info.py | 112 + .../cisco/ise/plugins/modules/aci_settings.py | 190 + .../cisco/ise/plugins/modules/aci_settings_info.py | 75 + .../ise/plugins/modules/aci_test_connectivity.py | 52 + .../cisco/ise/plugins/modules/active_directory.py | 347 ++ .../plugins/modules/active_directory_add_groups.py | 268 + .../active_directory_groups_by_domain_info.py | 83 + .../ise/plugins/modules/active_directory_info.py | 236 + ...ctive_directory_is_user_member_of_group_info.py | 79 + .../modules/active_directory_join_domain.py | 74 + .../active_directory_join_domain_with_all_nodes.py | 68 + .../modules/active_directory_leave_domain.py | 74 + ...active_directory_leave_domain_with_all_nodes.py | 68 + .../active_directory_trusted_domains_info.py | 62 + .../modules/active_directory_user_groups_info.py | 76 + .../cisco/ise/plugins/modules/admin_user_info.py | 159 + .../cisco/ise/plugins/modules/allowed_protocols.py | 637 ++ .../ise/plugins/modules/allowed_protocols_info.py | 288 + .../ise/plugins/modules/anc_endpoint_apply.py | 66 + .../anc_endpoint_bulk_monitor_status_info.py | 71 + .../plugins/modules/anc_endpoint_bulk_request.py | 56 + .../ise/plugins/modules/anc_endpoint_clear.py | 64 + .../cisco/ise/plugins/modules/anc_endpoint_info.py | 143 + .../cisco/ise/plugins/modules/anc_policy.py | 122 + .../modules/anc_policy_bulk_monitor_status_info.py | 71 + .../ise/plugins/modules/anc_policy_bulk_request.py | 56 + .../cisco/ise/plugins/modules/anc_policy_info.py | 164 + .../ise/plugins/modules/authorization_profile.py | 403 ++ .../plugins/modules/authorization_profile_info.py | 226 + .../cisco/ise/plugins/modules/backup_cancel.py | 70 + .../cisco/ise/plugins/modules/backup_config.py | 80 + .../ise/plugins/modules/backup_last_status_info.py | 68 + .../cisco/ise/plugins/modules/backup_restore.py | 80 + .../ise/plugins/modules/backup_schedule_config.py | 113 + .../modules/backup_schedule_config_update.py | 113 + .../ise/plugins/modules/bind_signed_certificate.py | 126 + .../cisco/ise/plugins/modules/byod_portal.py | 561 ++ .../cisco/ise/plugins/modules/byod_portal_info.py | 313 + .../ise/plugins/modules/certificate_profile.py | 141 + .../plugins/modules/certificate_profile_info.py | 132 + .../plugins/modules/certificate_template_info.py | 118 + .../cisco/ise/plugins/modules/csr_delete.py | 66 + .../cisco/ise/plugins/modules/csr_export_info.py | 80 + .../cisco/ise/plugins/modules/csr_generate.py | 147 + .../modules/csr_generate_intermediate_ca.py | 63 + .../cisco/ise/plugins/modules/csr_info.py | 166 + .../cisco/ise/plugins/modules/deployment_info.py | 183 + ...administration_authentication_reset_hitcount.py | 58 + .../device_administration_authentication_rules.py | 535 ++ ...ice_administration_authentication_rules_info.py | 144 + ..._administration_authorization_reset_hitcount.py | 58 + .../device_administration_authorization_rules.py | 529 ++ ...vice_administration_authorization_rules_info.py | 144 + .../device_administration_command_set_info.py | 59 + .../modules/device_administration_conditions.py | 457 ++ ...tion_conditions_for_authentication_rule_info.py | 105 + ...ation_conditions_for_authorization_rule_info.py | 105 + ...dministration_conditions_for_policy_set_info.py | 105 + .../device_administration_conditions_info.py | 136 + ...on_dictionary_attributes_authentication_info.py | 71 + ...ion_dictionary_attributes_authorization_info.py | 71 + ...ration_dictionary_attributes_policy_set_info.py | 71 + ...device_administration_global_exception_rules.py | 523 ++ ...e_administration_global_exception_rules_info.py | 138 + ...ration_global_exception_rules_reset_hitcount.py | 54 + .../device_administration_identity_stores_info.py | 59 + .../device_administration_local_exception_rules.py | 529 ++ ...ce_administration_local_exception_rules_info.py | 144 + ...tration_local_exception_rules_reset_hitcount.py | 58 + .../device_administration_network_conditions.py | 302 + ...evice_administration_network_conditions_info.py | 108 + .../modules/device_administration_policy_set.py | 505 ++ .../device_administration_policy_set_info.py | 135 + ...ice_administration_policy_set_reset_hitcount.py | 54 + .../modules/device_administration_profiles_info.py | 59 + .../device_administration_service_names_info.py | 61 + .../device_administration_time_date_conditions.py | 299 + ...ice_administration_time_date_conditions_info.py | 70 + .../cisco/ise/plugins/modules/downloadable_acl.py | 154 + .../ise/plugins/modules/downloadable_acl_info.py | 109 + .../ise/plugins/modules/egress_matrix_cell.py | 151 + .../egress_matrix_cell_bulk_monitor_status_info.py | 72 + .../modules/egress_matrix_cell_bulk_request.py | 56 + .../modules/egress_matrix_cell_clear_all.py | 48 + .../plugins/modules/egress_matrix_cell_clone.py | 69 + .../ise/plugins/modules/egress_matrix_cell_info.py | 157 + .../modules/egress_matrix_cell_set_all_status.py | 52 + .../cisco/ise/plugins/modules/endpoint.py | 262 + .../modules/endpoint_bulk_monitor_status_info.py | 72 + .../ise/plugins/modules/endpoint_bulk_request.py | 56 + .../ise/plugins/modules/endpoint_certificate.py | 97 + .../ise/plugins/modules/endpoint_deregister.py | 52 + .../endpoint_get_rejected_endpoints_info.py | 56 + .../cisco/ise/plugins/modules/endpoint_group.py | 126 + .../ise/plugins/modules/endpoint_group_info.py | 166 + .../cisco/ise/plugins/modules/endpoint_info.py | 212 + .../cisco/ise/plugins/modules/endpoint_register.py | 158 + .../modules/endpoint_release_rejected_endpoint.py | 52 + .../ise/plugins/modules/external_radius_server.py | 188 + .../plugins/modules/external_radius_server_info.py | 144 + .../cisco/ise/plugins/modules/filter_policy.py | 123 + .../ise/plugins/modules/filter_policy_info.py | 97 + .../ise/plugins/modules/guest_location_info.py | 141 + .../modules/guest_smtp_notification_settings.py | 155 + .../guest_smtp_notification_settings_info.py | 159 + .../cisco/ise/plugins/modules/guest_ssid.py | 111 + .../cisco/ise/plugins/modules/guest_ssid_info.py | 141 + .../cisco/ise/plugins/modules/guest_type.py | 303 + .../cisco/ise/plugins/modules/guest_type_email.py | 66 + .../cisco/ise/plugins/modules/guest_type_info.py | 217 + .../cisco/ise/plugins/modules/guest_type_sms.py | 68 + .../cisco/ise/plugins/modules/guest_user.py | 337 + .../ise/plugins/modules/guest_user_approve.py | 52 + .../modules/guest_user_bulk_monitor_status_info.py | 72 + .../ise/plugins/modules/guest_user_bulk_request.py | 56 + .../modules/guest_user_change_sponsor_password.py | 68 + .../cisco/ise/plugins/modules/guest_user_deny.py | 52 + .../cisco/ise/plugins/modules/guest_user_email.py | 70 + .../cisco/ise/plugins/modules/guest_user_info.py | 218 + .../ise/plugins/modules/guest_user_reinstate.py | 66 + .../plugins/modules/guest_user_reset_password.py | 61 + .../cisco/ise/plugins/modules/guest_user_sms.py | 56 + .../ise/plugins/modules/guest_user_suspend.py | 80 + .../cisco/ise/plugins/modules/hotpatch_info.py | 59 + .../cisco/ise/plugins/modules/hotpatch_install.py | 68 + .../cisco/ise/plugins/modules/hotpatch_rollback.py | 68 + .../cisco/ise/plugins/modules/hotspot_portal.py | 546 ++ .../ise/plugins/modules/hotspot_portal_info.py | 309 + .../cisco/ise/plugins/modules/id_store_sequence.py | 161 + .../ise/plugins/modules/id_store_sequence_info.py | 144 + .../cisco/ise/plugins/modules/identity_group.py | 114 + .../ise/plugins/modules/identity_group_info.py | 166 + .../cisco/ise/plugins/modules/internal_user.py | 229 + .../ise/plugins/modules/internal_user_info.py | 184 + .../ise/plugins/modules/ise_root_ca_regenerate.py | 68 + .../modules/licensing_connection_type_info.py | 56 + .../plugins/modules/licensing_eval_license_info.py | 55 + .../licensing_feature_to_tier_mapping_info.py | 61 + .../modules/licensing_registration_create.py | 75 + .../plugins/modules/licensing_registration_info.py | 60 + .../modules/licensing_smart_state_create.py | 52 + .../plugins/modules/licensing_smart_state_info.py | 56 + .../plugins/modules/licensing_tier_state_create.py | 75 + .../plugins/modules/licensing_tier_state_info.py | 63 + .../ise/plugins/modules/mnt_account_status_info.py | 58 + .../modules/mnt_athentication_status_info.py | 65 + .../modules/mnt_authentication_status_info.py | 63 + .../plugins/modules/mnt_failure_reasons_info.py | 48 + .../modules/mnt_session_active_count_info.py | 50 + .../modules/mnt_session_active_list_info.py | 50 + .../plugins/modules/mnt_session_auth_list_info.py | 50 + .../ise/plugins/modules/mnt_session_by_ip_info.py | 53 + .../ise/plugins/modules/mnt_session_by_mac_info.py | 53 + .../plugins/modules/mnt_session_by_nas_ip_info.py | 53 + .../modules/mnt_session_by_username_info.py | 53 + .../ise/plugins/modules/mnt_session_delete_all.py | 47 + .../plugins/modules/mnt_session_disconnect_info.py | 73 + .../modules/mnt_session_posture_count_info.py | 50 + .../modules/mnt_session_profiler_count_info.py | 50 + .../modules/mnt_session_reauthentication_info.py | 63 + .../modules/mnt_sessions_by_session_id_info.py | 53 + .../cisco/ise/plugins/modules/mnt_version_info.py | 52 + .../cisco/ise/plugins/modules/my_device_portal.py | 593 ++ .../ise/plugins/modules/my_device_portal_info.py | 327 + .../plugins/modules/native_supplicant_profile.py | 143 + .../modules/native_supplicant_profile_info.py | 127 + .../modules/network_access_authentication_rules.py | 535 ++ .../network_access_authentication_rules_info.py | 144 + ...k_access_authentication_rules_reset_hitcount.py | 58 + .../modules/network_access_authorization_rules.py | 527 ++ .../network_access_authorization_rules_info.py | 144 + ...rk_access_authorization_rules_reset_hitcount.py | 58 + .../plugins/modules/network_access_conditions.py | 457 ++ ...cess_conditions_for_authentication_rule_info.py | 105 + ...ccess_conditions_for_authorization_rule_info.py | 105 + ...etwork_access_conditions_for_policy_set_info.py | 105 + .../modules/network_access_conditions_info.py | 136 + .../plugins/modules/network_access_dictionary.py | 155 + .../modules/network_access_dictionary_attribute.py | 176 + .../network_access_dictionary_attribute_info.py | 91 + ...ss_dictionary_attributes_authentication_info.py | 71 + ...ess_dictionary_attributes_authorization_info.py | 71 + ...access_dictionary_attributes_policy_set_info.py | 71 + .../modules/network_access_dictionary_info.py | 81 + .../network_access_global_exception_rules.py | 521 ++ .../network_access_global_exception_rules_info.py | 138 + ...access_global_exception_rules_reset_hitcount.py | 54 + .../modules/network_access_identity_stores_info.py | 59 + .../network_access_local_exception_rules.py | 527 ++ .../network_access_local_exception_rules_info.py | 144 + ...access_local_exception_rules_reset_hitcounts.py | 58 + .../modules/network_access_network_condition.py | 228 + .../network_access_network_condition_info.py | 95 + .../plugins/modules/network_access_policy_set.py | 505 ++ .../modules/network_access_policy_set_info.py | 135 + .../network_access_policy_set_reset_hitcount.py | 54 + .../modules/network_access_profiles_info.py | 59 + .../modules/network_access_security_groups_info.py | 59 + .../modules/network_access_service_name_info.py | 61 + .../modules/network_access_time_date_conditions.py | 299 + .../network_access_time_date_conditions_info.py | 70 + .../cisco/ise/plugins/modules/network_device.py | 518 ++ .../network_device_bulk_monitor_status_info.py | 72 + .../plugins/modules/network_device_bulk_request.py | 56 + .../ise/plugins/modules/network_device_group.py | 122 + .../plugins/modules/network_device_group_info.py | 164 + .../ise/plugins/modules/network_device_info.py | 284 + .../cisco/ise/plugins/modules/node_deployment.py | 136 + .../ise/plugins/modules/node_deployment_info.py | 109 + .../ise/plugins/modules/node_deployment_sync.py | 62 + .../cisco/ise/plugins/modules/node_group.py | 147 + .../cisco/ise/plugins/modules/node_group_info.py | 79 + .../ise/plugins/modules/node_group_node_create.py | 65 + .../ise/plugins/modules/node_group_node_delete.py | 65 + .../ise/plugins/modules/node_group_node_info.py | 63 + .../cisco/ise/plugins/modules/node_info.py | 184 + .../plugins/modules/node_primary_to_standalone.py | 62 + .../cisco/ise/plugins/modules/node_promotion.py | 54 + .../modules/node_replication_status_info.py | 54 + .../plugins/modules/node_secondary_to_primary.py | 62 + .../modules/node_services_interfaces_info.py | 63 + .../modules/node_services_profiler_probe_config.py | 284 + .../node_services_profiler_probe_config_info.py | 119 + .../modules/node_services_sxp_interfaces.py | 75 + .../modules/node_services_sxp_interfaces_info.py | 60 + .../plugins/modules/node_standalone_to_primary.py | 62 + .../cisco/ise/plugins/modules/node_sync.py | 54 + .../cisco/ise/plugins/modules/pan_ha.py | 84 + .../cisco/ise/plugins/modules/pan_ha_info.py | 66 + .../cisco/ise/plugins/modules/pan_ha_update.py | 89 + .../cisco/ise/plugins/modules/patch_info.py | 61 + .../cisco/ise/plugins/modules/patch_install.py | 68 + .../cisco/ise/plugins/modules/patch_rollback.py | 64 + .../plugins/modules/personas_check_standalone.py | 78 + .../ise/plugins/modules/personas_export_certs.py | 99 + .../plugins/modules/personas_promote_primary.py | 64 + .../ise/plugins/modules/personas_register_node.py | 108 + .../modules/personas_update_roles_services.py | 83 + .../ise/plugins/modules/portal_global_setting.py | 86 + .../plugins/modules/portal_global_setting_info.py | 141 + .../cisco/ise/plugins/modules/portal_info.py | 145 + .../cisco/ise/plugins/modules/portal_theme.py | 122 + .../cisco/ise/plugins/modules/portal_theme_info.py | 145 + .../ise/plugins/modules/profiler_profile_info.py | 145 + .../plugins/modules/proxy_connection_settings.py | 101 + .../modules/proxy_connection_settings_info.py | 60 + .../ise/plugins/modules/px_grid_node_approve.py | 52 + .../ise/plugins/modules/px_grid_node_delete.py | 52 + .../cisco/ise/plugins/modules/px_grid_node_info.py | 128 + .../modules/px_grid_settings_auto_approve.py | 56 + .../ise/plugins/modules/pxgrid_access_secret.py | 51 + .../ise/plugins/modules/pxgrid_account_activate.py | 51 + .../ise/plugins/modules/pxgrid_account_create.py | 51 + .../ise/plugins/modules/pxgrid_authorization.py | 47 + .../ise/plugins/modules/pxgrid_bindings_info.py | 48 + .../plugins/modules/pxgrid_egress_matrices_info.py | 48 + .../plugins/modules/pxgrid_egress_policies_info.py | 48 + .../plugins/modules/pxgrid_endpoint_by_mac_info.py | 48 + .../modules/pxgrid_endpoints_by_os_type_info.py | 48 + .../modules/pxgrid_endpoints_by_type_info.py | 48 + .../ise/plugins/modules/pxgrid_endpoints_info.py | 48 + .../ise/plugins/modules/pxgrid_failures_info.py | 48 + .../ise/plugins/modules/pxgrid_healths_info.py | 48 + .../ise/plugins/modules/pxgrid_node_approve.py | 52 + .../ise/plugins/modules/pxgrid_node_delete.py | 52 + .../cisco/ise/plugins/modules/pxgrid_node_info.py | 128 + .../plugins/modules/pxgrid_performances_info.py | 48 + .../ise/plugins/modules/pxgrid_profiles_info.py | 48 + .../modules/pxgrid_security_group_acls_info.py | 48 + .../plugins/modules/pxgrid_security_groups_info.py | 48 + .../ise/plugins/modules/pxgrid_service_lookup.py | 51 + .../ise/plugins/modules/pxgrid_service_register.py | 51 + .../plugins/modules/pxgrid_service_reregister.py | 47 + .../plugins/modules/pxgrid_service_unregister.py | 47 + .../plugins/modules/pxgrid_session_by_ip_info.py | 48 + .../plugins/modules/pxgrid_session_by_mac_info.py | 48 + .../modules/pxgrid_session_for_recovery_info.py | 48 + .../ise/plugins/modules/pxgrid_sessions_info.py | 48 + .../modules/pxgrid_settings_auto_approve.py | 56 + .../modules/pxgrid_user_group_by_username_info.py | 48 + .../ise/plugins/modules/pxgrid_user_groups_info.py | 48 + .../ise/plugins/modules/radius_server_sequence.py | 267 + .../plugins/modules/radius_server_sequence_info.py | 165 + .../cisco/ise/plugins/modules/renew_certificate.py | 67 + .../cisco/ise/plugins/modules/repository.py | 138 + .../ise/plugins/modules/repository_files_info.py | 61 + .../cisco/ise/plugins/modules/repository_info.py | 78 + .../ise/plugins/modules/resource_version_info.py | 62 + .../cisco/ise/plugins/modules/rest_id_store.py | 199 + .../ise/plugins/modules/rest_id_store_info.py | 182 + .../ise/plugins/modules/self_registered_portal.py | 1392 +++++ .../plugins/modules/self_registered_portal_info.py | 623 ++ .../modules/selfsigned_certificate_generate.py | 196 + .../plugins/modules/session_service_node_info.py | 130 + .../cisco/ise/plugins/modules/sg_acl.py | 150 + .../modules/sg_acl_bulk_monitor_status_info.py | 76 + .../ise/plugins/modules/sg_acl_bulk_request.py | 60 + .../cisco/ise/plugins/modules/sg_acl_info.py | 157 + .../cisco/ise/plugins/modules/sg_mapping.py | 151 + .../modules/sg_mapping_bulk_monitor_status_info.py | 76 + .../ise/plugins/modules/sg_mapping_bulk_request.py | 60 + .../cisco/ise/plugins/modules/sg_mapping_deploy.py | 56 + .../ise/plugins/modules/sg_mapping_deploy_all.py | 52 + .../modules/sg_mapping_deploy_status_info.py | 60 + .../cisco/ise/plugins/modules/sg_mapping_group.py | 131 + .../sg_mapping_group_bulk_monitor_status_info.py | 76 + .../modules/sg_mapping_group_bulk_request.py | 60 + .../ise/plugins/modules/sg_mapping_group_deploy.py | 56 + .../plugins/modules/sg_mapping_group_deploy_all.py | 52 + .../modules/sg_mapping_group_deploy_status_info.py | 60 + .../ise/plugins/modules/sg_mapping_group_info.py | 149 + .../cisco/ise/plugins/modules/sg_mapping_info.py | 157 + .../cisco/ise/plugins/modules/sg_to_vn_to_vlan.py | 209 + .../sg_to_vn_to_vlan_bulk_monitor_status_info.py | 76 + .../modules/sg_to_vn_to_vlan_bulk_request.py | 60 + .../ise/plugins/modules/sg_to_vn_to_vlan_info.py | 175 + .../cisco/ise/plugins/modules/sgt.py | 157 + .../modules/sgt_bulk_monitor_status_info.py | 76 + .../cisco/ise/plugins/modules/sgt_bulk_request.py | 60 + .../cisco/ise/plugins/modules/sgt_info.py | 161 + .../cisco/ise/plugins/modules/sms_provider_info.py | 127 + .../cisco/ise/plugins/modules/sponsor_group.py | 309 + .../ise/plugins/modules/sponsor_group_info.py | 217 + .../plugins/modules/sponsor_group_member_info.py | 127 + .../cisco/ise/plugins/modules/sponsor_portal.py | 609 ++ .../ise/plugins/modules/sponsor_portal_info.py | 335 + .../ise/plugins/modules/sponsored_guest_portal.py | 804 +++ .../plugins/modules/sponsored_guest_portal_info.py | 405 ++ .../cisco/ise/plugins/modules/support_bundle.py | 105 + .../ise/plugins/modules/support_bundle_download.py | 69 + .../plugins/modules/support_bundle_status_info.py | 117 + .../cisco/ise/plugins/modules/sxp_connections.py | 152 + .../sxp_connections_bulk_monitor_status_info.py | 72 + .../modules/sxp_connections_bulk_request.py | 56 + .../ise/plugins/modules/sxp_connections_info.py | 155 + .../ise/plugins/modules/sxp_local_bindings.py | 143 + .../sxp_local_bindings_bulk_monitor_status_info.py | 72 + .../modules/sxp_local_bindings_bulk_request.py | 56 + .../ise/plugins/modules/sxp_local_bindings_info.py | 151 + .../cisco/ise/plugins/modules/sxp_vpns.py | 76 + .../modules/sxp_vpns_bulk_monitor_status_info.py | 72 + .../ise/plugins/modules/sxp_vpns_bulk_request.py | 56 + .../cisco/ise/plugins/modules/sxp_vpns_info.py | 141 + .../ise/plugins/modules/system_certificate.py | 185 + .../plugins/modules/system_certificate_create.py | 142 + .../modules/system_certificate_export_info.py | 75 + .../plugins/modules/system_certificate_import.py | 144 + .../ise/plugins/modules/system_certificate_info.py | 175 + .../plugins/modules/system_config_version_info.py | 60 + .../ise/plugins/modules/tacacs_command_sets.py | 159 + .../plugins/modules/tacacs_command_sets_info.py | 142 + .../ise/plugins/modules/tacacs_external_servers.py | 146 + .../modules/tacacs_external_servers_info.py | 132 + .../cisco/ise/plugins/modules/tacacs_profile.py | 153 + .../ise/plugins/modules/tacacs_profile_info.py | 140 + .../ise/plugins/modules/tacacs_server_sequence.py | 159 + .../plugins/modules/tacacs_server_sequence_info.py | 136 + .../cisco/ise/plugins/modules/tasks_info.py | 79 + .../cisco/ise/plugins/modules/telemetry_info.py | 139 + .../modules/threat_vulnerabilities_clear.py | 56 + .../plugins/modules/transport_gateway_settings.py | 77 + .../modules/transport_gateway_settings_info.py | 56 + .../ise/plugins/modules/trusted_certificate.py | 219 + .../modules/trusted_certificate_export_info.py | 75 + .../plugins/modules/trusted_certificate_import.py | 103 + .../plugins/modules/trusted_certificate_info.py | 205 + .../cisco/ise/plugins/modules/trustsec_nbar_app.py | 130 + .../ise/plugins/modules/trustsec_nbar_app_info.py | 151 + .../ise/plugins/modules/trustsec_sg_vn_mapping.py | 130 + .../modules/trustsec_sg_vn_mapping_bulk_create.py | 87 + .../modules/trustsec_sg_vn_mapping_bulk_delete.py | 59 + .../modules/trustsec_sg_vn_mapping_bulk_update.py | 87 + .../plugins/modules/trustsec_sg_vn_mapping_info.py | 145 + .../cisco/ise/plugins/modules/trustsec_vn.py | 113 + .../ise/plugins/modules/trustsec_vn_bulk_create.py | 75 + .../ise/plugins/modules/trustsec_vn_bulk_delete.py | 59 + .../ise/plugins/modules/trustsec_vn_bulk_update.py | 75 + .../cisco/ise/plugins/modules/trustsec_vn_info.py | 141 + .../plugins/modules/trustsec_vn_vlan_mapping.py | 139 + .../trustsec_vn_vlan_mapping_bulk_create.py | 93 + .../trustsec_vn_vlan_mapping_bulk_delete.py | 59 + .../trustsec_vn_vlan_mapping_bulk_update.py | 93 + .../modules/trustsec_vn_vlan_mapping_info.py | 149 + .../cisco/ise/plugins/plugin_utils/__init__.py | 0 .../cisco/ise/plugins/plugin_utils/exceptions.py | 18 + .../cisco/ise/plugins/plugin_utils/ise.py | 259 + .../ise/plugins/plugin_utils/personas_utils.py | 195 + ansible_collections/cisco/ise/requirements.txt | 2 + .../cisco/ise/roles/aws_deployment/README.md | 149 + .../ise/roles/aws_deployment/defaults/main.yml | 18 + .../ise/roles/aws_deployment/tasks/aws/aws.yml | 75 + .../aws_deployment/tasks/aws/large_deployment.yml | 53 + .../aws_deployment/tasks/aws/medium_deployment.yml | 56 + .../roles/aws_deployment/tasks/aws/single_node.yml | 14 + .../aws_deployment/tasks/aws/small_deployment.yml | 19 + .../cisco/ise/roles/aws_deployment/tasks/main.yml | 3 + .../ise/roles/personas_deployment/.travis.yml | 29 + .../cisco/ise/roles/personas_deployment/README.md | 149 + .../roles/personas_deployment/defaults/main.yml | 20 + .../roles/personas_deployment/handlers/main.yml | 2 + .../ise/roles/personas_deployment/meta/main.yml | 52 + .../personas_deployment/tasks/large_deployment.yml | 123 + .../ise/roles/personas_deployment/tasks/main.yml | 8 + .../tasks/medium_deployment.yml | 87 + .../personas_deployment/tasks/small_deployment.yml | 54 + .../ise/roles/personas_deployment/tests/inventory | 2 + .../ise/roles/personas_deployment/tests/test.yml | 5 + .../ise/roles/personas_deployment/vars/main.yml | 2 + .../cisco/ise/tests/sanity/ignore-2.10.txt | 768 +++ .../cisco/ise/tests/sanity/ignore-2.11.txt | 1152 ++++ .../cisco/ise/tests/sanity/ignore-2.12.txt | 0 .../cisco/ise/tests/sanity/ignore-2.9.txt | 768 +++ 888 files changed, 120855 insertions(+) create mode 100644 ansible_collections/cisco/ise/.DS_Store create mode 100644 ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/bug_report.md create mode 100644 ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/config.yml create mode 100644 ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/feature_request.md create mode 100644 ansible_collections/cisco/ise/.github/workflows/docs.yml create mode 100644 ansible_collections/cisco/ise/.github/workflows/sanity_tests.yml create mode 100644 ansible_collections/cisco/ise/.gitignore create mode 100644 ansible_collections/cisco/ise/.vscode/launch.json create mode 100644 ansible_collections/cisco/ise/.vscode/settings.json create mode 100644 ansible_collections/cisco/ise/FILES.json create mode 100644 ansible_collections/cisco/ise/LICENSE create mode 100644 ansible_collections/cisco/ise/MANIFEST.json create mode 100644 ansible_collections/cisco/ise/Makefile create mode 100644 ansible_collections/cisco/ise/README.md create mode 100644 ansible_collections/cisco/ise/changelogs/changelog.yaml create mode 100644 ansible_collections/cisco/ise/docs/Makefile create mode 100644 ansible_collections/cisco/ise/docs/_gh_include/footer.inc create mode 100644 ansible_collections/cisco/ise/docs/_gh_include/header.inc create mode 100644 ansible_collections/cisco/ise/docs/conf.py create mode 100644 ansible_collections/cisco/ise/docs/index.rst create mode 100644 ansible_collections/cisco/ise/docs/requirements.txt create mode 100644 ansible_collections/cisco/ise/docs/roles.rst.template create mode 100644 ansible_collections/cisco/ise/hosts create mode 100644 ansible_collections/cisco/ise/meta/runtime.yml create mode 100644 ansible_collections/cisco/ise/playbooks/aci_settings.yml create mode 100644 ansible_collections/cisco/ise/playbooks/active_directory.yml create mode 100644 ansible_collections/cisco/ise/playbooks/allowed_protocols.yml create mode 100644 ansible_collections/cisco/ise/playbooks/anc_policy.yml create mode 100644 ansible_collections/cisco/ise/playbooks/authorization_profile.yml create mode 100644 ansible_collections/cisco/ise/playbooks/aws_deployment.yml create mode 100644 ansible_collections/cisco/ise/playbooks/azure_deployment.yml create mode 100644 ansible_collections/cisco/ise/playbooks/b.yml create mode 100644 ansible_collections/cisco/ise/playbooks/backup_create.yml create mode 100644 ansible_collections/cisco/ise/playbooks/backup_restore.yml create mode 100644 ansible_collections/cisco/ise/playbooks/backup_schedule.yml create mode 100644 ansible_collections/cisco/ise/playbooks/byod_portal.yml create mode 100644 ansible_collections/cisco/ise/playbooks/certificate_management.yml create mode 100644 ansible_collections/cisco/ise/playbooks/certificate_profile.yml create mode 100644 ansible_collections/cisco/ise/playbooks/certificates.yml create mode 100644 ansible_collections/cisco/ise/playbooks/credentials.template create mode 100644 ansible_collections/cisco/ise/playbooks/credentials.yml create mode 100644 ansible_collections/cisco/ise/playbooks/csr_export.yml create mode 100644 ansible_collections/cisco/ise/playbooks/deployment_info.yml create mode 100644 ansible_collections/cisco/ise/playbooks/device_administration_authentication_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/device_administration_authorization_exception_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/device_administration_authorization_global_exception_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/device_administration_authorization_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/device_administration_network_conditions.yml create mode 100644 ansible_collections/cisco/ise/playbooks/device_administration_policy_set.yml create mode 100644 ansible_collections/cisco/ise/playbooks/device_administration_time_date_conditions.yml create mode 100644 ansible_collections/cisco/ise/playbooks/downloadable_acl.yml create mode 100644 ansible_collections/cisco/ise/playbooks/egress_matrix_cell.yml create mode 100644 ansible_collections/cisco/ise/playbooks/endpoint.yml create mode 100644 ansible_collections/cisco/ise/playbooks/endpoint_certificate.yml create mode 100644 ansible_collections/cisco/ise/playbooks/endpoint_group.yml create mode 100644 ansible_collections/cisco/ise/playbooks/filter_policy.yml create mode 100644 ansible_collections/cisco/ise/playbooks/group_vars/ise_servers create mode 100644 ansible_collections/cisco/ise/playbooks/hosts create mode 100644 ansible_collections/cisco/ise/playbooks/identity_group.yml create mode 100644 ansible_collections/cisco/ise/playbooks/internal_user.yml create mode 100644 ansible_collections/cisco/ise/playbooks/my_device_portal.yml create mode 100644 ansible_collections/cisco/ise/playbooks/native_supplicant_profile.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_authentication_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_authorization_exception_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_authorization_global_exception_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_authorization_rules.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_conditions.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_dictionary.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_dictionary_attribute.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_network_condition.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_policy_set.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_access_time_date_conditions.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_device.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_device_group.yml create mode 100644 ansible_collections/cisco/ise/playbooks/network_device_group_deparments.yml create mode 100644 ansible_collections/cisco/ise/playbooks/personas_deployment.yml create mode 100644 ansible_collections/cisco/ise/playbooks/playbookstest.yml create mode 100644 ansible_collections/cisco/ise/playbooks/portal_global_setting.yml create mode 100644 ansible_collections/cisco/ise/playbooks/portal_theme.yml create mode 100644 ansible_collections/cisco/ise/playbooks/profiler-services.yml create mode 100644 ansible_collections/cisco/ise/playbooks/radius_server_sequence.yml create mode 100644 ansible_collections/cisco/ise/playbooks/sponsor_portal.yml create mode 100644 ansible_collections/cisco/ise/playbooks/support_bundle.yml create mode 100644 ansible_collections/cisco/ise/playbooks/system_certificate.yml create mode 100644 ansible_collections/cisco/ise/playbooks/trustsec_nbarapp.yml create mode 100644 ansible_collections/cisco/ise/playbooks/trustsec_sg_vn_mapping.yml create mode 100644 ansible_collections/cisco/ise/playbooks/trustsec_vn.yml create mode 100644 ansible_collections/cisco/ise/playbooks/trustsec_vn_vlan_mapping.yml create mode 100644 ansible_collections/cisco/ise/playbooks/vars/device_administration_time_date_conditions.yml create mode 100644 ansible_collections/cisco/ise/plugins/action/aci_bindings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/aci_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/action/aci_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/aci_test_connectivity.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_add_groups.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_groups_by_domain_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_is_user_member_of_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_join_domain.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_join_domain_with_all_nodes.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain_with_all_nodes.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_trusted_domains_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/active_directory_user_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/admin_user_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/allowed_protocols.py create mode 100644 ansible_collections/cisco/ise/plugins/action/allowed_protocols_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_endpoint_apply.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_endpoint_clear.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_endpoint_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_policy.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/anc_policy_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/authorization_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/action/authorization_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/backup_cancel.py create mode 100644 ansible_collections/cisco/ise/plugins/action/backup_config.py create mode 100644 ansible_collections/cisco/ise/plugins/action/backup_last_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/backup_restore.py create mode 100644 ansible_collections/cisco/ise/plugins/action/backup_schedule_config.py create mode 100644 ansible_collections/cisco/ise/plugins/action/backup_schedule_config_update.py create mode 100644 ansible_collections/cisco/ise/plugins/action/bind_signed_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/byod_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/action/byod_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/certificate_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/action/certificate_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/certificate_template_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/csr_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/action/csr_export_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/csr_generate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/csr_generate_intermediate_ca.py create mode 100644 ansible_collections/cisco/ise/plugins/action/csr_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/deployment_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_authentication_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_authorization_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_command_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authentication_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authorization_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authentication_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authorization_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_identity_stores_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_policy_set.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_profiles_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_service_names_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/downloadable_acl.py create mode 100644 ansible_collections/cisco/ise/plugins/action/downloadable_acl_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/egress_matrix_cell.py create mode 100644 ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clear_all.py create mode 100644 ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clone.py create mode 100644 ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_set_all_status.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_deregister.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_get_rejected_endpoints_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_group.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_register.py create mode 100644 ansible_collections/cisco/ise/plugins/action/endpoint_release_rejected_endpoint.py create mode 100644 ansible_collections/cisco/ise/plugins/action/external_radius_server.py create mode 100644 ansible_collections/cisco/ise/plugins/action/external_radius_server_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/filter_policy.py create mode 100644 ansible_collections/cisco/ise/plugins/action/filter_policy_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_location_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_ssid.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_ssid_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_type.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_type_email.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_type_sms.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_change_sponsor_password.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_deny.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_email.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_reinstate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_reset_password.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_sms.py create mode 100644 ansible_collections/cisco/ise/plugins/action/guest_user_suspend.py create mode 100644 ansible_collections/cisco/ise/plugins/action/hotpatch_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/hotpatch_install.py create mode 100644 ansible_collections/cisco/ise/plugins/action/hotpatch_rollback.py create mode 100644 ansible_collections/cisco/ise/plugins/action/hotspot_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/action/hotspot_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/id_store_sequence.py create mode 100644 ansible_collections/cisco/ise/plugins/action/id_store_sequence_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/identity_group.py create mode 100644 ansible_collections/cisco/ise/plugins/action/identity_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/internal_user.py create mode 100644 ansible_collections/cisco/ise/plugins/action/internal_user_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/ise_root_ca_regenerate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_connection_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_eval_license_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_feature_to_tier_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_registration_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_registration_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_smart_state_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_smart_state_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_tier_state_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/licensing_tier_state_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_account_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_athentication_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_authentication_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_failure_reasons_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_active_count_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_active_list_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_auth_list_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_by_ip_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_by_mac_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_by_nas_ip_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_by_username_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_delete_all.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_disconnect_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_posture_count_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_profiler_count_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_session_reauthentication_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_sessions_by_session_id_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/mnt_version_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/my_device_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/action/my_device_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/native_supplicant_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/action/native_supplicant_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authentication_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authorization_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_dictionary.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authentication_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authorization_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_dictionary_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_identity_stores_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_reset_hitcounts.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_network_condition.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_network_condition_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_policy_set.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_policy_set_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_profiles_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_security_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_service_name_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_device.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_device_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_device_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_device_group.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_device_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/network_device_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_deployment.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_deployment_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_deployment_sync.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_group.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_group_node_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_group_node_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_group_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_primary_to_standalone.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_promotion.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_replication_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_secondary_to_primary.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_services_interfaces_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_standalone_to_primary.py create mode 100644 ansible_collections/cisco/ise/plugins/action/node_sync.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pan_ha.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pan_ha_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pan_ha_update.py create mode 100644 ansible_collections/cisco/ise/plugins/action/patch_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/patch_install.py create mode 100644 ansible_collections/cisco/ise/plugins/action/patch_rollback.py create mode 100644 ansible_collections/cisco/ise/plugins/action/personas_check_standalone.py create mode 100644 ansible_collections/cisco/ise/plugins/action/personas_export_certs.py create mode 100644 ansible_collections/cisco/ise/plugins/action/personas_promote_primary.py create mode 100644 ansible_collections/cisco/ise/plugins/action/personas_register_node.py create mode 100644 ansible_collections/cisco/ise/plugins/action/personas_update_roles_services.py create mode 100644 ansible_collections/cisco/ise/plugins/action/portal_global_setting.py create mode 100644 ansible_collections/cisco/ise/plugins/action/portal_global_setting_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/portal_theme.py create mode 100644 ansible_collections/cisco/ise/plugins/action/portal_theme_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/profiler_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/proxy_connection_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/action/proxy_connection_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/px_grid_node_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/action/px_grid_node_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/action/px_grid_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/px_grid_settings_auto_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_access_secret.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_account_activate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_account_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_authorization.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_bindings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_egress_matrices_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_egress_policies_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_endpoint_by_mac_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_os_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_failures_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_healths_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_node_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_node_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_performances_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_profiles_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_security_group_acls_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_security_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_service_lookup.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_service_register.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_service_reregister.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_service_unregister.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_ip_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_mac_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_session_for_recovery_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_sessions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_settings_auto_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_user_group_by_username_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/pxgrid_user_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/radius_server_sequence.py create mode 100644 ansible_collections/cisco/ise/plugins/action/radius_server_sequence_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/renew_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/repository.py create mode 100644 ansible_collections/cisco/ise/plugins/action/repository_files_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/repository_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/resource_version_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/rest_id_store.py create mode 100644 ansible_collections/cisco/ise/plugins/action/rest_id_store_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/self_registered_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/action/self_registered_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/selfsigned_certificate_generate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/session_service_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_acl.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_acl_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_all.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_group.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_all.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sgt.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sgt_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sgt_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sgt_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sms_provider_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sponsor_group.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sponsor_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sponsor_group_member_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sponsor_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sponsor_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/support_bundle.py create mode 100644 ansible_collections/cisco/ise/plugins/action/support_bundle_download.py create mode 100644 ansible_collections/cisco/ise/plugins/action/support_bundle_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_connections.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_connections_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_local_bindings.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_vpns.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/action/sxp_vpns_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/system_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/system_certificate_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/system_certificate_export_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/system_certificate_import.py create mode 100644 ansible_collections/cisco/ise/plugins/action/system_certificate_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/system_config_version_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_command_sets.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_command_sets_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_external_servers.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_external_servers_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/tasks_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/telemetry_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/threat_vulnerabilities_clear.py create mode 100644 ansible_collections/cisco/ise/plugins/action/transport_gateway_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/action/transport_gateway_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trusted_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trusted_certificate_export_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trusted_certificate_import.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trusted_certificate_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_update.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_update.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_info.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_create.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_update.py create mode 100644 ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/doc_fragments/__init__.py create mode 100644 ansible_collections/cisco/ise/plugins/doc_fragments/module.py create mode 100644 ansible_collections/cisco/ise/plugins/doc_fragments/module_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/__init__.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/aci_bindings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/aci_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/aci_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/aci_test_connectivity.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_add_groups.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_groups_by_domain_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_is_user_member_of_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain_with_all_nodes.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain_with_all_nodes.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_trusted_domains_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/active_directory_user_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/admin_user_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/allowed_protocols.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/allowed_protocols_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_endpoint_apply.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_endpoint_clear.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_endpoint_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_policy.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/anc_policy_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/authorization_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/authorization_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/backup_cancel.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/backup_config.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/backup_last_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/backup_restore.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/backup_schedule_config.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/backup_schedule_config_update.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/bind_signed_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/byod_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/byod_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/certificate_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/certificate_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/certificate_template_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/csr_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/csr_export_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/csr_generate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/csr_generate_intermediate_ca.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/csr_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/deployment_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_command_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authentication_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authorization_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authentication_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authorization_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_identity_stores_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_profiles_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_service_names_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/downloadable_acl.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/downloadable_acl_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clear_all.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clone.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_set_all_status.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_deregister.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_get_rejected_endpoints_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_group.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_register.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/endpoint_release_rejected_endpoint.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/external_radius_server.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/external_radius_server_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/filter_policy.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/filter_policy_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_location_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_ssid.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_ssid_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_type.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_type_email.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_type_sms.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_change_sponsor_password.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_deny.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_email.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_reinstate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_reset_password.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_sms.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/guest_user_suspend.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/hotpatch_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/hotpatch_install.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/hotpatch_rollback.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/hotspot_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/hotspot_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/id_store_sequence.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/id_store_sequence_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/identity_group.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/identity_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/internal_user.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/internal_user_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/ise_root_ca_regenerate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_connection_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_eval_license_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_feature_to_tier_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_registration_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_registration_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_account_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_athentication_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_authentication_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_failure_reasons_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_active_count_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_active_list_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_auth_list_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_by_ip_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_by_mac_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_by_nas_ip_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_by_username_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_delete_all.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_disconnect_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_posture_count_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_profiler_count_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_session_reauthentication_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_sessions_by_session_id_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/mnt_version_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/my_device_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/my_device_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authentication_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authorization_rule_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_dictionary.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authentication_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authorization_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_identity_stores_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_reset_hitcounts.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_network_condition.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_network_condition_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_policy_set.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_reset_hitcount.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_profiles_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_security_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_service_name_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_device.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_device_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_device_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_device_group.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_device_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/network_device_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_deployment.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_deployment_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_deployment_sync.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_group.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_group_node_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_group_node_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_group_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_primary_to_standalone.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_promotion.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_replication_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_secondary_to_primary.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_services_interfaces_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_standalone_to_primary.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/node_sync.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pan_ha.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pan_ha_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pan_ha_update.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/patch_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/patch_install.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/patch_rollback.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/personas_check_standalone.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/personas_export_certs.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/personas_promote_primary.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/personas_register_node.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/personas_update_roles_services.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/portal_global_setting.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/portal_global_setting_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/portal_theme.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/portal_theme_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/profiler_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/px_grid_node_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/px_grid_node_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/px_grid_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/px_grid_settings_auto_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_access_secret.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_account_activate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_account_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_authorization.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_bindings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_matrices_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_policies_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoint_by_mac_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_os_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_type_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_failures_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_healths_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_node_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_node_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_performances_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_profiles_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_security_group_acls_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_security_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_service_lookup.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_service_register.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_service_reregister.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_service_unregister.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_ip_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_mac_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_session_for_recovery_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_sessions_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_settings_auto_approve.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_user_group_by_username_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/pxgrid_user_groups_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/radius_server_sequence.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/radius_server_sequence_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/renew_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/repository.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/repository_files_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/repository_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/resource_version_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/rest_id_store.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/rest_id_store_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/self_registered_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/self_registered_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/selfsigned_certificate_generate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/session_service_node_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_acl.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_acl_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_all.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_group.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_all.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sgt.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sgt_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sgt_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sgt_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sms_provider_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sponsor_group.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sponsor_group_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sponsor_group_member_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sponsor_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sponsor_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/support_bundle.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/support_bundle_download.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/support_bundle_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_connections.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_connections_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_vpns.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_monitor_status_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_request.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/sxp_vpns_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/system_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/system_certificate_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/system_certificate_export_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/system_certificate_import.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/system_certificate_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/system_config_version_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_profile.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_profile_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/tasks_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/telemetry_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/threat_vulnerabilities_clear.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trusted_certificate_export_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trusted_certificate_import.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trusted_certificate_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_update.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_update.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_info.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py create mode 100644 ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_info.py create mode 100644 ansible_collections/cisco/ise/plugins/plugin_utils/__init__.py create mode 100644 ansible_collections/cisco/ise/plugins/plugin_utils/exceptions.py create mode 100644 ansible_collections/cisco/ise/plugins/plugin_utils/ise.py create mode 100644 ansible_collections/cisco/ise/plugins/plugin_utils/personas_utils.py create mode 100644 ansible_collections/cisco/ise/requirements.txt create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/README.md create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/defaults/main.yml create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/aws.yml create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/large_deployment.yml create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/medium_deployment.yml create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/single_node.yml create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/small_deployment.yml create mode 100644 ansible_collections/cisco/ise/roles/aws_deployment/tasks/main.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/.travis.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/README.md create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/defaults/main.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/handlers/main.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/meta/main.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/tasks/large_deployment.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/tasks/main.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/tasks/medium_deployment.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/tasks/small_deployment.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/tests/inventory create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/tests/test.yml create mode 100644 ansible_collections/cisco/ise/roles/personas_deployment/vars/main.yml create mode 100644 ansible_collections/cisco/ise/tests/sanity/ignore-2.10.txt create mode 100644 ansible_collections/cisco/ise/tests/sanity/ignore-2.11.txt create mode 100644 ansible_collections/cisco/ise/tests/sanity/ignore-2.12.txt create mode 100644 ansible_collections/cisco/ise/tests/sanity/ignore-2.9.txt (limited to 'ansible_collections/cisco/ise') diff --git a/ansible_collections/cisco/ise/.DS_Store b/ansible_collections/cisco/ise/.DS_Store new file mode 100644 index 00000000..844cf6e7 Binary files /dev/null and b/ansible_collections/cisco/ise/.DS_Store differ diff --git a/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/bug_report.md b/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..bf3c5c44 --- /dev/null +++ b/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,31 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + +**Prerequisites** +* [ ] Have you tested the operation in the API directly? +* [ ] Do you have the latest ISE Collection version? +* [ ] Review the [compatibility matrix](https://github.com/CiscoISE/ansible-ise/tree/main#compatibility-matrix) before opening an issue. + +**Describe the bug** +A clear and concise description of what the bug is. + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +Please provide an screenshot of the successful API call with cuRL, Postman, etc. + +**Environment (please complete the following information):** +* ISE version and patch: +* Ansible version: +* ISE collection version: +* OS version: + +**Additional context** +Add any other context about the problem here. diff --git a/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/config.yml b/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 00000000..3ba13e0c --- /dev/null +++ b/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1 @@ +blank_issues_enabled: false diff --git a/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/feature_request.md b/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 00000000..bbcbbe7d --- /dev/null +++ b/ansible_collections/cisco/ise/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: '' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/ansible_collections/cisco/ise/.github/workflows/docs.yml b/ansible_collections/cisco/ise/.github/workflows/docs.yml new file mode 100644 index 00000000..1f69ba0d --- /dev/null +++ b/ansible_collections/cisco/ise/.github/workflows/docs.yml @@ -0,0 +1,39 @@ +name: docs + +on: + push: + tags: + - v[0-9]+.[0-9]+.[0-9]+ + branches: + - main + +jobs: + docs: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: configure git + run: | + git config user.name "${GITHUB_ACTOR}" + git config user.email "${GITHUB_ACTOR}@bots.github.com" + git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/* + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: "3.7" + - name: Install dependencies + run: make doc-setup + - name: Build docs + run: make doc + - name: commit docs + run: | + git checkout gh-pages + rm -rf $(basename ${GITHUB_REF}) + mv docs/_build/html $(basename ${GITHUB_REF}) + git show origin/main:docs/_gh_include/header.inc > index.html + (echo main; dirname v*/index.html | sort --version-sort --reverse) | xargs -I@@ -n1 echo '

@@

' >> index.html + git show origin/main:docs/_gh_include/footer.inc >> index.html + git add $(basename ${GITHUB_REF}) index.html + git commit -m "update docs for $(basename ${GITHUB_REF})" || true + - name: push docs + run: git push origin gh-pages \ No newline at end of file diff --git a/ansible_collections/cisco/ise/.github/workflows/sanity_tests.yml b/ansible_collections/cisco/ise/.github/workflows/sanity_tests.yml new file mode 100644 index 00000000..6928df13 --- /dev/null +++ b/ansible_collections/cisco/ise/.github/workflows/sanity_tests.yml @@ -0,0 +1,39 @@ +name: CI +on: + push: + branches: [ main ] + pull_request: + schedule: + - cron: '0 6 * * *' +env: + NAMESPACE: cisco + COLLECTION_NAME: ise +jobs: + sanity: + name: Sanity (â’¶${{ matrix.ansible }}) + strategy: + matrix: + ansible: + - stable-2.12 + - stable-2.13 + - stable-2.14 + - devel + runs-on: ubuntu-20.04 + steps: + - name: Check out code + uses: actions/checkout@v3 + with: + path: CiscoISE/ansible-ise + - name: Create directory + run: mkdir -p ./ansible_collections/${{env.NAMESPACE}} + - name: Move repository + run: mv ./CiscoISE/ansible-ise ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} + - name: Set up Python + uses: actions/setup-python@v3 + with: + python-version: '3.10' + - name: Install ansible-base (${{ matrix.ansible }}) + run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check + - name: Run sanity tests + run: ansible-test sanity --docker -v --color + working-directory: ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}} \ No newline at end of file diff --git a/ansible_collections/cisco/ise/.gitignore b/ansible_collections/cisco/ise/.gitignore new file mode 100644 index 00000000..44f5ae40 --- /dev/null +++ b/ansible_collections/cisco/ise/.gitignore @@ -0,0 +1,20 @@ +tmp/* +__pycache__/ +.vscode/ +.tmp +.cache +*.retry +tests/test_playbooks/vars/server.yml +__pycache__ +*.pyc +*.pyo +*.swp +*.tar.gz +.pytest_cache/ +.mypy_cache/ +venv/ +/build/ +docs/plugins/ +docs/_build/ +changelogs/.plugin-cache.yaml +.DS_Store \ No newline at end of file diff --git a/ansible_collections/cisco/ise/.vscode/launch.json b/ansible_collections/cisco/ise/.vscode/launch.json new file mode 100644 index 00000000..306f58eb --- /dev/null +++ b/ansible_collections/cisco/ise/.vscode/launch.json @@ -0,0 +1,16 @@ +{ + // Use IntelliSense to learn about possible attributes. + // Hover to view descriptions of existing attributes. + // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 + "version": "0.2.0", + "configurations": [ + { + "name": "Python: Current File", + "type": "python", + "request": "launch", + "program": "${file}", + "console": "integratedTerminal", + "justMyCode": true + } + ] +} \ No newline at end of file diff --git a/ansible_collections/cisco/ise/.vscode/settings.json b/ansible_collections/cisco/ise/.vscode/settings.json new file mode 100644 index 00000000..a7d0fc7b --- /dev/null +++ b/ansible_collections/cisco/ise/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "esbonio.sphinx.confDir": "" +} \ No newline at end of file diff --git a/ansible_collections/cisco/ise/FILES.json b/ansible_collections/cisco/ise/FILES.json new file mode 100644 index 00000000..c2d10587 --- /dev/null +++ b/ansible_collections/cisco/ise/FILES.json @@ -0,0 +1,6424 @@ +{ + "files": [ + { + "name": ".", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": ".DS_Store", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1188de753911b2e8f232a8c9e3a0df7707182b5c765a589e8f62825dad126456", + "format": 1 + }, + { + "name": "LICENSE", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cef0b2884a9f43663717328019888311de5b8a62e0d24f91fc0f36939e5e50e9", + "format": 1 + }, + { + "name": "requirements.txt", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ea92856a54fce9950dccb45def09112f0de768a7894c8de6adf6b4cb83897491", + "format": 1 + }, + { + "name": "plugins", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "plugins/doc_fragments", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "plugins/doc_fragments/module_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1a39e66ef125592960d7d3972a30ad82ee4dbcd35d0c07052b316e6694d71a57", + "format": 1 + }, + { + "name": "plugins/doc_fragments/__init__.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "format": 1 + }, + { + "name": "plugins/doc_fragments/module.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0d33685ce2c04ce923d703730ed78cfadb6a97d44c5e3441471d2dc1171ca059", + "format": 1 + }, + { + "name": "plugins/action", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "plugins/action/device_administration_local_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "25b5da09d0ea52097cbb4f353dfb78b1120527e4c1eab6a749097f9607cc52ab", + "format": 1 + }, + { + "name": "plugins/action/device_administration_dictionary_attributes_authentication_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fce24fbf7df39e961b11241a54e93c64204d0e734b2b7cdc5ac6f21d7fc29dd8", + "format": 1 + }, + { + "name": "plugins/action/licensing_tier_state_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "efe8167ebc7915126cbe60f37d7bd49a188d3e86a6a3563f41022468ce412cee", + "format": 1 + }, + { + "name": "plugins/action/trusted_certificate_export_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1914c7faa9abb01416c2951f49e15502d66d1fc192b1db3239b0cf34edecb2ef", + "format": 1 + }, + { + "name": "plugins/action/network_device_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b1a4ae7b73a246e2c6d970ab18cf35223fce247589dc9b278f6c444b433ca34c", + "format": 1 + }, + { + "name": "plugins/action/sxp_connections.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "eaac021792b3ac8b1b94fbf874fb2e4ce4a518ca6365c37cc639d647ce6f09b7", + "format": 1 + }, + { + "name": "plugins/action/guest_ssid.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a5e918558117a5da2af0bd8d3917a54fb376068d98f5a2f28e8a853666077d05", + "format": 1 + }, + { + "name": "plugins/action/proxy_connection_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "07e682acd78773d77c24af74347e1c73df6cd0697b74d2e9c71c22ce8b2da385", + "format": 1 + }, + { + "name": "plugins/action/node_services_profiler_probe_config.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "84dc398a3fb106bb1e292098694c9771230a007387778b66a7929596f0097e6b", + "format": 1 + }, + { + "name": "plugins/action/network_access_dictionary_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff9271ecc8c45dbadfa9658c499608e1e7398d82bee75d7484533ff7bf765e9e", + "format": 1 + }, + { + "name": "plugins/action/network_access_policy_set.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2108f17089a82191a3f545588c4fd7bc81d575824bed8d033f75ea760c19c7ac", + "format": 1 + }, + { + "name": "plugins/action/repository_files_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "721c8d823402e1857e78e90df19b0f6a9a43c43c325b00fc99a3ce664b44143a", + "format": 1 + }, + { + "name": "plugins/action/repository_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "09c065fc28692f5340f915b18b0e7431d5cbfa9cd01b2e1c64888c32f520faf5", + "format": 1 + }, + { + "name": "plugins/action/rest_id_store_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6ebac6dccebccaf3b64050b6e1b8ac794f8fb37a4f8901c72e953275168c47fa", + "format": 1 + }, + { + "name": "plugins/action/anc_policy_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1a8f2de5f6d90c48814dabe242a5d498fd5c0084a848c57ba2a6b2509decd8c6", + "format": 1 + }, + { + "name": "plugins/action/tasks_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5d0521f7d5e3a5203aaaa628422e7933838a410b6b1ee9179f0dc3f605186a2c", + "format": 1 + }, + { + "name": "plugins/action/trustsec_sg_vn_mapping_bulk_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "72efae5dd74552743f1f3b89f21d0bc39341c4fbea70d4c25552ebe56b5644e1", + "format": 1 + }, + { + "name": "plugins/action/device_administration_authorization_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "93a8218bd6642a7a08242a341e5934dd6e6c025ff84d0eb10289adeede6ec2de", + "format": 1 + }, + { + "name": "plugins/action/guest_user_email.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5030c3871becf22e728dc276e501620c04127417cfd8de9137a5d61cf2c0a461", + "format": 1 + }, + { + "name": "plugins/action/node_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1e2b504a05ceac5488d9c6c76334f7462f0e9e6bfefb9e9e163a4ea834256f94", + "format": 1 + }, + { + "name": "plugins/action/mnt_authentication_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "83a9b888282c1de0e79ed9c61a8e3f87a76ef7a17f6de89f0b670cbeb5d61e07", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_healths_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "49627a9fbf52a238801d10d814d98dd9d581cb3e59cf40a4bd0d2d09d29524f1", + "format": 1 + }, + { + "name": "plugins/action/hotspot_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "01d064f8b2a5ad4530662a0660618fbfaa360d33f7e9c9b6cc9f3f148d0e707c", + "format": 1 + }, + { + "name": "plugins/action/authorization_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "af00fbb10e16cf2826d39538c2a434d4da1168192ab516ed32d70e425447ea1d", + "format": 1 + }, + { + "name": "plugins/action/hotpatch_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f5815fa047d4f5c5030e9f6fd22271d4c906a0aa93c882102d51c841fb8c2ad8", + "format": 1 + }, + { + "name": "plugins/action/trustsec_sg_vn_mapping_bulk_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "97378c6cf992ca1cbcf06dbd5e5df21a11b02706a6af667cddefa4f382cb97ca", + "format": 1 + }, + { + "name": "plugins/action/node_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c1e3ab5405a5ac12557b4d7c3c52689b9f5ff2562fb47deab64c6c14ed3bc963", + "format": 1 + }, + { + "name": "plugins/action/personas_export_certs.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "21164d32f135f20df72386358435b9860295fc71fbcdcbe60be1c174c4bd2f1d", + "format": 1 + }, + { + "name": "plugins/action/network_access_dictionary_attributes_authentication_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4224839be0e82ecf2a24067ca29bbb614b1808fcfd192fb2eb455469aad30b82", + "format": 1 + }, + { + "name": "plugins/action/aci_bindings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c69c9fa563713ae0196edb0ab26909b9f8c71b39c0a2980bf3f99fe1fb0f8455", + "format": 1 + }, + { + "name": "plugins/action/network_access_policy_set_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "55faa4563f57c55897c27380a0798c232274d59243b261436eb710d2d2bd4c5c", + "format": 1 + }, + { + "name": "plugins/action/id_store_sequence_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d7d047ef40d9fb2da4c9a2f27d797e59b6d8a52a113bd11e16967e490ea1ce16", + "format": 1 + }, + { + "name": "plugins/action/device_administration_policy_set_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "afffe8d167c5a86cb35b87ceca420d6bbf6e1f48fd4d016068b442dcc0b5fee1", + "format": 1 + }, + { + "name": "plugins/action/sxp_local_bindings_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "48574b6a1762eadd7eed6cd9ec83f6d373bfb2dd5c4a6433cab399bb0c2f66ba", + "format": 1 + }, + { + "name": "plugins/action/ise_root_ca_regenerate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7e8d218cb0dee5730fdf28a5ed44e180b65794c9f13a16f0de328fb2b952f28e", + "format": 1 + }, + { + "name": "plugins/action/mnt_sessions_by_session_id_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f82df0e267c51914a535393b2550d4fd98d345070aae567899a8941e3262bd2f", + "format": 1 + }, + { + "name": "plugins/action/network_access_service_name_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "911ef6ffb6250d40249d3f87ff5be07d46349d0ea634514b88d8e20f0c9cc0e6", + "format": 1 + }, + { + "name": "plugins/action/guest_user_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3106158cb218b1b5120b5efaff83f99a7bfd01560fadf51c52edf29b7ff0a17f", + "format": 1 + }, + { + "name": "plugins/action/aci_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "906352b851ba4a6319c4ee40299376b7cae96a730d53f4887544a182db1845f1", + "format": 1 + }, + { + "name": "plugins/action/bind_signed_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd1230b7fb053ebc156c10c5f01424a24c5ad23a50b704fd488790827e923fa3", + "format": 1 + }, + { + "name": "plugins/action/endpoint_register.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b89858a9744fc7bf7b17549c05928da46c9b5e6fbff70be3c95e90095b246ffe", + "format": 1 + }, + { + "name": "plugins/action/px_grid_node_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f2f5ad212cbaa6145289d836b0cf4c9c550ae2945526a744785deb32b0ed3bde", + "format": 1 + }, + { + "name": "plugins/action/device_administration_network_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "52aa8a8a8b067fc670a3255d6abd7121313e05af4a5bc3ca9781461faa861261", + "format": 1 + }, + { + "name": "plugins/action/node_primary_to_standalone.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "33fc439728a3a05cc2323aa9eaaa36dce606ff886dc203d1a44670cd09c074c3", + "format": 1 + }, + { + "name": "plugins/action/active_directory_leave_domain_with_all_nodes.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ebd5bd36ce8f89952b10bfc992eace59fdd6a821141d1b119bd24da98827a242", + "format": 1 + }, + { + "name": "plugins/action/trusted_certificate_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8aa467083afc591c8f70fbaa783c6952ac17256d9a0b94bb07c7b81c55716cba", + "format": 1 + }, + { + "name": "plugins/action/licensing_connection_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cb9b4d3ee8eddfa9509fa548f932e147b598aabc1c2c5d6243032786ff73ee1e", + "format": 1 + }, + { + "name": "plugins/action/mnt_account_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "55d7613d3bf2fcc696d292f47dad21361dbe8d255ab7757bc395abaae4fcacba", + "format": 1 + }, + { + "name": "plugins/action/trustsec_sg_vn_mapping_bulk_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "df2afad6de41d420e5c5a3716a3f112331c70506ba860775426ce1f9bac16129", + "format": 1 + }, + { + "name": "plugins/action/node_deployment_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "58c048cec4d4f1f244137605d60a27c494aa193d3f13781a9fbddfda20a5db99", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_failures_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f7962c2045e6210f5febb237640f7f01547a953fb11e6442a0291d5061239349", + "format": 1 + }, + { + "name": "plugins/action/network_access_global_exception_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "52fb7c5f93a202647ac8b09439393e99a0442b4be074194ef2aa8d422df7a72e", + "format": 1 + }, + { + "name": "plugins/action/device_administration_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3278a1f4e11231dc4df15b6de5b54a1141008bf04802d9ddf965dd516fa0afd3", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_security_group_acls_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f55ae36b728fddbb4152b495bb496725fd8f1e56aed353dfddca5d89b9dfac9e", + "format": 1 + }, + { + "name": "plugins/action/guest_user_deny.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9341c445e56691abbee98190f112a79c938ced37ebb4c8ad5c9bc788d6c69f5f", + "format": 1 + }, + { + "name": "plugins/action/admin_user_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bf0d4570a1871a36dee60c90c9d152dc6012693df6efe8d367ead00ddd90e48d", + "format": 1 + }, + { + "name": "plugins/action/endpoint_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "492e636e3f10e6a60399d5a9e714410bca46f9c13f7df1ed3870d4d7fdae44ff", + "format": 1 + }, + { + "name": "plugins/action/threat_vulnerabilities_clear.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8235d926add067ecf8b6cab89fbace6e127bd4a1b01dd7c29700c06484abad06", + "format": 1 + }, + { + "name": "plugins/action/identity_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3fa884e91832b84541847850e92ff6760b3576fa53a432b331e4dcecb278ea86", + "format": 1 + }, + { + "name": "plugins/action/network_access_dictionary_attribute_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d327a3b52d0235995e69c72af2c0deb12d46a116c8d89dc33bb2caa8e2298184", + "format": 1 + }, + { + "name": "plugins/action/sxp_vpns_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a2d57a86fdca49908d160a8da4a8a69e6b4173680111034b2772890880fab56c", + "format": 1 + }, + { + "name": "plugins/action/network_access_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bcfba88947aa3db19d5ec0ca97a7558cea519234df5b6cb6db16f3be50cff524", + "format": 1 + }, + { + "name": "plugins/action/certificate_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3740f776ae855110e2af32d04e91fff3709dfb8daa10e894dc5e28f75aad333c", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_settings_auto_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9c8809c6072c47aed001af0490373c4c1cb665959ce6e0196b0e9aaee6e53990", + "format": 1 + }, + { + "name": "plugins/action/guest_location_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f6c34b166c24c0a9d24b0e638fb4f6987a8f774b15be50627cf106128cf74915", + "format": 1 + }, + { + "name": "plugins/action/native_supplicant_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e8ffc1fa4ba22956fcd6dc57b7fbfb8019515e2c19c7f0a8fdd64880333ddfda", + "format": 1 + }, + { + "name": "plugins/action/device_administration_dictionary_attributes_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6ae4e89b4dcbf281fe5d377f6817fd1afca83e40bf6494a0caf2210fcf3ad6d2", + "format": 1 + }, + { + "name": "plugins/action/network_access_conditions_for_authentication_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd6fe7a8624953d683789be2ada4391c73d325c305530210e9161c4b8438e6fe", + "format": 1 + }, + { + "name": "plugins/action/mnt_version_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c8af439cf0c6a976e3b1cda03b2db9ce0c22c43925bbcad1133c9cfc15073aba", + "format": 1 + }, + { + "name": "plugins/action/sponsor_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "891973ebfd794e3f4841c2f3ad38d5b4e2aef0e1d48fa2f1e1f76e8180f08eef", + "format": 1 + }, + { + "name": "plugins/action/device_administration_local_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b242009a913fb7f493e118ec20f74cd5bed022652f6789e691db4449b6dd0dad", + "format": 1 + }, + { + "name": "plugins/action/system_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "874b1a05952b04d49958aff03461a4f0d1d9135ffa12099a35d81cf97f513ade", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_bindings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e3093776a619d92a1d7dc5a43eed1862b576a52255a20da943b28d9555dfafbb", + "format": 1 + }, + { + "name": "plugins/action/tacacs_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "513312a04d04fce8c9b5bba32561b70a3762eaa488df80163f4596fccd5ea9a9", + "format": 1 + }, + { + "name": "plugins/action/trustsec_nbar_app_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "93ae77bc17fcfe76eb305f88b20992efce60b9367aa1e4b0306da7f7b2fb7d6a", + "format": 1 + }, + { + "name": "plugins/action/tacacs_server_sequence.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d0fada35eb399f88fbbce525a5db969e10e8c19f1057b6c0d9f80b2e82903b59", + "format": 1 + }, + { + "name": "plugins/action/network_access_global_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "33690d3b6b97fd8bea631e080ed394827ebac5007ee7a4f0c57eaac4cb8b4310", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_profiler_count_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff290aa82f395e53dc32d479a40219dbda575545cc63312d40c6e6eab980e7b8", + "format": 1 + }, + { + "name": "plugins/action/external_radius_server_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "953cd1cdfa03ca919d8a730334e638c9337704107f9e3c0eaa1c689f27686dec", + "format": 1 + }, + { + "name": "plugins/action/session_service_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d0a5f020030946d7d60025b6e5e7629866019fdeaa14c62dfe8f8c92ed075438", + "format": 1 + }, + { + "name": "plugins/action/network_access_global_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "04b0464c0709a4743546f93a1401e3dd0fe96bf7298ef5e61447951b85320e3e", + "format": 1 + }, + { + "name": "plugins/action/sxp_local_bindings_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "50d9d9adcaad9725c9ed0c80f9faeca32b0cce45ca365255bae21d599af60685", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_performances_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bd6e479403908fea8682b2ca17f98708fcda4fdce7d70380e9e5ed4e1f3c8416", + "format": 1 + }, + { + "name": "plugins/action/csr_generate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5f3e097ef6b174ace0776ea2d2829c0cf9a0b318942e42d54d51d096b72ffc6d", + "format": 1 + }, + { + "name": "plugins/action/pan_ha_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0ee7ca29e528c5de211e91462f0a9f019f3cc06e61cdcf3fd6691b481b9562d3", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_by_username_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5015521c73fb5adc5bc8039744a55f37eef160209b828adec9b002f3d9a0211b", + "format": 1 + }, + { + "name": "plugins/action/network_access_time_date_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dad8895e0633822fd6e2b57fdcbaa9a9316b8131183c4559d2478c0e64d4678d", + "format": 1 + }, + { + "name": "plugins/action/device_administration_time_date_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5cbe37385d8e632876e49433e343488730535ca4497a25823b341d63c2903e05", + "format": 1 + }, + { + "name": "plugins/action/byod_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "59e40e852f601c9b982254a41f3f0b739bb39a009f4544617537f0404c939a18", + "format": 1 + }, + { + "name": "plugins/action/node_services_interfaces_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "be2f02885115277c3851b16a7a67bb149f7d16656c9cfb19daab5a7850a3b9f3", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_endpoints_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "24897493a3bc5736d92adf6e19c0f4ddf9f533344e062e5a65aad03153f324bf", + "format": 1 + }, + { + "name": "plugins/action/portal_theme_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "919ddea9316dd1b4e7fab48a8473ec866e0fa23f02583b559554162f810a0c51", + "format": 1 + }, + { + "name": "plugins/action/guest_user_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a93dabf221402a365bd997f349a7da7133427e667f8ce8ca901b4918d9be2e5d", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_session_for_recovery_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e1bf34ecf38817436326271284760afed434a45c003e5e9aafe9577b2bbece62", + "format": 1 + }, + { + "name": "plugins/action/licensing_registration_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "328de7bf06b1bd5a47ebc97cd0979790e588c1c0d41522ba8249a9bb9eb06d13", + "format": 1 + }, + { + "name": "plugins/action/trustsec_sg_vn_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "52ad97481f4cb4a604e5a4ab40f310400f73e261a30264d879bd60e40c79f8fc", + "format": 1 + }, + { + "name": "plugins/action/tacacs_server_sequence_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "008f9abdadca0fb0e8bbb1109a6f070042b8329d4005b54f64c22057107953f8", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b23dc598542aea533c99eacce9a84756cafaf372c951daac5c82ef8450adae9c", + "format": 1 + }, + { + "name": "plugins/action/system_certificate_import.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fbd926c55f5d8c54ae2ecf10741b5c9fef2fb8290d549cdb6c0ed85de6715410", + "format": 1 + }, + { + "name": "plugins/action/mnt_failure_reasons_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6f50536e256d0f4e8bb52ef61754c0dd9d1540f864743ffa60e781e2648b3b22", + "format": 1 + }, + { + "name": "plugins/action/transport_gateway_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c294b21def715ca2ae632ce6fa0b543c8023d292031ac3c1c2f762f21b8a6795", + "format": 1 + }, + { + "name": "plugins/action/network_access_network_condition_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1645fc6a8c79d2ad5e105db65ffe4ecb9fcd51d01d7e0f46a80ade0da0ac0ec7", + "format": 1 + }, + { + "name": "plugins/action/device_administration_authentication_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3c48c5587324e5d8edee6374acb940626c44b2f206b4ffac269a7c8d369f56b5", + "format": 1 + }, + { + "name": "plugins/action/trustsec_sg_vn_mapping.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "90fc4c8b3322a0a1669dbf5564466295da5d576b6642d1466cd39a38c9af452b", + "format": 1 + }, + { + "name": "plugins/action/backup_schedule_config_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "12aeba065f115bb76b595e14eddc280626a0a01e72ba4e2e36967da33ab7fbf7", + "format": 1 + }, + { + "name": "plugins/action/network_access_authentication_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "32448b1e8e9d9f908618ce9dc9a70c31b1ad6ced4741e1f2824d1a86a63026b0", + "format": 1 + }, + { + "name": "plugins/action/anc_endpoint_apply.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "81bec6614af12f67e56d58d807857ee1b4889a38321a247fed7fc93f70e88b1b", + "format": 1 + }, + { + "name": "plugins/action/endpoint_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5f3977aa95a7424a7b43f346c90e2af3205df338391b9ce12b454077d5a43497", + "format": 1 + }, + { + "name": "plugins/action/guest_type_email.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "236988cebd9fc7912726d597a884cd6e2c120a27c56e4845aefcdc0a4b3014c2", + "format": 1 + }, + { + "name": "plugins/action/rest_id_store.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "24c7aca53602a189ac7952e6ed62d6977ba83d9682a651019549f346894a7f82", + "format": 1 + }, + { + "name": "plugins/action/licensing_registration_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9fde6f7ea5be674349cfdeb4ee6c002c71ffa777ccf50ebe26e881368a270dd5", + "format": 1 + }, + { + "name": "plugins/action/my_device_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "486f298e42a584033cd03593b32b24f27ad192e8963156c7c09198056517d9d9", + "format": 1 + }, + { + "name": "plugins/action/network_access_authorization_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6afbc0c55506af063a3a29ef7b2ab07640811656d02cbb77d843469e5a7a7b5d", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_egress_matrices_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8c328babbe6b06d9bc574418235371cf56518d824e2bae38c57e9c9189ac125e", + "format": 1 + }, + { + "name": "plugins/action/active_directory_join_domain.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dc11558964b4f2c0eb0e4a09d7667ea21234e1163aab3cac0f9e458ecfafe2b7", + "format": 1 + }, + { + "name": "plugins/action/device_administration_conditions_for_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "62451a4dfff28303d406124c1682823258db90ce1f427ebccf019f6fb54a0d99", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_reauthentication_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f921ac8a4958de2f80bcc09f2094fadc3ebfcafa264d6b72a8e5954667cd66ca", + "format": 1 + }, + { + "name": "plugins/action/support_bundle.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "61aa1b6e7e2edb49ac7d1366c2cad08e9c6515c83d97366074b4aa398722881f", + "format": 1 + }, + { + "name": "plugins/action/device_administration_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "54e51a7b9bd46c33ebc3d3c77ed0fa037fb354ef5c9c54df0811b34c1c16c760", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_endpoints_by_os_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f5eb537d596fac3fb45f1934b4bfb46c05499216fac5f119315f479f4ed005c6", + "format": 1 + }, + { + "name": "plugins/action/egress_matrix_cell_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d07149ede80bcb613244811e3809d73c9ef5f3bfb7e5d77124195702aecc4881", + "format": 1 + }, + { + "name": "plugins/action/node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c18e0f918c1234a162ee6cffe9b6ddbd559f07fa1fbe8f3cb278270be66847f6", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_vlan_mapping_bulk_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "92e76bf9f97b9cba899dc48aba011d2f0dbb49cf2740866419681ae32ad748d0", + "format": 1 + }, + { + "name": "plugins/action/licensing_smart_state_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "85b7566a0d12c964623facff701541483b4e555feba429f9252c836b0f5f0dfc", + "format": 1 + }, + { + "name": "plugins/action/sxp_connections_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ef75c7b7cb3547f7bb3b4026b7cb0f91b69378bf75c480a7eb9f102134051e56", + "format": 1 + }, + { + "name": "plugins/action/personas_update_roles_services.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6dbfec95a26d9be42a6b7e8afc9b74ab8978974b5447d269584f38fd4641947c", + "format": 1 + }, + { + "name": "plugins/action/guest_user_sms.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d5d01f13a01ae7498cc7f4b6fa838e502368322cec7683b0feb3238ef6cccb2e", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_user_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3c12083f264581005534005b21c392dbdde0172c9e395bec849ee63dc3721550", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_profiles_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e30fb1331d33b09bbba2cdd041effabeb47ccf5071acd403a840676e9dc101ab", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4fd514bda9fe8a19b8e92ee364d74788356da804d3dc2bbb234d3be37421b35a", + "format": 1 + }, + { + "name": "plugins/action/licensing_eval_license_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "137f8a9a10d2e8b99ca9fdc8259fd84d2028b90b10e6e2d8bb6b352b8124bac6", + "format": 1 + }, + { + "name": "plugins/action/guest_user_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "77ca503988a06be7b97fec0316a8e146441a7b54ee1cddbf636f226e3b7cecb0", + "format": 1 + }, + { + "name": "plugins/action/node_services_sxp_interfaces.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ced864beb7f33934d3f24afddff8bb59133f4b5d1ee451bd7b3808e7beee2f4d", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_group_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "96763934d6763639d6eda043dea775fa0cd20fa014806a651377a1b0a7c3febb", + "format": 1 + }, + { + "name": "plugins/action/network_access_conditions_for_authorization_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b800eded78302c6a06bc05e2a809c6f12100019368d5afa88c57a399e1bbe4a0", + "format": 1 + }, + { + "name": "plugins/action/network_access_identity_stores_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "377bb02c2049a6041aa3799a19ac58e1cb78af59596b2f3b9655a3599ab766e5", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_account_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0473093397a4c16cfec4c63349dfee71b640b24e850a146e67d5060d292c20e1", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_access_secret.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ec11c17ea9a18f7d4cc7ad14e0e9c610ffe1f65da35b2b749b1cc42858664014", + "format": 1 + }, + { + "name": "plugins/action/personas_check_standalone.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a8a65a72d973621c0dd0881672113f53a06172b6a2ccd6e5b731c2855f682937", + "format": 1 + }, + { + "name": "plugins/action/device_administration_authentication_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4dfaeb4ab84310cd5b4bb002ec4238247262fed038d4c4b5b8dcec53182f9eae", + "format": 1 + }, + { + "name": "plugins/action/active_directory_is_user_member_of_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ad5b9aac210f4f2a63a336bcdceb77d9dadfa369096e1afb982ad18f7688d181", + "format": 1 + }, + { + "name": "plugins/action/sms_provider_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b6604538f4e954ee42b51cba53bbdee8292f7dcce1287ec95ebc34dc55c65714", + "format": 1 + }, + { + "name": "plugins/action/sxp_local_bindings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d3a1c1c6a03b8a85a8d2a03c825e97a85093bc023f222e122223db3572881734", + "format": 1 + }, + { + "name": "plugins/action/aci_test_connectivity.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "65be27b52efa48cbdcce9102991394c06e1bb96416262228084045c0e9550f4f", + "format": 1 + }, + { + "name": "plugins/action/device_administration_identity_stores_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "db6b95a00401320d47f853d7d6f736a98dca9d63a408dbe062bff492d0b67932", + "format": 1 + }, + { + "name": "plugins/action/id_store_sequence.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "51f0a679ed4baa143507d3fecd75156800061106d552b21e2480fb317d479cb1", + "format": 1 + }, + { + "name": "plugins/action/sg_acl_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4189580510d2efe03ed31822f9e374c8da18cae6dd556f8d928865e89a8cd346", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_egress_policies_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "06aed10db4eea3997a4cbc3bb144d19ef3791ca06997268518037a75367421f0", + "format": 1 + }, + { + "name": "plugins/action/anc_endpoint_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "97bc52a139f913d6aa117f719bd2d4bcbe6e7ad2b18ced3a2394c7712a6cd2eb", + "format": 1 + }, + { + "name": "plugins/action/guest_user_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e658c24410a6a0b9c412f69da7491047caadf7c5ac7c89bdff162fb6699adc54", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_vlan_mapping.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "881d66b2f9e666ac130486e654647b412749e0a04960057269b3244031430202", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_vlan_mapping_bulk_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "63e23761602fc311195dbc00a9611fee982e01718bb2e8c0ef4c1259059f19b5", + "format": 1 + }, + { + "name": "plugins/action/sponsor_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d6f12ca65af1120e9637bb107e9a075a55b915e11b352f9faf682b47ec22b43c", + "format": 1 + }, + { + "name": "plugins/action/system_certificate_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a86f6e4c18d57b01d705f6e93dca4b640e30d9255589e4f53cbf629328a09f9f", + "format": 1 + }, + { + "name": "plugins/action/network_access_dictionary_attributes_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bc87569f66316141c43c549a768e4cb64b5235197b297d9407acadff604ec7a4", + "format": 1 + }, + { + "name": "plugins/action/px_grid_node_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4691ab3f8b78cc6f03511232876dabce7890a98b144dbee8c405b6081cc76785", + "format": 1 + }, + { + "name": "plugins/action/device_administration_global_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fabdcd5cbb34bca328d4b85b68f0e15db0fbd6b2e30e5c215a407d4e86a5f031", + "format": 1 + }, + { + "name": "plugins/action/sg_acl_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f115fdf62481647f4eeceed207e437fae9327c42c72051f4a564d00b3e8d64e9", + "format": 1 + }, + { + "name": "plugins/action/hotpatch_install.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "841a5f1484910ab249e2d67a0327931bf83d40cb27aadc4e7883fb6d1b558eaf", + "format": 1 + }, + { + "name": "plugins/action/active_directory_user_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "32f96d8ffe0cfdc346f6b21416fd17cceef2e826934e20630f7d6ad97725f15d", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_node_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f2f5ad212cbaa6145289d836b0cf4c9c550ae2945526a744785deb32b0ed3bde", + "format": 1 + }, + { + "name": "plugins/action/personas_register_node.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "df41fe7f6b39fc73de8854b4533785c1f173b2924b2593b0ad79679867a7e131", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0054abbeaabc0253444fb7a75b79fa0b4213da9756b12d288e2f6e87a82203f5", + "format": 1 + }, + { + "name": "plugins/action/backup_last_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2cf3b261fce8a2feee6636bae3d3a9d4a5ddede52754001aaad55de0a161f526", + "format": 1 + }, + { + "name": "plugins/action/deployment_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ea06557d917f1d5b20eaccf8430bf164fb025f785049042854205811539d3d2e", + "format": 1 + }, + { + "name": "plugins/action/sponsor_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d2dc4f5e84b3b4e897fc70bde7ccfca13055191a39d8f66c00fcdff5da6b91ea", + "format": 1 + }, + { + "name": "plugins/action/csr_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "07c019bced417d3dbb0a491d5f21a23b69a41a0078c672e871e51a72eb24d0eb", + "format": 1 + }, + { + "name": "plugins/action/personas_promote_primary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f9b7c99882b15717c52bf1421f771a482fee6ab7ea4ea1699169b7771b26a759", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_session_by_ip_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2b6fd8d5212751802f62b7bc385be8c971ebeec299919368184382b2cce8e6b5", + "format": 1 + }, + { + "name": "plugins/action/node_replication_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b14f04fc660905c91d132e4893292394f10c04c8cf9aaa8bcc1af06ef9db4c55", + "format": 1 + }, + { + "name": "plugins/action/egress_matrix_cell_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "97e517bc059ba29cb31b96a35970bd2ebc79e2df113118f05f80e75086c86d9e", + "format": 1 + }, + { + "name": "plugins/action/guest_smtp_notification_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3aaafebb630ff8b6039da968413e8e3a218965d30740a62e25ad14db9d6a6063", + "format": 1 + }, + { + "name": "plugins/action/node_standalone_to_primary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c95d4f90f04279b4c6930732ca9a17c1ad0c9f9eee2e8bdd84a866a0b5db9499", + "format": 1 + }, + { + "name": "plugins/action/endpoint_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f2b2e8da191845dfd03ac61e1bb249c8db96a51661fa58c9b7ad5da71a2b4df1", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4fe01960c8bd83eb0f06c81dd5f447374fc61ad4cd6d48a721575d0693c5adb0", + "format": 1 + }, + { + "name": "plugins/action/egress_matrix_cell_set_all_status.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "882027e49f14f3731ddd1ee4368fe1bf8d43185c018f7b4029c14526d13f6504", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "527031a4bb8825baafb40a2316c6f5667e2938d46c98fcda310666822b8b59f5", + "format": 1 + }, + { + "name": "plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "707e4e97807c6ad12c5025c3ec05fd1380f68a8439cf147b37e8556790ea05ab", + "format": 1 + }, + { + "name": "plugins/action/trusted_certificate_import.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c24c7c5d3c6e64ae2fa866b2dba44c919b3122296032b4a08bcab99f34cbc15e", + "format": 1 + }, + { + "name": "plugins/action/network_access_network_condition.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "906dda5e785d909b4a00a8d1691be6d4e60e132dd89f14a8a2502d62777c2f6a", + "format": 1 + }, + { + "name": "plugins/action/device_administration_authorization_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d641d6bc65ebf4e91fe2d614ff95355d71d20fdedc333d1d2f4e68929d5caac3", + "format": 1 + }, + { + "name": "plugins/action/backup_schedule_config.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9771efa4438fc058f6ca3026e7565e4e3ebb7b35ca83d0e8186f4c9fdf40e8c9", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_session_by_mac_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8586b78a6585d526d3d660592c98f6f4c53201c047a040396dd07f0f4bf49860", + "format": 1 + }, + { + "name": "plugins/action/network_access_local_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7c2ade73bd6d2effbcb1985ba100786c23f9b0b8109b5297b874f15f08ccd50c", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0428b5b353f7c58c7d41f8051ff0bc836cf9888be9034084c3be2e61d4b37115", + "format": 1 + }, + { + "name": "plugins/action/network_access_security_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6d5e12d17071818146bacbab7acd3ef3cb5172c949ebbeb36e1553d826ec60f6", + "format": 1 + }, + { + "name": "plugins/action/device_administration_global_exception_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0add95d4a29e2e7dbee7367adfd57a3832962261ef5941b59c239938942eced0", + "format": 1 + }, + { + "name": "plugins/action/device_administration_network_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b5b2f971484a77560e0b9a544646d20413f76932da8e3e77e66c7fca88921354", + "format": 1 + }, + { + "name": "plugins/action/network_access_dictionary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "221b6b7ea9290a11dd2725fb9bb9812e83b676ded45fe30a7d02d084d108f0a2", + "format": 1 + }, + { + "name": "plugins/action/sponsored_guest_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6777bb2489b7264db145ebca7e71faea0bbb38c89fc8f7b932849a9923e2e1fb", + "format": 1 + }, + { + "name": "plugins/action/node_group_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1ba71e78e750e8d7a418da1d02aa6ebab1db9b8e59d4b7eba3e8c4c96ad6ea98", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_group_deploy_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "540642fb0b7ba1f346b6fad72b7b59560d74bb6eb30a277956937539544f19c5", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_disconnect_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fc6285c85c08a28fe20a13e5dedb554f1348a4b7ab8ba757b69731b5e8e38c6c", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_by_mac_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9aeb743e09eed3a6581247a9b833173d98496657ec4c94d940581b26ced16073", + "format": 1 + }, + { + "name": "plugins/action/aci_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "86a3e778c6ec172ca6c168a8ed2ccf82b52e799d0f8f70362497e1ebb91a46d7", + "format": 1 + }, + { + "name": "plugins/action/network_access_dictionary_attribute.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "27b81df2fae2aa6b55748d830277a32448407f876ae775bb5990a4024d00c0f2", + "format": 1 + }, + { + "name": "plugins/action/node_sync.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cfc559303f3c3fb60705520b7addf8d7d3e071b495d0061bb363ec1b52cb499c", + "format": 1 + }, + { + "name": "plugins/action/endpoint_get_rejected_endpoints_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "256e6b53e158da430e1431d91d1246325841ee051f8031ab5400da13918d0895", + "format": 1 + }, + { + "name": "plugins/action/anc_endpoint_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "91e3840214cdf1060d68ff1b8d1fa7161ad9cf069fdb8e2db66a7c6ece0724d0", + "format": 1 + }, + { + "name": "plugins/action/licensing_feature_to_tier_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "572c20cf0d0344c229782242746ce74395c1a7da4605d64710a2e5a6b67f621f", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_by_nas_ip_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "93c3de9ea05824196621a61171799460b5421c9665804b510ca57ca18a40848a", + "format": 1 + }, + { + "name": "plugins/action/node_promotion.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5c63bf3f57c7b454f0e5402b10242bf9d43c97bc3037acc17d453af951588399", + "format": 1 + }, + { + "name": "plugins/action/tacacs_command_sets.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "72af3001ae07c29fcd5047dacab10b951adec4671ed8f7c05a66a3bd2f5357fc", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_service_register.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4022f3eb7ba4072470203b32335368029258b9212232a7c1b6475a20162d6513", + "format": 1 + }, + { + "name": "plugins/action/guest_user.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2923717e24bb2a7ce68f57b9ec4ca27fe7970828ebd1f574198ac360c5ac9a60", + "format": 1 + }, + { + "name": "plugins/action/network_device_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3e76bb2bdd57a5eecfe5e474893ed9779cc75701730ebc535c7a5dcefff64a7c", + "format": 1 + }, + { + "name": "plugins/action/tacacs_external_servers.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "29a052208e91750d6af08c02ec9e99adf443b67483594476ca8f6dfce7bed187", + "format": 1 + }, + { + "name": "plugins/action/proxy_connection_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9f7cbf945362417e0c925734beee7fb9eac9b95dd769bb12b259542c9e45032a", + "format": 1 + }, + { + "name": "plugins/action/pan_ha.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f53de4b2401c1419684a71ac3260e3ee4c281a36440241b282dfb92c25db9d4e", + "format": 1 + }, + { + "name": "plugins/action/system_certificate_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8a38c7b7300b2d94976e6f08981a35a176ebd6d88720f50f68957f2d02b28470", + "format": 1 + }, + { + "name": "plugins/action/telemetry_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a279a32f12c8c0b3cbd275117680db81d9a840da39d04ab4007c7392a27d2a45", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_deploy_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e2968da05a6c25bfd6412f3f8f68b8f60b41339c778d2442c07d79c302363d84", + "format": 1 + }, + { + "name": "plugins/action/endpoint.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2e88f00a40e7df63a6fd15f88f23c7fc3f13e5f5dd2b4380f0d399e840b1a9ae", + "format": 1 + }, + { + "name": "plugins/action/egress_matrix_cell_clear_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff35387092b1c28f8aabc8a7aad21fc03c17b1132675f52b440d35547bc22457", + "format": 1 + }, + { + "name": "plugins/action/endpoint_deregister.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "eb168d3628a38dadd7c34752450a11343d1e2488c6a2fa4963a4fefd3d8ce770", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_bulk_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "88919feae044ade3c6a6d25c729c0f883f49d52f9b61bd3286709f495cbc6a64", + "format": 1 + }, + { + "name": "plugins/action/node_group_node_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "32bdea5ee6789f79786936dd973f6bceca43122272e6ba246d46b8b8ec96125e", + "format": 1 + }, + { + "name": "plugins/action/system_config_version_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "751f59d10e5184e464e07f5482133544d0494e43f1dc37b3f2ab5586d11826f3", + "format": 1 + }, + { + "name": "plugins/action/downloadable_acl.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "21e9ee7a41080aba2a719ee7df891e3bdecdbf1e9cf0b96466d8084fd3e4e2a7", + "format": 1 + }, + { + "name": "plugins/action/csr_generate_intermediate_ca.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d2834b5da282b6c627a5b0a5e5569bb5902f087009ebe36d19326ca3e29105e3", + "format": 1 + }, + { + "name": "plugins/action/guest_ssid_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d02b89280bbe686a2d1995edc826e76816c9b676e94ec089d19d45964ef03cef", + "format": 1 + }, + { + "name": "plugins/action/anc_endpoint_clear.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "21e22bdc140a04d5b6b3b56a424cf1f78dadebf29ecb02a1d3d01f967d97492e", + "format": 1 + }, + { + "name": "plugins/action/sxp_connections_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "50af0f8cc0f2f368de1a8f9fa6ef95c28a8b442ca469407e3945ecea41350dd6", + "format": 1 + }, + { + "name": "plugins/action/filter_policy_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "054512d1e2c3116378ec6d55ceaa16ad3d8305cb73e3e98c799892fd2f16efae", + "format": 1 + }, + { + "name": "plugins/action/px_grid_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "527031a4bb8825baafb40a2316c6f5667e2938d46c98fcda310666822b8b59f5", + "format": 1 + }, + { + "name": "plugins/action/internal_user.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3c181385b8c11a611dce9e0cd1f3cb26fa6955bc74da4ee2f2fb902367cc24be", + "format": 1 + }, + { + "name": "plugins/action/licensing_tier_state_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9759fcd1edcc8f97d7e6987243849d95242925574316649c8551437420946298", + "format": 1 + }, + { + "name": "plugins/action/anc_policy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff8a7ad7ac28d1fb1aead5e2d2334a621b24ed1183443c6030acd49f815a564c", + "format": 1 + }, + { + "name": "plugins/action/device_administration_global_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e6654d9a39f8295e29229129b85ba927cbf0bd1331f3f6b027579526bab6e110", + "format": 1 + }, + { + "name": "plugins/action/sgt_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d84f6adb500c00b89adbd2801048de7e584bb5cc5ad03d551940a5982d0e79b4", + "format": 1 + }, + { + "name": "plugins/action/certificate_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "821c9bd702a2972a8e5f6f232a86042488a7d94a8ea51d2425bec20ee4dbd2f4", + "format": 1 + }, + { + "name": "plugins/action/sg_acl_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5b87b20c459bc5ea2fa0e632b451b46381fe9e82a4156d15a699c3a28023b2c9", + "format": 1 + }, + { + "name": "plugins/action/patch_rollback.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ae64d351be77d3212111a4f3f602f9b24b347a92ce1409b4e38ed828abd44f4e", + "format": 1 + }, + { + "name": "plugins/action/anc_policy_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "21aaf26f23973dfd268ab68189ce989b777310190a2ff92f1d1fadcd24270a21", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_node_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4691ab3f8b78cc6f03511232876dabce7890a98b144dbee8c405b6081cc76785", + "format": 1 + }, + { + "name": "plugins/action/network_access_dictionary_attributes_authorization_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2dd190928a558250c182e570a30b0d9e5f30d966e1737be5a79c04862a4b91f8", + "format": 1 + }, + { + "name": "plugins/action/guest_user_reset_password.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2d104e9e6d6f48bba5ccfd5b4172736ceda636eda41a28c52412236614fbf274", + "format": 1 + }, + { + "name": "plugins/action/network_access_authorization_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b753a48d43e272266d432df6dbb4135b319511983af7feecde4d26ad4fd6abd1", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_active_count_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c25a59bdca8063495549d9c8a619a04e9d9f1fbcb13a208aed4d826a5c01f8e6", + "format": 1 + }, + { + "name": "plugins/action/sxp_vpns_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7c0267c3dba096b081506b16b6169fac96bae866cfde6dfa8cd2f8d775c53d9f", + "format": 1 + }, + { + "name": "plugins/action/portal_global_setting.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f7bee1b19fb5fe94b699bdd6fe951e9fb66bbf2a9e3ecf8c467f0740d9e4730b", + "format": 1 + }, + { + "name": "plugins/action/device_administration_conditions_for_authorization_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3b22f410bb20522ea16f730c28c481fe1bf218535c50655fb380c0656e124825", + "format": 1 + }, + { + "name": "plugins/action/portal_theme.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d68476c4ba5d63a95d6472fc54548c9d3326c09468ffcbcfc163220b173ccca1", + "format": 1 + }, + { + "name": "plugins/action/portal_global_setting_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c1bfd37b6bb21d5d1c7c45609ca20e4380f60f4de3985451eedd7538d23cd5f6", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_group_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e559f9c3337c3845905d165090036017232f1aab0ca73cbf9eedf318da510398", + "format": 1 + }, + { + "name": "plugins/action/backup_restore.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a39ae2b623ee17e9336371e6f4d1dbe7eaf7fd8730cf3b61ac6d83d0e3f9b6be", + "format": 1 + }, + { + "name": "plugins/action/node_group_node_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f30f0abdd62daecd6b86f8d292791a0c8edb8ec427fff4755c59d0707e080ad0", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_group_deploy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "546b230ceb411bb41d6119ae5bf51d58afa6106b811e83da5eab4f902597aa71", + "format": 1 + }, + { + "name": "plugins/action/allowed_protocols.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a7a9158fe7c3b7a5b5c1028027fa4c26882b70f30ffd725d1b4672d36a771fdf", + "format": 1 + }, + { + "name": "plugins/action/active_directory_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f61a27ba961612508ebcca8b2a99927add160bbe4386cdbc12e0e608fab931a3", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "87cbd2f9b280e45aaddf60f3ef3c17b60bf798e1b38ea41a994b47f64eab6641", + "format": 1 + }, + { + "name": "plugins/action/sxp_local_bindings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "072eb2459d3b13d639932c14e8b4c3e76c5d7afd0c14234e49835e20b6d74b16", + "format": 1 + }, + { + "name": "plugins/action/support_bundle_download.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b8113418b64673e1b41e6fa422b52519f1f4a9bdfad2e69ce8a4ff8ccb1ddbe7", + "format": 1 + }, + { + "name": "plugins/action/self_registered_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "633a835de729b9549beba77626cba2626e282b03a32fe5c9bc489beaa1238ea3", + "format": 1 + }, + { + "name": "plugins/action/node_secondary_to_primary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "229780ac85397dac346beced1ab4c433ac2acc139817d77f15230c84bd738951", + "format": 1 + }, + { + "name": "plugins/action/guest_type_sms.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "78684d500e2e7dbdb5a847e548440fe4707d08b0a7ad5eab405fc256446e6e6c", + "format": 1 + }, + { + "name": "plugins/action/trustsec_nbar_app.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4740fca59d6dd94575754804fce18a2db249eaae7abc2f8116cd728fe2617af2", + "format": 1 + }, + { + "name": "plugins/action/sgt_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff4e929ee3823a8656d26da72aeb39ad3eb5e3da4b9711121f3fb424fcfccd71", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_by_ip_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "58835ca34c38a99ebe71f3b7351943e3ddff1e7e9974eb106212313da53b924e", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_deploy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a7849a5738f1ac2d8117ef6c310effe5f586ab4f9324683dc822de68f41cecd4", + "format": 1 + }, + { + "name": "plugins/action/csr_export_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6ec37edd025598d026c5cd3d2e2338ec9efe1841b785ffa6484e46a4bfcc5ff5", + "format": 1 + }, + { + "name": "plugins/action/trusted_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ad48fb7af2367a6ed35be4068bc4745ca44f4457e071a58db3637a433e3aa5bd", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "546e383e2f7aab61515bb03753478b689c4459ae3c14bb2d468dbe2ac4ba1dcf", + "format": 1 + }, + { + "name": "plugins/action/filter_policy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4fad28d38671562de7cd1ab39e2a12294c1d462fa1a6b3fcec3dee7fa22278e9", + "format": 1 + }, + { + "name": "plugins/action/network_access_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "64c7ba1b6c46e8478c28177acc74b8a15119b7aafedf1469786da4dfb0a232ee", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_endpoint_by_mac_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1b40455d74c7fdcd0bc0c86a267492dcfb17c2b12df56ed244f920168f8ca76a", + "format": 1 + }, + { + "name": "plugins/action/radius_server_sequence.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f1ea00865e326337aa3dcfd92128faac6beeea8f6dc3d67b207e7309004766e0", + "format": 1 + }, + { + "name": "plugins/action/device_administration_time_date_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c24bab194baaaba0d3e8bfc418a422475a4628589ecb23657639c8d2884cc13a", + "format": 1 + }, + { + "name": "plugins/action/node_services_profiler_probe_config_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "887d5d13c67c46f7d0593b30b66aa063eacd00b0aa6899f1256fd99f458db042", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_sessions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "98acf5afc3de26c005d72cfa34f099499d1142b51b19aff35cef4bc9f14985d3", + "format": 1 + }, + { + "name": "plugins/action/allowed_protocols_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3b11ff534bc6fe1b7d05cfc5f258885bb858dd05e76abc74e7b6070f96b7808b", + "format": 1 + }, + { + "name": "plugins/action/sg_acl.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4928fdbcd889d86bc06c8c88f8b157dfe8038ad1044039c2bc081e85a45135ab", + "format": 1 + }, + { + "name": "plugins/action/network_access_time_date_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c3027998e448a69499ded02fec99e06035c3f91aab8ac975d8327b193d88955c", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_posture_count_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "34dfef43f5642efb4307817510545348784c3dbd9cb550223fdfec47d64124b8", + "format": 1 + }, + { + "name": "plugins/action/sg_to_vn_to_vlan_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "38f2bb2a355983e02fba174f8340cfa517a9a192e21fc24b5e75fba0cabdda85", + "format": 1 + }, + { + "name": "plugins/action/profiler_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "062dbe83e1a0abab15e08257b2affb95f951a6891f7abfeec671cbf8f9094728", + "format": 1 + }, + { + "name": "plugins/action/node_services_sxp_interfaces_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "54a6238ab84a19570645c636b12f43b2a5c52c9e89ff1517c943bfb7bd778b5d", + "format": 1 + }, + { + "name": "plugins/action/active_directory.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fb557aeb8c753d18ea93b8dd7cc8b365ca48552268071ab72e5e981ca4aacd0e", + "format": 1 + }, + { + "name": "plugins/action/identity_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "12011106fa6d5a23c88c21261ce6d8efbef82ef7c15cd229324ab46e41a35e32", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_auth_list_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c19fd4eac090031ece6b443641a43a2b26f99ba93e59ba8edb1017813ffe7c14", + "format": 1 + }, + { + "name": "plugins/action/patch_install.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "91b63e82314d36684ebeaecc578dd96600c5fe4d9001f5eeb3223adee009bac3", + "format": 1 + }, + { + "name": "plugins/action/network_device_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "682f4caead156742b8e3674a4f28dc806013e56d0681d47bcf80c8a167ac0fa7", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_bulk_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bc83b1dfef409e740fdfd9e4b77dab6ea1db37ee04d73cd9acea16ea7983c6df", + "format": 1 + }, + { + "name": "plugins/action/network_access_authentication_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6b2fde7af450d3f009b508f441d0e357c76d24ead12a31773121e41ca7368eb1", + "format": 1 + }, + { + "name": "plugins/action/device_administration_authorization_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a156be3fde0a268aec6f60763232bb8ac816c4712584ab8619912f6da4c00d73", + "format": 1 + }, + { + "name": "plugins/action/tacacs_command_sets_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c85e27ee547b3a92b0450301003d41b2b59ed940fafadaae1a9456f5559a6923", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_bulk_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2eb856aad4e996b4ab1c50b16377f5482546a45f1005db62e19d413a1a4fd04a", + "format": 1 + }, + { + "name": "plugins/action/support_bundle_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cfd3f314aacf21d4ef405c92a9773551c8a1c74b88adf46538fdf4f98e9511e0", + "format": 1 + }, + { + "name": "plugins/action/active_directory_leave_domain.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4c7045820ae4f6a7985e8aa2ce1aee79374c6f7f36ed18bfc2f934df62322312", + "format": 1 + }, + { + "name": "plugins/action/endpoint_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "febe819b4abd344db593fcf09f9c15a62c06420ef5d15664927503c33161b0e7", + "format": 1 + }, + { + "name": "plugins/action/guest_user_change_sponsor_password.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "757a527f8181bafdbd82c0da7c874b8d769e84a4541bb7010a38a342b2591695", + "format": 1 + }, + { + "name": "plugins/action/network_access_authentication_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "281a0c1c38210f1b4b71e44ff2235450e06163cd6cb655a5b079292900c8671a", + "format": 1 + }, + { + "name": "plugins/action/downloadable_acl_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d1e291a2d67c7aa327951138eac047905ab6e5e07df653183c8052cd437fc3b9", + "format": 1 + }, + { + "name": "plugins/action/device_administration_conditions_for_authentication_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d9aa455d384060edaf2cbae03693b897e8ff97e4113be736d7f1808f159ad9ff", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_account_activate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "65ae45eaa149c4946847a513c0b7f4f67d2a8a036322fdab3be9212b81e33ccf", + "format": 1 + }, + { + "name": "plugins/action/sg_to_vn_to_vlan.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0cec12000173656b0201ed9d43935eb61c1017d9769fa3493dda7efbca50581c", + "format": 1 + }, + { + "name": "plugins/action/network_device_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8fd994e555b2a36c107507034698623bb97aa36fad12c645f816075f0bf796fd", + "format": 1 + }, + { + "name": "plugins/action/device_administration_authentication_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cbd7f0075e61bd3f3a6307bc43e830817346ee27e117efe1c1324ef257f2fcfb", + "format": 1 + }, + { + "name": "plugins/action/csr_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "14c4b1cbc840d29da160ffb039f4669945666a877c935c5eae5aeaa6ae5d2b34", + "format": 1 + }, + { + "name": "plugins/action/authorization_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "964959f5b0c69feaa5c4858dd6db4f9b5af88486223cd900496d7edb9a950133", + "format": 1 + }, + { + "name": "plugins/action/sgt.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "33f77a80a42fb603193a221817e610094a0205e7ee195b206b18b690d802d5e4", + "format": 1 + }, + { + "name": "plugins/action/patch_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "96dfa7ffe58c42ab0a2b40a0c54e6e40f6b2cee9e805e105a2c4cb77a673df4b", + "format": 1 + }, + { + "name": "plugins/action/device_administration_service_names_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ce7358df18078fb78a72a53e4abaeed8e442f3b8b7dba1620a085a7ada3909de", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_delete_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "071493359cef91feed68fbc1825e1c2d6abdfd730974fd8826ddb39b77ecfe6b", + "format": 1 + }, + { + "name": "plugins/action/px_grid_settings_auto_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9c8809c6072c47aed001af0490373c4c1cb665959ce6e0196b0e9aaee6e53990", + "format": 1 + }, + { + "name": "plugins/action/endpoint_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5526a8abbdb4d7580b7d5f945f127caf7734f6aa88118c06fa3727fd47320920", + "format": 1 + }, + { + "name": "plugins/action/network_access_authorization_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "16781fb9826fb58c72767409f4cda9112291bab0e2a0f739ed7dee4577757dc3", + "format": 1 + }, + { + "name": "plugins/action/mnt_athentication_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ea8108a1d3011e45ad733579747c00162395de42f687cc880c97f66f08d643d8", + "format": 1 + }, + { + "name": "plugins/action/device_administration_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4ca08c5e0210015b40b8c20406ad28cd7197a43c44116daee0e096199a2e14bc", + "format": 1 + }, + { + "name": "plugins/action/sxp_vpns.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d6f1b2e35d7182d03a7a39eb1eab233034f44e713e0c7ffeb4ca5727aec1e063", + "format": 1 + }, + { + "name": "plugins/action/device_administration_local_exception_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7fc076224b36225f5432b8ba9daf3ea294882d21be11caf4eb27867874f07e59", + "format": 1 + }, + { + "name": "plugins/action/resource_version_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e218612c3319d2ffdb9d375c10226e52dc8664240b589561f44acce7df7608e7", + "format": 1 + }, + { + "name": "plugins/action/renew_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "935a15ac39e8bef1001f3186a8c9525ec4fe844d07c84f4ae7ed2971ad1ea63f", + "format": 1 + }, + { + "name": "plugins/action/endpoint_release_rejected_endpoint.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "04a91e46eda870ef2f313c504f4efd72da9157c62f72da31af7232a5068941a8", + "format": 1 + }, + { + "name": "plugins/action/guest_user_reinstate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "27232d155fc2d7fb7b012a391247b814db3ffd9d2e04db83f97e5e553215e593", + "format": 1 + }, + { + "name": "plugins/action/egress_matrix_cell_clone.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "591c90ba039f9490f037e0a865a7ae3651c2f41cc1b7fea238cc4714bbb0c924", + "format": 1 + }, + { + "name": "plugins/action/my_device_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "25dec8b3b31d9718286d48f4f709be4f2288423e411a336f9b871bc892f3986c", + "format": 1 + }, + { + "name": "plugins/action/network_access_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "af9c68f336218b8a82aab7d8928ea3f876243b91283dc813e7f3ba5860391ad7", + "format": 1 + }, + { + "name": "plugins/action/pan_ha_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9799c82a85dba29a2efbbe4e8b42a294836cd85d24d00ebd26b119844e8d6576", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_user_group_by_username_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e86b097e3d6b9074465081280d5d4e3a348d93ebbbc675f49a3012537c15d9df", + "format": 1 + }, + { + "name": "plugins/action/node_deployment.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7f335ec09d999759a89965e9403b8173099c4b41f9e5741cd83c1d6a4f0b41cc", + "format": 1 + }, + { + "name": "plugins/action/certificate_template_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bca920eeac07e75945bd5c0bb75d5cb0d48f01d5cb761961f64ee6aa108cdac3", + "format": 1 + }, + { + "name": "plugins/action/tacacs_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a679a8a87db2412e19dc4a87bef77fbc1c5023ad11ead30e690034d62d1b9a85", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "096375f223734bc6c09f72e40371fd7bf86936540173c480ffd41f535843748d", + "format": 1 + }, + { + "name": "plugins/action/sxp_connections_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "681cc9405ba4ac68a5ac88cbcc7c4bfc34b46c364a2ba63b098d1722e31e9aec", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_service_unregister.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b182fe1338bc509579a5acb41cfc9fa58ee8e3744b3bebef9cb99471261d82da", + "format": 1 + }, + { + "name": "plugins/action/byod_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1a965cf326b2f5bc88375dd1f0c51de17ff2990fe6d2491ae64ce10a7a0a55f9", + "format": 1 + }, + { + "name": "plugins/action/sg_to_vn_to_vlan_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "01add89f1198e0a10abf0e3affcc7c7fb4a8968d4f786f805be1cec019a55dbf", + "format": 1 + }, + { + "name": "plugins/action/active_directory_trusted_domains_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "842161fd50e4cbfe563385fb5d42cad81db4bde0696657f9e4feae78de5f467b", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_authorization.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "164fe32558732672fc4b29499652a9eaf06dcf681995f77d13e0f225bc288476", + "format": 1 + }, + { + "name": "plugins/action/licensing_smart_state_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3fa2031f029e2895fbffc37ac17c43e05fd4e68b4053ed5c90ffd96dd5ef046f", + "format": 1 + }, + { + "name": "plugins/action/egress_matrix_cell_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "53e0a1f6deff33a9798ebdee10606a0af18b1248e7a77c5d2d4d87d87d56e73c", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_deploy_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "95ef74136199dfb3a464acac96f73cf9e60ad41c486dc2ddee7592926bff3d09", + "format": 1 + }, + { + "name": "plugins/action/sxp_vpns_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f8504aeee386eb36e1a0520b7c658c1255ee7653be4f1a3d980290eafe209621", + "format": 1 + }, + { + "name": "plugins/action/device_administration_command_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3ca0c98146a76537cefdefc8be407491c7b7f863dd4ed6d70b494c4373057290", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_group_deploy_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0976ef3e751d67107a530401cf032ceeda4d5263feab1b186c26669941f6ac37", + "format": 1 + }, + { + "name": "plugins/action/repository.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "39233c9082ba5e4d122df594ae33d2008f275a53179bb90eda917cc55e757115", + "format": 1 + }, + { + "name": "plugins/action/guest_user_suspend.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c8bf1355fb8fd14ba00151ebef7906383b05f63cdb3a92bd203827aea5a4e2b5", + "format": 1 + }, + { + "name": "plugins/action/network_access_local_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cc23ad75fba43f06663a8774d4177ddb5d6ce5c0059a1d30c7f82e174b3c3dd0", + "format": 1 + }, + { + "name": "plugins/action/endpoint_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5d55e8067da1064224f4cd6f5b819b9958afa4f76eb8abf3f54081ac39e8c651", + "format": 1 + }, + { + "name": "plugins/action/device_administration_dictionary_attributes_authorization_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "43e4cceec5175a45136326ebbdb91ae4495bf8af04ac224ce36759c587ad4d9f", + "format": 1 + }, + { + "name": "plugins/action/transport_gateway_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "01dd914695935470f9070df258a809740f4aeaec336f49866e712fe8fa4d133f", + "format": 1 + }, + { + "name": "plugins/action/backup_cancel.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c05cbdae22a61b8648e6aabff62cd06964d72c80589b03b6a60832c3968da768", + "format": 1 + }, + { + "name": "plugins/action/system_certificate_export_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2f13ad574e60af54f0d20a00e0f99ae0517f35d940207cd6d6d6839834a061c9", + "format": 1 + }, + { + "name": "plugins/action/guest_smtp_notification_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c4d2505abeb338fb5bc581536bfa65493d86895b29d37a533bc60a1808a11df8", + "format": 1 + }, + { + "name": "plugins/action/network_access_profiles_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "191f5ec8fa5073b6731b42f278491bd244441b20a13215de527ba0b805fd0720", + "format": 1 + }, + { + "name": "plugins/action/active_directory_add_groups.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "97295c2b7e7bf154805438922b9d4c2b136c4e3563a6409da2c9d0a1fcf90647", + "format": 1 + }, + { + "name": "plugins/action/mnt_session_active_list_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bc366451453119a0093db804567e2fdcbbcbffd57be720f96aef6b4eacb12d6e", + "format": 1 + }, + { + "name": "plugins/action/anc_endpoint_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1b496268db3678eaccf1fd69fdb6281c891b0f628dbfd79a51afd218800010bd", + "format": 1 + }, + { + "name": "plugins/action/guest_type.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f3dcbed4e2aba5d68c5122fc9e026e395e0a15a36f42762d5e1bbb2a8e136b04", + "format": 1 + }, + { + "name": "plugins/action/active_directory_groups_by_domain_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1bcaf27db666ccd80e79b12a6c9c247d2d0fee6832dd8de501e7764ccbd15ac5", + "format": 1 + }, + { + "name": "plugins/action/network_device.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "49b73ec27b42cad62bcd8376870735ae0f3e6a64e8563cee5a5689205e77413b", + "format": 1 + }, + { + "name": "plugins/action/network_access_conditions_for_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f8d52f5390f848d613529595a6225c51ee0c717bef979de32fa4290ca7ff6932", + "format": 1 + }, + { + "name": "plugins/action/tacacs_external_servers_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6fd21513e50284510c90bf2ad6fc29f2a5b019a26fb773af3adda980a90122e9", + "format": 1 + }, + { + "name": "plugins/action/active_directory_join_domain_with_all_nodes.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7562db5aa714230b24706439845cf0d6bc7dafe41297695412622ce7878c3327", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_service_reregister.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1702869a6c2a59a0eb86ee64dd3d0e01a836be675647d511336689eb1a039e62", + "format": 1 + }, + { + "name": "plugins/action/device_administration_policy_set.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "59631633fa15933596394ac10eed5f93cb8fe6b1b410f032c7d411470395a323", + "format": 1 + }, + { + "name": "plugins/action/hotpatch_rollback.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6af236dfd2a1227f87bd4741c2d1922aea9baedb70956f42c36ed313896a6563", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_service_lookup.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "02044ae53dc826fa07e493eadf232f29b0c1e7dd61e1167e563d6d52b8efffd7", + "format": 1 + }, + { + "name": "plugins/action/portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ba4df7e93774c450a0373494036c2aafe249c496e4e9a8a0a7e050ee0bbfe83a", + "format": 1 + }, + { + "name": "plugins/action/anc_policy_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "64f677f0cf2dfba00fcafc68ee1cd5f37deb64ae728519daefec0a6acf8eebd7", + "format": 1 + }, + { + "name": "plugins/action/network_access_local_exception_rules_reset_hitcounts.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1e77fe86a7570db61e2f3da404d138cd412e7c2215c2715e6c4bd5e907e47b9b", + "format": 1 + }, + { + "name": "plugins/action/device_administration_profiles_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0d63a3bc0c2c057a75f7c79f57bf4dd11ffc08bbcbe92dc3ae05a2287a03da46", + "format": 1 + }, + { + "name": "plugins/action/hotspot_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2eaa8e92f722ddb179f033a61ef74e70d56dd70b6be82fe1b55c8dce4ebd34ab", + "format": 1 + }, + { + "name": "plugins/action/backup_config.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7560acc48a82b3040e02a4af91bab9c886c65576aaacb26d5c7ecf10a05c4ddf", + "format": 1 + }, + { + "name": "plugins/action/sponsor_group_member_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a40e186fa8b8d29ab44c91ed33a5eb95f0b6adc2984de884a3c63410ce4a153b", + "format": 1 + }, + { + "name": "plugins/action/native_supplicant_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "da5ba7417c132f2174f96743065ee6ff09b066fc310d394f12c05c945b433c33", + "format": 1 + }, + { + "name": "plugins/action/network_device_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ac43e02124c51a2065f8e5345970ebb87b47a71ad00c1f63aa9da3601746ae7c", + "format": 1 + }, + { + "name": "plugins/action/egress_matrix_cell.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8a8d7450d118f78138af296625e70805ef58276a5d5c913556162799ab55393e", + "format": 1 + }, + { + "name": "plugins/action/self_registered_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3b44e8baadd0d37a2875b45952c31be9a35537366c233b5191f496e47df849f1", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_endpoints_by_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4a0124d6eea9e3fdfdbc59067fa8f524d6422a41e1393198cf57a24b377de93e", + "format": 1 + }, + { + "name": "plugins/action/selfsigned_certificate_generate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bd774f12f3935f21423517c7323514182cb08ad2b81e0ceee4dac2072111cf41", + "format": 1 + }, + { + "name": "plugins/action/trustsec_vn_vlan_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0a41f84910e2c277846977ff9a72f6bef7266bf39606e9d2ea5c192e23172e63", + "format": 1 + }, + { + "name": "plugins/action/external_radius_server.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4d6e3bb3023b33797f53367f96ebc7ae5c99659bc6d50546ee2a8714778cf951", + "format": 1 + }, + { + "name": "plugins/action/pxgrid_security_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "55670ec42f2fba6762834642bec08d971f37b83c23a7e407d7e12e5d97ac9716", + "format": 1 + }, + { + "name": "plugins/action/internal_user_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "68a12a24b3875f37bbfca7a79080ef1290c1ad6386940f701df7c1d70fe84903", + "format": 1 + }, + { + "name": "plugins/action/sponsor_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "450565abd7b820154166dfe62c015958d3f1a02a803d4ed2f7f4bde3571e4306", + "format": 1 + }, + { + "name": "plugins/action/radius_server_sequence_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5ddc23ab77b097ace4abef075ae05703bf547d04a61f897ec1bcb1a848f66d6a", + "format": 1 + }, + { + "name": "plugins/action/node_deployment_sync.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "985024b588acff250440173d2218af1e50edb72fe5e7d407ab27b045e02d1fb7", + "format": 1 + }, + { + "name": "plugins/action/sponsored_guest_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "43b206a8cd30f0095b70c803ef8589ac7731373a9e4f470f20ae1b98b6801c78", + "format": 1 + }, + { + "name": "plugins/action/guest_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "15d2c9edb6e7bd54ce8f0b0f2ff45af5d9b82a16cbdd4ebcde77b9c515e5ef96", + "format": 1 + }, + { + "name": "plugins/action/sgt_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5c8aec7bbaf09fd5f06d53ac91930425cb94de43c3a2d2d31f2f448e8143f07b", + "format": 1 + }, + { + "name": "plugins/action/sg_mapping_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6f6f7e2714b6194e25bfd1830308c0f3354849dcd8f3344ad25da21554584239", + "format": 1 + }, + { + "name": "plugins/plugin_utils", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "plugins/plugin_utils/__init__.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "format": 1 + }, + { + "name": "plugins/plugin_utils/ise.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c0e405eeb0a613d0257478f01603205b4c42bc113c93d8088694559ad9a544c6", + "format": 1 + }, + { + "name": "plugins/plugin_utils/exceptions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "56b24d56873bc0dad797b6c6c9154a0c91468878e162fd4aa0d3965cb5046910", + "format": 1 + }, + { + "name": "plugins/plugin_utils/personas_utils.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bd19138b6807f973e873decdc94446228cd8e49651319c300711abb9612ab54d", + "format": 1 + }, + { + "name": "plugins/modules", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "plugins/modules/device_administration_local_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd93a450ed4c82219197d89207f2132e8e77a0a52ddf5de7b0e06cac030b48e1", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_dictionary_attributes_authentication_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4f8a541b5e5d37ba6844d899a47c379839e02bd504e46b6b7bbeb94df169d1e1", + "format": 1 + }, + { + "name": "plugins/modules/licensing_tier_state_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bfffb406833cdb990b7affdd5caac902255fffa6b5a691bf493b5bc8b7126b40", + "format": 1 + }, + { + "name": "plugins/modules/trusted_certificate_export_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4c833ab8c0fcf68d4c63a3c610bebbea6729c475a7acd9c023a02f104dda48a1", + "format": 1 + }, + { + "name": "plugins/modules/network_device_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c08356fb8ca42672775f2ec7321ccb2e5ef5c7d5933aa501c917f698f756aa29", + "format": 1 + }, + { + "name": "plugins/modules/sxp_connections.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "91b635df49ece1ccb9025ede6e2ca8d01b2c0f4d80724c6a72bbcbfe2e755b2c", + "format": 1 + }, + { + "name": "plugins/modules/guest_ssid.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d14cc33cbe8ef579fe6b0a30d4bb6ab25e6c5e0998edfb985a86b9764dee75ec", + "format": 1 + }, + { + "name": "plugins/modules/proxy_connection_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "827ca614c3ea7998776b3ea2d41e964283fa78a30b55a7c313b57553ff5bda75", + "format": 1 + }, + { + "name": "plugins/modules/node_services_profiler_probe_config.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b2470934fb64265903b9da572adcdbce3bc23631f94e4bb9d1123ea80b66ca17", + "format": 1 + }, + { + "name": "plugins/modules/network_access_dictionary_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "31a8471b2d054bb0e0c95458979d4274454ce4d6aea28334d2929b53448b935f", + "format": 1 + }, + { + "name": "plugins/modules/network_access_policy_set.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "07133d0d907844424ac2424c8f267ed766a21d3e9914424377f24f52d12166a2", + "format": 1 + }, + { + "name": "plugins/modules/repository_files_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bc0c93832ee5281983e9c2ac33526c4ef4a09c3ff8c1f3ad111dc64a9bc5f776", + "format": 1 + }, + { + "name": "plugins/modules/repository_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9f83ea969e2bc7588774f2f105702178a805cdf042f238eeea04d8f77d6f6561", + "format": 1 + }, + { + "name": "plugins/modules/rest_id_store_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "589aff070e5ff8a48fa825007336a334e90e8dcc34fc347536b20acb93f5b427", + "format": 1 + }, + { + "name": "plugins/modules/anc_policy_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "12c43a6a8e272132ae3ad78e0d3ab6e61329183cf702baf86d4bb338d2614439", + "format": 1 + }, + { + "name": "plugins/modules/tasks_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "01df1458233357384e707d8ec7fead62aedd5f29e0b112b7e54e476f8acb419e", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "57713f5a8bbf4f91ead662e29a14616593e05bb92e5f0f07aab0dea77f816ac5", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_authorization_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "94101b0bb67ef72bd66a20219c98990a35c9405630f6a12354a95d02612a1fd7", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_email.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fb0593d16d9dc392c4844ab4ca74f58b10620e7bd3f2080f080ebacc8b63f0c6", + "format": 1 + }, + { + "name": "plugins/modules/node_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "50086a9fba86b29a502087a937630c2c065612b6b2b9af57eb5f2ff988c57c0b", + "format": 1 + }, + { + "name": "plugins/modules/mnt_authentication_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bc7d58ec6a7e14b3f2226f47017150aa07f0e62b22602e860d9822a596d03e1b", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_healths_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8459e8f9eaf4267edcaa471b84f75efb5088cbee5845fb4eb4492469967327d0", + "format": 1 + }, + { + "name": "plugins/modules/hotspot_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "70f186956cdd198610940bcb993fdfda0c03880e4d8af5db2d6efbc50ac1b43f", + "format": 1 + }, + { + "name": "plugins/modules/authorization_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b0210a68b996a7b751ca7999878855a017d74f0f7736107a4c1fd53939a41258", + "format": 1 + }, + { + "name": "plugins/modules/hotpatch_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a72be29edaeecbc7e09221722c394515b2d262f7eb2727e56cfe1fc4a5ae52dd", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_sg_vn_mapping_bulk_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b059b7fc449b96efb38c563c90109c4865ae174bd375aea27e32bd8e86aa1b19", + "format": 1 + }, + { + "name": "plugins/modules/node_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "51ae4964b15cb06c554915625a86fcb299aa5b624f3aa434f11e165216ffe393", + "format": 1 + }, + { + "name": "plugins/modules/personas_export_certs.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b29a031afb0f8175f12e4e88cd138ec172002780c418bb5242c864a895194c44", + "format": 1 + }, + { + "name": "plugins/modules/network_access_dictionary_attributes_authentication_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "556c8bba1442f43abbf15923a0aa4b17fce3d79fab47f0e0d9446f6a986e03ab", + "format": 1 + }, + { + "name": "plugins/modules/aci_bindings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5bb2e4b3a3a3de54adbef35dd70bb24bb920c601e891545bd26a4acab9fc9228", + "format": 1 + }, + { + "name": "plugins/modules/network_access_policy_set_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b4c2e4b214cca276256b002f3caca84d9368d9e9609e2b6bf92231c6edeee20b", + "format": 1 + }, + { + "name": "plugins/modules/id_store_sequence_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "458ad7b7a5bb52d71c0ea96d6465906e21d9156048bc1f7967353a6e7a0605fa", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_policy_set_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7d89a2d4b3539a0bbcbf8a3d45da976531c2a77636a62e79d54e469203e8978e", + "format": 1 + }, + { + "name": "plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "376b5bbf25dd32d0a60a187f72d7543fbc5a9a02b8cb08f2f8abca804cd3059c", + "format": 1 + }, + { + "name": "plugins/modules/ise_root_ca_regenerate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff8968901018a0fa903611b159ec530aa3e495d8eb865e3ae4f5eaa8b3234bc5", + "format": 1 + }, + { + "name": "plugins/modules/mnt_sessions_by_session_id_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "913f9da62a824026a38772bb33734ba787d020521d1193701033e5a7fd71cf99", + "format": 1 + }, + { + "name": "plugins/modules/network_access_service_name_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dd6ef73d8d5d0d18f8e008f10329937f814e7f98f6f68c43c16843b101c1bf87", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1a2320f2950d194fc1150496ad5890374548a3ef969e142d8ddcd0b95e2d4f25", + "format": 1 + }, + { + "name": "plugins/modules/aci_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4c100ebc7bc35d13ee60f2803f9435293c1f51c1a6d9418983b3a967fb4b44bd", + "format": 1 + }, + { + "name": "plugins/modules/bind_signed_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e747c8033549c22e58bc4cdaf83504de923751cf49fc6cd78a14602e2166217a", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_register.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2463eca19297eec5d502a218d9beb81f490841c1a749b0c753788825f3688fa6", + "format": 1 + }, + { + "name": "plugins/modules/px_grid_node_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e38208e1c96c0ae847fae729f993653488edb0ea464590b4d7782ec9cfdef100", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_network_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1039d4575c88bdd8200b91852593ec2e153e7836fcc895c31e28eca803056623", + "format": 1 + }, + { + "name": "plugins/modules/node_primary_to_standalone.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ebaa4955ed9ce00b28ec896ef222a2cceb27b4017a5a76df3523b488e2daf084", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_leave_domain_with_all_nodes.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cdf07f79c47d797f867c7c30a10266b0851861148d71877d604daa52ad7fc9e0", + "format": 1 + }, + { + "name": "plugins/modules/trusted_certificate_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f2e7031163dc3bd54c848b95e752240df2f106004e9c1680b426e9bcd4db5a5f", + "format": 1 + }, + { + "name": "plugins/modules/licensing_connection_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bb2042bdc2857f1afd688418d7928bf0663184bb052c4662eb2d2ef04870d5bb", + "format": 1 + }, + { + "name": "plugins/modules/mnt_account_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2b3f7008587617cefddd9f95e59c95f09b04aca25f7248d5decfaf64c4d66f89", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_sg_vn_mapping_bulk_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "37692774bc29df34cc5283f763564329e5f71d82bb3d8157eed3544387f63f89", + "format": 1 + }, + { + "name": "plugins/modules/node_deployment_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2ea492310812029c67d5356e5ca9ffb3a79c76642f3175d26f875bd6a30ea631", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_failures_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "483afc6402c46fc33996a910b4b7805f46fdf4066942a15e470d50c1cc8a7829", + "format": 1 + }, + { + "name": "plugins/modules/network_access_global_exception_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9eabb08195779085b7a42eb272539e8510e4161a8a0afceeafae24e1d4602b71", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a5913d58cda6ab4c401a57d4270d4cedfdce6712304a1bd3296fa276625d9954", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_security_group_acls_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "438634f030988f75af1421d4800117af0754906cfb541291f37ebe934d6981eb", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_deny.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5be796345445bca15c3d5de041eb41bfc40051c2a83cdbddae42bc15bc7a07e3", + "format": 1 + }, + { + "name": "plugins/modules/admin_user_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0739bfdfc85cb2b8e57d86ee1bebcb843d2e7d44833b62dc326595b97f32ed20", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "779bea3e84c3bdd276578bcb21bf2008cc5bb7e8d9b7272320a2a6a3d82a50b9", + "format": 1 + }, + { + "name": "plugins/modules/threat_vulnerabilities_clear.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b1b78c6e0637da65461d53a162ac679f48e494639315e498aa0106f60a2ea88b", + "format": 1 + }, + { + "name": "plugins/modules/identity_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7ca16a1ed5af1052f783c719afdec52f1358e5b66afb7eda81a87edf6183486b", + "format": 1 + }, + { + "name": "plugins/modules/network_access_dictionary_attribute_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "87cee119651b150dcc94995c638e9a21d2f9c885a906bea85bc65cde55bfa1ab", + "format": 1 + }, + { + "name": "plugins/modules/sxp_vpns_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "28fddaf0fe9e77b723ac658aad6a753ca75bbbe64bc7a1b6956273b1915212ce", + "format": 1 + }, + { + "name": "plugins/modules/network_access_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4ccbf33367d65985ca8cd1c3ccaefd64bb31832d0091e5648b14eec384127334", + "format": 1 + }, + { + "name": "plugins/modules/certificate_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d28a1d181510c4204aa7a74fa469692e6736dd08e6b2ff1be0838e57c9b9d7fc", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_settings_auto_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd3ffc502482f3bf375cea9c621f2e975855ff3da1d7e349af1b17fe5e54b525", + "format": 1 + }, + { + "name": "plugins/modules/guest_location_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "56308ecacf00177f3906a2c601bb78eb3512ddda46ee7c59a50c522e371d2c0e", + "format": 1 + }, + { + "name": "plugins/modules/native_supplicant_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7ba584fd541b648080867daeb491ae0348cb999521d6face6f29d6838d9cfe21", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_dictionary_attributes_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "194abcbc38160d3105ce399f031ef324abbe277bb89118142e3f87eaae2bada9", + "format": 1 + }, + { + "name": "plugins/modules/network_access_conditions_for_authentication_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "60e25c378a846db0e5145b21b479d0a3a9210e223e97dd4a25dd22dea5b8731e", + "format": 1 + }, + { + "name": "plugins/modules/mnt_version_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8853a605abb1e8fac87bf04b08162109892fea5b6435641206b670bc741378cd", + "format": 1 + }, + { + "name": "plugins/modules/sponsor_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "256912dc4f06d2d2de0ea1c8825b9d64abeaa28e6fd5fd890603be3c2463e8ad", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_local_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fa4f5517199c01813db4689ba5352cba4b3754f95381c12c87054ee6a3d9f63f", + "format": 1 + }, + { + "name": "plugins/modules/system_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "09346329a322219835d44aa88098f3ab53d4d2277331a660d393df536327ba96", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_bindings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "71a092f54e16d1d216d460bf7b0bbe1a227a78c34146a9020582a0952dd82fc7", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "86cbde22b6470f0df1a41607be0b4dda194a16658e525f1d5eaeba1a8d06540b", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_nbar_app_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1fc537a4c714b51719caedbcca158512465af3b8fdd3c39841fd15c4759cf5f4", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_server_sequence.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6ba70260e422c7e0983b636a9c780696a93e2517111acba3c546f98c5792df8d", + "format": 1 + }, + { + "name": "plugins/modules/network_access_global_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e47917a594471c7c6b88b62bf6b3017862c77bfbc561714544da11c213b3ba54", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_profiler_count_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "07650b64d85aa5be715c6e74ea31ce2f9d60e67a65e9b91ae4605a8c1cc44ae3", + "format": 1 + }, + { + "name": "plugins/modules/external_radius_server_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fa2e4ad5fc661f64b0613e567e874dade59d3bb5b76ea30bbf9e22fd3e68c72b", + "format": 1 + }, + { + "name": "plugins/modules/session_service_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1d93805c8a2a797fe52631e40782a0cd291d69c233721d4696bd22c5f5a4b648", + "format": 1 + }, + { + "name": "plugins/modules/network_access_global_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4d0bc057cc50987a981d7c8d8511ad9905934cd0d50d26e6af4e5eedf679d5d9", + "format": 1 + }, + { + "name": "plugins/modules/sxp_local_bindings_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1f1fc26c823085aa5b22000e5de2f18d2f4abbd0d29b5ed7a0fe11323fe8f227", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_performances_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0ca45d9f02175c5f1755404d8da9067437dc798eacc54b28a2449e8ad84b6467", + "format": 1 + }, + { + "name": "plugins/modules/csr_generate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1e259d3c220828286972baec0335420570bd0f0db22a5245161af5b3f63562a3", + "format": 1 + }, + { + "name": "plugins/modules/pan_ha_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6c3bc9315f4e24c04b4d25a47f569f198ece4a544d880554d9a1b5142f0728e2", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_by_username_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bac35d8da50b380b9c38c876cd755e4b49aa7825fe1f36d326d0fb5f5393315e", + "format": 1 + }, + { + "name": "plugins/modules/network_access_time_date_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "05ee39da892ef246a61132a96c9c25925aea434beea86ab179dea97b5529e35a", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_time_date_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dba84210c28dd6e953edc706be580164a3037118cb85472b3aaa891338340f66", + "format": 1 + }, + { + "name": "plugins/modules/byod_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ae42e1aa097b8f8a4493d36fd2dc3765371d213b3a9696f43290ff90fca16660", + "format": 1 + }, + { + "name": "plugins/modules/node_services_interfaces_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a2263c7bfb1c81e045841b59c8be3ff074494600565386d0d22d261a9f1b387a", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_endpoints_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "663371e87b3b340bdb1c36511247da9bfbc0d7dbe41583aade88b8f6d865db1d", + "format": 1 + }, + { + "name": "plugins/modules/portal_theme_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e6697828bbe45c603cf7931e30400743c37f47d48e625e01c4b5deb1217ed954", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5a8cd93e088da9bffa035e977b3ccb60deba4d4a2fdfe22eaef28182ea0c4d72", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_session_for_recovery_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "031d36bfb036be5320de10d98c16d6c7e33008e0794f280a20ee9f60bee26550", + "format": 1 + }, + { + "name": "plugins/modules/licensing_registration_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c68f7c71b9079632dedec44e0ca95a7ec7a573c63f04893f13b72e437d95074d", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_sg_vn_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "08da831e6623ad7af5165f16bc897afcdfc8a850e9961ac05ffd5dc8a09d769e", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_server_sequence_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d2c4208bbb1d7b973cf6fdc33ce729747b4c937e90acb20fdf0faf46c8a526b1", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9b8258bde89556449361a2497362d3f8e0c553bc608e97547c507a6f7595e060", + "format": 1 + }, + { + "name": "plugins/modules/system_certificate_import.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e11880e51a2d9987109722d22f8f13451e765fcf6ce54662e64f18b9856aa48f", + "format": 1 + }, + { + "name": "plugins/modules/mnt_failure_reasons_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1f135dfc43495d393632ccf47176c4fbaa3360964f798847305dc6b76d4e5ec2", + "format": 1 + }, + { + "name": "plugins/modules/transport_gateway_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5e2e380ac9be33987bddd909443fc6702ce4700fe7fffc5293b63bbb583df56d", + "format": 1 + }, + { + "name": "plugins/modules/network_access_network_condition_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dfd129e16e4ba05068d90f484ce9ed2caf859b5e7f815ee630aa8c0e41b92cfc", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_authentication_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dff4275c25e6bb8f7ee5cdfee1f8f201e4e81298558ddd4634d1dc89e83b163c", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_sg_vn_mapping.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "610aa1a0787cf030796834fe3af5eccb0f22d5f40d1e77252d50a6009f77b938", + "format": 1 + }, + { + "name": "plugins/modules/backup_schedule_config_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "357bf0d242ed777e7363546216d4bedb5968600892c6d611bd7c7ac06965d44c", + "format": 1 + }, + { + "name": "plugins/modules/network_access_authentication_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "355d410bc22bd81b99efecb6c20678b7f4ead0dbf84a331a83fb75a7da9a3cd6", + "format": 1 + }, + { + "name": "plugins/modules/anc_endpoint_apply.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "610a3766a851751fb4b5a79a45174bfcdadbe4d5aee73a2034dc01fd458dc4cf", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9dfff43d202d777f11a89b9f33ac17ea4c534871c134afeb0384f38c5a1f407a", + "format": 1 + }, + { + "name": "plugins/modules/guest_type_email.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a603bd3163dfc94d857d15f42607314d8b08a7ee6e1dbd3a26c447f192a5cae1", + "format": 1 + }, + { + "name": "plugins/modules/rest_id_store.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "afa850a75e857541099c42fda5f897ea5632d39498c92fee10e8a0d7cfbd3946", + "format": 1 + }, + { + "name": "plugins/modules/licensing_registration_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "911be5530aa33b81670ec4c47e699926637d4aff3469c0f912350d1d1a7b6197", + "format": 1 + }, + { + "name": "plugins/modules/my_device_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "22ebc4e7f1c4854338f1ed4a87f6dc45787436f76003c4c6f24132ddbb509632", + "format": 1 + }, + { + "name": "plugins/modules/network_access_authorization_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ced2a9fb89ddc436506a80dcbe7138cfd2e3124995b98dbe35ba7865c131aa69", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_egress_matrices_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c88d13c05510957731477b64a1a22d37b57c71c5e6ea29ac47239c50c7885d76", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_join_domain.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5519e9b36a9b507840af2a2fe3509b632850abf3c4ec989b97ce2675b790eda7", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_conditions_for_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bd302fa2d5f4cff42248ca4b601f62a0d69bb12a22ac75bbb7693adf6dbd2b6a", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_reauthentication_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "32f3d6671b467199034c9d5be512e4e16981ed9607da2e835fccd90312bcef04", + "format": 1 + }, + { + "name": "plugins/modules/support_bundle.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b66fc0b8c2ef05feb406d90a98e72b2bca8cb1f10475dcf3085475a030ef7324", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b13413a19b253f1da4d06a46a80aac94369bb25600f8dfac5379caccafdcb8ec", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_endpoints_by_os_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2e44e36bc2a308fa54bbe23c62c0992fc9f945580ee820d5e1a8f782d5ed5390", + "format": 1 + }, + { + "name": "plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "be6943bd0c99164b1371cdced35bad64eacc68a9be0d2573bd732d6cc84a6bd9", + "format": 1 + }, + { + "name": "plugins/modules/node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "64b77748f796e25921594250ff990733e76c51f65d8ad92a4f22db11ddf38990", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f76a9b056fbd03296573d92317b16e6015850ca8a47fccefee5c0177c3866b23", + "format": 1 + }, + { + "name": "plugins/modules/licensing_smart_state_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "81a9686e65c89f6fc5d1e6a6665ad7ca963c95e8c78c9389789492b2ef330d2f", + "format": 1 + }, + { + "name": "plugins/modules/sxp_connections_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8abd8bc5c49d29dc6b9055860aac985a90fc6870be87d4e287f98fded7e1e8b8", + "format": 1 + }, + { + "name": "plugins/modules/personas_update_roles_services.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2416f7d9a5aecadb01e0776d79f9be49733bd7d506f38efcd3f903f5f6080cfa", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_sms.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9a4b6d5ef9bbe30a76828069318d12e7bbc8d5615f0b6956c376ac2f50e8f95a", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_user_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2fdb846ef843f364fbe41a98991eb6e0d3e3186834ab06f163c2a7b5849640e7", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_profiles_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fbbaa36d7fad3f921518aea5e513136ea17de20f72237f88e299913e1010127c", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "911609cac367e95dac4b8deabccbb4d14b8178190e3370707662801deb4c0edd", + "format": 1 + }, + { + "name": "plugins/modules/licensing_eval_license_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9c5d81662ef0e1fc4d71b41ae99062cd7254ada9e509e2cef94908cf6c27fee9", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "994ca00be10e15e7f6b1c71a3639b4f83507a951f8c6168607836f11497b3f0c", + "format": 1 + }, + { + "name": "plugins/modules/node_services_sxp_interfaces.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3a3a527747db94ff8c804200f767529519b2ace406a98c3ed3fece5b70226e88", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_group_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bc13cd394696d01c55656e8b00250d541736a534f5a648b9791aa5751d0b7637", + "format": 1 + }, + { + "name": "plugins/modules/network_access_conditions_for_authorization_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "848b004b036120fbd6d687dfa381d0db88753e29c42844d04e6c361ebe0e6314", + "format": 1 + }, + { + "name": "plugins/modules/network_access_identity_stores_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fff63eabd8fdd2ffd57dc8966504713a573ed44b30d3cfc7debc6ce506e4a884", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_account_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "59237c2be206ec01348faf847574abeef718adb1115a84338ce8a2796f7dd45b", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_access_secret.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9b0af3e95064e32b700298d466f522669130af2130b4e1402884daff2b05f590", + "format": 1 + }, + { + "name": "plugins/modules/personas_check_standalone.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "99ede92bb3e97d3b9aec2de654bf0cdf8e5a96a10aa452949cce94dfc284ddc0", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_authentication_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c9653358026069a2cdbdd10cea4c7fb4a79b4b2be1a5b9f059e2833e04902a67", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_is_user_member_of_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5c84638ade6c9d819a7b4bf85bc6bb6061029be4d7fa09f09eeff664feab9da0", + "format": 1 + }, + { + "name": "plugins/modules/sms_provider_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "84c2dbad33998aa68d959fe8e859ee95133f1ec24a39eb1b0ddd0bd7a12d6001", + "format": 1 + }, + { + "name": "plugins/modules/sxp_local_bindings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "66ef6885878cf7154e5e4e7fb8b54458447eeacb706732c27b470ef78823d8f9", + "format": 1 + }, + { + "name": "plugins/modules/aci_test_connectivity.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff36b7dabc32e57cb7efaff225a158ce4632a8fc1456283f508f63ce18d5679b", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_identity_stores_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "eca8d2684177f28d15847e09bf024f42eb01de3b60de51d37b6fd03882409dac", + "format": 1 + }, + { + "name": "plugins/modules/id_store_sequence.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3748d088d7ab8d25e27863a2ec79206039e3430f19decf6a0d3d7454968ad3bf", + "format": 1 + }, + { + "name": "plugins/modules/sg_acl_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bb133bd2fd27a0a3071d4ae83d72a63e99584b4bcea54b6a8033cb4ebb7efa89", + "format": 1 + }, + { + "name": "plugins/modules/__init__.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_egress_policies_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1916ba48da7234bc9b8ccd5f5af6e86cfcc575840c7bbdfca98f7f496a7654d5", + "format": 1 + }, + { + "name": "plugins/modules/anc_endpoint_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cea3eeda9790836208579368d7b7d5987d9f5d75cfb8911ef0fcb414e4675c18", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd5f608024bd7af70192899e874a180a90ea3cd36106b31bdc81fadd1563c7de", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_vlan_mapping.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3f06f4f5b60a3251ea046118605c3f68bfe3f13762a274fc037e5f3412630714", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "62afd7e9eeaabc2bcca6e81e9bfe1c97a47682f21a65756eb1d16464471feb49", + "format": 1 + }, + { + "name": "plugins/modules/sponsor_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "453ad3d3bc410394f03bb22bd31ec73c5a96aed9a5fa36baffe1d16133bac340", + "format": 1 + }, + { + "name": "plugins/modules/system_certificate_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ba54dc996eaa125b09117eeb3e99c033be9b07db7baa4e53bfcec706edbbe429", + "format": 1 + }, + { + "name": "plugins/modules/network_access_dictionary_attributes_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd1779e76da20881dbb26a4687169d340cae592878b939db5275d6f79517ab90", + "format": 1 + }, + { + "name": "plugins/modules/px_grid_node_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8725c1f9d3ef02b7dd34b34a9be3b59037ef3be81e7cb9c29e94e0f72e77cea9", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_global_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7baa7a8eeccfe78b56c6c85e20e9db931c7656fd318b7e1aaaa38832d92da537", + "format": 1 + }, + { + "name": "plugins/modules/sg_acl_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9d43f0399efd6a0310df283495b940af3fb0d335ba4bfa7c14ccf6cb142adb83", + "format": 1 + }, + { + "name": "plugins/modules/hotpatch_install.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "71a0a499a6106e011af26bf1fdf61581e19740b8ca29b244b88332643e9d2f70", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_user_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f9fe491f0aad3a590f466359db5bcc9b190abdd48e271d2eaf721c615ef2824f", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_node_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "51b1d3e5d694d3d2a85c722b4b7cc13d51e5b7e289384353a4295049824a2176", + "format": 1 + }, + { + "name": "plugins/modules/personas_register_node.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "74390d09f37aa5d85cc8143484568195feb83da53aecf81405c59f359129dd41", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6e1d2a2d6a29d28cbee55f0afc55aed58aa9d7f11cd7795884969b8cf9268e73", + "format": 1 + }, + { + "name": "plugins/modules/backup_last_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ab709a98a93f78fc7a8bf7a1176e4ff711e760cf5fc484f9fecb8777f4d36fc9", + "format": 1 + }, + { + "name": "plugins/modules/deployment_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a6571a479e8007f5ba16a09064d1ff1d873f020c126d5683b1995cd922e4f87b", + "format": 1 + }, + { + "name": "plugins/modules/sponsor_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2e2b7b7e249a4e30984673ee5cb38bb6ea17c4b1f2c55fd789ae773374db5c4d", + "format": 1 + }, + { + "name": "plugins/modules/csr_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a036c44cc51ce4f2998dd36de48c98c4354b688797573aaafa04a6d58bd137fc", + "format": 1 + }, + { + "name": "plugins/modules/personas_promote_primary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "978ab627cb06946f6ac276032a3dfd2d93d4f5819d79708fae074eaffb03098c", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_session_by_ip_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0f06c8a3c290dd57be89e359f11f376ecc0eb4ba4fe361db036115cec4d6a0a9", + "format": 1 + }, + { + "name": "plugins/modules/node_replication_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "053ede147e5a9ec8000057b51a9fc9e537fab9438aa734a0e5cab29ac2b99ac5", + "format": 1 + }, + { + "name": "plugins/modules/egress_matrix_cell_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7f560c323b6f821a130c2ebd077bbe33b2d793b30ec5f2df8c04779822f23b79", + "format": 1 + }, + { + "name": "plugins/modules/guest_smtp_notification_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7fbb0a9b98dd32cc6458f797f269d3abab08c17147d413d48bdb2b691f8ca969", + "format": 1 + }, + { + "name": "plugins/modules/node_standalone_to_primary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9350b93054143f7ef3d7f9407821f977d34161be107fb916be92950f0d4d5276", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8f80ba889e76fa92504a40629dddf64fb708b58cb8ef9f9bfbc222218ebc3062", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dfcf94f91f43988535678011d11c856be02c6e1489ed1c7e3bd2ab655d4eefb5", + "format": 1 + }, + { + "name": "plugins/modules/egress_matrix_cell_set_all_status.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "005cc5a852a3adecb113cdd9eb9731c9e13aa6bb1ec07736bd8148134894b7e5", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fbfa20f843a959e4d2a66ed86d23d1ce8d8c35a2443b6e5b743defdb6c3eb4d2", + "format": 1 + }, + { + "name": "plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e254d2eef610a8965a9b7cbabd902c4194e35a381a86ed18edfaab9fb5a627c8", + "format": 1 + }, + { + "name": "plugins/modules/trusted_certificate_import.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "952473bc6d97f0c21161b864f0123d12894575cbe33bad482ff3802fd614e208", + "format": 1 + }, + { + "name": "plugins/modules/network_access_network_condition.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b4572a35271c07bb023493826b6968224dc9027dc5e2225d66bd07c0bfda6a6b", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_authorization_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "18b2049b455db48c1b5062df71f50f89e46f5b741689ebe873041d755b1b12ae", + "format": 1 + }, + { + "name": "plugins/modules/backup_schedule_config.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "98bfd0422fd117ee0a7879ddb23af88d94cdf7af3508f45a163432333bc9e41e", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_session_by_mac_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c1da72c9b6ba5b0787aa206fc654329bbedd04b3665190efd557887a9e9e9586", + "format": 1 + }, + { + "name": "plugins/modules/network_access_local_exception_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f66254716611d556c6a7c7acb843519a876563c5565972ee10e8817ae2ad0f37", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ce82c1556f007b4bbeca20c233d0a3ae4cf01f58f55fd600aab68133a78faba0", + "format": 1 + }, + { + "name": "plugins/modules/network_access_security_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "077c37b32e25e35871639b689c4c849a144374f45b11f440e242ae2d54b7c5cb", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_global_exception_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4c3b3d9e788bd3f4369ed7fdd02a6b04340ca2f0c69999d9aefdf44266518407", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_network_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e5e8117343c31a3f9b9eed1f516f33ddca5603c06df666c1b32be2dddf85dc12", + "format": 1 + }, + { + "name": "plugins/modules/network_access_dictionary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "01aa09dc88bf5243128a3ff9a0189604815890d8aadfe6256376ce38319a42fe", + "format": 1 + }, + { + "name": "plugins/modules/sponsored_guest_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "69c4ae7f7669cb849fa9141f77cda5d744f45ad90c8435f179effd6534301def", + "format": 1 + }, + { + "name": "plugins/modules/node_group_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "28ea18759009a4e32813a10796b15db25bc39ddbf99509f935ca10a61cf1e488", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_group_deploy_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6fb29adf877b117741ca1445bfba07c94b027858148eb0f233bf4a5662ae0630", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_disconnect_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2d4c14f15efa51502db2bea2da3a6be7334fe0079eae81e301d6aa11fd33ad41", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_by_mac_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2d6f2f202fff113dd44f8fed3c9480cef3300c62c24fcc8ad4d77095524f4f8a", + "format": 1 + }, + { + "name": "plugins/modules/aci_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6095a6450d0cb6f5571f5c63ad6df10ea7047f2ec6c8c6ba01ff203ca8035d70", + "format": 1 + }, + { + "name": "plugins/modules/network_access_dictionary_attribute.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0b4c39de1e8f7f8d979514fbdfa78fd79c81334ed097148efad5349ece835009", + "format": 1 + }, + { + "name": "plugins/modules/node_sync.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "352bf7762e19acb99ae4837f024161899c985162461dd813e52196a5f3a901b7", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_get_rejected_endpoints_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6a57bf56d7a517ba5c0b6b02c767e380f9e544226ac76cba131875d59db01ecf", + "format": 1 + }, + { + "name": "plugins/modules/anc_endpoint_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fa247d220b707e219881f4ce7667165f02f603943966b50bd038e34339587c71", + "format": 1 + }, + { + "name": "plugins/modules/licensing_feature_to_tier_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "381c7fe17ee0b680f8a94de20e93d2038e5284321f1ef7c66430e32773d113db", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_by_nas_ip_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "adf77d487a5fe8cc21ce33080a517d9b9f64fdee0dbba05395ad3935d08da86c", + "format": 1 + }, + { + "name": "plugins/modules/node_promotion.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "06ed5d878c6b26aae8ae3c2892b92793eddc28ea5df04a2f1a1648d4e4b27fa9", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_command_sets.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "06cffe5d8593f0ca33b52d9c3fa6fa4bb71aed650519740854b0fec9e3f5488f", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_service_register.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1098f7204704211c5ff73cb1f676092a267501b9c87cde062a2b23e7a5551b17", + "format": 1 + }, + { + "name": "plugins/modules/guest_user.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "802dc4b55ea3bd1d0ec9a1297ad9dd4fac3332da8f75417aa2676907bd7a5524", + "format": 1 + }, + { + "name": "plugins/modules/network_device_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f0d6a6dc289a318ab1b9f7b088bc717b384ba9443bd0267a2c3876109dfd8dfb", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_external_servers.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cf9b0857e72ce3e98d86d088074bf6fe0319ce60fd9008e629a661ba73cd0deb", + "format": 1 + }, + { + "name": "plugins/modules/proxy_connection_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3a7695c64bef263a6af5b1aa53b2701776d2014256614de45572b25032c5a5ab", + "format": 1 + }, + { + "name": "plugins/modules/pan_ha.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "413b1931fc7449b44f8928f28cb9696d0353d3b0e854f43fcc31825a94ad29c6", + "format": 1 + }, + { + "name": "plugins/modules/system_certificate_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "211715a20e9754d855649ad5128b0eb73abd078c9a0a8470e013d54e8932266e", + "format": 1 + }, + { + "name": "plugins/modules/telemetry_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "12c51560a1f149cca83a91bc44da3cf916da95c3a02e65f8e2fc8d8b8215a3c2", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_deploy_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9e025be0193dbdd9968dfea8cabc61f5075240404d2d999e6736adead4e58db5", + "format": 1 + }, + { + "name": "plugins/modules/endpoint.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "699eb3e13bb65698898de83f0eaf22fd9068554065d5e14836124033eb1d49f9", + "format": 1 + }, + { + "name": "plugins/modules/egress_matrix_cell_clear_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f35b3fe897776ccda928130ed36b1a3e300458e116690d93ff72c229548cc83f", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_deregister.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e303164d9fe5ee06a34e62a53fce871a8c479d7e10fbb60324653450bc20ac6a", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_bulk_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "48bd3fc93d451c75292fb7f85e15d532f32d7afe717e5e507845bad142de6961", + "format": 1 + }, + { + "name": "plugins/modules/node_group_node_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "31da023b0a457ced3a88b43c42882c2f0f748e391fb2cbb7ae479dad4326fee7", + "format": 1 + }, + { + "name": "plugins/modules/system_config_version_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "97683e0e651acd5e209622a62b4fdbf013838f4d888bca1bbf03274cb44630ad", + "format": 1 + }, + { + "name": "plugins/modules/downloadable_acl.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "26d63b7ad302a1d031fffe0e331cecafef417ad7fc0dc93ae09a145bba99ddc1", + "format": 1 + }, + { + "name": "plugins/modules/csr_generate_intermediate_ca.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "539f18c21eabd2c451057b07e5bbb06e8719c7aa87b382d8a4805dca646408fe", + "format": 1 + }, + { + "name": "plugins/modules/guest_ssid_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d8a88b859d84110411c6862724701b9a3b2eb88119d348bc3b1526c3b3591446", + "format": 1 + }, + { + "name": "plugins/modules/anc_endpoint_clear.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "eaa73038fe135167b2e00adc434916318a04d3e52bdb1d660e962201d6db5d43", + "format": 1 + }, + { + "name": "plugins/modules/sxp_connections_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "31873c73845753e684f7cf14917fae616afd57a808ed0786d1ac286ca0c45e3d", + "format": 1 + }, + { + "name": "plugins/modules/filter_policy_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d48cc14fc5dfe0a12fbb4c9ab394f6ab3c1aa88d89b60ce58ed4c8c4666f989d", + "format": 1 + }, + { + "name": "plugins/modules/px_grid_node_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "db4cae3a3d80bec6ac08796a3e677bb74321e5416d439a3819cfdcab8f16e944", + "format": 1 + }, + { + "name": "plugins/modules/internal_user.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f780bbf7849c2cc1bd824d325c5c63cd639abb41e075589437cba72144395a51", + "format": 1 + }, + { + "name": "plugins/modules/licensing_tier_state_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "23ed4210cdb2bc416f1a310f3f3e45ecd48e7b30b72fa48be9ab77352f3191c0", + "format": 1 + }, + { + "name": "plugins/modules/anc_policy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9e87209a5ea91e37577f3a0cad243f5ac90d25a9cf44f3ec8db4427eda171873", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_global_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2cd1badfd87cf1b240a6441f8c3c0ab5356199932042655cc6d41de5d8bd0a47", + "format": 1 + }, + { + "name": "plugins/modules/sgt_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9b7252c14e5d2edbf0de791395b29c314ff4a7124376552730b0eeec498b76de", + "format": 1 + }, + { + "name": "plugins/modules/certificate_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7fcbfc2963d579d0a8e248f6aa15cf4be125ef138499b6b91c32fc4f179bf4be", + "format": 1 + }, + { + "name": "plugins/modules/sg_acl_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7dbd65406f5e2d6bd9e6ae9235c2444545982af7f383b804fe2dc98d4aaac1c0", + "format": 1 + }, + { + "name": "plugins/modules/patch_rollback.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5419c9b5ac7ff21e34a6e5f28ffc81e401b1cf03393bb1d351f6c9ee5e0d344b", + "format": 1 + }, + { + "name": "plugins/modules/anc_policy_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "898129165bd7d21d25c1a09562829949721a314e02b543beedb2efcbb02bba2f", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_node_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "00135c9545c4d1bc1d35d09083f71801e59f19b49a00eb23a69b21a374996000", + "format": 1 + }, + { + "name": "plugins/modules/network_access_dictionary_attributes_authorization_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "451028ed51fca158ab151fd748590f141581d1fc0b1a51e7a64682d9aabeaac1", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_reset_password.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9d41516e5bb4558377cd006d5cdeddbecea671f8bd0699582ad71f1f6dfd7d1a", + "format": 1 + }, + { + "name": "plugins/modules/network_access_authorization_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3f79df75da41a9cdfde8b4ea8a235b92dd2057a2c09fe6c95c3d46bc833c6944", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_active_count_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6d05929816d0942e7da62e635e794e66ea8ec9f8443e79fc7998e8428a81164e", + "format": 1 + }, + { + "name": "plugins/modules/sxp_vpns_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "43bf4c7b772f598c200670d52af19e3b0bf21f50690d8faf2b2358e3bb0ed848", + "format": 1 + }, + { + "name": "plugins/modules/portal_global_setting.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "290372e920cdeba83bd0d63cf2fbe6f64a1e1b01446e468dfd70bd6528587a59", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_conditions_for_authorization_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c4ae54deae540aff65316b9d6d3b7363adf97443cadea2d4dd598feab2559dff", + "format": 1 + }, + { + "name": "plugins/modules/portal_theme.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b8ab6a18f061e1b6a9746c50079722bd0f28fa259dc0cffae5fc35a50900a7b1", + "format": 1 + }, + { + "name": "plugins/modules/portal_global_setting_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "530fb46e6adf6e5c0b67168331a4212e8d541f4627f8b8bdb324a2b12ab27fee", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_group_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b8f50106fdf496a0ca8030b52274c932ed87ebe06cff7337aa1736aeb7ec0f77", + "format": 1 + }, + { + "name": "plugins/modules/backup_restore.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fe58ad025a1fcfe393cebb7f0cbfe2b6e1db414d757f25c7507a5739c34b1b4c", + "format": 1 + }, + { + "name": "plugins/modules/node_group_node_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5dce8e3223c9da1a63493ff36349885467cb4813119f2cc9f6d190709b8fc1c2", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_group_deploy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3fe9329d3437e6a596e37dd02535a4fb8a6010f355cf4204cfc98dacefd5bf10", + "format": 1 + }, + { + "name": "plugins/modules/allowed_protocols.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0f9d1fa3d08778160e6a843af3ae861c14bd9df23b6980467ef5c88e3ed932b4", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fe4ea3aeea5b2d49eaff597347dfa1c75cd404bd288dd71efb326ad1cb49ad56", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b9fb1c9231ea8e3f8678a606d9dd20355f7116459379937a1c42d51291d45b29", + "format": 1 + }, + { + "name": "plugins/modules/sxp_local_bindings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b2174c22447e4e7ba36f060627fd856249d48c43bd63439198e507fb7b7013a5", + "format": 1 + }, + { + "name": "plugins/modules/support_bundle_download.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6ec14a0d17d20cdc50f1dfc7a4c583682e044eee210836876cec9b427098ab09", + "format": 1 + }, + { + "name": "plugins/modules/self_registered_portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "55f29c5d52b1d1b93c256c45814935de5c3587124ec35f3da691209d0a4c8017", + "format": 1 + }, + { + "name": "plugins/modules/node_secondary_to_primary.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7a428abf8c2bb0c8b5c137446a98fc5c93b52fa026fd950154fa7ee42d82bc17", + "format": 1 + }, + { + "name": "plugins/modules/guest_type_sms.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "87202258bf2865484722c6208fe771819a5165fca42569fdf83942e6dc325c65", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_nbar_app.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "39c8705d35b5a8f472bd98d46377c323e4f8c50d4474693b433bedd089c7c41f", + "format": 1 + }, + { + "name": "plugins/modules/sgt_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d78fa36f0113492703b2b2b6bf07d29c71061f88d34b858d63e5dd34339953df", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_by_ip_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7f799c4c4cef8ddcf807d3e5922960f430eda25e28345c7ec074ee4656c94723", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_deploy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2134c35001d99c368acbfce04094dab65ba6faa366699f8bd74de3dad86b0ed0", + "format": 1 + }, + { + "name": "plugins/modules/csr_export_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "81ce0b8bc7ffaf2b1c619f9f92153e56d42f99aa692b4e23cfb1d0e01f974063", + "format": 1 + }, + { + "name": "plugins/modules/trusted_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7333ee5ccff7132ff1eacb441338bfec8929c8ac62ef811edfcc037bb1f7dfc1", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dac41c1c37fa7151c62fea48cd42b39aedaf5e96582df71ed780f7c1a533e249", + "format": 1 + }, + { + "name": "plugins/modules/filter_policy.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "932c11efe2d1d891004c94de8f360387a63b22e2e4c85b01243ace004c466f6a", + "format": 1 + }, + { + "name": "plugins/modules/network_access_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "362fad8d86a20511220441a6607db6d33417cfa2285a397d6f7721b21dcc5a24", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_endpoint_by_mac_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dc4bd937742bc1342c329f5b3ec174e54748ffdff0c147f43aa66e4d7206947f", + "format": 1 + }, + { + "name": "plugins/modules/radius_server_sequence.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0b18e493d0f06c5f0b9e7a9580727470b03ba72f9207eabbb2d48c6db2adb9df", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_time_date_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "53f7f1d8d605ec3f404745491255cc003d6fd69aebf7c65753196b1aefe4cbb5", + "format": 1 + }, + { + "name": "plugins/modules/node_services_profiler_probe_config_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6e1f4158e69573c7d05fbe3dea7e530cdc4d08a90b95cad34a21aebecd1545d5", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_sessions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9338f49012ddebef5f5d8ce0db92cc9e83f6074863483be819a68d5d454702e9", + "format": 1 + }, + { + "name": "plugins/modules/allowed_protocols_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "927da67a40b901115bc90a399cbf26be5c9a19073e540d42b7487f6d13a49f16", + "format": 1 + }, + { + "name": "plugins/modules/sg_acl.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7e003a9ad3421c505a29a426d1873729c26e8a5640206bd4e238a00e120c0cf7", + "format": 1 + }, + { + "name": "plugins/modules/network_access_time_date_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4d23ea2464dd5e64ad620c82ecffa4c5591c1f254b8102b04de62038aed50acc", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_posture_count_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d5b45afe7a1e32ed8da68e2b03efc186fc5270e454e9b32aaeffa2be4afe23cd", + "format": 1 + }, + { + "name": "plugins/modules/sg_to_vn_to_vlan_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5d784681b0f71b7da8d6e2e892d310ebde6a12826b899c07070a0b95b34df05a", + "format": 1 + }, + { + "name": "plugins/modules/profiler_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "acbd57df979e0b3907094707bcc38b7ea6d4b6262a7d8064441d95aab53ee9d8", + "format": 1 + }, + { + "name": "plugins/modules/node_services_sxp_interfaces_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "18e95fdb713d452cf0125c872e2644a528f33228dee0347d8ed434479154d55a", + "format": 1 + }, + { + "name": "plugins/modules/active_directory.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "eff7a97302c84388a526171caf65a18bd285146de518f1f6f58647800af298b6", + "format": 1 + }, + { + "name": "plugins/modules/identity_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c944a5af18b0b4561018132aacab9daeec4a3e068ff3beb88120e55885c598c4", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_auth_list_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b30d9f7c076b3a6da68a9d1dd39e034d65381f598d6348a894a4e552d7b8ba94", + "format": 1 + }, + { + "name": "plugins/modules/patch_install.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e9bd05d13789cd92c8a0c4cd322b4e278f842f1e629c27b2cdbefe5bdd5a5cd9", + "format": 1 + }, + { + "name": "plugins/modules/network_device_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c7edbe2012eddd8068caa07311aee812140185945f4c3a24c856309a6e9f4e5d", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_bulk_delete.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "47db6a3c9240c8e2b0f1a0873de6fcbbddc349ae0f174b8d21e3304b1b80a664", + "format": 1 + }, + { + "name": "plugins/modules/network_access_authentication_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "44f2bae93dd003607254644deccb669e9259438114cb2638fcc37c4720532601", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_authorization_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f4b24e9987051a94772e0a3eff9ae262dfefeab5552279cd66ca327faaf4dab5", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_command_sets_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5b7530910181dc8bda5041f038e1900603904b1266531d6b455a55674160ff1e", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_bulk_update.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a9849daf062f7066061fce7e4a5a56294b2bfc84e6bb3e0d576fa259873f2322", + "format": 1 + }, + { + "name": "plugins/modules/support_bundle_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d66289c9ed4e439291fcb70957d45d1f389f15747551edc7e6361151f36545b6", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_leave_domain.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dbc82ca2e03b9f3eeeafe6ad0cc945b44252e2d6edbfdc1e70329419bae5c8d5", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4b7b3b1508fec68a5354cecb1312a3d089febdbab113ce4a53acc7fe15a6e38a", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_change_sponsor_password.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8d43cd8f51592a27581172ec3d5cf3096cbe52077afeade3f47e081acb49fa9a", + "format": 1 + }, + { + "name": "plugins/modules/network_access_authentication_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a8b226b3541020ed02bb2c0bc759f622a930006d7d68e7a7350ad33ace60e63d", + "format": 1 + }, + { + "name": "plugins/modules/downloadable_acl_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d3bde433a205f2f3bd41e47233d881469523ab879bcaf934cb49f46716d4fc20", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_conditions_for_authentication_rule_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "501468609ccc0afcc04701a396eeba86f3eddc89a94a22416b816f2d6db7f2f3", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_account_activate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "411f4c910ee124f83a642dfc23226005d91625882364166db5055b49cd12ec58", + "format": 1 + }, + { + "name": "plugins/modules/sg_to_vn_to_vlan.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f3b020a13b5c1696d3e9a856cfd7e35bd21018c789f20e4b908b46adb34dda64", + "format": 1 + }, + { + "name": "plugins/modules/network_device_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a48033fffccafb3f7e9fb26459aa1fe2ad76cd0a27609078f46d86fca5da8a9a", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_authentication_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3084578eac40b19f0ced3e70fccbe9a24a78598f4a8997391e34048325c82df7", + "format": 1 + }, + { + "name": "plugins/modules/csr_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7cecb84e4f6da3cec42076435407259d3707a2e2b293abf2cd3ff6ed52e66d12", + "format": 1 + }, + { + "name": "plugins/modules/authorization_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "27c828e09bbc869e5ae2ecf7127a9577b18ff2eb703255038f3d59bcc438850a", + "format": 1 + }, + { + "name": "plugins/modules/sgt.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c8908c34312edaef6904236e773ce36be9f8272b9a30cb6e7d6fb8ff569bc123", + "format": 1 + }, + { + "name": "plugins/modules/patch_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b8655f5ebc046fcdeda8cb2376a9206bef270fd1504e960e0121f516c1dcbb19", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_service_names_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "221d7969d00121e74624b83f6f5fad460553ffc0dbf5de0da99f40a1d8a2410c", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_delete_all.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c75e9e6c9d210a747779efb2d7fa118980959f84a94a1de257c3f47c9075376e", + "format": 1 + }, + { + "name": "plugins/modules/px_grid_settings_auto_approve.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0209d9dd92eef1007ace5cba1e463cba630a3617c22b7b469dec0d91fd02dfd1", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_group.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "448e3e2f994e3e7eeecf28f6abeba24642b868185c24aae878808b65bb9df0fb", + "format": 1 + }, + { + "name": "plugins/modules/network_access_authorization_rules.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a197a0f6a544d5725b21261b104b8cc448c995364fba1c7ab3bedd0b3e4bfda9", + "format": 1 + }, + { + "name": "plugins/modules/mnt_athentication_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ea64724f0d88cee1ff56e59b723d5cd6c0b8c813e3d676988875bb8c55c733d1", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_conditions.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5337a1f058249918fc2759af23816d0fb545382d7e94ceab561841f1239265fe", + "format": 1 + }, + { + "name": "plugins/modules/sxp_vpns.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0177b49c9dc5ceade8e35449542063bc7c95fb4a035ddd0fd0791c804dc95416", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_local_exception_rules_reset_hitcount.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4d40cd090d546b370a2b8e26ac654a65c2c1aa1d705ad936f0016e9d6d5b60cd", + "format": 1 + }, + { + "name": "plugins/modules/resource_version_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "31ec92a69419ad7c7bffa0adf6744cc5e0fda39acb78e5c8f7fd27419022fada", + "format": 1 + }, + { + "name": "plugins/modules/renew_certificate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cecd408ba7136fbcee5687ff73ce014c004ab5ffd5031b7ed3bf5159816a5ceb", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_release_rejected_endpoint.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "88892b97fe09e218ffd880844de89060bcd2dd9803ddec805aa90bd548f8a9b1", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_reinstate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "50f30ea916efa32df61afa0b43befe129744298dfbef0a5eba5567c449fd140e", + "format": 1 + }, + { + "name": "plugins/modules/egress_matrix_cell_clone.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "61508bfbb55c9afca0ae27d5bf978cf7dea4795fe4949a605808cfce27e8ed19", + "format": 1 + }, + { + "name": "plugins/modules/my_device_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5c56674fb9d310e54dc4a99d35492b34a88279a9331547c9a94f7c8dd3f8fc65", + "format": 1 + }, + { + "name": "plugins/modules/network_access_conditions_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d5eea49dedb6f001563775ef48f0a505382293f93bfb61902b631062b24a084d", + "format": 1 + }, + { + "name": "plugins/modules/pan_ha_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bb1831837261f2bbcad0ac2ba1fd33f9ea63c999634ae0048961a92def30de5d", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_user_group_by_username_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7f525e41b5f546c676c64c1ad876d61ac65cbd5619f9594d76b1c52bd4aa03ed", + "format": 1 + }, + { + "name": "plugins/modules/node_deployment.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4fa60c1838da98004c1965853fe8dd168a8ce07c5d91fb9df8987be28204c735", + "format": 1 + }, + { + "name": "plugins/modules/certificate_template_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a870b5f613f3f3c807ad7089264a60ba77a23771209940b5998b5b288653583c", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_profile_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0d7001cc7b3fb9fff0aaeb207ad3783505a7685c1d8824146cae67c4563efc33", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fb7429ce1099f1780f882205ea46b2f08a76259121f215b2774cb71c8e2589a4", + "format": 1 + }, + { + "name": "plugins/modules/sxp_connections_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "be96d909d67c7955ef86e9d86c3dc4f7ce3e33a10262395c12b8fcbb10f3835f", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_service_unregister.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "039d61a71d5426f6703df8ae82dce4f771351363e0d57eb7572a485b46f37dd2", + "format": 1 + }, + { + "name": "plugins/modules/byod_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "18c52e0ecbd43fdaf5fa6ddac70256471f51f538751486300f681cf8837f8d6a", + "format": 1 + }, + { + "name": "plugins/modules/sg_to_vn_to_vlan_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e6ad766d005a34a955c949f17bc6cd2e93cf1323b261cfc87ca95ef88713fb9b", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_trusted_domains_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e3835c14e30792495f69bd69500f303eed96abc091ef67d7e68d0481c14790fe", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_authorization.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "88dda74e16ab3354c7a8b68134bb03fad8b1983efdaa8b71183d6deb9b662613", + "format": 1 + }, + { + "name": "plugins/modules/licensing_smart_state_create.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "683cd1e8f079e4fd5471af14ef215dea8d260b80b42ee37d635a79feabb57b1b", + "format": 1 + }, + { + "name": "plugins/modules/egress_matrix_cell_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d514139cfc7a0e7feb2ad58b71c74c286c92f6c32ced9c5630bfd6cceb9f1d09", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_deploy_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8d8b95e136c0b1ce5dae49035771e6b850000644686862b5cd92d3430050d32f", + "format": 1 + }, + { + "name": "plugins/modules/sxp_vpns_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ab9beeb323d726775782016e83a87c8949136a5db63528cbbc9ab05d0133e8db", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_command_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "370d9955690f80e2dbb22388bc1fe82cf57d303bccee8e46d7b569342f275f02", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_group_deploy_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c3b8c8c6044c74f8780f0a54758ed69e4cc55525e98e8df4a75f7b771908b15c", + "format": 1 + }, + { + "name": "plugins/modules/repository.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8b716e775664335f54bed58577e051d89be8cd80a40e6ccfb9de529e1361ccf5", + "format": 1 + }, + { + "name": "plugins/modules/guest_user_suspend.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "19bfc4f3c8ac892c63e83415d6eb02e4dab8dd1da1c3d1e9785c451234367c68", + "format": 1 + }, + { + "name": "plugins/modules/network_access_local_exception_rules_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e921ee75377931f9bc379453f90924507c0d63a41675c70551f0069816cb6ff1", + "format": 1 + }, + { + "name": "plugins/modules/endpoint_group_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "52c17aeccc655691ddedfea82fb23ab0677ce2410668cf9e8420064e1684ac80", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_dictionary_attributes_authorization_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9d175eb83c50464bb8e80037175e68f5da105fdc802eaca4e8ca38582c82a396", + "format": 1 + }, + { + "name": "plugins/modules/transport_gateway_settings_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "29ea7e916d3bad76f0224a7e2ef3235e885bac76514ca67e441a9bf325c0bca9", + "format": 1 + }, + { + "name": "plugins/modules/backup_cancel.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "20bc1c12edc8c3489b1f6c8d52c967625b003cfa0eb092c5ae546db8d2d7f045", + "format": 1 + }, + { + "name": "plugins/modules/system_certificate_export_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5e31a2404e4034b042fda707fcf6e7c1144ada90f40dc5d49e39aca09ff712b2", + "format": 1 + }, + { + "name": "plugins/modules/guest_smtp_notification_settings.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5dee302980885a67555190e0a2df39f31426d4717ef324438c9fbefd186f7ea7", + "format": 1 + }, + { + "name": "plugins/modules/network_access_profiles_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2f7f18adeb942c2957d3d60d0bb26e2561051ce618adcaeca00b9b27c02b1dae", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_add_groups.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "89f59acebc586c44d3cbebbc5421cf6b9b69ac680b6bd5b2de340485a7da3817", + "format": 1 + }, + { + "name": "plugins/modules/mnt_session_active_list_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4ec32000f0e6d42e8eef5b839b83182e17f9309c9a2e6c78561222232ef0e27d", + "format": 1 + }, + { + "name": "plugins/modules/anc_endpoint_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0272e411560e5411f644981e6cfd89126128d46c93ba0b41f627240d6a49fe6a", + "format": 1 + }, + { + "name": "plugins/modules/guest_type.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8a2b702d81bfdbef4ec6b945596cb5b5bff75e121e08d12e9463266be7c55396", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_groups_by_domain_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "93ddeef12d6d2669d00c13b7762e73c96ea61ccaa44d67afff751a46c6299908", + "format": 1 + }, + { + "name": "plugins/modules/network_device.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ec3f770d649227d7bd4c0952c73e22b637ee07ba93420505df3943b3fb4f1cdc", + "format": 1 + }, + { + "name": "plugins/modules/network_access_conditions_for_policy_set_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d29e3b7dcc7a1d877a7aba05f71c9e92bc0719d6c33be146325c10f0d8728432", + "format": 1 + }, + { + "name": "plugins/modules/tacacs_external_servers_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c94bb5f2e9e31c7f58749e8cabcf3fd6146d16c95c39e53652142ee058c11307", + "format": 1 + }, + { + "name": "plugins/modules/active_directory_join_domain_with_all_nodes.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1e964a0773a88079a397484f50edec834aeec9da05020565e58b4beeff28249a", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_service_reregister.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d967ed3ca37ea997a0d5547776dec446abf219e08de3ecf6251d5e052425d0ab", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_policy_set.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8047ab01c7b34fd6d450f0539dfdd4c9e51d3bfc9bb1bb3990c44e18a3341f93", + "format": 1 + }, + { + "name": "plugins/modules/hotpatch_rollback.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "01011f6358c0040ddf3410378cc39750bb9fc57b53ed38bff552c8dc2fb943b0", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_service_lookup.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b1c163f4ff7ea6c88d071a18a9be2685209ea72a16a8910150285a4971f9ed60", + "format": 1 + }, + { + "name": "plugins/modules/portal_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "75d247a8da396dc7ba4538b7e17929d019facdc14402a36257b6ffefdb63243e", + "format": 1 + }, + { + "name": "plugins/modules/anc_policy_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ca619737532329676162af6d79e2c65e3f87f25fc3c6bd2aa962d59ffececbb2", + "format": 1 + }, + { + "name": "plugins/modules/network_access_local_exception_rules_reset_hitcounts.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5d84b499c5401da5cfe0e3f1e3e5c89e674e3335d6f514496cd145b0d97a9b6f", + "format": 1 + }, + { + "name": "plugins/modules/device_administration_profiles_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d9f5bc044f10473afeb114d9bd1157014211cb649710c7e372e413ee6585cf79", + "format": 1 + }, + { + "name": "plugins/modules/hotspot_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd6ece9741e6c0e854ed33c59c93a69e74e187238e00075b1a81ee3f8ba88f0c", + "format": 1 + }, + { + "name": "plugins/modules/backup_config.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "cb15b17f8a16f40fdddb60e50b87b0eb26417c85f55ff37d016d4757e1e79680", + "format": 1 + }, + { + "name": "plugins/modules/sponsor_group_member_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d48df234eb72a4d2d97e86db2302580190637f6c5d4bdb962d8faea35a88e094", + "format": 1 + }, + { + "name": "plugins/modules/native_supplicant_profile.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "448af9195e3c4adb4e01f17242e0fa57594f5d111b3610881d64f740e9f3ecf1", + "format": 1 + }, + { + "name": "plugins/modules/network_device_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "aa086c6958f8232ae0be9716b57783a76a052c2e5f519daa933f122f8747bea5", + "format": 1 + }, + { + "name": "plugins/modules/egress_matrix_cell.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "428b022d98735da70ce7cefe9c9ea4915094afef7514c6e3300273a5c9c5a3e0", + "format": 1 + }, + { + "name": "plugins/modules/self_registered_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "23f518cbe499fadbaedc4ec076b6f4e3010fdfc65c9ecbefc49d21f27700782d", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_endpoints_by_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8c2b1765cf40fab9631b04df4e32ad311300c06d18ba912ae1bb48e454d495c7", + "format": 1 + }, + { + "name": "plugins/modules/selfsigned_certificate_generate.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "97f5d187ea54aa2303e648af6e322161a8419e748121f17bfc01bbadf2295041", + "format": 1 + }, + { + "name": "plugins/modules/trustsec_vn_vlan_mapping_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ff266c8661f5a0b1d3b2b57de9b7060b644f371a21b72ab2040d125f479a4f65", + "format": 1 + }, + { + "name": "plugins/modules/external_radius_server.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4cde6c1650f69d40f83683aed831809d654a33fd3214fa67e8a39a4b2e83782a", + "format": 1 + }, + { + "name": "plugins/modules/pxgrid_security_groups_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "081722cf7e1b11470d8f2be3e8e48c8319dfeaf5f87ea2da94ca37645eb77008", + "format": 1 + }, + { + "name": "plugins/modules/internal_user_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6a9d67b9d0356e43f9105d7a646a9eb0c826ce25c3397e99a25719ad72849600", + "format": 1 + }, + { + "name": "plugins/modules/sponsor_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6751b7af97c401b83a7f0e7fd7f77c2edac3c2a72b2866f6f583fbb5f10db18b", + "format": 1 + }, + { + "name": "plugins/modules/radius_server_sequence_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6409113af7d415908c11db9fd91699616ecb1768224b5c920ecca58c74fd624b", + "format": 1 + }, + { + "name": "plugins/modules/node_deployment_sync.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5e1b08a526d333babe847944fc000695f6f5ab41f00c414869cbdc158cf2c38c", + "format": 1 + }, + { + "name": "plugins/modules/sponsored_guest_portal.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "093abb41f405ed5f77279d0d3f121a6bf27b3cf8fd4e8f97b2e354a86a0e2f79", + "format": 1 + }, + { + "name": "plugins/modules/guest_type_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "24dc53431a2f72d97b31cee9f4faac943b035fad3739626e34fe60f3b8712d1d", + "format": 1 + }, + { + "name": "plugins/modules/sgt_bulk_request.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6b19f7bd1321d67b2a582d188160040a6ff511c2e7d57e027f1c674f8447c3df", + "format": 1 + }, + { + "name": "plugins/modules/sg_mapping_bulk_monitor_status_info.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "342e577ca90146213574f8e2834a43184995eed4cca12131e94b36636086de5e", + "format": 1 + }, + { + "name": "Makefile", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "05cac947c20f1b10288ef37a1984da3005ddb97b159b7ef23350a230600a255a", + "format": 1 + }, + { + "name": "tests", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "tests/sanity", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "tests/sanity/ignore-2.11.txt", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd8f3ff55472e7b574eaf8756c59af81ec80a34d28924df54b2f34e406167bd7", + "format": 1 + }, + { + "name": "tests/sanity/ignore-2.10.txt", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "87293a1c8b352044abc86210d8cb127919b19df18a469a10a1d1b0192f3ebcd1", + "format": 1 + }, + { + "name": "tests/sanity/ignore-2.12.txt", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "format": 1 + }, + { + "name": "tests/sanity/ignore-2.9.txt", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "87293a1c8b352044abc86210d8cb127919b19df18a469a10a1d1b0192f3ebcd1", + "format": 1 + }, + { + "name": "meta", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "meta/runtime.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "48a2f61c72296aaa190a3ad670b0a5759bd047262b59b3d870e986b05878d87d", + "format": 1 + }, + { + "name": "roles", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment/vars", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment/vars/main.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f55d8ae8704f26f592c45c007d5a6f7cb7d7334c95ab0207855064ea80a1a52e", + "format": 1 + }, + { + "name": "roles/personas_deployment/tasks", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment/tasks/small_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8f4272e8158180c3b4082c836f30e0035b42e6870a26d101c0f7901ce7bed736", + "format": 1 + }, + { + "name": "roles/personas_deployment/tasks/large_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e52bde09bcab377048313b9865f819411c38c3e9fbeb739a5b65cdd29e1215be", + "format": 1 + }, + { + "name": "roles/personas_deployment/tasks/medium_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e2ca1aa9f131a6ee8527b5a5bd3250f1b176ee3edc13e199432fa2b84714878b", + "format": 1 + }, + { + "name": "roles/personas_deployment/tasks/main.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a0f414895a84431ab041f64abf71963635093cfd7ba150b1b98a678b88d60f91", + "format": 1 + }, + { + "name": "roles/personas_deployment/tests", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment/tests/test.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c98f35fc8ade67c442d8641edae8825d5798a685d5b522bc6762d714449d475f", + "format": 1 + }, + { + "name": "roles/personas_deployment/tests/inventory", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e02233819b1a09844410549191813f7cc7ba360f21298578f4ba1727a27d87fc", + "format": 1 + }, + { + "name": "roles/personas_deployment/meta", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment/meta/main.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e82c60136cb1895d61432dd52c83d4c6e8ad4c654a697ac2d5b5e4a288866d87", + "format": 1 + }, + { + "name": "roles/personas_deployment/README.md", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1092f639ab0fa481092d832291a9544c8269c115bdc668ae89f5c5616a287ada", + "format": 1 + }, + { + "name": "roles/personas_deployment/defaults", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment/defaults/main.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "25efdb2cca0d6ba49d1fce59a9be2b6dbd7b2a29ba91138ae4fc200ba9830191", + "format": 1 + }, + { + "name": "roles/personas_deployment/.travis.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "43e63a93716f15cdb102c201e4631be604b45910b8c749c78d89e3fc076c7c7e", + "format": 1 + }, + { + "name": "roles/personas_deployment/handlers", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/personas_deployment/handlers/main.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a48f9f7bca003379749a897c0afef3a20a3e0d183824842d8723920ffc5ff300", + "format": 1 + }, + { + "name": "roles/aws_deployment", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks/aws", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks/aws/single_node.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8aee61a2d643de1003654a2e5536daf1c7a22d425f089a4ff7fb2014e89fce60", + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks/aws/small_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "afaf0b88082bfce8b32838319d09926a20c17ab0f848215b9375ac744a444b29", + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks/aws/large_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "60e7161b5b0ad69e20b0af28cb9904ca37a792f79bd011630ec6259516efbc60", + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks/aws/aws.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ae216690f7abbae0ae71bbb66e9292576ba6c55056d6e8d6830d218e194756da", + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks/aws/medium_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3a327877f259ce95edfa83eccd03fc3e5491914b4cf365fdcf99f357497f9d20", + "format": 1 + }, + { + "name": "roles/aws_deployment/tasks/main.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e63b66e5d6d27a561b5cebe7cdc4374f6dff7454e9234e908de9ddee0c0f7b4d", + "format": 1 + }, + { + "name": "roles/aws_deployment/README.md", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d9c4cda538d57153b6c76e33a383898da5d065de3d5f7236a6534383635e8691", + "format": 1 + }, + { + "name": "roles/aws_deployment/defaults", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "roles/aws_deployment/defaults/main.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "52249e2721614022378334f91bc59f8b61cb16af368a75d9d86123eebb24d99d", + "format": 1 + }, + { + "name": "playbooks", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "playbooks/byod_portal.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3ec50e5bfe46f71580514bee263ef7c66c09129605ac389569b1673705e747fb", + "format": 1 + }, + { + "name": "playbooks/aci_settings.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c90826f43c68916a1ac02e0ca37201b89a19ef4a2574076265820ee6a74d899e", + "format": 1 + }, + { + "name": "playbooks/network_access_network_condition.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "902668b9f32f319dd0b733ede237147a0f87bf8fe698ac76c21b4b09a3603c32", + "format": 1 + }, + { + "name": "playbooks/b.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "dfac4a43c6215b9992ede57c2c9ed3eff9a8a4caed82b91d82ada45904d0c641", + "format": 1 + }, + { + "name": "playbooks/backup_schedule.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ea060beb501823c6000d05e094806d89ac7b04fb789f86fc1f0f670806d0723f", + "format": 1 + }, + { + "name": "playbooks/vars", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "playbooks/vars/device_administration_time_date_conditions.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "afe0b801e4ab3873ce97671e329256964a9a16ef44daa83ce64e108997ded95a", + "format": 1 + }, + { + "name": "playbooks/network_access_policy_set.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6827453c817f132c58e589f29d1296462c1d230138e08649c6e4b89d73e5c45e", + "format": 1 + }, + { + "name": "playbooks/my_device_portal.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6b907db0c4da470449360904dfdfc76508ecfeccb64061be91c053501e4a241d", + "format": 1 + }, + { + "name": "playbooks/device_administration_authorization_global_exception_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6e24592806cc5fbc1675335965cdae03a498f8838b8eddb0eb80df068cbc7e69", + "format": 1 + }, + { + "name": "playbooks/group_vars", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "playbooks/group_vars/ise_servers", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "aef6f55ee40f79465794ebf4c49a75b4fdabb1e4145e9d25e1c8a6fa2f837bcc", + "format": 1 + }, + { + "name": "playbooks/backup_restore.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e9fc6f1f3c2c0fc49e31c09178e3645688de2155e1279ff34f33093afec3814c", + "format": 1 + }, + { + "name": "playbooks/anc_policy.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c801c8374020dbe3e9adaadc14418819e5519a1218db60412b5bd6695dcba4a5", + "format": 1 + }, + { + "name": "playbooks/sponsor_portal.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f59aa2eff00d798b8b4abefe9c6279fc1ca80d5a9c82367ca06bb240a3a1b9b5", + "format": 1 + }, + { + "name": "playbooks/personas_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8cdd265465a09a88975b1f33c98613c48b2af254d9d98837263021ece9f066c9", + "format": 1 + }, + { + "name": "playbooks/certificate_management.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d39d05bdddfac07cfd7c5086956a20b31d4be54d21e4f02b5a9093c5c183403d", + "format": 1 + }, + { + "name": "playbooks/device_administration_authorization_exception_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "087a29374791864cb7f8d36d1a155b3dfe82b6b98efdda83d9b955d6324dadc8", + "format": 1 + }, + { + "name": "playbooks/trustsec_nbarapp.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f2c46dd3dfecdb5496d4b388e6c3f6af856976ace859bc0cd077ab513e874e3c", + "format": 1 + }, + { + "name": "playbooks/playbookstest.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "519c2bdd245267c841eb1690740f23b57db59cec5ccf4f36d56f8208eae7c381", + "format": 1 + }, + { + "name": "playbooks/csr_export.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9e4139d25b2e2394cb0e5d493c759c14f4eea47d7585b3bc498faf04406bf71f", + "format": 1 + }, + { + "name": "playbooks/device_administration_time_date_conditions.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f5da8ede6c87256cc2e66bf3c111fe4e95b7b0480143e51590e72bed692f4ac6", + "format": 1 + }, + { + "name": "playbooks/device_administration_authorization_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3af5b33c2d813844e4de1268efd9d7076aff0b73c603a0a4b5e43961fa08dc8d", + "format": 1 + }, + { + "name": "playbooks/network_access_authorization_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0b718f75b4b3ae3991562378a7de2a0a905fdc155bc6d18c621be4daf1796ebc", + "format": 1 + }, + { + "name": "playbooks/network_access_authorization_global_exception_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d42b1551cc8b4df9ce89f87015590565f157687cedcf36f28a170ca6d0100e2b", + "format": 1 + }, + { + "name": "playbooks/certificates.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "40a35cb9e6fc441f997e81fc409696c6c19758702da97a6bd0b52d46af031a29", + "format": 1 + }, + { + "name": "playbooks/device_administration_network_conditions.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5cd02ba9df090f286881242546c59f4d7766e3dddeb32537d66c78323553a37d", + "format": 1 + }, + { + "name": "playbooks/trustsec_vn_vlan_mapping.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e4337af916204180ad18098313b91884092ed12a89f6fcb2cfc7d6e8615545cd", + "format": 1 + }, + { + "name": "playbooks/device_administration_policy_set.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b64ddb888d74f6c54367731113e60a427c083e9e03ba7653c3449c3038db781d", + "format": 1 + }, + { + "name": "playbooks/system_certificate.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c81dbd0f3ed4dd1dcc34e5e618c300afaf25bf5cd051c4e5274b8887e4ccca9a", + "format": 1 + }, + { + "name": "playbooks/native_supplicant_profile.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1083a9002cd05989501afcb44e9e039c92d25fea2b92b4ec8a50587802c537a0", + "format": 1 + }, + { + "name": "playbooks/azure_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "95900aeaa31044ee6f5d0f26f108074f26e8aef4dc56f9b09ddac9cfbc75aca4", + "format": 1 + }, + { + "name": "playbooks/allowed_protocols.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "be0769e36b49d0f922eb3edae7dbdc70515cd952fb9054c9687edcca9d8bdfc7", + "format": 1 + }, + { + "name": "playbooks/trustsec_vn.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0ff88f9e695cdf9219be137c67bdfce995055e3a3bd5614139c822624b0b02b9", + "format": 1 + }, + { + "name": "playbooks/network_device_group.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a9aa13d84be3090f1ced15f0ca28bde3bda6562111124a8c2adf1e75c5d6938c", + "format": 1 + }, + { + "name": "playbooks/portal_global_setting.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8d14fa5d718c4e075bb36da0b04a7e6bb9f18d223c1642293d180677f5902801", + "format": 1 + }, + { + "name": "playbooks/network_access_time_date_conditions.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8f27210cb357211af08118af9ee3214905b8072e114de91213989d4981087915", + "format": 1 + }, + { + "name": "playbooks/identity_group.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "94250051c193e79139c7291ce8391d341762e630a27cdb86648105b49ca847c6", + "format": 1 + }, + { + "name": "playbooks/endpoint.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fd45e2d130a7fd1a13069afdc10e7464c54516706c186c0650b3cb64c0295351", + "format": 1 + }, + { + "name": "playbooks/internal_user.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4cb9eaebc1631ffdae4780ac57a8c5fd24b4a9bb702f068a4a4217e1b11ccf5c", + "format": 1 + }, + { + "name": "playbooks/endpoint_group.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "573485f8dcd3e4226449afdb4c8408435f139ba5b132a47f8281e562f7dee7f6", + "format": 1 + }, + { + "name": "playbooks/aws_deployment.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0c4ea3c151b05dc4f33a1ef2192a8414a3017b2b46b6474773afada482bde734", + "format": 1 + }, + { + "name": "playbooks/network_access_authorization_exception_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4b791ad359c3b014e8ea0191d9089114fb2bb9852b59fe4dcfa5e28b4a3968c6", + "format": 1 + }, + { + "name": "playbooks/credentials.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a41d01f20875f571a9e1a2502879da3acd618801085ba61d5c809f0facb0a6ba", + "format": 1 + }, + { + "name": "playbooks/network_access_authentication_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bb7834ac21d2818f7baf09e4ed66f8521b213f002640f4e64eea8a0bdb9238a3", + "format": 1 + }, + { + "name": "playbooks/network_access_dictionary_attribute.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ac56605ed558d37ef3e391e489e28dddf1207500cc8be9b4dd921302d7230851", + "format": 1 + }, + { + "name": "playbooks/endpoint_certificate.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3b1b50a5ce80e1e87af10bc0b5c6e8db59ba7bf0b05d98a98716647bb70c9c3c", + "format": 1 + }, + { + "name": "playbooks/portal_theme.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "619fe4ecc5f3398a362be8b159598ce641457589008523eb2670183f0f886d59", + "format": 1 + }, + { + "name": "playbooks/egress_matrix_cell.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "0438d3929b8b7399c7cabc119142c307dde5db3a010f86614de685f6d87b4940", + "format": 1 + }, + { + "name": "playbooks/active_directory.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e0c8f5f50c6a73ab161f488014ec843ad4a3f16ec18f334e08f0b2ac2a5d49f5", + "format": 1 + }, + { + "name": "playbooks/network_device.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f3cd35f0f78abe30eaa95d27638a301760cc394ff88807c56d1afe6d1b5556cb", + "format": 1 + }, + { + "name": "playbooks/radius_server_sequence.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2922f7018fdacf0e34a268c4eb327531229021a10fd2f8457e47f2500917cec9", + "format": 1 + }, + { + "name": "playbooks/network_access_conditions.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c016ddb5eb56c8125887d5e64d1c969d3d0397a6528e23c22c7a9d48ebd99c82", + "format": 1 + }, + { + "name": "playbooks/filter_policy.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "06dc1f987e8d41822cd09d38b7104373c68dde6d7f97d5e7e4a64748a1a17b10", + "format": 1 + }, + { + "name": "playbooks/hosts", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3831686ce8b3b790ed5e77211eeb02bac1a6ab9bfccbb7c2ee8f94fb25ed5410", + "format": 1 + }, + { + "name": "playbooks/network_access_dictionary.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "57b256dec5cfe5887ac54aa08c236d8e6e9cec4274e33e91afc19f0c41b07c48", + "format": 1 + }, + { + "name": "playbooks/network_device_group_deparments.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "37e0332cc506d4318e6cff87471f9a048887d7a2e2f8f199bbcee8b0096c0717", + "format": 1 + }, + { + "name": "playbooks/support_bundle.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a98d7dfb92d064d4b1d778a54f1883e027855e120edccc5a66c83902fce15f6d", + "format": 1 + }, + { + "name": "playbooks/downloadable_acl.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "29f1c845ebc1c7fb7d3f07ea4805c59ae42c93158a0bf30d6e7e3e0289f196bc", + "format": 1 + }, + { + "name": "playbooks/profiler-services.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8dc6ac1e8fb08cd3b641af14786261da25b85d6fa002895dac86dbc7d4f9f247", + "format": 1 + }, + { + "name": "playbooks/device_administration_authentication_rules.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "5d04800e84f07975ff34baccd569ff005dab160cbab9e2413a313f89d570ce61", + "format": 1 + }, + { + "name": "playbooks/authorization_profile.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f407e7e2804007b48012962c3d5a3b2b82087db8e559212fb083ebca295f247c", + "format": 1 + }, + { + "name": "playbooks/trustsec_sg_vn_mapping.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "2ed3cf1d7dbaf11fcf35bfe5dece35c146c6d90c7c8fdab89a224398d2302bda", + "format": 1 + }, + { + "name": "playbooks/certificate_profile.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bfa1a7c1423c150c9500033428d20547cb0d0de447e89f9cc1cef8c1e2fde895", + "format": 1 + }, + { + "name": "playbooks/backup_create.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "85e24c212c6f54b1208e9ed655053c2750cda0a7ea8ca2701e812d22ce4d5060", + "format": 1 + }, + { + "name": "playbooks/credentials.template", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c58d7a9ce7db850d4e382275f2504e9ce777b2355493aed04034e07f385bc594", + "format": 1 + }, + { + "name": "playbooks/deployment_info.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6b0307687d9aaec04612969b6906cc6b8afa87d5a162ddeb16faa6f3d469f975", + "format": 1 + }, + { + "name": "docs", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "docs/index.rst", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "fae064d506e83a0652d6ab69ee605c114f134cf10fff4b60a0cb995a33ca05fa", + "format": 1 + }, + { + "name": "docs/requirements.txt", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "bb6d818f16e97b11662f5d0dbd7d134c0b99841f0e812199cf984cf2dbaf4414", + "format": 1 + }, + { + "name": "docs/Makefile", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d2c6a97d92edff806bf9b67ba9d40a57c3ef5bdb2900ddd6660a6fc643d1f568", + "format": 1 + }, + { + "name": "docs/conf.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "11c3f508b7f7472dd6aed3df9a989bb299114020c6a9b5bd451270d89f51e7cd", + "format": 1 + }, + { + "name": "docs/roles.rst.template", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "f48168b084d43150a0a95e2e97b906a650795a72dc6b35331d067d4e3fbd8ab7", + "format": 1 + }, + { + "name": "docs/_gh_include", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "docs/_gh_include/footer.inc", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ec5a9f6b1f0975e1f4ce91a2ef16394f1f68f1898a96ed61c9c229801b0a9e11", + "format": 1 + }, + { + "name": "docs/_gh_include/header.inc", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e86f969e650c344e8d02acf2644f1b767ceb89b54c882fe27c43af7682baa2c9", + "format": 1 + }, + { + "name": "changelogs", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "changelogs/changelog.yaml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "641d15f1a652ed2f9fff6e80be25bcdc1667fa74913184d89d3617ed55f03119", + "format": 1 + }, + { + "name": "README.md", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6c61f4c1df719abe5ad978ed29ef55403e10e8e1483d28a36ec0e09bf1be3e26", + "format": 1 + }, + { + "name": ".gitignore", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "17121a75405b49544cd749eb933fa23ad22c9b2c052754588c9b17a2cee87f13", + "format": 1 + }, + { + "name": ".github", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": ".github/workflows", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": ".github/workflows/sanity_tests.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b187bd09d1863a610a4ffa47ff3976c4686c01fc39d547fd7b844aea1a4d592a", + "format": 1 + }, + { + "name": ".github/workflows/docs.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d8611ee91073e25e678934a5f53609f26282966c77c50c38527065bc467eb344", + "format": 1 + }, + { + "name": ".github/ISSUE_TEMPLATE", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": ".github/ISSUE_TEMPLATE/feature_request.md", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1f48c52f209a971b8e7eae4120144d28fcf8ee38a7778a7b4d8cf1ab356617d2", + "format": 1 + }, + { + "name": ".github/ISSUE_TEMPLATE/bug_report.md", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "113a7a54866984b965a29f80df674681126f9c575b7bc455dabb90a09b2dc2da", + "format": 1 + }, + { + "name": ".github/ISSUE_TEMPLATE/config.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1f103c6a9dd07cd13a9a6f17ace6b813f47747eb9cb7e00488cb2073caaf91bb", + "format": 1 + }, + { + "name": "hosts", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "3831686ce8b3b790ed5e77211eeb02bac1a6ab9bfccbb7c2ee8f94fb25ed5410", + "format": 1 + }, + { + "name": ".vscode", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": ".vscode/settings.json", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d1be9315fe97520591ad6aca56c5b6ee625d3d2c84633de40f0f0afcc13a12a1", + "format": 1 + }, + { + "name": ".vscode/launch.json", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "6a62b2b5cbd6e0edb4942e59fc4451e2e59f12472965990a24029ae24264fcb2", + "format": 1 + } + ], + "format": 1 +} \ No newline at end of file diff --git a/ansible_collections/cisco/ise/LICENSE b/ansible_collections/cisco/ise/LICENSE new file mode 100644 index 00000000..cfbe495a --- /dev/null +++ b/ansible_collections/cisco/ise/LICENSE @@ -0,0 +1,677 @@ +Copyright (c) 2021, Cisco Systems +All rights reserved. + + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. \ No newline at end of file diff --git a/ansible_collections/cisco/ise/MANIFEST.json b/ansible_collections/cisco/ise/MANIFEST.json new file mode 100644 index 00000000..030ef2e8 --- /dev/null +++ b/ansible_collections/cisco/ise/MANIFEST.json @@ -0,0 +1,39 @@ +{ + "collection_info": { + "namespace": "cisco", + "name": "ise", + "version": "2.5.12", + "authors": [ + "Rafael Campos ", + "William Astorga ", + "Jose Bogarin " + ], + "readme": "README.md", + "tags": [ + "cisco", + "ise", + "cloud", + "collection", + "networking", + "sdn" + ], + "description": "Ansible Modules for Cisco ISE", + "license": [], + "license_file": "LICENSE", + "dependencies": { + "ansible.utils": ">=2.0.0,<3.0" + }, + "repository": "https://github.com/CiscoISE/ansible-ise", + "documentation": "https://ciscoise.github.io/ansible-ise/", + "homepage": "https://github.com/CiscoISE/ansible-ise", + "issues": "https://github.com/CiscoISE/ansible-ise/issues" + }, + "file_manifest_file": { + "name": "FILES.json", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "47d1392f23cc9333d6ad73d356e9094757167b3bbfc78e961a70849cafc42752", + "format": 1 + }, + "format": 1 +} \ No newline at end of file diff --git a/ansible_collections/cisco/ise/Makefile b/ansible_collections/cisco/ise/Makefile new file mode 100644 index 00000000..d79dbe3f --- /dev/null +++ b/ansible_collections/cisco/ise/Makefile @@ -0,0 +1,58 @@ +NAMESPACE := $(shell python -c 'import yaml; print(yaml.safe_load(open("galaxy.yml"))["namespace"])') +NAME := $(shell python -c 'import yaml; print(yaml.safe_load(open("galaxy.yml"))["name"])') +VERSION := $(shell python -c 'import yaml; print(yaml.safe_load(open("galaxy.yml"))["version"])') +MANIFEST := build/collections/ansible_collections/$(NAMESPACE)/$(NAME)/MANIFEST.json + +ROLES := $(wildcard roles/*) +PLUGIN_TYPES := $(filter-out __%,$(notdir $(wildcard plugins/*))) +METADATA := galaxy.yml LICENSE README.md meta/runtime.yml requirements.txt changelogs/changelog.yaml +$(foreach PLUGIN_TYPE,$(PLUGIN_TYPES),$(eval _$(PLUGIN_TYPE) := $(filter-out %__init__.py,$(wildcard plugins/$(PLUGIN_TYPE)/*.py)))) +DEPENDENCIES := $(METADATA) $(foreach PLUGIN_TYPE,$(PLUGIN_TYPES),$(_$(PLUGIN_TYPE))) $(foreach ROLE,$(ROLES),$(wildcard $(ROLE)/*/*)) $(foreach ROLE,$(ROLES),$(ROLE)/README.md) + +COLLECTION_COMMAND ?= ansible-galaxy +TEST = +FLAGS = + + +default: help +help: + @echo "Please use \`make ' where is one of:" + @echo " help to show this message" + @echo " info to show infos about the collection" + @echo " sanity to run santy tests" + @echo " setup to set up test, lint" + +setup: test-setup + +test-setup: | tests/test_playbooks/vars/server.yml + pip install --upgrade 'pip<20' + pip install --upgrade -r requirements-dev.txt + +tests/test_playbooks/vars/server.yml: + cp $@.example $@ + @echo "For recording, please adjust $@ to match your reference server." + +$(MANIFEST): + ansible-galaxy collection build --force + ansible-galaxy collection install cisco-ise-* --force + +build/src/%: % + install -m 644 -DT $< $@ + +doc-setup: + pip install --upgrade -r docs/requirements.txt +doc: $(MANIFEST) + mkdir -p ./docs/plugins + mkdir -p ./docs/roles + cat ./docs/roles.rst.template > ./docs/roles/index.rst + for role_readme in roles/*/README.md; do \ + ln -f -s ../../$$role_readme ./docs/roles/$$(basename $$(dirname $$role_readme)).md; \ + echo " * :doc:\`$$(basename $$(dirname $$role_readme))\`" >> ./docs/roles/index.rst; \ + done + antsibull-docs collection --use-current --squash-hierarchy --dest-dir ./docs/plugins $(NAMESPACE).$(NAME) + make -C docs html + + +FORCE: + +.PHONY: help dist lint sanity test test-crud test-check-mode test-other livetest setup test-setup doc-setup doc publish FORCE diff --git a/ansible_collections/cisco/ise/README.md b/ansible_collections/cisco/ise/README.md new file mode 100644 index 00000000..f3278584 --- /dev/null +++ b/ansible_collections/cisco/ise/README.md @@ -0,0 +1,273 @@ +# Ansible Collection - cisco.ise + +## Ansible Modules for Cisco ISE + +The ise-ansible project provides an Ansible collection for managing and automating your Cisco Identity Services Engine (ISE) environment. It consists of a set of modules and roles for performing tasks related to Cisco ISE. + +This collection has been validated with Cisco ISE 3.1 + Patch 1. + +These Ansible modules will work with any version of ISE that supports the underlying REST API resources you want to configure. Please see the [ISE API Versioning](https://developer.cisco.com/docs/identity-services-engine/v1/#!versioning) reference for which REST Resources were first supported in which Cisco ISE Version. + +*Note: This collection is not compatible with versions of Ansible before v2.9.* + +Other versions of this collection have support for previous Cisco ISE versions. The recommended versions are listed on the [Compatibility matrix](https://github.com/CiscoISE/ansible-ise#compatibility-matrix). + +## Requirements +- Ansible >= 2.9 +- [Cisco ISE SDK](https://github.com/CiscoISE/ciscoisesdk) v1.4.0 or newer +- Python >= 3.6, as the Cisco ISE SDK doesn't support Python version 2.x +- requests >= 2.25.1, for the personas modules and personas_deployment role. + +## Install +Ansible must be installed ([Install guide](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)) +``` +sudo pip install ansible +``` + +Cisco ISE SDK must be installed +``` +sudo pip install ciscoisesdk +``` + +Install the collection ([Galaxy link](https://galaxy.ansible.com/cisco/ise)) +``` +ansible-galaxy collection install cisco.ise +``` +## ISE Setup + +This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled. + +### Using the collection on previous Cisco ISE versions + +As stated before, the collection has been tested and supports Cisco ISE 3.1_Patch_1. + +It may work with Cisco ISE version 3.0, but it is not officially supported. + +The recommended versions are listed below on the [Compatibility matrix](https://github.com/CiscoISE/ansible-ise#compatibility-matrix). + +## Compatibility matrix +The following table shows the supported versions. +| Cisco ISE version | Ansible "cisco.ise" version | Python "ciscoisesdk" version | +|-------------------|------------------------------|------------------------------| +| 3.1.0 | 2.0.0 | 1.2.0 | +| 3.1_Patch_1 | 2.5.12 | 2.0.8 | + +If your Ansible collection is older please consider updating it first. +*Notes*: + +1. The "Python 'ciscoisesdk' version" column has the minimum recommended version used when testing the Ansible collection. This means you could use later versions of the Python "ciscoisesdk" than those listed. +2. The "Cisco ISE version" column has the value of the `ise_version` you should use for the Ansible collection. + +## Installing according to Compatibility Matrix + +For example, for Cisco ISE 3.1.0, it is recommended to use Ansible "cisco.ise" v2.0.0 and Python "ciscoisesdk" v1.2.0. + +To get the Python Cisco ISE SDK v1.2.0 in a fresh development environment: +``` +sudo pip install ciscoisesdk==1.2.0 +``` + +To get the Ansible collection v2.0.0 in a fresh development environment: +``` +ansible-galaxy collection install cisco.ise:2.0.0 +``` + + +## Using this collection + +There are three ways to use it: +- [Using environment variables](#using-environment-variables) +- [Using vars_files](#using-vars_files) +- [Using group_vars directory](#using-group_vars-directory) + +### Using environment variables +First, export the environment variables where you specify your Cisco ISE credentials as ansible variables: +``` +export ISE_HOSTNAME= +export ISE_USERNAME= +export ISE_PASSWORD= +export ISE_VERIFY=False # optional, defaults to True +export ISE_VERSION=3.1_Patch_1 # optional, defaults to 3.1_Patch_1 +export ISE_WAIT_ON_RATE_LIMIT=True # optional, defaults to True +export ISE_USES_API_GATEWAY=True # optional, defaults to True +export ISE_DEBUG=False # optional, defaults to False +``` + +Create a `hosts` ([example](https://github.com/CiscoISE/ansible-ise/blob/main/playbooks/hosts)) file that uses `[ise_servers]` with your Cisco ISE Settings: +``` +[ise_servers] +ise_server +``` + +Then, create a playbook `myplaybook.yml` ([example](https://github.com/CiscoISE/ansible-ise/blob/main/playbooks/network_device.yml)) specifying the full namespace path to the module, plugin and/or role: +``` +- hosts: ise_servers + gather_facts: no + tasks: + - name: Get network device by id + cisco.ise.network_device_info: + id: "0667bc80-78a9-11eb-b987-005056aba98b" +``` + +Execute the playbook: +``` +ansible-playbook -i hosts myplaybook.yml +``` + +### Using vars_files + +First, define a `credentials.yml` ([example](https://github.com/CiscoISE/ansible-ise/blob/main/playbooks/credentials.template)) file where you specify your Cisco ISE credentials as ansible variables: +``` +--- +ise_hostname: +ise_username: +ise_password: +ise_verify: False # optional, defaults to True +ise_version: 3.1_Patch_1 # optional, defaults to 3.1_Patch_1 +ise_wait_on_rate_limit: True # optional, defaults to True +ise_debug: False # optional, defaults to False +ise_uses_api_gateway: True # optional, defaults to True +ise_uses_csrf_token: False # optional, defaults to False +``` + +Create a `hosts` ([example](https://github.com/CiscoISE/ansible-ise/blob/main/playbooks/hosts)) file that uses `[ise_servers]` with your Cisco ISE Settings: +``` +[ise_servers] +ise_server +``` + +Then, create a playbook `myplaybook.yml` referencing the variables in your credentials.yml file and specifying the full namespace path to the module, plugin and/or role: +``` +- hosts: ise_servers + vars_files: + - credentials.yml + gather_facts: no + tasks: + - name: Get network device by id + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + ise_debug: "{{ise_debug}}" + ise_uses_api_gateway: "{{ise_uses_api_gateway}}" + ise_uses_csrf_token: "{{ise_uses_csrf_token}}" + id: "0667bc80-78a9-11eb-b987-005056aba98b" +``` + +Execute the playbook: +``` +ansible-playbook -i hosts myplaybook.yml +``` +In the `playbooks` [directory](https://github.com/CiscoISE/ansible-ise/tree/main/playbooks) directory you can find more examples and use cases. + +**Note**: The examples found on the `playbooks` directory use the `group_vars` variables. Remember to make the appropiate changes when running the examples. + +### Using group_vars directory + +First, define your group_vars for credentials `ise_servers` ([example](https://github.com/CiscoISE/ansible-ise/blob/main/playbooks/group_vars/ise_servers)) file where you specify your Cisco ISE credentials as ansible variables: +``` +--- +ise_hostname: +ise_username: +ise_password: +ise_verify: False # optional, defaults to True +ise_version: 3.1_Patch_1 # optional, defaults to 3.1_Patch_1 +ise_wait_on_rate_limit: True # optional, defaults to True +ise_debug: False # optional, defaults to False +ise_uses_api_gateway: True # optional, defaults to True +ise_uses_csrf_token: False # optional, defaults to False +``` + +Create a `hosts` ([example](https://github.com/CiscoISE/ansible-ise/blob/main/playbooks/hosts)) file that uses `[ise_servers]` with your Cisco ISE Settings: +``` +[ise_servers] +ise_server +``` + +Then, create a playbook `myplaybook.yml` ([example](https://github.com/CiscoISE/ansible-ise/blob/main/playbooks/network_device.yml)) referencing the variables in your `group_vars/ise_servers` file and specifying the full namespace path to the module, plugin and/or role: +``` +- hosts: ise_servers + gather_facts: no + tasks: + - name: Get network device by id + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + ise_debug: "{{ise_debug}}" + ise_uses_api_gateway: "{{ise_uses_api_gateway}}" + ise_uses_csrf_token: "{{ise_uses_csrf_token}}" + id: "0667bc80-78a9-11eb-b987-005056aba98b" +``` + +Execute the playbook: +``` +ansible-playbook -i hosts myplaybook.yml +``` +In the `playbooks` [directory](https://github.com/CiscoISE/ansible-ise/tree/main/playbooks) directory you can find more examples and use cases. + +**Note**: The examples found on the `playbooks` directory use the `group_vars` variables. Consider using `ansible-vault` to encrypt the file that has the `ise_username` and `ise_password`. + + +## Update +Getting the latest/nightly collection build + +Clone the ansible-ise repository. +``` +git clone https://github.com/CiscoISE/ansible-ise.git +``` + +Go to the ansible-ise directory +``` +cd ansible-ise +``` + +Pull the latest master from the repo +``` +git pull origin master +``` + +Build and install a collection from source +``` +ansible-galaxy collection build --force +ansible-galaxy collection install cisco-ise-* --force +``` + +### See Also: + +* [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details. + +## Attention macOS users + +If you're using macOS you may receive this error when running your playbook: + +``` +objc[34120]: +[__NSCFConstantString initialize] may have been in progress in another thread when fork() was called. +objc[34120]: +[__NSCFConstantString initialize] may have been in progress in another thread when fork() was called. We cannot safely call it or ignore it in the fork() child process. Crashing instead. Set a breakpoint on objc_initializeAfterForkError to debug. +ERROR! A worker was found in a dead state +``` + +If that's the case try setting these environment variables: +``` +export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES +export no_proxy=* +``` + +## Contributing to this collection + +Ongoing development efforts and contributions to this collection are tracked as issues in this repository. + +We welcome community contributions to this collection. If you find problems, need an enhancement or need a new module, please open an issue or create a PR against the [Cisco ISE Ansible collection repository](https://github.com/CiscoISE/ansible-ise/issues). + +## Code of Conduct +This collection follows the Ansible project's +[Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html). +Please read and familiarize yourself with this document. + +## Releasing, Versioning and Deprecation + +This collection follows [Semantic Versioning](https://semver.org/). More details on versioning can be found [in the Ansible docs](https://docs.ansible.com/ansible/latest/dev_guide/developing_collections.html#collection-versions). + +New minor and major releases as well as deprecations will follow new releases and deprecations of the Cisco ISE product, its REST API and the corresponding Python SDK, which this project relies on. diff --git a/ansible_collections/cisco/ise/changelogs/changelog.yaml b/ansible_collections/cisco/ise/changelogs/changelog.yaml new file mode 100644 index 00000000..cbe35b4b --- /dev/null +++ b/ansible_collections/cisco/ise/changelogs/changelog.yaml @@ -0,0 +1,922 @@ +releases: + 0.0.1: + release_date: "2021-04-20" + changes: + release_summary: This is the initial beta release of the collection. + 0.0.2: + release_date: "2021-05-25" + changes: + release_summary: Added all idempotent modules. Most modules are still untested against a live ISE. + minor_changes: + - device_administration_authorization_exception_rules - new module. + - device_administration_authorization_exception_rules_info - new module. + - device_administration_authorization_global_exception_rules - new module. + - device_administration_authorization_global_exception_rules_info - new module. + - import_trust_cert - new module. + - network_access_authorization_exception_rules - new module. + - network_access_authorization_exception_rules_info - new module. + - network_access_authorization_global_exception_rules - new module. + - network_access_authorization_global_exception_rules_info - new module. + - active_directory_info - new module. + - allowed_protocols - new module. + - allowed_protocols_info - new module. + - anc_policy - new module. + - anc_policy_bulk_monitor_status_info - new module. + - anc_policy_info - new module. + - authorization_profile - new module. + - authorization_profile_info - new module. + - backup_last_status_info - new module. + - csr_export_info - new module. + - csr_info - new module. + - device_administration_authentication_rules - new module. + - device_administration_authentication_rules_info - new module. + - device_administration_authorization_rules - new module. + - device_administration_authorization_rules_info - new module. + - device_administration_command_set_info - new module. + - device_administration_conditions - new module. + - device_administration_conditions_for_authentication_rule_info - new module. + - device_administration_conditions_for_authorization_rule_info - new module. + - device_administration_conditions_for_policy_set_info - new module. + - device_administration_conditions_info - new module. + - device_administration_dictionary_attributes_authentication_info - new module. + - device_administration_dictionary_attributes_authorization_info - new module. + - device_administration_dictionary_attributes_policy_set_info - new module. + - device_administration_identity_stores_info - new module. + - device_administration_network_conditions - new module. + - device_administration_network_conditions_info - new module. + - device_administration_policy_set - new module. + - device_administration_policy_set_info - new module. + - device_administration_profiles_info - new module. + - device_administration_service_names_info - new module. + - device_administration_time_date_conditions - new module. + - device_administration_time_date_conditions_info - new module. + - downloadable_acl - new module. + - downloadable_acl_info - new module. + - egress_matrix_cell - new module. + - egress_matrix_cell_bulk_monitor_status_info - new module. + - egress_matrix_cell_info - new module. + - endpoint - new module. + - endpoint_bulk_monitor_status_info - new module. + - endpoint_get_rejected_endpoints_info - new module. + - endpoint_group - new module. + - endpoint_group_info - new module. + - endpoint_info - new module. + - external_radius_server - new module. + - external_radius_server_info - new module. + - filter_policy - new module. + - filter_policy_info - new module. + - guest_location_info - new module. + - guest_smtp_notification_settings_info - new module. + - guest_ssid - new module. + - guest_ssid_info - new module. + - guest_type - new module. + - guest_type_info - new module. + - guest_user - new module. + - guest_user_bulk_monitor_status_info - new module. + - guest_user_info - new module. + - hotspot_portal - new module. + - hotspot_portal_info - new module. + - id_store_sequence - new module. + - id_store_sequence_info - new module. + - identity_group - new module. + - identity_group_info - new module. + - internal_user - new module. + - internal_user_info - new module. + - network_access_authentication_rules - new module. + - network_access_authentication_rules_info - new module. + - network_access_authorization_rules - new module. + - network_access_authorization_rules_info - new module. + - network_access_conditions_for_authentication_rule_info - new module. + - network_access_conditions_for_authorization_rule_info - new module. + - network_access_conditions_for_policy_set_info - new module. + - network_access_conditions_info - new module. + - network_access_dictionary - new module. + - network_access_dictionary_attribute - new module. + - network_access_dictionary_attribute_info - new module. + - network_access_dictionary_attributes_authentication_info - new module. + - network_access_dictionary_attributes_authorization_info - new module. + - network_access_dictionary_attributes_policy_set_info - new module. + - network_access_dictionary_info - new module. + - network_access_identity_stores_info - new module. + - network_access_network_condition - new module. + - network_access_network_condition_info - new module. + - network_access_policy_set - new module. + - network_access_policy_set_info - new module. + - network_access_profiles_info - new module. + - network_access_security_groups_info - new module. + - network_access_service_name_info - new module. + - network_access_time_date_conditions - new module. + - network_access_time_date_conditions_info - new module. + - network_device - new module. + - network_device_bulk_monitor_status_info - new module. + - network_device_group - new module. + - network_device_group_info - new module. + - network_device_info - new module. + - node_deployment - new module. + - node_deployment_info - new module. + - node_group - new module. + - node_group_info - new module. + - node_replication_status_info - new module. + - pan_ha_info - new module. + - portal_global_setting_info - new module. + - portal_info - new module. + - portal_theme - new module. + - portal_theme_info - new module. + - radius_server_sequence - new module. + - radius_server_sequence_info - new module. + - rest_id_store - new module. + - rest_id_store_info - new module. + - self_registered_portal - new module. + - self_registered_portal_info - new module. + - sg_acl - new module. + - sg_acl_bulk_monitor_status_info - new module. + - sg_acl_info - new module. + - sgt - new module. + - sgt_bulk_monitor_status_info - new module. + - sgt_info - new module. + - sms_provider_info - new module. + - sponsor_group - new module. + - sponsor_group_info - new module. + - sponsor_group_member_info - new module. + - sponsor_portal - new module. + - sponsor_portal_info - new module. + - sponsored_guest_portal - new module. + - sponsored_guest_portal_info - new module. + - system_certificate_info - new module. + - tacacs_command_sets - new module. + - tacacs_command_sets_info - new module. + - tacacs_external_servers - new module. + - tacacs_external_servers_info - new module. + - tacacs_profile - new module. + - tacacs_profile_info - new module. + - tacacs_server_sequence - new module. + - tacacs_server_sequence_info - new module. + - trusted_certificate_export_info - new module. + - trusted_certificate_info - new module. + 0.0.3: + release_date: "2021-06-04" + changes: + release_summary: Added other modules and playbooks. Most modules are still untested against a live ISE. + bugfixes: + - Improve the documentation of the modules. + major_changes: + - import_trust_cert - removed module. + minor_changes: + - guest_user_reinstante - new module. + - system_certificate_export - new module. + - active_directory - new module. + - active_directory_add_groups - new module. + - active_directory_groups_by_domain_info - new module. + - active_directory_is_user_member_of_group_info - new module. + - active_directory_join_domain - new module. + - active_directory_join_domain_with_all_nodes - new module. + - active_directory_leave_domain - new module. + - active_directory_leave_domain_with_all_nodes - new module. + - active_directory_trusted_domains_info - new module. + - active_directory_user_groups_info - new module. + - anc_policy_bulk_request - new module. + - backup_cancel - new module. + - backup_config - new module. + - backup_restore - new module. + - backup_schedule_config - new module. + - bind_signed_certificate - new module. + - csr_delete - new module. + - csr_generate - new module. + - csr_generate_intermediate_ca - new module. + - egress_matrix_cell_bulk_request - new module. + - egress_matrix_cell_clear_all - new module. + - egress_matrix_cell_clone - new module. + - egress_matrix_cell_set_all_status - new module. + - endpoint_bulk_request - new module. + - endpoint_deregister - new module. + - endpoint_register - new module. + - endpoint_release_rejected_endpoint - new module. + - guest_smtp_notification_settings - new module. + - guest_type_email - new module. + - guest_type_sms - new module. + - guest_user_approve - new module. + - guest_user_bulk_request - new module. + - guest_user_change_sponsor_password - new module. + - guest_user_deny - new module. + - guest_user_email - new module. + - guest_user_reset_password - new module. + - guest_user_sms - new module. + - guest_user_suspend - new module. + - ise_root_ca_regenerate - new module. + - network_device_bulk_request - new module. + - node_promotion - new module. + - node_sync - new module. + - pan_ha - new module. + - portal_global_setting - new module. + - renew_certificate - new module. + - repository - new module. + - repository_files_info - new module. + - repository_info - new module. + - sg_acl_bulk_request - new module. + - sgt_bulk_request - new module. + - system_certificate - new module. + - system_certificate_import - new module. + - trusted_certificate - new module. + - trusted_certificate_import - new module. + 0.0.4: + release_date: "2021-06-08" + changes: + release_summary: Added network_access_conditions module. Most modules are still untested against a live ISE. + minor_changes: + - network_access_conditions - new module. + 0.0.5: + release_date: "2021-06-11" + changes: + release_summary: Update sorting params for info_ modules. + bugfixes: + - Changes sortdec to sortdsc query param for _info modules. + 0.0.6: + release_date: "2021-06-18" + changes: + release_summary: Fix README playbook example. + 0.0.7: + release_date: "2021-07-01" + changes: + release_summary: > + Adds more playbooks. Changes credentials.yml to group_vars. Adds ISE ER S modules. + Compares requested object to found object before updating to only update if necessary. + bugfixes: + - Removes unneeded imports. + - Updates the `params` dictionary values on sdk call execution. + - Introduces comparison to see if it requires an update. + minor_changes: + - service_info - new module. + - telemetry_info_info - new module. + - aci_bindings_info - new module. + - aci_settings - new module. + - aci_settings_info - new module. + - aci_test_connectivity - new module. + - admin_user_info - new module. + - anc_endpoint_apply - new module. + - anc_endpoint_bulk_monitor_status_info - new module. + - anc_endpoint_bulk_request - new module. + - anc_endpoint_clear - new module. + - anc_endpoint_info - new module. + - byod_portal - new module. + - byod_portal_info - new module. + - certificate_profile - new module. + - certificate_profile_info - new module. + - certificate_template_info - new module. + - deployment_info - new module. + - endpoint_certificate - new module. + - my_device_portal - new module. + - my_device_portal_info - new module. + - native_supplicant_profile - new module. + - native_supplicant_profile_info - new module. + - node_info - new module. + - profiler_profile_info - new module. + - px_grid_node_approve - new module. + - px_grid_node_info - new module. + - px_grid_settings_auto_approve - new module. + - session_service_node_info - new module. + - sg_mapping - new module. + - sg_mapping_deploy - new module. + - sg_mapping_deploy_all - new module. + - sg_mapping_deploy_status_info - new module. + - sg_mapping_group - new module. + - sg_mapping_group_bulk_monitor_status_info - new module. + - sg_mapping_group_bulk_request - new module. + - sg_mapping_group_deploy - new module. + - sg_mapping_group_deploy_all - new module. + - sg_mapping_group_deploy_status_info - new module. + - sg_mapping_group_info - new module. + - sg_mapping_info - new module. + - sg_to_vn_to_vlan - new module. + - sg_to_vn_to_vlan_bulk_monitor_status_info - new module. + - sg_to_vn_to_vlan_bulk_request - new module. + - sg_to_vn_to_vlan_info - new module. + - support_bundle - new module. + - support_bundle_download - new module. + - support_bundle_status_info - new module. + - sxp_connections - new module. + - sxp_connections_bulk_monitor_status_info - new module. + - sxp_connections_bulk_request - new module. + - sxp_connections_info - new module. + - sxp_local_bindings - new module. + - sxp_local_bindings_bulk_monitor_status_info - new module. + - sxp_local_bindings_bulk_request - new module. + - sxp_local_bindings_info - new module. + - sxp_vpns - new module. + - sxp_vpns_bulk_monitor_status_info - new module. + - sxp_vpns_bulk_request - new module. + - sxp_vpns_info - new module. + - system_certificate_create - new module. + - system_config_version_info - new module. + - threat_vulnerabilities_clear - new module. + 0.0.8: + release_date: "2021-07-09" + changes: + release_summary: Fix Indentity Group modules. + bugfixes: + - Fixes Identity Group parameters. + - Fixes Identity Group response recollection. + 0.0.9: + release_date: "2021-07-12" + changes: + release_summary: Adds an Ansible role for the deployment of ISE to AWS as well as four modules for the deployment of personas to the ISE nodes. + major_changes: + - Adds a 'aws_deployment' role that allows the deployment of an arbitrary large ISE cluster to AWS. + - personas_check_standalone - Adds module for the deployment of personas to existing nodes in an ISE cluster. + - personas_export_certs - Adds module for the deployment of personas to existing nodes in an ISE cluster. + - personas_promote_primary - Adds module for the deployment of personas to existing nodes in an ISE cluster. + - personas_update_roles - Adds module for the deployment of personas to existing nodes in an ISE cluster. + 1.0.0: + release_date: "2021-07-21" + changes: + release_summary: Update to use ciscoisesdk v1.0.0 or newer + minor_changes: + - Added ise_debug parameter + - device_administration_authentication_reset_hitcount - new module. + - device_administration_authorization_reset_hitcount - new module. + - device_administration_global_exception_rules - new module. + - device_administration_global_exception_rules_info - new module. + - device_administration_global_exception_rules_reset_hitcount - new module. + - device_administration_local_exception_rules - new module. + - device_administration_local_exception_rules_info - new module. + - device_administration_local_exception_rules_reset_hitcount - new module. + - device_administration_policy_set_reset_hitcount - new module. + - guest_user_reinstate - new module. + - mnt_account_status_info - new module. + - mnt_athentication_status_info - new module. + - mnt_failure_reasons_info - new module. + - mnt_session_active_count_info - new module. + - mnt_session_active_list_info - new module. + - mnt_session_auth_list_info - new module. + - mnt_session_by_ip_info - new module. + - mnt_session_by_mac_info - new module. + - mnt_session_by_nas_ip_info - new module. + - mnt_session_by_username_info - new module. + - mnt_session_delete_all - new module. + - mnt_session_disconnect_info - new module. + - mnt_session_posture_count_info - new module. + - mnt_session_profiler_count_info - new module. + - mnt_session_reauthentication_info - new module. + - mnt_sessions_by_session_id_info - new module. + - mnt_version_info - new module. + - network_access_authentication_rules_reset_hitcount - new module. + - network_access_authorization_rules_reset_hitcount - new module. + - network_access_global_exception_rules - new module. + - network_access_global_exception_rules_info - new module. + - network_access_global_exception_rules_reset_hitcount - new module. + - network_access_local_exception_rules - new module. + - network_access_local_exception_rules_info - new module. + - network_access_local_exception_rules_reset_hitcounts - new module. + - network_access_policy_set_reset_hitcount - new module. + - px_grid_node_delete - new module. + - pxgrid_access_secret - new module. + - pxgrid_account_activate - new module. + - pxgrid_account_create - new module. + - pxgrid_authorization - new module. + - pxgrid_bindings_info - new module. + - pxgrid_egress_matrices_info - new module. + - pxgrid_egress_policies_info - new module. + - pxgrid_endpoint_by_mac_info - new module. + - pxgrid_endpoints_by_os_type_info - new module. + - pxgrid_endpoints_by_type_info - new module. + - pxgrid_endpoints_info - new module. + - pxgrid_failures_info - new module. + - pxgrid_healths_info - new module. + - pxgrid_performances_info - new module. + - pxgrid_profiles_info - new module. + - pxgrid_security_group_acls_info - new module. + - pxgrid_security_groups_info - new module. + - pxgrid_service_lookup - new module. + - pxgrid_service_register - new module. + - pxgrid_service_reregister - new module. + - pxgrid_service_unregister - new module. + - pxgrid_session_by_ip_info - new module. + - pxgrid_session_by_mac_info - new module. + - pxgrid_session_for_recovery_info - new module. + - pxgrid_sessions_info - new module. + - pxgrid_user_group_by_username_info - new module. + - pxgrid_user_groups_info - new module. + - resource_version_info - new module. + - sg_mapping_bulk_monitor_status_info - new module. + - sg_mapping_bulk_request - new module. + - system_certificate_export_info - new module. + - tasks_info - new module. + - telemetry_info - new module. + major_changes: + - Updates sdk parameters for previous modules + - device_administration_authorization_exception_rules - removed module. + - device_administration_authorization_exception_rules_info - removed module. + - device_administration_authorization_global_exception_rules - removed module. + - device_administration_authorization_global_exception_rules_info - removed module. + - guest_user_reinstante - removed module. + - network_access_authorization_exception_rules - removed module. + - network_access_authorization_exception_rules_info - removed module. + - network_access_authorization_global_exception_rules - removed module. + - network_access_authorization_global_exception_rules_info - removed module. + - service_info - removed module. + - system_certificate_export - removed module. + - telemetry_info_info - removed module. + - Updates options required for modules. + - Renamed module device_administration_authorization_exception_rules to device_administration_local_exception_rules. + - Renamed module network_access_authorization_exception_rules to network_access_local_exception_rules. + - Renamed module network_access_authorization_global_exception_rules to network_access_global_exception_rules. + - Renamed module device_administration_authorization_global_exception_rules to device_administration_global_exception_rules. + - Fixes inner logic of modules that have no get by name and have not working filter. + 1.0.1: + release_date: "2021-07-25" + changes: + release_summary: Migrated the Personas Deployment playbooks to a role + minor_changes: + - Migrated the Personas Deployment playbooks to a role. + - telemetry_info - fixes EXAMPLES documentation. + 1.0.2: + release_date: "2021-08-13" + changes: + release_summary: Fix response of csr_info, system_certificate_info and trusted_certificate_info by accessing each page `response` property. + bugfixes: + - Updates exception handling. + - csr_info - fixes response recollection. + - system_certificate_info - fixes response recollection. + - trusted_certificate_info - fixes response recollection. + 1.0.3: + release_date: "2021-08-17" + changes: + release_summary: Added backup & restore and certificate management sample playbooks + minor_changes: + - Improve the documentation for MacOS users. + - Added backup_create sample playbook. + - Added backup_restore sample playbook. + - Added backup_schedule sample playbook. + - Added certificate_management sample playbook. + 1.1.0: + release_date: "2021-10-22" + changes: + release_summary: Adds mnt_authentication_status_info module + bugfixes: + - Improves the changelog. + - Improves the documentation of modules. + - Fixes check_mode behavior for non-info modules. + minor_changes: + - mnt_authentication_status_info - new module. + 1.2.0: + release_date: "2021-10-22" + changes: + release_summary: Adds ise_responses, ise_update_response values + major_changes: + - Adds ise_responses to return values of info modules. + - Adds ise_update_response to return values of non-info modules. + - Adds ``ise_uses_api_gateway`` to module options. + minor_changes: + - Update requirements. + 1.2.1: + release_date: "2021-10-25" + changes: + release_summary: Fixes check_mode behavior + bugfixes: + - On regular modules additional comparison of check_mode was removed as Ansible already handles it. + - On info modules comparison was removed, because info modules should always run. + 2.0.0: + release_date: "2021-11-24" + changes: + release_summary: Updates ISE responses and adds Trust_Sec modules + minor_changes: + - trustsec_nbarapp - new playbook. + - trustsec_sg_vn_mapping - new playbook. + - trustsec_vn - new playbook. + - trustsec_vn_vlan_mapping - new playbook. + - backup_schedule_config_update - new module. + - trustsec_nbar_app - new module. + - trustsec_nbar_app_info - new module. + - trustsec_sg_vn_mapping - new module. + - trustsec_sg_vn_mapping_bulk_create - new module. + - trustsec_sg_vn_mapping_bulk_delete - new module. + - trustsec_sg_vn_mapping_bulk_update - new module. + - trustsec_sg_vn_mapping_info - new module. + - trustsec_vn - new module. + - trustsec_vn_bulk_create - new module. + - trustsec_vn_bulk_delete - new module. + - trustsec_vn_bulk_update - new module. + - trustsec_vn_info - new module. + - trustsec_vn_vlan_mapping - new module. + - trustsec_vn_vlan_mapping_bulk_create - new module. + - trustsec_vn_vlan_mapping_bulk_delete - new module. + - trustsec_vn_vlan_mapping_bulk_update - new module. + - trustsec_vn_vlan_mapping_info - new module. + - aci_bindings_info - change default response to []. + - active_directory_info - change default response to []. + - admin_user_info - change default response to []. + - allowed_protocols_info - change default response to []. + - anc_endpoint_info - change default response to []. + - anc_policy_info - change default response to []. + - authorization_profile_info - change default response to []. + - byod_portal_info - change default response to []. + - certificate_profile_info - change default response to []. + - certificate_template_info - change default response to []. + - csr_info - change default response to []. + - downloadable_acl_info - change default response to []. + - egress_matrix_cell_info - change default response to []. + - endpoint_bulk_monitor_status_info - change default response to []. + - radius_server_sequence_info - change default response to []. + - rest_id_store_info - change default response to []. + - self_registered_portal_info - change default response to []. + - sg_acl_info - change default response to []. + - sg_to_vn_to_vlan_info - change default response to []. + - sgt_info - change default response to []. + - sponsor_group_info - change default response to []. + - sponsor_portal_info - change default response to []. + - sponsored_guest_portal_info - change default response to []. + - support_bundle_status_info - change default response to []. + - sxp_connections_info - change default response to []. + - sxp_local_bindings_info - change default response to []. + - sxp_vpns_info - change default response to []. + - tacacs_command_sets_info - change default response to []. + - tacacs_external_servers_info - change default response to []. + - tacacs_profile_info - change default response to []. + - tacacs_server_sequence_info - change default response to []. + - telemetry_info - change default response to []. + - trusted_certificate - change default response to []. + major_changes: + - Update ciscoisesdk requirement to 1.2.0 + - anc_endpoint_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - anc_policy_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - egress_matrix_cell_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sg_acl_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sg_mapping_group_info - change return value, it returns BulkStatus content. + - sg_mapping_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sg_mapping_group_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sg_to_vn_to_vlan_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sgt_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sxp_connections_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sxp_local_bindings_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sxp_vpns_bulk_monitor_status_info - change return value, it returns BulkStatus content. + - sgt - change generationId type from int to str. + - system_certificate - new parameters portalTagTransferForSameSubject and roleTransferForSameSubject. + - system_certificate_import - new parameters portalTagTransferForSameSubject and roleTransferForSameSubject. + - backup_last_status_info - change return value, it returns response content. + - device_administration_authentication_rules_info - change return value, it returns response content. + - device_administration_authorization_rules_info - change return value, it returns response content. + - device_administration_conditions_for_authentication_rule_info - change return value, it returns response content. + - device_administration_conditions_for_authorization_rule_info - change return value, it returns response content. + - device_administration_conditions_for_policy_set_info - change return value, it returns response content. + - device_administration_conditions_info - change return value, it returns response content. + - device_administration_dictionary_attributes_authentication_info - change return value, it returns response content. + - device_administration_dictionary_attributes_authorization_info - change return value, it returns response content. + - device_administration_dictionary_attributes_policy_set_info - change return value, it returns response content. + - device_administration_global_exception_rules_info - change return value, it returns response content. + - device_administration_network_conditions_info - change return value, it returns response content. + - device_administration_time_date_conditions_info - change return value, it returns response content. + - repository_files_info - change return value, it returns response content. + - repository_info - change return value, it returns response content. + - device_administration_authentication_rules - deletes parameter identitySourceId. + - network_access_authentication_rules - deletes parameter identitySourceId. + - device_administration_conditions - deletes parameter attributeId. + - device_administration_time_date_conditions - deletes parameter attributeId. + - network_access_conditions - deletes parameter attributeId. + - network_access_time_date_conditions - deletes parameter attributeId. + bugfixes: + - Update documentation of the modules. + - Update ISE version to 3.1.0 on vars example + 2.1.0: + release_date: "2021-12-13" + changes: + release_summary: Update to use ciscoisesdk v1.3.0 or newer + minor_changes: + - hotpatch_info - new module. + - hotpatch_install - new module. + - hotpatch_rollback - new module. + - licensing_connection_type_info - new module. + - licensing_eval_license_info - new module. + - licensing_feature_to_tier_mapping_info - new module. + - licensing_registration_create - new module. + - licensing_registration_info - new module. + - licensing_smart_state_create - new module. + - licensing_smart_state_info - new module. + - licensing_tier_state_create - new module. + - licensing_tier_state_info - new module. + - node_deployment_sync - new module. + - node_group_node_create - new module. + - node_group_node_delete - new module. + - node_group_node_info - new module. + - node_primary_to_standalone - new module. + - node_secondary_to_primary - new module. + - node_services_interfaces_info - new module. + - node_services_profiler_probe_config_info - new module. + - node_services_profiler_probe_config - new module. + - node_services_sxp_interfaces_info - new module. + - node_services_sxp_interfaces - new module. + - node_standalone_to_primary - new module. + - pan_ha_update - new module. + - patch_info - new module. + - patch_install - new module. + - patch_rollback - new module. + - proxy_connection_settings_info - new module. + - proxy_connection_settings - new module. + - selfsigned_certificate_generate - new module. + - transport_gateway_settings_info - new module. + - transport_gateway_settings - new module. + major_changes: + - node_deployment - update parameters. + - node_deployment_info - add filter and filterType parameters. + - node_group - fixes response recollection. + - node_group_info - fixes response recollection. + - system_certificate - portalTagTransferForSameSubject parameter renamed to allowPortalTagTransferForSameSubject. + - system_certificate - roleTransferForSameSubject parameter renamed to allowRoleTransferForSameSubject. + - system_certificate_import - portalTagTransferForSameSubject parameter renamed to allowPortalTagTransferForSameSubject. + - system_certificate_import - roleTransferForSameSubject parameter renamed to allowRoleTransferForSameSubject. + - trustsec_nbar_app_info - change type from str to list. + - trustsec_vn_info - change type from str to list. + 2.1.1: + release_date: "2021-12-16" + changes: + release_summary: Fixes on trustsec and node_group modules + bugfixes: + - trustsec_sg_vn_mapping - fix version_added to 2.0.0 + - trustsec_sg_vn_mapping_bulk_create - fix version_added to 2.0.0 + - trustsec_sg_vn_mapping_bulk_delete - fix version_added to 2.0.0 + - trustsec_sg_vn_mapping_bulk_update - fix version_added to 2.0.0 + - trustsec_sg_vn_mapping_info - fix version_added to 2.0.0 + - trustsec_vn_vlan_mapping - fix version_added to 2.0.0 + - trustsec_vn_vlan_mapping_bulk_create - fix version_added to 2.0.0 + - trustsec_vn_vlan_mapping_bulk_delete - fix version_added to 2.0.0 + - trustsec_vn_vlan_mapping_bulk_update - fix version_added to 2.0.0 + - trustsec_vn_vlan_mapping_info - fix version_added to 2.0.0 + - trustsec_sg_vn_mapping_info - change filter param type from str to list + - trustsec_vn_vlan_mapping_info - change filter param type from str to list + - node_group_node_create - fix family execution call from Node Deployment to Node Group. + - node_group_node_delete - fix family execution call from Node Deployment to Node Group. + - node_group_node_info - fix family execution call from Node Deployment to Node Group. + 2.1.2: + release_date: "2021-12-22" + changes: + release_summary: Fixes params used for modules + bugfixes: + - node_services_profiler_probe_config - fixes params used for module. + - node_services_sxp_interfaces - fixes params used for module. + - repository - fixes params used for modules. Fix for issue 19. + - repository_files_info - fixes params used for module. + 2.2.0: + release_date: "2022-01-18" + changes: + release_summary: Update module doc & fix licensing_tier_state_create + minor_changes: + - licensing_tier_state_create - fix function call. + - Update requirements to use ciscoisesdk >= 1.4.0. + bugfixes: + - plugin/modules - update documentation block. + - update README. + 2.2.1: + release_date: "2022-02-09" + changes: + release_summary: Update README links in galaxy + bugfixes: + - update README links in galaxy from relative to absolute links. + 2.2.2: + release_date: "2022-02-18" + changes: + release_summary: Update README recommended SDK version and module documentation + bugfixes: + - Update README recommended SDK version in compatibility matrix + - trustsec_sg_vn_mapping_bulk_create - update EXAMPLES block of module documentation + - trustsec_sg_vn_mapping_bulk_delete - update EXAMPLES block of module documentation + - trustsec_sg_vn_mapping_bulk_update - update EXAMPLES block of module documentation + - trustsec_vn_bulk_create - update EXAMPLES block of module documentation + - trustsec_vn_bulk_delete - update EXAMPLES block of module documentation + - trustsec_vn_bulk_update - update EXAMPLES block of module documentation + - trustsec_vn_vlan_mapping_bulk_create - update EXAMPLES block of module documentation + - trustsec_vn_vlan_mapping_bulk_delete - update EXAMPLES block of module documentation + - trustsec_vn_vlan_mapping_bulk_update - update EXAMPLES block of module documentation + 2.2.3: + release_date: "2022-03-15" + changes: + release_summary: Update README, add ISE API Versioning and ISE 3.1 + Patch 1 notes + bugfixes: + - Update README, add ISE 3.1 + Patch 1 and ISE API Versioning notes + - Update README, update Compatibility matrix. + 2.3.0: + release_date: "2022-03-24" + changes: + release_summary: Add ISE CSRF Check support & change download modules response to include file details + bugfixes: + - Update recommended SDK version in modules from 1.4.0 to 1.5.0 + - Update README recommended SDK version in compatibility matrix + - Update README, update Compatibility matrix. + minor_changes: + - Add ise_uses_csrf_token parameter to modules + - csr_export_info - Instead of returning the data string, it now returns a dictionary. The dictionary has property data with the previous string value. + - csr_export_info - add parameter filename. + - endpoint_certificate - Instead of returning the data string, it now returns a dictionary. The dictionary has property data with the previous string value. + - endpoint_certificate - add parameter filename. + - support_bundle_download - Instead of returning the data string, it now returns a dictionary. The dictionary has property data with the previous string value. + - support_bundle_download - add parameter filename. + - system_certificate_export_info - Instead of returning the data string, it now returns a dictionary. The dictionary has property data with the previous string value. + - system_certificate_export_info - add parameter filename. + - trusted_certificate_export_info - Instead of returning the data string, it now returns a dictionary. The dictionary has property data with the previous string value. + - trusted_certificate_export_info - add parameter filename. + 2.3.1: + release_date: "2022-04-19" + changes: + release_summary: Added a validation + bugfixes: + - network_access_authorization_rules - added a validation when reading the data + 2.3.2: + release_date: "2022-04-29" + changes: + release_summary: Added a validation + bugfixes: + - device_administration_authentication_rules - added a validation reading the data + - device_administration_authorization_rules - added a validation reading the data + - device_administration_global_exception_rules - added a validation reading the data + - device_administration_local_exception_rules - added a validation reading the data + - network_access_authentication_rules - added a validation reading the data + - network_access_authorization_rules - added a validation reading the data + - network_access_global_exception_rules - added a validation reading the data + - network_access_local_exception_rules - added a validation reading the data + 2.4.0: + release_date: "2022-05-10" + changes: + release_summary: Add pxGrid modules & changes some module descriptions. + minor_changes: + - pxGrid_node_approve - new module + - pxGrid_node_delete - new module + - pxGrid_node_info - new module + - pxGrid_settings_auto_approve - new module + bugfixes: + - node_services_interfaces_info - change the validation. + - Change description from Aci to ACI + - Change description from Anc to ANC + - Change description from Csr to CSR + - Change description from Byod to BYOD + - Change description from Ca to CA + - Change description from Acl to ACL + - Change description from Radius to RADIUS + - Change description from Smtp to SMTP + - Change description from Ssid to SSID + - Change description from Mnt to MNT + - Change description from Rest to REST + - Change description from Sg to SG + - Change description from Sgt to SGT + - Change description from Sg Acl to SGACL + - Change description from Sms to SMS + - Change description from Vn to VN + - Change description from Vlan to VLAN + - Change description from Sxp to SXP + - Change description from Vpns to VPNs + - Change description from Tacacs to TACACS + - Change description from Nbar to NBAR + - Change description from Pxgrid to pxGrid + 2.4.1: + release_date: "2022-05-24" + changes: + release_summary: Change path parameter. + bugfixes: + - repository_files_info - change path parameter from name to repositoryName + - repository_info - change path parameter from name to repositoryName + - repository - change path parameter from name to repositoryName + 2.5.0: + release_date: "2022-06-08" + changes: + release_summary: Update Cisco ISE requirementes and fix some repository issues. + minor_changes: + - Update requirements to use ciscoisesdk >= 2.0.3. + bugfixes: + - repository_files_info - Fixed a bug that did not make the get call. + - repository - Fixed a bug, now repositoryName and name are used to perform the search. + - Fixed ISE version 3.1.1 to 3.1_Patch_1 which is the correct version name. + 2.5.1: + release_date: "2022-08-29" + changes: + release_summary: Update example of module documentation and added a new validation. + bugfixes: + - downloadable_acl - update EXAMPLES block of module documentation. + - sgt - added new validation when updating a stg auto generated. + 2.5.2: + release_date: "2022-08-29" + changes: + release_summary: Fixed galaxy publication + bugfixes: + - An error was corrected in galaxy publication + 2.5.3: + release_date: "2022-08-31" + changes: + release_summary: Fixed ansible status msg and unnecessary parameter was removed. + bugfixes: + - personas_update_roles_services - fixed ansible status msg. + - endpoint - an unnecessary parameter name has been removed because it is automatically generated by the api. + 2.5.4: + release_date: "2022-10-04" + changes: + release_summary: A validation has been added to the update method and warning message removed. + bugfixes: + - aci_settings - A validation has been added to the update method. + - allowed_protocols - A validation has been added to the update method. + - anc_policy - A validation has been added to the update method. + - authorization_profile - A validation has been added to the update method. + - byod_portal - A validation has been added to the update method. + - certificate_profile - A validation has been added to the update method. + - downloadable_acl - A validation has been added to the update method. + - egress_matrix_cell - A validation has been added to the update method. + - endpoint_group - A validation has been added to the update method. + - endpoint - A validation has been added to the update method. + - external_radius_server - A validation has been added to the update method. + - filter_policy - A validation has been added to the update method. + - guest_smtp_notification_settings - A validation has been added to the update method. + - guest_ssid - A validation has been added to the update method. + - guest_type - A validation has been added to the update method. + - guest_user - A validation has been added to the update method. + - hotspot_portal - A validation has been added to the update method. + - id_store_sequence - A validation has been added to the update method. + - identity_group - A validation has been added to the update method. + - my_device_portal - A validation has been added to the update method. + - native_supplicant_profile - A validation has been added to the update method. + - network_device_group - A validation has been added to the update method. + - portal_global_setting - A validation has been added to the update method. + - portal_theme - A validation has been added to the update method. + - radius_server_sequence - A validation has been added to the update method. + - rest_id_store - A validation has been added to the update method. + - self_registered_portal - A validation has been added to the update method. + - sg_acl - A validation has been added to the update method. + - sg_mapping_group - A validation has been added to the update method. + - sg_mapping - A validation has been added to the update method. + - sg_to_vn_to_vlan - A validation has been added to the update method. + - sgt - A validation has been added to the update method. + - sponsor_group - A validation has been added to the update method. + - sponsor_portal - A validation has been added to the update method. + - sponsored_guest_portal - A validation has been added to the update method. + - sxp_connections - A validation has been added to the update method. + - sxp_local_bindings - A validation has been added to the update method. + - tacacs_command_sets - A validation has been added to the update method. + - tacacs_external_servers - A validation has been added to the update method. + - tacacs_profile - A validation has been added to the update method. + - tacacs_server_sequence - A validation has been added to the update method. + - network_device - A validation has been added to the update method. + - personas_utils - Warning message removed. + 2.5.5: + release_date: "2022-10-07" + changes: + release_summary: A check has been added to identify if there really are any changes + bugfixes: personas_update_roles_services - is now idempotent. + 2.5.6: + release_date: "2022-10-13" + changes: + release_summary: Update to use ciscoisesdk v2.0.5 or newer, fixed a request body + bugfixes: + - network_access_network_condition - fixed a request body of the post and put method. + - filter_policy - removed the required id when it is a post method. + - guest_smtp_notification_settings - removed the required id when it is a post method. + - sxp_connections - removed the required id when it is a post method. + - sxp_vpns - removed the required id when it is a post method. + 2.5.7: + release_date: "2022-10-25" + changes: + release_summary: New method to compare changes + bugfixes: + - A new method to compare changes for specific cases has been added. + - node_services_profiler_probe_config - Used a new method to compare changes. + - sgt - Updated the fields required for creation. + - network_access_network_condition - Updated description of deviceGroupList. + 2.5.8: + release_date: "2022-10-27" + changes: + release_summary: Added the ability to export Cisco ISE credentials as environment variables and rennamed some vars. + bugfixes: + - Cisco ISE credentials can now be exported and used as env vars. + - mnt_athentication_status_info - the following variable was renamed from rec_ord_s to records. + - mnt_athentication_status_info - the following variable was renamed from sec_ond_s to seconds. + - mnt_authentication_status_info - the following variable was renamed from rec_ord_s to records. + - mnt_authentication_status_info - the following variable was renamed from sec_ond_s to seconds. + - mnt_session_disconnect_info - the following variable was renamed from end_poi_nti_p to endpoint_ip. + - mnt_session_disconnect_info - the following variable was renamed from psn_nam_e to psn_name. + - mnt_session_disconnect_info - the following variable was renamed from dis_con_nec_tty_pe to disconnect_type. + - mnt_session_reauthentication_info - the following variable was renamed from end_poi_ntm_ac to endpoint_mac. + - mnt_session_reauthentication_info - the following variable was renamed from rea_uth_typ_e to reauth_type. + - mnt_session_reauthentication_info - the following variable was renamed from psn_nam_e to psn_name. + 2.5.9: + release_date: "2022-11-07" + changes: + release_summary: Fixed some ansible statuses, added a missing parameter and corrected a response. + bugfixes: + - licensing_eval_license_info - corrected the response + - system_certificate - a missing parameter was added allowWildcardDelete + - node_standalone_to_primary - fixed ansible changed response + - node_primary_to_standalone - fixed ansible changed response + - node_secondary_to_primary - fixed ansible changed response + 2.5.10: + release_date: "2022-12-09" + changes: + release_summary: A check has been added to identify if there really are any changes + bugfixes: + - network_access_authorization_rules - is now idempotent. + 2.5.11: + release_date: "2023-01-05" + changes: + release_summary: Some errors have been corrected when reading the playbook and a validation was removed. + bugfixes: + - network_access_authentication_rules - now read the ID correctly. + - network_access_authorization_rules - now read the ID correctly. + - node_group_node_info - removed a validation that caused a failure. + - node_group - search was repaired. + 2.5.12: + release_date: "2023-01-09" + changes: + release_date: Change is detected in a better way. + bugfixes: + - network_access_authorization_rules - recognizes when there are changes. \ No newline at end of file diff --git a/ansible_collections/cisco/ise/docs/Makefile b/ansible_collections/cisco/ise/docs/Makefile new file mode 100644 index 00000000..eed6f12d --- /dev/null +++ b/ansible_collections/cisco/ise/docs/Makefile @@ -0,0 +1,20 @@ +# Minimal makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build +SPHINXPROJ = ISEAnsibleActions +SOURCEDIR = . +BUILDDIR = _build + +# Put it first so that "make" without argument is like "make help". +help: + @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +.PHONY: help Makefile + +# Catch-all target: route all unknown targets to Sphinx using the new +# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). +%: Makefile + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/ansible_collections/cisco/ise/docs/_gh_include/footer.inc b/ansible_collections/cisco/ise/docs/_gh_include/footer.inc new file mode 100644 index 00000000..deddeb6c --- /dev/null +++ b/ansible_collections/cisco/ise/docs/_gh_include/footer.inc @@ -0,0 +1,4 @@ + + + + diff --git a/ansible_collections/cisco/ise/docs/_gh_include/header.inc b/ansible_collections/cisco/ise/docs/_gh_include/header.inc new file mode 100644 index 00000000..3cb31c3f --- /dev/null +++ b/ansible_collections/cisco/ise/docs/_gh_include/header.inc @@ -0,0 +1,17 @@ + + + + ISE Ansible Actions documentation index + + + + + + + + +

ISE Ansible Actions

+ +
+ +
diff --git a/ansible_collections/cisco/ise/docs/conf.py b/ansible_collections/cisco/ise/docs/conf.py new file mode 100644 index 00000000..e2c2539d --- /dev/null +++ b/ansible_collections/cisco/ise/docs/conf.py @@ -0,0 +1,154 @@ +# -*- coding: utf-8 -*- +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +# +# Configuration file for the Sphinx documentation builder. +# +# This file does only contain a selection of the most common options. For a +# full list see the documentation: +# http://www.sphinx-doc.org/en/master/config + +# -- Path setup -------------------------------------------------------------- + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# +import datetime +import os +import sys +sys.path.insert(0, os.path.abspath('../plugins/plugin_utils/')) +# sys.path.insert(0, os.path.abspath('.')) + +# -- Project information ----------------------------------------------------- + +project = 'ISEAnsibleActions' +copyright = u'Copyright (c) 2021 Cisco Systems' +author = u'' + +# The short X.Y version +version = '' +# The full version, including alpha/beta/rc tags +release = '' + +# -- General configuration --------------------------------------------------- + +# If your documentation needs a minimal Sphinx version, state it here. +# +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'recommonmark', + 'sphinx.ext.autodoc', + 'sphinx.ext.intersphinx', + 'ansible_basic_sphinx_ext', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +# +# source_suffix = ['.rst', '.md'] +source_suffix = { + '.rst': 'restructuredtext', + '.md': 'markdown', +} + +# The master toctree document. +master_doc = 'index' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +# This pattern also affects html_static_path and html_extra_path . +exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store', '.tmp'] + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +highlight_language = 'YAML+Jinja' + +# -- Options for HTML output ------------------------------------------------- +html_theme_path = ['_themes'] +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +# +# html_theme = 'alabaster' +html_theme = 'sphinx_rtd_theme' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# +# html_theme_options = {} + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = [] + +# Custom sidebar templates, must be a dictionary that maps document names +# to template names. +# +# The default sidebars (for documents that don't match any pattern) are +# defined by theme itself. Builtin themes are using these templates by +# default: ``['localtoc.html', 'relations.html', 'sourcelink.html', +# 'searchbox.html']``. +# +# html_sidebars = {} + +# -- Options for HTMLHelp output --------------------------------------------- + +# Output file base name for HTML help builder. +htmlhelp_basename = 'ISEAnsibleActionsdoc' + +# -- Options for LaTeX output ------------------------------------------------ + +latex_elements = {} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, 'ISEAnsibleActions.tex', 'ISEAnsibleActions Documentation', + 'The ISE Project', 'manual'), +] + +# -- Options for manual page output ------------------------------------------ + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + (master_doc, 'ISEAnsibleActions', 'ISEAnsibleActions Documentation', + [author], 1) +] + +# -- Options for Texinfo output ---------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + (master_doc, 'ISEAnsibleActions', 'ISEAnsibleActions Documentation', + author, 'ISEAnsibleActions', 'One line description of project.', + 'Miscellaneous'), +] + +# -- Extension configuration ------------------------------------------------- + +# -- Options for intersphinx extension --------------------------------------- + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = {'python': ('https://docs.python.org/2', None), 'ansible': ('https://docs.ansible.com/ansible/latest/', None)} diff --git a/ansible_collections/cisco/ise/docs/index.rst b/ansible_collections/cisco/ise/docs/index.rst new file mode 100644 index 00000000..fdcd8d79 --- /dev/null +++ b/ansible_collections/cisco/ise/docs/index.rst @@ -0,0 +1,21 @@ +.. ISE Ansible Actions documentation main file, created by + sphinx-quickstart on Tue Dec 12 10:00:39 2018. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +Welcome to ISE Ansible Actions' documentation! +===================================================== + +.. toctree:: + :maxdepth: 2 + :caption: User documentation + + plugins/index + roles/index + + +Indices and tables +================== + +* :ref:`genindex` +* :ref:`search` diff --git a/ansible_collections/cisco/ise/docs/requirements.txt b/ansible_collections/cisco/ise/docs/requirements.txt new file mode 100644 index 00000000..74fe21c5 --- /dev/null +++ b/ansible_collections/cisco/ise/docs/requirements.txt @@ -0,0 +1,6 @@ +PyYAML>=5.4.1 +antsibull>=0.17.0 +ansible-base>=2.10.0rc2 +sphinx-rtd-theme +git+https://github.com/felixfontein/ansible-basic-sphinx-ext +recommonmark diff --git a/ansible_collections/cisco/ise/docs/roles.rst.template b/ansible_collections/cisco/ise/docs/roles.rst.template new file mode 100644 index 00000000..b025af62 --- /dev/null +++ b/ansible_collections/cisco/ise/docs/roles.rst.template @@ -0,0 +1,3 @@ +Role Index +========== + diff --git a/ansible_collections/cisco/ise/hosts b/ansible_collections/cisco/ise/hosts new file mode 100644 index 00000000..a05461e3 --- /dev/null +++ b/ansible_collections/cisco/ise/hosts @@ -0,0 +1,8 @@ +[ise_servers] +ise_server + +#[ise] +#localhost ansible_python_interpreter=/Users/rcampos/.pyenv/shims/python + +#[ise:vars] +#cloud_provider = aws diff --git a/ansible_collections/cisco/ise/meta/runtime.yml b/ansible_collections/cisco/ise/meta/runtime.yml new file mode 100644 index 00000000..1f18fd72 --- /dev/null +++ b/ansible_collections/cisco/ise/meta/runtime.yml @@ -0,0 +1,2 @@ +--- +requires_ansible: '>=2.9.10' \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/aci_settings.yml b/ansible_collections/cisco/ise/playbooks/aci_settings.yml new file mode 100644 index 00000000..10251ffe --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/aci_settings.yml @@ -0,0 +1,51 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get Aci Settings + cisco.ise.aci_settings_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: aci_settings_info + + - name: Print + ansible.builtin.debug: + var: aci_settings_info['ise_response'] + + - name: Update by id + cisco.ise.aci_settings: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: "{{ aci_settings_info['ise_response']['id']}}" + enableAci: false + ipAddressHostName: 10.0.0.1 + adminName: admin name + tenantName: ISE + l3RouteNetwork: L3_ROUTE + suffixToEpg: SGT + suffixToSgt: EPG + allSxpDomain: false + specificSxpDomain: true + specifixSxpDomainList: + - default + enableDataPlane: false + untaggedPacketIepgName: Untagged + defaultSgtName: Unknown + enableElementsLimit: true + maxNumIepgFromAci: 1000 + maxNumSgtToAci: 500 + aci50: false + aci51: false + when: + - aci_settings_info['ise_response'] is defined + - aci_settings_info['ise_response']['id'] is defined + register: result + + - name: Print update response + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/active_directory.yml b/ansible_collections/cisco/ise/playbooks/active_directory.yml new file mode 100644 index 00000000..3d83f6e4 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/active_directory.yml @@ -0,0 +1,85 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get active directory + # cisco.ise.active_directory_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 1 + # size: 1 + # register: result + + # - name: Print Active Directories + # ansible.builtin.debug: + # var: result + + - name: Create or update active directory + cisco.ise.active_directory: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + name: cisco.com + description: "" + domain: cisco.com + adgroups: + groups: + - name: cisco.com/operators + sid: S-1-5-32-548 + type: GLOBAL + advancedSettings: + enablePassChange: true + enableMachineAuth: true + enableMachineAccess: true + agingTime: 5 + enableDialinPermissionCheck: false + enableCallbackForDialinClient: false + plaintextAuth: false + identityNotInAdBehaviour: SEARCH_JOINED_FOREST + unreachableDomainsBehaviour: PROCEED + enableRewrites: false + rewriteRules: + - rowId: 00 + rewriteMatch: host/[HOSTNAME].[DOMAIN] + rewriteResult: host/[HOSTNAME].[DOMAIN] + - rowId: 1 + rewriteMatch: host/[HOSTNAME] + rewriteResult: host/[HOSTNAME] + - rowId: 2 + rewriteMatch: "[DOMAIN]\\[IDENTITY]" + rewriteResult: "[DOMAIN]\\[IDENTITY]" + - rowId: 3 + rewriteMatch: "[IDENTITY]@[DOMAIN]" + rewriteResult: "[IDENTITY]@[DOMAIN]" + - rowId: 4 + rewriteMatch: "[IDENTITY]" + rewriteResult: "[IDENTITY]" + firstName: givenName + department: department + lastName: sn + organizationalUnit: company + jobTitle: title + locality: l + email: mail + stateOrProvince: st + telephone: telephoneNumber + country: co + streetAddress: streetAddress + schema: ACTIVE_DIRECTORY + adAttributes: + attributes: + - name: name1 + type: STRING + defaultValue: defaultString + internalName: internalName1 + adScopesNames: Default_Scope + register: result + + - name: Print Active Directory + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/allowed_protocols.yml b/ansible_collections/cisco/ise/playbooks/allowed_protocols.yml new file mode 100644 index 00000000..de95f9fc --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/allowed_protocols.yml @@ -0,0 +1,62 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get allowed protocols, skip first one + # cisco.ise.allowed_protocols_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 2 + # size: 1 + # register: result + + # - name: Get allowed protocols by name + # cisco.ise.allowed_protocols_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: "Default Network Access" + # register: result + + # - name: Get allowed protocols by id + # cisco.ise.allowed_protocols_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: "92613980-8c01-11e6-996c-525400b48521" + # register: result + + - name: Create or update allowed protocols + cisco.ise.allowed_protocols: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Test Device Admin + description: Test Allowed Protocol Service Device Admin + processHostLookup: false + allowPapAscii: true + allowChap: true + allowMsChapV1: true + allowMsChapV2: false + allowEapMd5: false + allowLeap: false + allowEapTls: false + allowEapTtls: false + allowEapFast: false + allowPeap: false + allowTeap: false + allowPreferredEapProtocol: false + eapTlsLBit: false + allowWeakCiphersForEap: false + requireMessageAuth: false + register: result + + - name: Print Allowed Protocol + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/anc_policy.yml b/ansible_collections/cisco/ise/playbooks/anc_policy.yml new file mode 100644 index 00000000..1d7ac6be --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/anc_policy.yml @@ -0,0 +1,30 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get ANC policies + cisco.ise.anc_policy_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: result + + - name: Print ANC policy + ansible.builtin.debug: + var: result + + - name: Create or update ANC policy + cisco.ise.anc_policy: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: policy1 + actions: [SHUTDOWN] + register: result + + - name: Print ANC policy + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/authorization_profile.yml b/ansible_collections/cisco/ise/playbooks/authorization_profile.yml new file mode 100644 index 00000000..5d856720 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/authorization_profile.yml @@ -0,0 +1,43 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get Authorization profile + cisco.ise.authorization_profile_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: Cisco_Temporal_Onboard + register: result + + - name: Print Authorization profiles + ansible.builtin.debug: + var: result + + - name: Create or update Authorization profile + cisco.ise.authorization_profile: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + accessType: ACCESS_ACCEPT + authzProfileType: SWITCH + daclName: PERMIT_ALL_IPV4_TRAFFIC + description: Onboard the device with Cisco temp agent + easywiredSessionCandidate: false + id: 4e2e7a20-ea30-11ea-8b14-005056871e13 + name: Cisco_Temporal_Onboard + profileName: Cisco + serviceTemplate: false + trackMovement: false + webRedirection: + WebRedirectionType: ClientProvisioning + acl: ACL_WEBAUTH_REDIRECT + portalName: Client Provisioning Portal (default) + register: result + + - name: Print Authorization profile + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/aws_deployment.yml b/ansible_collections/cisco/ise/playbooks/aws_deployment.yml new file mode 100644 index 00000000..3ad6dc5a --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/aws_deployment.yml @@ -0,0 +1,25 @@ +--- +- name: AWS ISE Deployment Playbook + hosts: localhost + connection: local + vars: + ise_username: admin + ise_password: P@sbg1234 + ise_domain: sstcloud.com + ise_ntp_server: 10.10.0.1 + ise_dns_server: 208.67.220.220 + ise_timezone: America/Costa_Rica + + aws_ise_ami: ami-0ffd69a117dbcbb9e + aws_vpc_name: ISE VPC + aws_vpc_cidr: 10.10.0.0/16 + aws_subnet_cidr: 10.10.1.0/24 + aws_region: us-west-2 + aws_public_access_cidr: 0.0.0.0/0 + aws_keypair_name: ise-testing-ansible + aws_instance_type: c5.4xlarge + aws_cound: 1 + + roles: + - cisco.ise.aws_deployment + \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/azure_deployment.yml b/ansible_collections/cisco/ise/playbooks/azure_deployment.yml new file mode 100644 index 00000000..5a1ea11d --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/azure_deployment.yml @@ -0,0 +1,46 @@ +--- +- name: ISE Deployment Playbook + hosts: localhost + connection: local + vars: + ise_deployment_type: single + ise_personas: ["pan-1", "pan-2", "mnt-1", "mnt-2", "psn-1", "psn-2"] + ise_base_hostname: ISE + ise_username: admin + ise_password: P@sbg1234 + ise_ntp_server: 10.10.0.1 + ise_dns_server: 208.67.220.220 + ise_domain: sstcloud.com + ise_timezone: America/Costa_Rica + + + az_rg_name: ISE-RG-ANSIBLE + az_location: southcentralus + az_network_name: ISE-NETWORK + az_subnet_name: ISE-SUBNET + az_network_cidr: + - "10.1.0.0/16" + - "172.100.0.0/16" + az_network_dns: + - "127.0.0.1" + - "127.0.0.2" + az_subnet_cidr: 10.1.0.0/24 + az_securitygroup_name: ISE-SECURITY-GROUP + az_public_access_cidr: + - '174.109.158.0/24' + - '174.109.159.0/24' + az_interface_name: ISE-INTERFACE + az_vm_username: ise-user + az_vm_name: ISE-VM + az_vm_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOXXnPveNXDONNioMmDmS58OiKPG3vpHAbDSnpu0ZrXVR6xMdF9DrAIxdTTcCQVPcRmT92paAzL6qdNLG2b9aEAXZ6/0l73LKI2jKbE9jjQULNRxWkr6fRWr58Wza7MlR+mN/DUepxIieir5W9R6c7F+2gIVOSLRMOiymqo2v/WK5jCIk20SSUuh6TexxZu6nlj4eBYSmY91tb5aIG6E72fSfJ+VU2DuanN1qv4duLPYjb1nCG4LlxQQWDTig60AYTJ3h0CkqJtNhjazqUJrTCwEy3NsNthM9UTHxnKxl0ADNZ/hZUAcFI55k2CaTovBIIMAKItMt39b6NN5bSTCIUNw1QL4Q8CLd6vE7asYOkRXTrqm6to6VH+dzKSmIMHnAIkrGGQyAupABXbqsBOz1u2yP6d1YP8mN4/mDPCdVHWGuaz8XGe5K+w+i0a2LU26MEfzyVyJI0I6a/636zL7LV+WxRN1pTqy5M/4jCUoU4MdsUw5TIYAyG/Cx0LShUTxThblxnr9ms5VGn/wexoR/y+nMyqhR0Wm0VN8zEl4AsR+Gjyc2g6jpQlRcZTaMT358qw8VUsjhS6l59oO3bYH3qWFA3R2paL6fdmdTsSmhysWuPAm5Cy+22OkF6tD46mnNNoMfWv/LQBcswsIbuB1cEdLDqN02Je1opipJizy/bXw== root@Bryans-MacBook-Air.local" + roles: + - cisco.ise.ise_deployment_in_azure + +# tasks: +# - name: test +# ansible.builtin.set_fact: +# test: "{{a}}" +# test1: "{{(a|int)+2}}" +# - name: Output public IP +# debug: +# msg: "{{test}} - {{test1}}" \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/b.yml b/ansible_collections/cisco/ise/playbooks/b.yml new file mode 100644 index 00000000..a061dc6e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/b.yml @@ -0,0 +1,130 @@ +--- +- hosts: ise_servers + vars_files: + - credentials.yml + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_version: "{{ ise_version }}" + ise_debug: "{{ ise_debug }}" + gather_facts: false + tasks: + - name: Create Endpoint + cisco.ise.endpoint: + <<: *ise_login + state: present + #state: absent + description: ansible test + mac: "50:00:00:01:00:16" + name: "Ansible name" + #mac: "50-00-00-04-C3-95" + register: result + + #- name: Get all Endpoint + # cisco.ise.endpoint_info: + # <<: *ise_login + # page: 1 + # size: 20 + #sortasc: string + # register: result + + # - name: Get Endpoint by id + # cisco.ise.endpoint_info: + # <<: *ise_login + # id: 69142550-2576-11ed-990e-4a16cf330648 + # register: result + + # - name: Get all SGt + # cisco.ise.sgt_info: + # <<: *ise_login + # size: 5 + # sortasc: name + # register: result + + # - name: Get SGt by id + # cisco.ise.sgt_info: + # <<: *ise_login + # id: 4d482be5-2863-4015-8ea4-46c00d9e199b + # register: result + + # - name: STG + # cisco.ise.sgt: + # <<: *ise_login + # # ise_uses_api_gateway: "{{ise_uses_api_gateway}}" + # # ise_uses_csrf_token: "{{ise_uses_csrf_token}}" + # state: present + # name: teststg_ansible + # value: -1 + # description: teststg description ANSIBLE number 2 + # register: result + +# - name: Create STG +# hosts: ise +# vars_files: +# - credentials.yml +# gather_facts: false +# tasks: +# - name: Create STG +# cisco.ise.sgt: +# <<: *ise_login +# # ise_uses_api_gateway: "{{ise_uses_api_gateway}}" +# # ise_uses_csrf_token: "{{ise_uses_csrf_token}}" +# state: present +# name: teststg ->teststg3 +# value: -1 +# description: teststg description -> teststg3 description +# register: result + + # - name: Create network device + # loop_control: + # loop_var: device + # cisco.ise.network_device: + # <<: *ise_login + # state: present + # name: "{{device.name}}" + # description: "{{device.description}}" + # coaPort: "{{device.coa_port}}" + # NetworkDeviceGroupList: "{{device.network_device_group_list}}" + # NetworkDeviceIPList: "{{device.network_device_ip_list}}" + # authenticationSettings: + # radiusSharedSecret: "{{device.shared_secret}}" + # loop: "{{network_devices}}" + # when: "network_devices is defined" + # register: result + + + # - name: Create network device single + # cisco.ise.network_device: + # <<: *ise_login + # state: present + # #state: absent + # name: "ISE_EST_Local_Host_TEST" + # description: "example nd" + # coaPort: "0" + # NetworkDeviceGroupList: + # - "Location#All Locations" + # - "Device Type#All Device Types" + # # - "IPSEC#Is IPSEC Device" + # NetworkDeviceIPList: + # - ipaddress: "127.0.0.1" + # mask: 0 + # authenticationSettings: + # radiusSharedSecret: "RADIUS" + # register: result + + # - name: Get all Node Deployment + # cisco.ise.node_deployment_info: + # <<: *ise_login + # #hostname: ise + # register: result + + - name: Debug result. + ansible.builtin.debug: + var: result + + + +#authorization_profile \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/backup_create.yml b/ansible_collections/cisco/ise/playbooks/backup_create.yml new file mode 100644 index 00000000..10913633 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/backup_create.yml @@ -0,0 +1,45 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Backup configuration + tasks: + - name: Create a repository + cisco.ise.repository: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: myRepo + password: MyP@ssworD + path: / + protocol: DISK + + - name: Create backup + cisco.ise.backup_config: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + backupEncryptionKey: My3ncryptionkey + backupName: myBackup + repositoryName: myRepo + register: result + + - name: Get Tasks by id + cisco.ise.tasks_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + taskId: "{{ result.ise_response.response.id }}" + when: + - result is defined + - result['ise_response'] is defined + - result['ise_response']['response'] + - result['ise_response']['response']['id'] is defined + register: task_status + + - name: Show task status + ansible.builtin.debug: + msg: "{{ task_status }}" diff --git a/ansible_collections/cisco/ise/playbooks/backup_restore.yml b/ansible_collections/cisco/ise/playbooks/backup_restore.yml new file mode 100644 index 00000000..9ffaca8c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/backup_restore.yml @@ -0,0 +1,16 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Restore configuration backup + tasks: + - name: Restore backup + cisco.ise.backup_restore: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + backupEncryptionKey: My3ncryptionkey + restoreFile: myBackup-CFG10-210806-2232.tar.gpg + repositoryName: myRepo + restoreIncludeAdeos: true + register: result diff --git a/ansible_collections/cisco/ise/playbooks/backup_schedule.yml b/ansible_collections/cisco/ise/playbooks/backup_schedule.yml new file mode 100644 index 00000000..958024b1 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/backup_schedule.yml @@ -0,0 +1,21 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Schedule configuration backup + tasks: + - name: Schedule backup + cisco.ise.backup_schedule_config: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + backupDescription: mybackup + backupEncryptionKey: My3ncryptionkey + repositoryName: myRepo + backupName: myBackup2 + startDate: 01/01/2022 + endDate: 12/31/2022 + frequency: WEEKLY + status: ENABLE + time: 12:00 AM + weekDay: SAT diff --git a/ansible_collections/cisco/ise/playbooks/byod_portal.yml b/ansible_collections/cisco/ise/playbooks/byod_portal.yml new file mode 100644 index 00000000..2a01c235 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/byod_portal.yml @@ -0,0 +1,288 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: byod_portal + cisco.ise.byod_portal: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + name: Test BYOD Portal (default) + description: Test portal and user experience used when employees register a personal device on the network + portalType: BYOD + settings: + portalSettings: + httpsPort: 8443 + allowedInterfaces: + - eth0 + - bond0 + certificateGroupTag: Default Portal Certificate Group + displayLang: USEBROWSERLOCALE + fallbackLanguage: English + alwaysUsedLanguage: English + byodSettings: + byodWelcomeSettings: + enableBYOD: false + enableGuestAccess: false + requireMDM: false + includeAup: true + aupDisplay: ONPAGE + requireAupAcceptance: false + requireScrolling: false + byodRegistrationSettings: + showDeviceID: true + endPointIdentityGroupId: aa13bb40-8bff-11e6-996c-525400b48521 + byodRegistrationSuccessSettings: + successRedirect: AUTHSUCCESSPAGE + supportInfoSettings: + includeSupportInfoPage: false + includeMacAddr: true + includeIpAddress: true + includeBrowserUserAgent: true + includePolicyServer: true + includeFailureCode: true + emptyFieldDisplay: HIDE + customizations: + portalTheme: + id: 9eb421c0-8c01-11e6-996c-525400b48521 + name: Default Blue theme + portalTweakSettings: {} + language: + viewLanguage: English + globalCustomizations: + bannerTitle: BYOD Portal + contactText: Contact Support + footerElement: "" + pageCustomizations: + data: + - key: ui_contact_ip_address_label + value: SVAgYWRkcmVzczo= + - key: ui_error_content_label + value: RXJyb3I= + - key: ui_error_retry_button + value: UmV0cnk= + - key: ui_byod_install_ios_button + value: TGF1bmNoIEFwcGxlIFByb2ZpbGUgYW5kIENlcnRpZmljYXRlIEluc3RhbGxlcnMgTm93 + - key: ui_byod_welcome_aup_text + value: + "UGxlYXNlIGFjY2VwdCB0aGUgcG9saWN5OiBZb3UgYXJlIHJlc3BvbnNpYmxlIGZvciBtYWludGFpbmluZyB0aGUgY29uZmlkZW50aWFsaXR5IG9mIHRo\ + ZSBwYXNzd29yZCBhbmQgYWxsIGFjdGl2aXRpZXMgdGhhdCBvY2N1ciB1bmRlciB5b3VyIHVzZXJuYW1lIGFuZCBwYXNzd29yZC4gQ2lzY28gU3lzdGVtc\ + yBvZmZlcnMgdGhlICBTZXJ2aWNlIGZvciBhY3Rpdml0aWVzICBzdWNoIGFzIHRoZSBhY3RpdmUgdXNlIG9mIGUtbWFpbCwgaW5zdGFudCBtZXNzYWdpbm\ + csIGJyb3dzaW5nIHRoZSBXb3JsZCBXaWRlIFdlYiBhbmQgYWNjZXNzaW5nIGNvcnBvcmF0ZSBpbnRyYW5ldHMuIEhpZ2ggdm9sdW1lIGRhdGEgdHJhbnN\ + mZXJzLCBlc3BlY2lhbGx5IHN1c3RhaW5lZCBoaWdoIHZvbHVtZSBkYXRhIHRyYW5zZmVycywgYXJlIG5vdCBwZXJtaXR0ZWQuIEhvc3RpbmcgYSB3ZWIg\ + c2VydmVyIG9yIGFueSBvdGhlciBzZXJ2ZXIgYnkgdXNlIG9mIG91ciBTZXJ2aWNlIGlzIHByb2hpYml0ZWQuIFRyeWluZyB0byBhY2Nlc3Mgc29tZW9uZ\ + SBlbHNlJ3MgYWNjb3VudCwgc2VuZGluZyB1bnNvbGljaXRlZCBidWxrIGUtbWFpbCwgY29sbGVjdGlvbiBvZiBvdGhlciBwZW9wbGUncyBwZXJzb25hbC\ + BkYXRhIHdpdGhvdXQgdGhlaXIga25vd2xlZGdlIGFuZCBpbnRlcmZlcmVuY2Ugd2l0aCBvdGhlciBuZXR3b3JrIHVzZXJzIGFyZSBhbGwgcHJvaGliaXR\ + lZC4gQ2lzY28gU3lzdGVtcyByZXNlcnZlcyB0aGUgcmlnaHQgdG8gc3VzcGVuZCB0aGUgU2VydmljZSBpZiBDaXNjbyBTeXN0ZW1zIHJlYXNvbmFibHkg\ + YmVsaWV2ZXMgdGhhdCB5b3VyIHVzZSBvZiB0aGUgU2VydmljZSBpcyB1bnJlYXNvbmFibHkgZXhjZXNzaXZlIG9yIHlvdSBhcmUgdXNpbmcgdGhlIFNlc\ + nZpY2UgZm9yIGNyaW1pbmFsIG9yIGlsbGVnYWwgYWN0aXZpdGllcy4gWW91IGRvIG5vdCBoYXZlIHRoZSByaWdodCB0byByZXNlbGwgdGhpcyBTZXJ2aW\ + NlIHRvIGEgdGhpcmQgcGFydHkuIENpc2NvIFN5c3RlbXMgcmVzZXJ2ZXMgdGhlIHJpZ2h0IHRvIHJldmlzZSwgYW1lbmQgb3IgbW9kaWZ5IHRoZXNlIFR\ + lcm1zICYgQ29uZGl0aW9ucywgb3VyIG90aGVyIHBvbGljaWVzIGFuZCBhZ3JlZW1lbnRzLCBhbmQgYXNwZWN0cyBvZiB0aGUgU2VydmljZSBpdHNlbGYu\ + IE5vdGljZSBvZiBhbnkgcmV2aXNpb24sIGFtZW5kbWVudCwgb3IgbW9kaWZpY2F0aW9uIHdpbGwgYmUgcG9zdGVkIG9uIENpc2NvIFN5c3RlbSdzIHdlY\ + nNpdGUgYW5kIHdpbGwgYmUgZWZmZWN0aXZlIGFzIHRvIGV4aXN0aW5nIHVzZXJzIDMwIGRheXMgYWZ0ZXIgcG9zdGluZy4=" + - key: ui_byod_install_winmac_button + value: RG93bmxvYWQgYW5kIEluc3RhbGw= + - key: ui_byod_install_android_instruction_message + value: + "VG8gY29uZmlndXJlIHlvdXIgZGV2aWNlIGZvciBzZWN1cmUgYWNjZXNzLCB5b3UgbmVlZCB0byBnbyB0byBHb29nbGUgUGxheSBhbmQgZG93bmxv\ + YWQgdGhlIENpc2NvIE5ldHdvcmsgU2V0dXAgQXNzaXN0YW50Lg==" + - key: ui_byod_reg_id_label + value: RGV2aWNlIElEOg== + - key: ui_byod_reg_install_button + value: RG93bmxvYWQgYW5kIEluc3RhbGw= + - key: ui_byod_install_page_title + value: SW5zdGFsbA== + - key: ui_contact_optional_content_1 + value: "" + - key: ui_contact_optional_content_2 + value: "" + - key: ui_byod_ios_provisioning_error + value: + "VW5hYmxlIHRvIGNvbXBsZXRlIHByb3Zpc2lvbmluZyBvZiB5b3VyIGRldmljZS4gQ2xpY2sgUmV0cnkgdG8gdHJ5IGFnYWluLiBJZiBwcm92aXNpb2\ + 5pbmcgY29udGludWVzIHRvIGZhaWwsIHBsZWFzZSBjb250YWN0IHRoZSBoZWxwIGRlc2sgZm9yIGFzc2lzdGFuY2Uu" + - key: ui_welcome_label + value: V2VsY29tZQ== + - key: ui_byod_reg_page_title + value: RGV2aWNlIEluZm9ybWF0aW9u + - key: ui_user_last_login_pass_time_label + value: TGFzdCBMb2dpbjo= + - key: ui_byod_success_redirecting_message + value: UmVjb25uZWN0aW5nIGFuZCByZWRpcmVjdGluZy4uLg== + - key: ui_byod_reg_instruction_message + value: "" + - key: ui_byod_success_manual_reconnect_message + value: + "SW5zdGFsbGF0aW9uIGFuZCBDb25maWd1cmF0aW9uIG9mIHlvdXIgZGV2aWNlIGlzIG5vdyBmaW5pc2hlZC4gWW91IG11c3Qgbm93IG1hbnVhbGx5IHN3a\ + XRjaCBXaS1GaSBuZXR3b3JrcyBhbmQgY29ubmVjdCB0byAkdWlfYnlvZF9zdWNjZXNzX2lvc19zc2lkJC4=" + - key: ui_error_page_title + value: RXJyb3I= + - key: ui_byod_welcome_os_selection_message + value: U2VsZWN0IHlvdXIgRGV2aWNl + - key: ui_byod_install_android_button + value: R28gdG8gR29vZ2xlIFBsYXkgdG8gZ2V0IHRoZSBhcHBsaWNhdGlvbg== + - key: ui_contact_sessioninfo_text + value: + "VGhpcyBpbmZvcm1hdGlvbiBwcm92aWRlcyBkZXRhaWxzIHRoYXQgdGhlIGhlbHAgZGVzayBtaWdodCBuZWVkIHRvIHJlc29sdmUgYW55IG\ + lzc3VlcyB5b3UgYXJlIGV4cGVyaWVuY2luZy4=" + - key: ui_contact_content_label + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_byod_success_page_title + value: QllPRCBTdWNjZXNz + - key: ui_contact_sessioninfo_title + value: U2Vzc2lvbiBJbmZvcm1hdGlvbg== + - key: ui_byod_welcome_aup_agreement_label + value: SSBhZ3JlZSB0byB0aGUgdGVybXMgYW5kIGNvbmRpdGlvbnM= + - key: ui_byod_reg_optional_content_1 + value: "" + - key: ui_byod_install_content_label + value: SW5zdGFsbA== + - key: ui_error_optional_content_2 + value: "" + - key: ui_error_optional_content_1 + value: "" + - key: ui_byod_welcome_renew_cert_message + value: + "WW91ciBkZXZpY2UgcmVnaXN0cmF0aW9uIG11c3QgYmUgcmVuZXdlZCB0byBjb250aW51ZSB1c2luZyB0aGUgc2VjdXJlIG5ldHdvcmsuI\ + ENsaWNrIDxiPlJlbmV3PC9iPiB0byByZWNvbmZpZ3VyZSB5b3VyIGRldmljZS4=" + - key: ui_portal_internal_error + value: QW4gdW5leHBlY3RlZCBlcnJvciBvY2N1cnJlZC4gUGxlYXNlIGNvbnRhY3QgdGhlIGhlbHAgZGVzayBmb3IgYXNzaXN0YW5jZS4= + - key: ui_byod_reg_delete_confirmation_message + value: + "QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbGV0ZSB0aGlzIGRldmljZT8gIFlvdSB3b24ndCBiZSBhYmxlIHRvIHVzZSBpdCB0\ + byBhY2Nlc3MgdGhlIG5ldHdvcmsgYW55bW9yZS4=" + - key: ui_byod_welcome_page_title + value: QllPRCBXZWxjb21l + - key: ui_byod_install_optional_content_2 + value: "" + - key: ui_byod_reg_desc_label + value: RGVzY3JpcHRpb246 + - key: ui_byod_install_optional_content_1 + value: "" + - key: ui_footer_label + value: "" + - key: ui_byod_success_optional_content_2 + value: "" + - key: ui_byod_success_optional_content_1 + value: "" + - key: ui_contact_page_title + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_byod_install_ios_after_install_message + value: QWZ0ZXIgY29uZmlndXJpbmcgeW91ciBkZXZpY2UsIHlvdSB3aWxsIGJlIGFibGUgdG8gY29ubmVjdCB0byB0aGUgbmV0d29yay4= + - key: ui_byod_reg_content_message + value: + "RW50ZXIgdGhlIGRldmljZSBuYW1lIGFuZCBvcHRpb25hbCBkZXNjcmlwdGlvbiBmb3IgdGhpcyBkZXZpY2Ugc28geW91IGNhb\ + iBtYW5hZ2UgaXQgdXNpbmcgdGhlIE15IERldmljZXMgUG9ydGFsLg==" + - key: ui_byod_reg_continue_button + value: Q29udGludWU= + - key: ui_byod_success_instruction_message + value: WW91IGNhbiBjbG9zZSB5b3VyIGJyb3dzZXIgbm93Lg== + - key: ui_contact_instruction_message + value: + "U2hhcmUgdGhlc2UgZGV0YWlscyB3aXRoIHRoZSBoZWxwIGRlc2sgd2hlbiB0cm91Ymxlc2hvb3RpbmcgaXNzdWVzIHdpdGggd\ + GhpcyBwb3J0YWwu" + - key: ui_session_timeout_error + value: WW91ciBzZXNzaW9uIGhhcyB0aW1lZCBvdXQuIENsaWNrIFJldHJ5IHRvIHRyeSBhZ2Fpbi4= + - key: ui_byod_success_unsupported_device_message + value: WW91IGFyZSBub3cgY29ubmVjdGVkIHRvIHRoZSBzZWN1cmUgbmV0d29yay4= + - key: ui_contact_helpdesk_text + value: Q29udGFjdCB0aGUgaGVscCBkZXNrIGF0ICh4eHgpIHh4eC14eHh4Lg== + - key: ui_byod_welcome_renew_button + value: UmVuZXc= + - key: ui_byod_reg_limit_message + value: + "WW91IGhhdmUgcmVhY2hlZCB0aGUgbWF4aW11bSBudW1iZXIgb2YgZGV2aWNlcyBhbGxvd2VkIHRvIHJlZ2lzdGVyLiBTZ\ + WxlY3Qgb25lIGZyb20gdGhlIGxpc3QgdG8gZGVsZXRlIGFuZCBjb250aW51ZS4=" + - key: ui_byod_install_instruction_message + value: "" + - key: ui_byod_reg_optional_content_2 + value: "" + - key: ui_contact_failure_code_label + value: RmFpbHVyZSBjb2RlOg== + - key: ui_contact_link + value: Q29udGFjdCBTdXBwb3J0 + - key: ui_byod_install_android_after_install_message + value: QWZ0ZXIgaW5zdGFsbGluZywgcnVuIHRoZSBTZXR1cCBBc3Npc3RhbnQgYW5kIHlvdSB3aWxsIGF1dG9tYXRpY2FsbHkgYmUgcmVjb25uZWN0ZWQgdG8gdGhlIG5ldHdvcmsu + - key: ui_byod_welcome_config_device_message + value: + "QWNjZXNzIHRvIHRoaXMgbmV0d29yayByZXF1aXJlcyB5b3VyIGRldmljZSB0byBiZSBjb25maWd1cmVkIGZvciBlbmhhbmNlZCBzZWN1cml0eS4gQ2xpY2sgPGI+U3RhcnQ\ + 8L2I+IHRvIHByb3ZpZGUgZGV2aWNlIGluZm9ybWF0aW9uIGJlZm9yZSBjb21wb25lbnRzIGFyZSBpbnN0YWxsZWQgb24geW91ciBkZXZpY2Uu" + - key: ui_contact_user_agent_label + value: VXNlciBhZ2VudDo= + - key: ui_byod_success_content_label + value: U3VjY2Vzcw== + - key: ui_contact_mac_address_label + value: TUFDIGFkZHJlc3M6 + - key: ui_error_instruction_message + value: "" + - key: ui_byod_reg_confirmation_yes_button + value: WWVz + - key: ui_contact_username_label + value: VXNlcm5hbWU6 + - key: ui_byod_reg_name_label + value: RGV2aWNlIG5hbWU6 + - key: ui_javascript_disabled_message + value: WW91IG11c3QgdHVybiBvbiBKYXZhU2NyaXB0IHRvIHVzZSB0aGlzIHdlYiBzaXRlLg== + - key: ui_byod_welcome_instruction_message + value: V2VsY29tZSB0byB0aGUgQllPRCBwb3J0YWwu + - key: ui_contact_policy_server_label + value: UG9saWN5IHNlcnZlcjo= + - key: ui_user_last_login_ipaddr_label + value: RnJvbTo= + - key: ui_byod_time_skew_error + value: + "VGhlIHRpbWUgYW5kIGRhdGUgc2V0dGluZ3Mgb24geW91ciBkZXZpY2UgYXJlIG5vdCBzZXQgcHJvcGVydGx5LiBDaGVjayB0\ + aGUgc2V0dGluZ3Mgb3IgY29udGFjdCB0aGUgaGVscCBkZXNrIGZvciBhc3Npc3RhbmNlLg==" + - key: ui_byod_reg_next_button + value: TmV4dA== + - key: ui_byod_reg_confirmation_no_button + value: Tm8= + - key: ui_contact_helpdesk_title + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_byod_welcome_start_button + value: U3RhcnQ= + - key: ui_byod_install_winmac_instruction_message + value: + "UGxlYXNlIHdhaXQgd2hpbGUgd2UgZG93bmxvYWQgdGhlIENpc2NvIE5ldHdvcmsgU2V0dXAgQXNzaXN0YW50LiBZb3Ugd2lsbC\ + B0aGVuIG5lZWQgdG8gbWFudWFsbHkgcnVuIHRoZSBTZXR1cCBBc3Npc3RhbnQgYW5kIGZvbGxvdyB0aGUgaW5zdHJ1Y3Rpb25zI\ + HRvIGZpbmlzaCByZWdpc3RlcmluZyB0aGlzIGRldmljZS4=" + - key: ui_byod_install_ios_instruction_message + value: + "VG8gY29uZmlndXJlIHlvdXIgZGV2aWNlLCBjbGljayB0aGUgPGI+TGF1bmNoIEFwcGxlIFByb2ZpbGUgYW5kIENlcnRp\ + ZmljYXRlIEluc3RhbGxlcnMgTm93PC9iPiBidXR0b24uIENsaWNrIDxiPkluc3RhbGw8L2I+IGluIHJlc3BvbnNlIHRvIHRoZS\ + BtZXNzYWdlcyB0aGF0IGRpc3BsYXku" + - key: ui_byod_welcome_os_detection_confirmation_message + value: V2FzIHlvdXIgZGV2aWNlIGRldGVjdGVkIGluY29ycmVjdGx5Pw== + - key: ui_byod_welcome_optional_content_1 + value: "" + - key: ui_byod_welcome_optional_content_2 + value: "" + - key: ui_byod_welcome_os_detected_message + value: VGhlIGZvbGxvd2luZyBzeXN0ZW0gd2FzIGRldGVjdGVk + - key: ui_session_timeout_retry_button + value: UmV0cnk= + - key: ui_byod_welcome_guest_access_button + value: SSB3YW50IGd1ZXN0IGFjY2VzcyBvbmx5 + - key: ui_contact_message + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_field_required_error + value: VGhpcyBmaWVsZCBpcyByZXF1aXJlZC4= + - key: ui_byod_reg_content_label + value: RGV2aWNlIEluZm9ybWF0aW9u + - key: ui_byod_reg_delete_button + value: RGVsZXRl + - key: ui_banner_label + value: QllPRCBQb3J0YWw= + - key: ui_byod_welcome_aup_link + value: UGxlYXNlIHJlYWQgdGhlIHRlcm1zIGFuZCBjb25kaXRpb25zLg== + - key: ui_byod_success_message + value: RmluaXNoZWQgaW5zdGFsbGluZyBhbmQgY29uZmlndXJpbmcgeW91ciBkZXZpY2UuIFlvdSBhcmUgbm93IGNvbm5lY3RlZCB0byB0aGUgc2VjdXJlIG5ldHdvcmsu + - key: ui_byod_welcome_content_label + value: QllPRCBXZWxjb21l + register: byod_portal + + - name: Print + ansible.builtin.debug: + var: byod_portal diff --git a/ansible_collections/cisco/ise/playbooks/certificate_management.yml b/ansible_collections/cisco/ise/playbooks/certificate_management.yml new file mode 100644 index 00000000..90ebc1e6 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/certificate_management.yml @@ -0,0 +1,75 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Certificate management + tasks: + # - name: Import certificate into ISE node + # cisco.ise.trusted_certificate_import: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # data: "{{ lookup('file', item) }}" + # description: Root CA public certificate + # name: RootCert + # allowBasicConstraintCAFalse: true + # allowOutOfDateCert: false + # allowSHA1Certificates: true + # trustForCertificateBasedAdminAuth: true + # trustForCiscoServicesAuth: true + # trustForClientAuth: true + # trustForIseAuth: true + # validateCertificateExtensions: true + # with_fileglob: + # - "/Users/rcampos/Downloads/RootCACert.pem" + + - name: Generate CSR + cisco.ise.csr_generate: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + allowWildCardCert: true + subjectCommonName: ise.securitydemo.net + subjectOrgUnit: Sample OU + subjectOrg: Sample Org + subjectCity: San Francisco + subjectState: CA + subjectCountry: US + keyType: ECDSA + keyLength: 1024 + digestType: SHA-256 + usedFor: MULTI-USEw + register: result + + - name: Set ID value to variable + ansible.builtin.set_fact: + csr_id: "{{ result['ise_response']['response'][0]['id']}}" + when: not ansible_check_mode + + - name: Pause until the CSR has been signed by the CA + ansible.builtin.pause: + - name: Bind Signed Certificate + cisco.ise.bind_signed_certificate: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + admin: true + allowExtendedValidity: true + allowOutOfDateCert: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + data: "{{ lookup('file', item) }}" + hostName: ise.securitydemo.net + name: My Signed Certificate + validateCertificateExtensions: true + id: "{{ csr_id }}" + eap: true + radius: true + pxgrid: true + ims: true + portal: true + with_fileglob: + - /Users/rcampos/Downloads/RootCACert.pem + when: not ansible_check_mode diff --git a/ansible_collections/cisco/ise/playbooks/certificate_profile.yml b/ansible_collections/cisco/ise/playbooks/certificate_profile.yml new file mode 100644 index 00000000..5d603002 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/certificate_profile.yml @@ -0,0 +1,24 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create + cisco.ise.certificate_profile: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: 925b6d20-8c01-11e6-996c-525400b48521 + name: Preloaded_Certificate_Profile + description: Pre-created Certificate Authorization Profile. + externalIdentityStoreName: "[not applicable]" + certificateAttributeName: SUBJECT_COMMON_NAME + allowedAsUserName: false + matchMode: NEVER + usernameFrom: CERTIFICATE + register: certificate_profile + + - name: Print + ansible.builtin.debug: + var: certificate_profile diff --git a/ansible_collections/cisco/ise/playbooks/certificates.yml b/ansible_collections/cisco/ise/playbooks/certificates.yml new file mode 100644 index 00000000..1f374e78 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/certificates.yml @@ -0,0 +1,49 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get All + # cisco.ise.trusted_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 1 + # size: 1 + # # id: 7865ac6a-64c6-4e65-865e-d1b093ee0b10 + # register: trusted_certificate_info + + # - name: Print + # ansible.builtin.debug: + # var: trusted_certificate_info['ise_response'] + + # - name: Get All + # cisco.ise.system_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 1 + # size: 1 + # hostName: ise + # # id: 7db89470-0015-4563-9bb9-c2b1bfb14833 + # register: system_certificate_info + + # - name: Print + # ansible.builtin.debug: + # var: system_certificate_info['ise_response'] + + - name: Get All + cisco.ise.csr_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + page: 1 + size: 1 + register: csr_info + + - name: Print + ansible.builtin.debug: + var: csr_info['ise_response'] diff --git a/ansible_collections/cisco/ise/playbooks/credentials.template b/ansible_collections/cisco/ise/playbooks/credentials.template new file mode 100644 index 00000000..b6a7cff1 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/credentials.template @@ -0,0 +1,10 @@ +--- +ise_hostname: +ise_username: +ise_password: +ise_verify: False # optional, defaults to True +ise_version: 3.1.1 # optional, defaults to 3.1.1 +ise_wait_on_rate_limit: True # optional, defaults to True +ise_debug: False # optional, defaults to False +ise_uses_api_gateway: True # optional, defaults to True +ise_uses_csrf_token: False # optional, defaults to False \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/credentials.yml b/ansible_collections/cisco/ise/playbooks/credentials.yml new file mode 100644 index 00000000..ebf5f9bf --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/credentials.yml @@ -0,0 +1,19 @@ +--- +ise_hostname: 198.18.133.27 +ise_username: admin +ise_password: 991545 # session ID +ise_verify: False # optional, defaults to True +ise_version: 3.1_Patch_1 # optional, defaults to 3.1.1 +ise_wait_on_rate_limit: True # optional, defaults to True +ise_debug: True # optional, defaults to False +ise_uses_api_gateway: True # optional, defaults to True + + +# export ISE_HOSTNAME="198.18.133.27" +# export ISE_USERNAME="admin" +# export ISE_PASSWORD="995210" +# export ISE_VERIFY=False +# export ISE_VERSION="3.1_Patch_1" +# export ISE_WAIT_ON_RATE_LIMIT=True +# export ISE_USES_API_GATEWAY=True +# export ISE_DEBUG=True \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/csr_export.yml b/ansible_collections/cisco/ise/playbooks/csr_export.yml new file mode 100644 index 00000000..43a57c57 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/csr_export.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: CSR Generate + # cisco.ise.csr_generate_intermediate_ca: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # ise_debug: "{{ ise_debug }}" + # register: csr_generate_result + + - name: CSR Info + cisco.ise.csr_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + register: csr_info_result + + - name: CSR Export (already present) + cisco.ise.csr_export_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + hostname: ise + id: "{{ csr_info_result.ise_responses[0]['id']}}" + dirPath: /tmp/certificates/ + saveFile: true + when: + - csr_info_result['ise_responses']|length >= 1 + register: csr_export_info_result + + - name: Print generate result + ansible.builtin.debug: + var: csr_export_info_result + when: csr_export_info_result + + # - name: CSR Delete + # cisco.ise.csr_delete: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # ise_debug: "{{ ise_debug }}" + # id: "{{ csr_info_result['ise_response'][0]['response'][0]['id']}}" + # when: + # - csr_info_result['ise_response']|length == 1 + # - csr_info_result['ise_response'][0]['response']|length == 1 + # register: csr_delete_result + + # - name: Print delete result + # ansible.builtin.debug: + # var: csr_delete_result + # when: csr_delete_result diff --git a/ansible_collections/cisco/ise/playbooks/deployment_info.yml b/ansible_collections/cisco/ise/playbooks/deployment_info.yml new file mode 100644 index 00000000..f49b21fd --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/deployment_info.yml @@ -0,0 +1,16 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get all Deployment + cisco.ise.deployment_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + timeout: 300 + register: result + + - name: Print deployment info + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authentication_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authentication_rules.yml new file mode 100644 index 00000000..2d5bf8a9 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authentication_rules.yml @@ -0,0 +1,64 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get all + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print all + ansible.builtin.debug: + var: result + + - name: Get by id + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + id: 31f8299a-13af-4836-8179-7f28a4d03e58 + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print id + ansible.builtin.debug: + var: result + + - name: Create or update an device_administration_authentication_rules + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: absent + rule: + default: false + # id: fc67fb89-7611-4e8c-b3fa-7ea18e62d44f + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + ifAuthFail: REJECT + ifUserNotFound: REJECT + ifProcessFail: DROP + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authorization_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_exception_rules.yml new file mode 100644 index 00000000..1d2b9fb2 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_exception_rules.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_local_exception_rules + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + rule: + default: false + name: Test3 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + # id: 2f3bb55b-e004-4792-9019-d448b8c0534 + commands: + - DenyAllCommands + profile: Default Shell Profile + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authorization_global_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_global_exception_rules.yml new file mode 100644 index 00000000..0f60cb31 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_global_exception_rules.yml @@ -0,0 +1,55 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_global_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_global_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: 4642f81a-0878-4722-975a-e1fd19f2d5ae + # register: result + + - name: Create or update an device_administration_global_exception_rules + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + commands: + - DenyAllCommands + profile: Default Shell Profile + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authorization_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_rules.yml new file mode 100644 index 00000000..9efdb08d --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_rules.yml @@ -0,0 +1,56 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_authorization_rules + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + commands: + - DenyAllCommands + profile: Default Shell Profile + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_network_conditions.yml b/ansible_collections/cisco/ise/playbooks/device_administration_network_conditions.yml new file mode 100644 index 00000000..21243ede --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_network_conditions.yml @@ -0,0 +1,50 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_network_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_network_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_network_conditions + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Endstation condition 2 + description: Optional description + conditionType: EndstationCondition + conditions: + - ipAddrList: + - 1.1.1.1 + - 2.2.2.2 + - macAddrList: + - 00-0E-A6-A7-63-F7,00-0E-A6-A7-63-F8 + - 00-0E-A6-A7-63-F7,-ANY- + - -ANY-,00-0E-A6-A7-63-F8 + - cliDnisList: + - TBD + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_policy_set.yml b/ansible_collections/cisco/ise/playbooks/device_administration_policy_set.yml new file mode 100644 index 00000000..f2bc8493 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_policy_set.yml @@ -0,0 +1,65 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network policy set + # cisco.ise.device_administration_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get a network policy set by id + # cisco.ise.device_administration_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + # - name: Print by id + # ansible.builtin.debug: + # var: result + + - name: Create or update a network policy set + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + default: false + id: cfa2063a-5292-466b-8841-901dd3f9d03f + name: New Policy Set 1 + description: New Policy Set test + hitCounts: 00 + rank: 00 + state_: disabled + condition: + conditionType: ConditionReference + isNegate: false + name: test3 + id: dc75fe09-1a9f-40cc-9f13-e29afadd72b9 + serviceName: Default Device Admin + isProxy: false + register: result + + - name: Print + ansible.builtin.debug: + var: result + + # - name: Delete a network policy set by id + # cisco.ise.device_administration_policy_set: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 4f83e8c4-978e-4767-a218-9d5472d4dcc7 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_time_date_conditions.yml b/ansible_collections/cisco/ise/playbooks/device_administration_time_date_conditions.yml new file mode 100644 index 00000000..949dd70c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_time_date_conditions.yml @@ -0,0 +1,57 @@ +--- +- hosts: ise_servers + vars_files: + - vars/device_administration_time_date_conditions.yml + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_time_date_conditions + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + conditionType: "{{ condition_type }}" + isNegate: false + name: "{{ name }}" + description: + hoursRange: + startTime: "{{ hours_range_start_time }}" + endTime: "{{ hours_range_end_time }}" + hoursRangeException: + startTime: "{{ hours_range_exception_start_time }}" + endTime: "{{ hours_range_exception_end_time }}" + weekDays: "{{ week_days | list }}" + weekDaysException: "{{ week_days_exception | list }}" + datesRange: + startDate: "{{ dates_range_start_date }}" + endDate: "{{ dates_range_end_date }}" + datesRangeException: + startDate: "{{ dates_range_exception_start_date }}" + endDate: "{{ dates_range_exception_end_date }}" + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/downloadable_acl.yml b/ansible_collections/cisco/ise/playbooks/downloadable_acl.yml new file mode 100644 index 00000000..ee15785e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/downloadable_acl.yml @@ -0,0 +1,41 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get all + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: result + + - name: Print all + ansible.builtin.debug: + var: result + + - name: Get by id + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: d704e911-a916-11eb-8830-2ec507028ea8 + register: result + + - name: Create or update an downloadable_acl + cisco.ise.downloadable_acl: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: DENY_SOME_IPV4_TRAFFIC + description: Deny some ipv4 traffic + dacl: deny ip any host 10.1.1.2 + daclType: IPV4 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/egress_matrix_cell.yml b/ansible_collections/cisco/ise/playbooks/egress_matrix_cell.yml new file mode 100644 index 00000000..ba9381f6 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/egress_matrix_cell.yml @@ -0,0 +1,66 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get sgt src + cisco.ise.sgt_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + filter: name.EQ.Quarantined_Systems + register: sgt_src + + - name: Get sgt dest + cisco.ise.sgt_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + filter: name.EQ.Guests + register: sgt_dest + + - name: Print sgt_src + ansible.builtin.debug: + var: sgt_src['ise_response'][0] + + - name: Print sgt_dest + ansible.builtin.debug: + var: sgt_dest['ise_response'][0] + + # - name: Get by id + # cisco.ise.egress_matrix_cell_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an egress_matrix_cell + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: "{{ sgt_src['ise_response'][0]['name']}}-{{sgt_dest['ise_response'][0]['name']}}" + description: Updated by import utility (3). + sourceSgtId: "{{ sgt_src['ise_response'][0]['id']}}" + destinationSgtId: "{{ sgt_dest['ise_response'][0]['id']}}" + matrixCellStatus: ENABLED + defaultRule: DENY_IP + when: + - sgt_src['ise_response'] is defined + - sgt_dest['ise_response'] is defined + - sgt_src['ise_response']|length == 1 + - sgt_dest['ise_response']|length == 1 + - sgt_src['ise_response'][0] is defined + - sgt_dest['ise_response'][0] is defined + - sgt_src['ise_response'][0]['id'] is defined + - sgt_dest['ise_response'][0]['id'] is defined + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/endpoint.yml b/ansible_collections/cisco/ise/playbooks/endpoint.yml new file mode 100644 index 00000000..f351abfb --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/endpoint.yml @@ -0,0 +1,45 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get endpoint group + cisco.ise.endpoint_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: RegisteredDevices + register: endpoint_group + + - name: Print endpoint group + ansible.builtin.debug: + var: endpoint_group['ise_response']['id'] + when: not ansible_check_mode + + - name: Create or update endpoint + cisco.ise.endpoint: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: 11:22:33:44:55:66 + description: MyEndpoint + mac: 11:22:33:44:55:66 + profileId: 67a6ca50-edc9-4236-ada4-225559ed54d6 + groupId: "{{ endpoint_group['ise_response']['id']}}" + staticProfileAssignment: true + staticGroupAssignment: true + portalUser: portalUser + identityStore: identityStore + identityStoreId: identityStoreId + customAttributes: + customAttributes: + key1: value1 + key2: value2 + when: not ansible_check_mode + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/endpoint_certificate.yml b/ansible_collections/cisco/ise/playbooks/endpoint_certificate.yml new file mode 100644 index 00000000..f240c43d --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/endpoint_certificate.yml @@ -0,0 +1,22 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get cert + cisco.ise.endpoint_certificate: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + certTemplateName: CA_SERVICE_Certificate_Template + format: PKCS8 + password: pa5Swor_4d + certificateRequest: + san: 11-22-33-44-55-66 + cn: 1.1.1.1 + dirPath: /tmp/certs + register: cert + + - name: Print + ansible.builtin.debug: + var: cert diff --git a/ansible_collections/cisco/ise/playbooks/endpoint_group.yml b/ansible_collections/cisco/ise/playbooks/endpoint_group.yml new file mode 100644 index 00000000..b8883d1c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/endpoint_group.yml @@ -0,0 +1,17 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create endpoint group + cisco.ise.endpoint_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: Sony-Device-X + description: "Identity Group for Profile: Sony-Device-X" + register: endpoint_group + + - name: Print endpoint group + ansible.builtin.debug: + var: endpoint_group diff --git a/ansible_collections/cisco/ise/playbooks/filter_policy.yml b/ansible_collections/cisco/ise/playbooks/filter_policy.yml new file mode 100644 index 00000000..36fe4552 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/filter_policy.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.filter_policy_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.filter_policy_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Get sgt src + cisco.ise.sgt_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + filter: name.EQ.Quarantined_Systems + register: sgt_src + + - name: Print sgt_src + ansible.builtin.debug: + var: sgt_src['ise_response'][0] + when: not ansible_check_mode + + - name: Create or update a filter_policy + cisco.ise.filter_policy: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + subnet: 121.12.8.0/22 + domains: default + sgt: "{{ sgt_src['ise_response'][0]['name']}}" + id: "" + when: + - sgt_src['ise_response'] is defined + - sgt_src['ise_response']|length == 1 + - sgt_src['ise_response'][0]['name'] + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/group_vars/ise_servers b/ansible_collections/cisco/ise/playbooks/group_vars/ise_servers new file mode 100644 index 00000000..c6c726fc --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/group_vars/ise_servers @@ -0,0 +1,10 @@ +# Consider using ansible-vault +--- +ise_hostname: "198.18.133.27" +ise_username: "admin" +ise_password: "910457" +ise_version: "3.1.1" +ise_verify: False +ise_debug: True +ise_uses_api_gateway: True +ise_uses_csrf_token: False diff --git a/ansible_collections/cisco/ise/playbooks/hosts b/ansible_collections/cisco/ise/playbooks/hosts new file mode 100644 index 00000000..a05461e3 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/hosts @@ -0,0 +1,8 @@ +[ise_servers] +ise_server + +#[ise] +#localhost ansible_python_interpreter=/Users/rcampos/.pyenv/shims/python + +#[ise:vars] +#cloud_provider = aws diff --git a/ansible_collections/cisco/ise/playbooks/identity_group.yml b/ansible_collections/cisco/ise/playbooks/identity_group.yml new file mode 100644 index 00000000..8540996c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/identity_group.yml @@ -0,0 +1,32 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get All + cisco.ise.identity_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: 9efe2310-8c01-11e6-996c-525400b48521 + register: identity_group_info + + - name: Print + ansible.builtin.debug: + var: identity_group_info + + - name: Create + cisco.ise.identity_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: NewGroup + description: NewGroup + parent: NAC Group:NAC:IdentityGroups:User Identity Groups + register: identity_group + + - name: Print + ansible.builtin.debug: + var: identity_group diff --git a/ansible_collections/cisco/ise/playbooks/internal_user.yml b/ansible_collections/cisco/ise/playbooks/internal_user.yml new file mode 100644 index 00000000..dcb50c91 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/internal_user.yml @@ -0,0 +1,100 @@ +--- +# +# ISE Internal User +# +- name: Create Internal User(s) Play + hosts: ise_servers + vars: + - default_password: C1sco1234!5 + - users: + + gather_facts: false + tasks: + # - name: internal_user + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # name: '{{ item.name }}' + # description: '{{ item.description | default() }}' + # enabled: '{{ item.enabled | default(true) }}' + # password: '{{ item.password | default(default_password) }}' + # # ▼▼▼ optional attributes ▼▼▼ + # # changePassword: '{{ item.changePassword | default(false) }}' + # # passwordIDStore: '{{ item.idStore | default(Internal Users) }}' + # # identityGroups: a1740510-8c01-11e6-996c-525400b48521 + # # customAttributes: + # # Created: + # # Expired: + # register: results + + # - name: Debug results + # ansible.builtin.debug: var=results + - name: internal_user thomas + cisco.ise.internal_user: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + name: thomas + # password: "{{ default_password }}" + changePassword: false + enabled: true + expiryDateEnabled: false + passwordIDStore: Internal Users + identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee + register: result + + - name: Print result + ansible.builtin.debug: + var: result + + # - name: internal_user employee + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # ise_debug: "{{ ise_debug }}" + # state: present + # name: employee + # password: "{{ default_password }}" + # changePassword: false + # enabled: true + # expiryDateEnabled: false + # passwordIDStore: Internal Users + # identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee + + # - name: internal_user radius-probe + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # name: radius-probe + # password: "{{ default_password }}" + # changePassword: false + # enabled: true + # expiryDateEnabled: false + # passwordIDStore: Internal Users + # identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee + + # - name: internal_user meraki_8021x_test + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # name: meraki_8021x_test + # password: "{{ default_password }}" + # changePassword: false + # enabled: true + # expiryDateEnabled: false + # passwordIDStore: Internal Users + # identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee diff --git a/ansible_collections/cisco/ise/playbooks/my_device_portal.yml b/ansible_collections/cisco/ise/playbooks/my_device_portal.yml new file mode 100644 index 00000000..566a4e0a --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/my_device_portal.yml @@ -0,0 +1,19 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create + cisco.ise.my_device_portal: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Devices Portal + description: Test portal used by developers to register and manage their personal devices + portalType: MYDEVICE + register: my_device_portal + + - name: Print + ansible.builtin.debug: + var: my_device_portal diff --git a/ansible_collections/cisco/ise/playbooks/native_supplicant_profile.yml b/ansible_collections/cisco/ise/playbooks/native_supplicant_profile.yml new file mode 100644 index 00000000..d1c8ed2e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/native_supplicant_profile.yml @@ -0,0 +1,23 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create + cisco.ise.native_supplicant_profile: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: 67a6ca50-edc9-4236-ada4-225559ed54d6 + name: Cisco-ISE-Chrome-NSP + description: Pre-configured Native Supplicant Profile For Chrome OS + wirelessProfiles: + - ssid: ChromeDummySSID + allowedProtocol: TLS + certificateTemplateId: 0ca8f1b6-500d-560b-e053-75189a0ab0d1 + register: native_supplicant_profile + + - name: Print + ansible.builtin.debug: + var: native_supplicant_profile diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authentication_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authentication_rules.yml new file mode 100644 index 00000000..1d5598ba --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authentication_rules.yml @@ -0,0 +1,56 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_authentication_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_authentication_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_authentication_rules + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + ifAuthFail: REJECT + ifUserNotFound: REJECT + ifProcessFail: DROP + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authorization_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authorization_exception_rules.yml new file mode 100644 index 00000000..afacdbc9 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authorization_exception_rules.yml @@ -0,0 +1,58 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # policyId: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: f0a6ce46-17a4-4587-ae55-fefbf3f7c4ff + # policyId: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + - name: Create or update an network_access_local_exception_rules + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: absent + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + profile: + - PermitAccess + securityGroup: BYOD + policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authorization_global_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authorization_global_exception_rules.yml new file mode 100644 index 00000000..7c567409 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authorization_global_exception_rules.yml @@ -0,0 +1,55 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_global_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + - name: Get by id + cisco.ise.network_access_global_exception_rules_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: 1353121e-fa90-4cf7-b9cc-a7903e570063 + register: result + + # - name: Create or update an network_access_global_exception_rules + # cisco.ise.network_access_global_exception_rules: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # rule: + # default: false + # name: Test2 + # hitCounts: 0 + # rank: 0 + # state: disabled + # condition: + # conditionType: ConditionReference + # isNegate: false + # dictionaryName: Network Access + # attributeName: EapAuthentication + # operator: equals + # attributeValue: EAP-MSCHAPv2 + # name: EAP-MSCHAPv2 + # id: c456a490-0429-4fd4-91d7-efd1eb1f855a + # profile: + # - PermitAccess + # securityGroup: BYOD + # register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authorization_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authorization_rules.yml new file mode 100644 index 00000000..e36ea11a --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authorization_rules.yml @@ -0,0 +1,56 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_authorization_rules + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + profile: + - PermitAccess + securityGroup: BYOD + policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_conditions.yml b/ansible_collections/cisco/ise/playbooks/network_access_conditions.yml new file mode 100644 index 00000000..e409e820 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_conditions.yml @@ -0,0 +1,78 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network access conditions + # cisco.ise.network_access_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get a network access conditions by id + # cisco.ise.network_access_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: 15c562ac-459b-401f-8bf6-28bba3173467 + # register: result + + - name: Create or update a network access conditions + cisco.ise.network_access_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + conditionType: LibraryConditionAttributes + isNegate: false + name: My New Condition + description: New optional Description + dictionaryName: Radius + attributeName: Service-Type + operator: equals + attributeValue: Call Check + register: result + + - name: Print result + ansible.builtin.debug: + var: result + + # - name: Get a network access conditions by name + # cisco.ise.network_access_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: "My New Condition" + # register: result + + # - name: Print by name + # ansible.builtin.debug: + # var: result + + # - name: Delete a network access conditions by id + # cisco.ise.network_access_conditions: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 08ff9783-20db-45e2-94fd-760c20320367 + # register: result + + # - name: Delete a network access conditions by name + # cisco.ise.network_access_conditions: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # name: "My New Condition" + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_dictionary.yml b/ansible_collections/cisco/ise/playbooks/network_access_dictionary.yml new file mode 100644 index 00000000..805aa42c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_dictionary.yml @@ -0,0 +1,42 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_dictionary_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: Test_dict + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_dictionary_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_dictionary + cisco.ise.network_access_dictionary: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Test_dict + description: test dictionary + version: "1.0" + dictionaryAttrType: ENTITY_ATTR + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_dictionary_attribute.yml b/ansible_collections/cisco/ise/playbooks/network_access_dictionary_attribute.yml new file mode 100644 index 00000000..70ea8bd2 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_dictionary_attribute.yml @@ -0,0 +1,43 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_dictionary_attribute_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_dictionary_attribute_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update a network_access_dictionary_attribute + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + directionType: BOTH + name: val2 + description: value 2 + internalName: val2 + dataType: INT + dictionaryName: Test_dict + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_network_condition.yml b/ansible_collections/cisco/ise/playbooks/network_access_network_condition.yml new file mode 100644 index 00000000..4556a1de --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_network_condition.yml @@ -0,0 +1,49 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_network_condition_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_network_condition_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_network_condition + cisco.ise.network_access_network_condition: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Endstation condition 1 + description: Optional description + conditionType: EndstationCondition + ipAddrList: + - 1.1.1.1 + - 2.2.2.2 + macAddrList: + - 00-0E-A6-A7-63-F7,00-0E-A6-A7-63-F8 + - 00-0E-A6-A7-63-F7,-ANY- + - -ANY-,00-0E-A6-A7-63-F8 + cliDnisList: + - TBD + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_policy_set.yml b/ansible_collections/cisco/ise/playbooks/network_access_policy_set.yml new file mode 100644 index 00000000..cce90f38 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_policy_set.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network policy set + # cisco.ise.network_access_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get a network policy set by id + # cisco.ise.network_access_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + # - name: Print by id + # ansible.builtin.debug: + # var: result + + - name: Create or update a network policy set + cisco.ise.network_access_policy_set: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + condition: + conditionType: ConditionReference + isNegate: false + name: My New Condition + description: New optional Description + id: 7bca72c0-712e-41ea-9d58-a8c368bc234d + default: false + description: Test Policy Set + isProxy: false + rank: 00 + serviceName: Default Network Access + name: Test Policy Set 2 + register: result + + # - name: Delete a network policy set by id + # cisco.ise.network_access_policy_set: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 4f83e8c4-978e-4767-a218-9d5472d4dcc7 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_time_date_conditions.yml b/ansible_collections/cisco/ise/playbooks/network_access_time_date_conditions.yml new file mode 100644 index 00000000..88460eed --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_time_date_conditions.yml @@ -0,0 +1,58 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_time_date_conditions + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + conditionType: TimeAndDateCondition + isNegate: false + name: Test1 + description: + hoursRange: + startTime: "22:02" + endTime: "13:02" + hoursRangeException: + startTime: "23:02" + endTime: "23:50" + weekDays: + - Saturday + - Sunday + weekDaysException: + - Sunday + datesRange: + startDate: "2021-06-30" + endDate: "2021-07-03" + datesRangeException: + startDate: "2021-06-30" + endDate: "2021-06-30" + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_device.yml b/ansible_collections/cisco/ise/playbooks/network_device.yml new file mode 100644 index 00000000..47ec35d1 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_device.yml @@ -0,0 +1,72 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network devices + # cisco.ise.network_device_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Get a network device by id + # cisco.ise.network_device_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: 0667bc80-78a9-11eb-b987-005056aba98b + # register: result + + # - name: Get a network device by name + # cisco.ise.network_device_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: Test_Device_7 + # register: result + + - name: Create or update a network device + cisco.ise.network_device: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: ISE_EST_Local_Host_5 + NetworkDeviceIPList: + - ipaddress: 127.16.0.1 + mask: 32 + register: result + + ## Using environment variables + - name: Create or update a network device + cisco.ise.network_device: + state: present + name: ISE_EST_Local_Host_6 + NetworkDeviceIPList: + - ipaddress: 127.16.0.1 + mask: 32 + register: result + + # - name: Delete a network device by id + # cisco.ise.network_device: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 970f2cb0-aa03-11eb-95af-f263cf05f605 + # register: result + + # - name: Delete a network device by name + # cisco.ise.network_device: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # name: Test_Device_7 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_device_group.yml b/ansible_collections/cisco/ise/playbooks/network_device_group.yml new file mode 100644 index 00000000..52ea47af --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_device_group.yml @@ -0,0 +1,62 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network device groups + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + - name: Get a network device group by id + cisco.ise.network_device_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: bcb32700-b04d-11eb-95af-f263cf05f605 + register: result + + - name: Get a network device group by name + cisco.ise.network_device_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: Department#Department#TEST5 + register: result + + - name: Create or update a network device group + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: bcb32700-b04d-11eb-95af-f263cf05f605 + name: Department#Department#TEST5 + description: All Departments + othername: Department + register: result + + # - name: Delete a network device by id + # cisco.ise.network_device: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: a8147640-a9ff-11eb-95af-f263cf05f605 + # register: result + + # - name: Delete a network device group by name + # cisco.ise.network_device_group: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # name: Department#Department#TEST3 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_device_group_deparments.yml b/ansible_collections/cisco/ise/playbooks/network_device_group_deparments.yml new file mode 100644 index 00000000..2d7a0aae --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_device_group_deparments.yml @@ -0,0 +1,173 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Departments + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments + description: All Departments + othername: Departments + register: result + + - name: Departments#Finance + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Finance + description: Finance + othername: Departments + register: result + + - name: Departments#HR + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#HR + description: HR + othername: Departments + register: result + + - name: Departments#IT + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#IT + description: IT + othername: Departments + register: result + + - name: Departments#Management + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Management + description: Management + othername: Departments + register: result + + - name: Departments#Marketing + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Marketing + description: Marketing + othername: Departments + register: result + + - name: Departments#Product + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Product + description: Product + othername: Departments + register: result + + - name: Departments#Services + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Services + description: Services + othername: Departments + register: result + + - name: Departments#Sales + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Sales + description: Sales + othername: Departments + register: result + + - name: Departments#Vendors + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Vendors + description: Vendors + othername: Departments + register: result + + - name: Location#All Locations#SJC + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Location#All Locations#SJC + description: San Jose + othername: Location + register: result + + - name: Location#All Locations#HNB + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Location#All Locations#HNB + description: Huntington Beach + othername: Location + register: result + + # - name: Get all network device groups + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Get a network device group by id + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: bcb32700-b04d-11eb-95af-f263cf05f605 + # register: result + + # - name: Get a network device group by name + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: Department#Department#TEST5 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/personas_deployment.yml b/ansible_collections/cisco/ise/playbooks/personas_deployment.yml new file mode 100644 index 00000000..40a30332 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/personas_deployment.yml @@ -0,0 +1,20 @@ +--- +- name: ISE Personas Deployment Playbook + hosts: localhost + connection: local + vars: + # Variables common to all deployment types + ise_deployment_type: medium + ise_username: admin + ise_password: C1sco12 + ise_domain: example.com + pan1_ip: + pan2_ip: + # Variables for medium or large deployments + psn1_ip: + psn2_ip: + # Variables specific for large deployments + mnt1_ip: + mnt2_ip: + roles: + - cisco.ise.personas_deployment diff --git a/ansible_collections/cisco/ise/playbooks/playbookstest.yml b/ansible_collections/cisco/ise/playbooks/playbookstest.yml new file mode 100644 index 00000000..c395d179 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/playbookstest.yml @@ -0,0 +1,183 @@ +--- +- hosts: ise_servers + gather_facts: false + vars: + itemTest: + name: "Cisco_Ansible_Test_09_12" + accessType: "ACCESS_ACCEPT" + description: "Test" + authzProfileType: "SWITCH" + vlan: + nameID: "172_28_1_0-VN_IOT" + tagID: 1 + trackMovement: false + agentlessPosture: false + serviceTemplate: false + profileName: "Cisco" + tasks: + ## https://github.com/CiscoISE/ansible-ise/issues/72 + ## post 400 + # - name: Get all Network Access Authorization Rules + # cisco.ise.network_access_authorization_rules: + # state: present + # policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + # rule: + # default: false + # #id: d9e67664-799d-4ad9-a407-8365117c18e5 + # name: Ansible B TEST + # hitCounts: 0 + # rank: 0 + # state: enabled + # condition: + # conditionType: ConditionAndBlock + # isNegate: false + # children: + # - conditionType: ConditionReference + # isNegate: false + # name: Wireless_Access + # id: ff6008e0-5c35-48a3-9fab-e0e709983369 + # # description: >- + # # Default condition used to match any authentication request from Cisco + # # Wireless LAN Controller. + # - conditionType: ConditionAttributes + # isNegate: false + # dictionaryName: IdentityGroup + # attributeName: Name + # operator: equals + # #dictionaryValue: null + # attributeValue: 'Endpoint Identity Groups:Blocked List' + # profile: + # - Blackhole_Wireless_Access + # #securityGroup: null + # register: result + + # - name: Get all Network Access Authorization Rules + # cisco.ise.network_access_authorization_rules_info: + # policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + # register: result + + ## https://github.com/CiscoISE/ansible-ise/issues/74 + + # - name: Create or update Authorization profile + # cisco.ise.authorization_profile: + # name: "{{ itemTest.name }}" + # accessType: "{{ itemTest.accessType }}" + # description: "{{ itemTest.description }}" + # authzProfileType: "{{ itemTest.authzProfileType }}" + # vlan: + # nameID: "{{ itemTest.vlan.nameID }}" + # tagID: + # "{{itemTest.vlan.tagID|int}}" + # trackMovement: "{{ itemTest.trackMovement }}" + # agentlessPosture: "{{ itemTest.agentlessPosture }}" + # serviceTemplate: "{{ itemTest.serviceTemplate }}" + # profileName: "{{ itemTest.profileName }}" + # register: result + + # - name: Get all Authorization Profile + # cisco.ise.authorization_profile_info: + # name: Cisco_Temporal_Onboard + # register: result + + # - name: debug + # debug: + # msg: "{{ itemTest.vlan.tagID | int == 0 }}" + + # - name: debug + # debug: + # msg: | + # {{ item.vlanID | int }} + # loop: + # - { "vlanID": "1" } + # - { "vlanID": "2" } + # - { "vlanID": 2 } + + # - name: debug + # debug: + # var: |- + # {{ item.vlanID | int }} + # loop: + # - { "vlanID": 1 } + # - { "vlanID": "2" } + + ## https://github.com/CiscoISE/ansible-ise/issues/76 + ## Node group creation is not idempotent + ## fatal: [localhost]: FAILED! => {"changed": false, "msg": "An error occured when executing operation. The error was: [409] - The request could not be processed because it conflicts with some established rule of the system.\n{\n \"error\" : {\n \"message\" : \"NodeGroup 'TestGroup1' already exist.\"\n },\n \"version\" : \"1.0.0\"\n}"} + # - name: Create test node group. + # cisco.ise.node_group: + # state: present + # description: "Testing creation and idempotency" + # name: "TesAnsible76" + # nodeGroupName: "TesAnsible76" + # forceDelete: true + # register: result + + # - name: Get all Node Group + # cisco.ise.node_group_info: + # nodeGroupName: "NodeGroup2" + # register: result + + ##https://github.com/CiscoISE/ansible-ise/issues/79 + ## Cannot update + # - name: Create or update an network_access_authentication_rules + # cisco.ise.network_access_authentication_rules: + # state: present + # rule: + # default: false + # name: TestAnsibleIssue79 + # hitCounts: 00 + # rank: 0 + # state: enabled + # #id: b086e85e-6118-4b67-8efc-05d692423afb + # condition: + # conditionType: ConditionReference + # isNegate: false + # dictionaryName: Network Access + # attributeName: EapAuthentication + # operator: equals + # attributeValue: EAP-MSCHAPv2 + # name: EAP-MSCHAPv2 + # id: c456a490-0429-4fd4-91d7-efd1eb1f855a + # ifAuthFail: REJECT + # ifUserNotFound: REJECT + # ifProcessFail: DROP + # policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + # register: result + + + ##https://github.com/CiscoISE/ansible-ise/issues/77 + ## Get error + ## node_group_node_info + # - name: Get all Node Group Node + # cisco.ise.node_group_node_info: + # nodeGroupName: TesAnsible76 + # register: result + + ##https://github.com/CiscoISE/ansible-ise/issues/81 + ## Unable to update Authorization Policies + ##network_access_authorization_rules + - name: CRUD + cisco.ise.network_access_authorization_rules: + state: present + #state: absent + rule: + default: false + name: TestAnsibleIssue81 + rank: 0 + state: enabled + condition: + conditionType: ConditionAttributes + isNegate: false + dictionaryName: IdentityGroup + attributeName: Name + operator: equals + attributeValue: 'Endpoint Identity Groups:IAC_Lab1' + profile: + - Blackhole_Wireless_Access + #securityGroup: BYOD + policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + register: result + + - name: Print Authorization profile + ansible.builtin.debug: + var: result \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/portal_global_setting.yml b/ansible_collections/cisco/ise/playbooks/portal_global_setting.yml new file mode 100644 index 00000000..2b6edf78 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/portal_global_setting.yml @@ -0,0 +1,32 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: "Get portal global setting" + cisco.ise.portal_global_setting_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: portal_global_settings + + - name: "Print portal global setting id" + ansible.builtin.debug: + var: portal_global_settings['ise_response'][0]['id'] + when: not ansible_check_mode + + - name: "Update portal global setting" + cisco.ise.portal_global_setting: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: "{{ portal_global_settings['ise_response'][0]['id']}}" + customization: HTML + when: not ansible_check_mode + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/portal_theme.yml b/ansible_collections/cisco/ise/playbooks/portal_theme.yml new file mode 100644 index 00000000..db56491e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/portal_theme.yml @@ -0,0 +1,31 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get portal_theme + cisco.ise.portal_theme_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: 9eb58150-8c01-11e6-996c-525400b48521 + register: portal_theme + + - name: Print portal_theme id + ansible.builtin.debug: + var: portal_theme['ise_response'] + + - name: Update portal_theme + cisco.ise.portal_theme: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Custom Olive theme + themeData: olive + register: result + + # - name: Print result + # ansible.builtin.debug: + # var: result diff --git a/ansible_collections/cisco/ise/playbooks/profiler-services.yml b/ansible_collections/cisco/ise/playbooks/profiler-services.yml new file mode 100644 index 00000000..85d9d901 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/profiler-services.yml @@ -0,0 +1,40 @@ +--- +# profiler_config: +# # - netflow: +# - dhcp: +# interfaces: +# - interface: 'GigabitEthernet0' +# port: 67 +# # - dhcpSpan: +# # - http: +# - radius: {} +# - nmap: {} +# # - dns: +# - snmpQuery: +# retries: 2 +# timeout: 1000 +# eventTimeout: 30 +# # - snmpTrap: +# - activeDirectory: +# daysBeforeRescan: 1 +# # - pxgrid: {} + +profiler_config: + #netflow: null + dhcp: + interfaces: + - interface: GigabitEthernet 0 + port: 67 + #dhcpSpan: null + #http: null + radius: [] + nmap: [] + #dns: null + snmpQuery: + retries: 2 + timeout: 1000 + eventTimeout: 30 + #snmpTrap: null + activeDirectory: + daysBeforeRescan: 1 + #pxgrid: null \ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/radius_server_sequence.yml b/ansible_collections/cisco/ise/playbooks/radius_server_sequence.yml new file mode 100644 index 00000000..f86a508e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/radius_server_sequence.yml @@ -0,0 +1,52 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.radius_server_sequence_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.radius_server_sequence_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an radius_server_sequence + cisco.ise.radius_server_sequence: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: TESTSeq + description: TESTSequence + stripPrefix: false + stripSuffix: false + prefixSeparator: \ + suffixSeparator: "@" + remoteAccounting: true + localAccounting: false + useAttrSetOnRequest: false + useAttrSetBeforeAcc: false + continueAuthorzPolicy: false + RadiusServerList: + - externalRadiusServer1 + OnRequestAttrManipulatorList: [] + BeforeAcceptAttrManipulatorsList: [] + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/sponsor_portal.yml b/ansible_collections/cisco/ise/playbooks/sponsor_portal.yml new file mode 100644 index 00000000..d2a7132b --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/sponsor_portal.yml @@ -0,0 +1,1096 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.sponsor_portal_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.sponsor_portal_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an sponsor_portal + cisco.ise.sponsor_portal: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Sponsor Portal (test 2) + description: Default portal used by sponsors to create and manage accounts for authorized visitors to securely access the network + portalType: SPONSOR + portalTestUrl: https://198.18.133.27:8445/sponsorportal/PortalSetup.action?portal=fe0fc087-6fd7-44fa-966e-ad4ba1c8f557 + settings: + portalSettings: + httpsPort: 8445 + allowedInterfaces: + - eth0 + - bond0 + certificateGroupTag: Default Portal Certificate Group + authenticationMethod: 92faba60-8c01-11e6-996c-525400b48521 + idleTimeout: 10 + displayLang: USEBROWSERLOCALE + fallbackLanguage: English + alwaysUsedLanguage: Italian + availableSsids: [] + loginPageSettings: + maxFailedAttemptsBeforeRateLimit: 5 + timeBetweenLoginsDuringRateLimit: 2 + includeAup: false + requireAupScrolling: false + socialConfigs: [] + aupSettings: + includeAup: true + requireScrolling: false + displayFrequency: FIRSTLOGIN + sponsorChangePasswordSettings: + allowSponsorToChangePwd: false + postLoginBannerSettings: + includePostAccessBanner: false + supportInfoSettings: + includeSupportInfoPage: false + includeMacAddr: true + includeIpAddress: true + includeBrowserUserAgent: true + includePolicyServer: true + includeFailureCode: true + emptyFieldDisplay: HIDE + customizations: + portalTheme: + id: 9eb421c0-8c01-11e6-996c-525400b48521 + name: Default Blue theme + portalTweakSettings: {} + language: + viewLanguage: English + globalCustomizations: + bannerTitle: Sponsor Portal + contactText: Contact Support + footerElement: "" + pageCustomizations: + data: + - key: ui_date_picker_month_august + value: QXVndXN0 + - key: ui_error_content_label + value: RXJyb3I= + - key: ui_notify_import_done_button + value: RG9uZQ== + - key: ui_create_accounts_content_label + value: Q3JlYXRlIEFjY291bnRz + - key: ui_notify_copy_me_label + value: Q29weSBtZQ== + - key: ui_print_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_contact_optional_content_1 + value: "" + - key: ui_contact_optional_content_2 + value: "" + - key: ui_one_click_guest_approved + value: R3Vlc3QgKCR1aV9ndWVzdF91c2VybmFtZSQpIGhhcyBiZWVuIGFwcHJvdmVkLg== + - key: ui_create_random_number_accounts_label + value: TnVtYmVyIG9mIGFjY291bnRzOg== + - key: ui_date_picker_month_may + value: TWF5 + - key: ui_approve_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_login_aup_link + value: VGVybXMgYW5kIENvbmRpdGlvbnM= + - key: ui_one_click_guest_denied + value: R3Vlc3QgKCR1aV9ndWVzdF91c2VybmFtZSQpIGhhcyBiZWVuIGRlbmllZC4= + - key: ui_column_user_name_header + value: VXNlcm5hbWU= + - key: ui_invalid_password_policy_error + value: SW52YWxpZCBQYXNzd29yZCBQb2xpY3ku + - key: ui_account_state_label + value: U3RhdGU6 + - key: ui_reset_password_send_summary_email_label + value: U2VuZCBtZSBhIHN1bW1hcnkgb2YgcGFzc3dvcmQgcmVzZXQ= + - key: ui_notices_action_import_label + value: Q3JlYXRlIEltcG9ydCBBY2NvdW50cw== + - key: ui_location_label + value: TG9jYXRpb246 + - key: ui_email_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGVtYWlsZWQ6 + - key: ui_resend_account_cancel_button + value: Q2FuY2Vs + - key: ui_field_company_name_error + value: UGxlYXNlIGVudGVyIGEgdmFsaWQgY29tcGFueSBuYW1lLg== + - key: ui_one_click_sponsor_no_privilege + value: U3BvbnNvciBkaWQgbm90IGhhdmUgcHJpdmlsZWdlIHRvIGFwcHJvdmUvZGVueSBndWVzdHMu + - key: ui_unit_wednesday + value: V2VkbmVzZGF5 + - key: ui_contact_sessioninfo_title + value: U2Vzc2lvbiBJbmZvcm1hdGlvbg== + - key: ui_first_name_label + value: Rmlyc3QgbmFtZTo= + - key: ui_aup_accept_button + value: QWNjZXB0 + - key: ui_create_random_accounts_batch_limit_label + value: TWF4aW11bTogIA== + - key: ui_unit_sunday + value: U3VuZGF5 + - key: ui_sms_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHRleHRlZDo= + - key: ui_one_click_login_submit + value: U3VibWl0 + - key: ui_changepwd_values_match_error + value: WW91IG11c3QgZW50ZXIgdGhlIHNhbWUgcGFzc3dvcmQgaW4gdGhlIE5ldyBQYXNzd29yZCBhbmQgQ29uZmlybSBQYXNzd29yZCBmaWVsZHMu + - key: ui_error_optional_content_2 + value: "" + - key: ui_error_optional_content_1 + value: "" + - key: ui_login_page_title + value: IFNwb25zb3IgUG9ydGFsIFNpZ24gT24= + - key: ui_notices_column_action_name_header + value: QWN0aW9uIE5hbWU= + - key: ui_create_random_tab_label + value: UmFuZG9t + - key: ui_suspend_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHN1c3BlbmQgdGhpcyBhY2NvdW50Pw== + - key: ui_changepwd_content_label + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_create_known_total_failure_message + value: VW5hYmxlIHRvIGNyZWF0ZSBhY2NvdW50Lg== + - key: ui_reinstate_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcmVpbnN0YXRlZCBzdWNjZXNzZnVsbHku + - key: ui_create_accounts_access_info_instruction_message + value: "" + - key: ui_changepwd_values_unique_error + value: WW91IGNhbm5vdCBlbnRlciB0aGUgc2FtZSBwYXNzd29yZCBpbiB0aGUgQ3VycmVudCBQYXNzd29yZCBhbmQgTmV3IFBhc3N3b3JkIGZpZWxkcy4= + - key: ui_deny_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGRlbnkgdGhpcyBhY2NvdW50Pw== + - key: ui_ssid_label + value: U1NJRDo= + - key: ui_contact_instruction_message + value: Q29udGFjdCBIZWxwIERlc2s= + - key: ui_notify_email_label + value: RW1haWw= + - key: ui_time_label + value: VGltZTo= + - key: ui_create_accounts_access_info_from_date_label + value: RnJvbSBEYXRlICh5eXl5LW1tLWRkKQ== + - key: ui_contact_helpdesk_text + value: TmVlZCBoZWxwPyBDb250YWN0IG91ciBIZWxwIERlc2sgYXQgKHh4eCkgeHh4LXh4eHgu + - key: ui_notices_status_pending_label + value: UGVuZGluZw== + - key: ui_guest_location_label + value: TG9jYXRpb246 + - key: ui_username_mismatch_policy_error + value: VXNlcm5hbWUgZGlkIG5vdCBtYXRjaCBVc2VybmFtZSBQb2xpY3k= + - key: ui_manage_accounts_filter_label + value: YWNjb3VudHMgZm91bmQ= + - key: ui_resend_account_send_summary_email_label + value: U2VuZCBtZSBhIHN1bW1hcnk= + - key: ui_menu_switch_desktop_button + value: U3dpdGNoIHRvIGRlc2t0b3AgbW9kZQ== + - key: ui_resend_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHJlc2VudDo= + - key: ui_reset_password_cancel_button + value: Q2FuY2Vs + - key: ui_create_accounts_import_button + value: SW1wb3J0 + - key: ui_sms_account_success_single_message + value: QWNjb3VudCB0ZXh0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_suspend_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIHN1c3BlbmRlZCB\ + pbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_contact_link + value: Q29udGFjdCBTdXBwb3J0 + - key: ui_notices_filter_label + value: Tm90aWNlcyBmb3VuZA== + - key: ui_contact_user_agent_label + value: VXNlciBhZ2VudDo= + - key: ui_reset_password_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHJlc2V0Og== + - key: ui_create_known_success_single_message + value: QWNjb3VudCBjcmVhdGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_delete_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbGV0ZSB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_extend_account_extend_by_label + value: RXh0ZW5kIGJ5 + - key: ui_create_known_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_changepwd_page_title + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_create_random_instruction_message + value: "" + - key: ui_notices_status_success_label + value: U3VjY2Vzcw== + - key: ui_account_state_denied_state_label + value: RGVuaWVk + - key: ui_notices_edit_button + value: RWRpdA== + - key: ui_group_tag_label + value: R3JvdXAgdGFnOg== + - key: ui_date_picker_short_day_friday + value: Rg== + - key: ui_extend_account_total_failure_message + value: VW5hYmxlIHRvIGV4dGVuZCBhY2NvdW50Lg== + - key: ui_notices_column_end_time_header + value: RW5k + - key: ui_one_click_login_title + value: QXBwcm92ZS9EZW55IEd1ZXN0 + - key: ui_account_details_content_label + value: QWNjb3VudCBEZXRhaWxz + - key: ui_print_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIG51bWJlciBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhIHByaW50IGpvYiB3aWxsIGJlIGNyZWF0ZWQgaW4gdGhlIGJhY2tncm91bmQuI\ + FdoZW4gdGhlIHByaW50IGpvYiBpcyByZWFkeSwgeW91IGNhbiB0aGVuIHNlbmQgaXQgdG8gYSBwcmludGVyLiBDaGVjayBOb3RpY2VzIHRvIGRldGVybWluZSB3aGV\ + uIHRoZSBwcmludCBqb2IgaXMgcmVhZHkgdG8gYmUgc2VudCB0byBhIHByaW50ZXIu" + - key: ui_create_random_total_failure_message + value: VW5hYmxlIHRvIGNyZWF0ZSByYW5kb20gYWNjb3VudC4= + - key: ui_manage_accounts_empty_error + value: Tm8gZ3Vlc3QgYWNjb3VudHMgYXQgdGhpcyBtb21lbnQu + - key: ui_create_random_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiByYW5kb20gYWNjb3VudHMgd2VyZSBwcm92aWRlZC4gUmFuZG9tIGFjY291bnRzIHdpbGwgYmUgY3JlYXRlZCBpbiB0a\ + GUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_create_accounts_aup_agreement_label + value: QWdyZWUgdG8= + - key: ui_use_mobile_number_as_username_label + value: VXNlIE1vYmlsZSBudW1iZXIgYXMgdXNlcm5hbWU= + - key: ui_date_picker_short_day_monday + value: TQ== + - key: ui_time_duration_label + value: RHVyYXRpb246 + - key: ui_date_picker_month_february + value: RmVicnVhcnk= + - key: ui_resend_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2VuZCB0aGlzIGFjY291bnQ/ + - key: ui_notify_known_ok_button + value: T2s= + - key: ui_suspend_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHN1c3BlbmRlZDo= + - key: ui_help_link + value: SGVscA== + - key: ui_one_click_login_username + value: VXNlcm5hbWU6 + - key: ui_user_last_login_ipaddr_label + value: RnJvbTo= + - key: ui_create_accounts_batch_limit_label + value: TWF4aW11bTo= + - key: ui_date_picker_month_july + value: SnVseQ== + - key: ui_resend_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2VuZCB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_delete_notice_success_multi_message + value: U2VsZWN0ZWQgbm90aWNlcyBkZWxldGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_sms_provider_label + value: U01TIHByb3ZpZGVyOg== + - key: ui_first_login_text + value: Rmlyc3QgTG9naW4= + - key: ui_login_username_label + value: VXNlcm5hbWU6 + - key: ui_account_action_reset_password_button + value: UmVzZXQgUGFzc3dvcmQ= + - key: ui_create_accounts_access_info_from_time_label + value: RnJvbSBUaW1l + - key: ui_approve_accounts_empty_error + value: Tm8gcGVuZGluZyBndWVzdCBhY2NvdW50cyBhdCB0aGlzIG1vbWVudC4= + - key: ui_create_import_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_create_accounts_access_info_content_label + value: QWNjZXNzIEluZm9ybWF0aW9u + - key: ui_date_picker_month_june + value: SnVuZQ== + - key: ui_notices_status_inprogress_label + value: SW4gUHJvZ3Jlc3M= + - key: ui_email_account_success_single_message + value: QWNjb3VudCBlbWFpbGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_approve_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGFwcHJvdm\ + VkIGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_one_click_login_password + value: UGFzc3dvcmQ6 + - key: ui_invalid_username_policy_error + value: SW52YWxpZCBVc2VybmFtZSBQb2xpY3ku + - key: ui_edit_accounts_guest_info_content_label + value: R3Vlc3QgSW5mb3JtYXRpb24= + - key: ui_delete_account_cancel_button + value: Q2FuY2Vs + - key: ui_field_required_error + value: VGhpcyBmaWVsZCBpcyByZXF1aXJlZC4= + - key: ui_print_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcHJpbnRlZCBzdWNjZXNzZnVsbHku + - key: ui_field_date_mdy_error + value: SW52YWxpZCBkYXRlIGZvcm1hdCAobW0vZGQveXl5eSku + - key: ui_suspend_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHN1c3BlbmQgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_column_first_name_header + value: Rmlyc3QgTmFtZQ== + - key: ui_notices_action_email_label + value: RW1haWwgR3Vlc3Rz + - key: ui_create_accounts_access_info_days_label + value: RGF5cw== + - key: ui_lastname_mismatch_policy_error + value: TGFzdE5hbWUgZGlkIG5vdCBtYXRjaCBVc2VybmFtZSBQb2xpY3k= + - key: ui_create_accounts_guest_type_instruction_message + value: "" + - key: ui_suspend_account_ok_button + value: T2s= + - key: ui_sms_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgdGV4dGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_expiration_date_label + value: RXhwaXJhdGlvbiBkYXRlOg== + - key: ui_changepwd_policy_error_message + value: + "WW91ciBwYXNzd29yZCBkb2VzIG5vdCBtZWV0IHRoZSBwYXNzd29yZCBwb2xpY3kgcmVxdWlyZW1lbnRzLiBQbGVhc2UgY29udGFjdCB5b3V\ + yIHN5c3RlbSBhZG1pbmlzdHJhdG9yIGZvciBwcm9wZXIgY29tcGxleGl0eSBzZXR0aW5ncy4=" + - key: ui_approve_account_success_single_message + value: QWNjb3VudCBhcHByb3ZlZCBzdWNjZXNzZnVsbHku + - key: ui_edit_accounts_access_info_content_label + value: QWNjZXNzIEluZm9ybWF0aW9u + - key: ui_to_date_label + value: VG8gZGF0ZSAoeXl5eS1tbS1kZCk6 + - key: ui_delete_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGRlbGV0ZWQg\ + aW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_end_of_day_label + value: RW5kIG9mIGJ1c2luZXNzIGRheQ== + - key: ui_column_phone_number_header + value: TW9iaWxlIE51bWJlcg== + - key: ui_deny_account_ok_button + value: T0s= + - key: ui_field_time_error + value: SW52YWxpZCB0aW1lIGZvcm1hdCAoaGg6bW0pLg== + - key: ui_resend_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_extend_account_maximum_label + value: TWF4aW11bTog + - key: ui_account_state_awaiting_login_state_label + value: Q3JlYXRlZA== + - key: ui_home_welcome_message + value: V2VsY29tZQ== + - key: ui_notify_import_notify_button + value: Tm90aWZ5 + - key: ui_remote_db_connect_error + value: VGhlcmUgd2FzIGEgcHJvYmxlbSB1cGRhdGluZyB0aGUgcmVtb3RlIGRhdGFiYXNlLiBQbGVhc2UgY29udGFjdCBoZWxwIGRlc2sgZm9yIGFzc2lzdGFuY2Uu + - key: ui_changepwd_submit_button + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_one_click_guest_signon + value: U2lnbiBPbg== + - key: ui_post_access_content_label + value: UG9zdCBBY2Nlc3M= + - key: ui_column_sponsor_header + value: U3BvbnNvcg== + - key: ui_aup_sponsor_text + value: + "WW91IGFyZSByZXNwb25zaWJsZSBmb3IgbWFpbnRhaW5pbmcgdGhlIGNvbmZpZGVudGlhbGl0eSBvZiB0aGUgcGFzc3dvcmQgYW5kIGFsbCBhY3Rpdml0aWVzIHRoYXQgb2NjdX\ + IgdW5kZXIgeW91ciB1c2VybmFtZSBhbmQgcGFzc3dvcmQuIENpc2NvIFN5c3RlbXMgb2ZmZXJzIHRoZSBTZXJ2aWNlIGZvciBhY3Rpdml0aWVzIHN1Y2ggYXMgdGhlIGFjdGl2ZSB1\ + c2Ugb2YgZS1tYWlsLCBpbnN0YW50IG1lc3NhZ2luZywgYnJvd3NpbmcgdGhlIFdvcmxkIFdpZGUgV2ViIGFuZCBhY2Nlc3NpbmcgY29ycG9yYXRlIGludHJhbmV0cy4gSGlnaCB2b2\ + x1bWUgZGF0YSB0cmFuc2ZlcnMsIGVzcGVjaWFsbHkgc3VzdGFpbmVkIGhpZ2ggdm9sdW1lIGRhdGEgdHJhbnNmZXJzLCBhcmUgbm90IHBlcm1pdHRlZC4gSG9zdGluZyBhIHdlYiBz\ + ZXJ2ZXIgb3IgYW55IG90aGVyIHNlcnZlciBieSB1c2Ugb2Ygb3VyIFNlcnZpY2UgaXMgcHJvaGliaXRlZC4gVHJ5aW5nIHRvIGFjY2VzcyBzb21lb25lIGVsc2UncyBhY2NvdW50LC\ + BzZW5kaW5nIHVuc29saWNpdGVkIGJ1bGsgZS1tYWlsLCBjb2xsZWN0aW9uIG9mIG90aGVyIHBlb3BsZSdzIHBlcnNvbmFsIGRhdGEgd2l0aG91dCB0aGVpciBrbm93bGVkZ2UgYW5k\ + IGludGVyZmVyZW5jZSB3aXRoIG90aGVyIG5ldHdvcmsgdXNlcnMgYXJlIGFsbCBwcm9oaWJpdGVkLiBDaXNjbyBTeXN0ZW1zIHJlc2VydmVzIHRoZSByaWdodCB0byBzdXNwZW5kIH\ + RoZSBTZXJ2aWNlIGlmIENpc2NvIFN5c3RlbXMgcmVhc29uYWJseSBiZWxpZXZlcyB0aGF0IHlvdXIgdXNlIG9mIHRoZSBTZXJ2aWNlIGlzIHVucmVhc29uYWJseSBleGNlc3NpdmUg\ + b3IgeW91IGFyZSB1c2luZyB0aGUgU2VydmljZSBmb3IgY3JpbWluYWwgb3IgaWxsZWdhbCBhY3Rpdml0aWVzLiBZb3UgZG8gbm90IGhhdmUgdGhlIHJpZ2h0IHRvIHJlc2VsbCB0aG\ + lzIFNlcnZpY2UgdG8gYSB0aGlyZCBwYXJ0eS4gQ2lzY28gU3lzdGVtcyByZXNlcnZlcyB0aGUgcmlnaHQgdG8gcmV2aXNlLCBhbWVuZCBvciBtb2RpZnkgdGhlc2UgVGVybXMgJiBD\ + b25kaXRpb25zLCBvdXIgb3RoZXIgcG9saWNpZXMgYW5kIGFncmVlbWVudHMsIGFuZCBhc3BlY3RzIG9mIHRoZSBTZXJ2aWNlIGl0c2VsZi4gTm90aWNlIG9mIGFueSByZXZpc2lvbi\ + wgYW1lbmRtZW50LCBvciBtb2RpZmljYXRpb24gd2lsbCBiZSBwb3N0ZWQgb24gQ2lzY28gU3lzdGVtJ3Mgd2Vic2l0ZSBhbmQgd2lsbCBiZSBlZmZlY3RpdmUgYXMgdG8gZXhpc3Rp\ + bmcgdXNlcnMgMzAgZGF5cyBhZnRlciBwb3N0aW5nLg==" + - key: ui_reset_password_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_create_import_total_failure_message + value: VW5hYmxlIHRvIGltcG9ydCBhY2NvdW50cy4gQSBmYWlsdXJlIG9jY3VycmVkIGluIGxpbmUg + - key: ui_suspend_account_cancel_button + value: Q2FuY2Vs + - key: ui_deny_account_cancel_button + value: Q2FuY2Vs + - key: ui_approve_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGFwcHJvdmUgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_create_accounts_access_info_maximum_duration_label + value: TWF4aW11bTo= + - key: ui_one_click_guest_processed + value: VGhpcyBndWVzdCBhY2NvdW50IHJlcXVlc3QgaGFzIGFscmVhZHkgYmVlbiBwcm9jZXNzZWQu + - key: ui_account_action_reinstate_button + value: UmVpbnN0YXRl + - key: ui_menu_sign_out_button + value: U2lnbiBPdXQ= + - key: ui_notify_random_notify_button + value: UHJpbnQ= + - key: ui_reinstate_account_success_single_message + value: QWNjb3VudCByZWluc3RhdGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_contact_content_label + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_reinstate_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHJlaW5zdGF0ZWQ6 + - key: ui_login_failed_error + value: QXV0aGVudGljYXRpb24gZmFpbGVkLg== + - key: ui_deny_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_menu_change_password_button + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_create_accounts_guest_type_access_allowed_label + value: QWNjZXNzIGFsbG93ZWQ6 + - key: ui_notices_status_failed_label + value: RmFpbGVk + - key: ui_notices_status_partial_success_label + value: Q29tcGxldGUvRXJyb3Jz + - key: ui_extend_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGV4\ + dGVuZGVkIGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_create_known_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHByb3ZpZGVkLCBhY2NvdW50cyB3aWxsIGJlIGNy\ + ZWF0ZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_changepwd_cancel_button + value: Q2FuY2Vs + - key: ui_account_state_active_state_label + value: QWN0aXZl + - key: ui_post_access_instruction_message + value: "" + - key: ui_aup_content_label + value: QWNjZXB0YWJsZSBVc2UgUG9saWN5 + - key: ui_delete_notice_success_single_message + value: Tm90aWNlIGRlbGV0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_create_accounts_access_info_minutes_label + value: TWludXRlcw== + - key: ui_to_time_label + value: VG8gdGltZTo= + - key: ui_resend_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcmVzZW50IHN1Y2Nlc3NmdWxseS4= + - key: ui_last_name_label + value: TGFzdCBuYW1lOg== + - key: ui_account_action_resend_button + value: UmVzZW5k + - key: ui_print_account_total_failure_message + value: VW5hYmxlIHRvIHByaW50Lg== + - key: ui_login_aup_text + value: + "WW91IGFyZSByZXNwb25zaWJsZSBmb3IgbWFpbnRhaW5pbmcgdGhlIGNvbmZpZGVudGlhbGl0eSBvZiB0aGUgcGFzc3dvcmQgYW5kIGFsb\ + CBhY3Rpdml0aWVzIHRoYXQgb2NjdXIgdW5kZXIgeW91ciB1c2VybmFtZSBhbmQgcGFzc3dvcmQuIENpc2NvIFN5c3RlbXMgb2ZmZXJzIHRoZSBTZXJ\ + 2aWNlIGZvciBhY3Rpdml0aWVzIHN1Y2ggYXMgdGhlIGFjdGl2ZSB1c2Ugb2YgZS1tYWlsLCBpbnN0YW50IG1lc3NhZ2luZywgYnJvd3NpbmcgdGhlI\ + FdvcmxkIFdpZGUgV2ViIGFuZCBhY2Nlc3NpbmcgY29ycG9yYXRlIGludHJhbmV0cy4gSGlnaCB2b2x1bWUgZGF0YSB0cmFuc2ZlcnMsIGVzcGVjaWF\ + sbHkgc3VzdGFpbmVkIGhpZ2ggdm9sdW1lIGRhdGEgdHJhbnNmZXJzLCBhcmUgbm90IHBlcm1pdHRlZC4gSG9zdGluZyBhIHdlYiBzZXJ2ZXIgb3IgY\ + W55IG90aGVyIHNlcnZlciBieSB1c2Ugb2Ygb3VyIFNlcnZpY2UgaXMgcHJvaGliaXRlZC4gVHJ5aW5nIHRvIGFjY2VzcyBzb21lb25lIGVsc2UncyB\ + hY2NvdW50LCBzZW5kaW5nIHVuc29saWNpdGVkIGJ1bGsgZS1tYWlsLCBjb2xsZWN0aW9uIG9mIG90aGVyIHBlb3BsZSdzIHBlcnNvbmFsIGRhdGEgd\ + 2l0aG91dCB0aGVpciBrbm93bGVkZ2UgYW5kIGludGVyZmVyZW5jZSB3aXRoIG90aGVyIG5ldHdvcmsgdXNlcnMgYXJlIGFsbCBwcm9oaWJpdGVkLiB\ + DaXNjbyBTeXN0ZW1zIHJlc2VydmVzIHRoZSByaWdodCB0byBzdXNwZW5kIHRoZSBTZXJ2aWNlIGlmIENpc2NvIFN5c3RlbXMgcmVhc29uYWJseSBiZ\ + WxpZXZlcyB0aGF0IHlvdXIgdXNlIG9mIHRoZSBTZXJ2aWNlIGlzIHVucmVhc29uYWJseSBleGNlc3NpdmUgb3IgeW91IGFyZSB1c2luZyB0aGUgU2V\ + ydmljZSBmb3IgY3JpbWluYWwgb3IgaWxsZWdhbCBhY3Rpdml0aWVzLiBZb3UgZG8gbm90IGhhdmUgdGhlIHJpZ2h0IHRvIHJlc2VsbCB0aGlzIFNlc\ + nZpY2UgdG8gYSB0aGlyZCBwYXJ0eS4gQ2lzY28gU3lzdGVtcyByZXNlcnZlcyB0aGUgcmlnaHQgdG8gcmV2aXNlLCBhbWVuZCBvciBtb2RpZnkgdGh\ + lc2UgVGVybXMgJiBDb25kaXRpb25zLCBvdXIgb3RoZXIgcG9saWNpZXMgYW5kIGFncmVlbWVudHMsIGFuZCBhc3BlY3RzIG9mIHRoZSBTZXJ2aWNlI\ + Gl0c2VsZi4gTm90aWNlIG9mIGFueSByZXZpc2lvbiwgYW1lbmRtZW50LCBvciBtb2RpZmljYXRpb24gd2lsbCBiZSBwb3N0ZWQgb24gQ2lzY28gU3l\ + zdGVtJ3Mgd2Vic2l0ZSBhbmQgd2lsbCBiZSBlZmZlY3RpdmUgYXMgdG8gZXhpc3RpbmcgdXNlcnMgMzAgZGF5cyBhZnRlciBwb3N0aW5nLg==" + - key: ui_changepwd_optional_content_2 + value: "" + - key: ui_deny_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZGVuaWVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_email_address_label + value: RW1haWwgYWRkcmVzczo= + - key: ui_changepwd_optional_content_1 + value: "" + - key: ui_column_location_header + value: TG9jYXRpb24= + - key: ui_date_picker_short_day_wednesday + value: Vw== + - key: ui_extend_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_approve_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGFwcHJvdmUgdGhpcyBhY2NvdW50Pw== + - key: ui_create_random_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_reset_password_account_total_failure_message + value: VW5hYmxlIHRvIHJlc2V0IHBhc3N3b3JkLg== + - key: ui_contact_failure_code_label + value: RmFpbHVyZSBjb2RlOg== + - key: ui_date_picker_month_november + value: Tm92ZW1iZXI= + - key: ui_field_phone_error + value: SW52YWxpZCBtb2JpbGUgbnVtYmVyIGZvcm1hdC4= + - key: ui_reinstate_account_cancel_button + value: Q2FuY2Vs + - key: ui_notification_language_label + value: TGFuZ3VhZ2U6 + - key: ui_column_sms_provider_header + value: U01TIFByb3ZpZGVy + - key: ui_suspend_account_instruction_message + value: "" + - key: ui_account_state_pending_approval_state_label + value: UGVuZGluZyBBcHByb3ZhbA== + - key: ui_reinstate_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlaW5zdGF0ZSB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_notices_column_status_header + value: U3RhdHVz + - key: ui_deny_account_success_single_message + value: QWNjb3VudCBkZW5pZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_unit_thursday + value: VGh1cnNkYXk= + - key: ui_list_refresh_button + value: UmVmcmVzaA== + - key: ui_notify_import_ok_button + value: T2s= + - key: ui_column_password_header + value: UGFzc3dvcmQ= + - key: ui_create_known_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGVzZSBhY2NvdW50cz8= + - key: ui_delete_notice_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGRlbGV0ZSB0aGlzIG5vdGljZT8= + - key: ui_deny_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGRlbmllZDo= + - key: ui_account_state_suspended_state_label + value: U3VzcGVuZGVk + - key: ui_field_date_dmy_error + value: SW52YWxpZCBkYXRlIGZvcm1hdCAoZGQvbW0veXl5eSku + - key: ui_delete_notice_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_email_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGVtYWlsIHRoaXMgYWNjb3VudD8= + - key: ui_one_click_login_instruction + value: UGxlYXNlIGVudGVyIHlvdXIgY3JlZGVudGlhbHMgdG8gYXBwcm92ZSBvciBkZW55IHRoZSBndWVzdCBhY2NvdW50Lg== + - key: ui_notify_email_address_label + value: U3BvbnNvcidzIEVtYWlsIGFkZHJlc3M= + - key: ui_email_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZW1haWxlZCBzdWNjZXNzZnVsbHku + - key: ui_notices_empty_error + value: Tm8gbm90aWNlcyBhdCB0aGlzIG1vbWVudC4= + - key: ui_create_random_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgcmFuZG9tIGFjY291bnRzIHN1Y2Nlc3NmdWxseSBjcmVhdGVkOg== + - key: ui_suspend_account_success_single_message + value: QWNjb3VudCBzdXNwZW5kZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_date_picker_short_day_thursday + value: VA== + - key: ui_login_optional_content_1 + value: "" + - key: ui_date_picker_title + value: U2V0IERhdGU= + - key: ui_suspend_account_total_failure_message + value: VW5hYmxlIHRvIHN1c3BlbmQgYWNjb3VudC4= + - key: ui_login_optional_content_2 + value: "" + - key: ui_reset_password_ok_button + value: T0s= + - key: ui_field_date_range_unlimited_error + value: VmFsaWQgZGF0ZXMgc3RhcnQgZnJvbSB7MH0= + - key: ui_one_click_guest_link_expired + value: TGluayBoYXMgZXhwaXJlZC4gUGxlYXNlIHNpZ24gb24gdG8gdGhlIHNwb25zb3IgcG9ydGFsIHRvIGFwcHJvdmUvZGVueSBndWVzdHMu + - key: ui_post_access_message + value: WW91IGNhbiBwcm92aWRlIG5ldHdvcmsgYWNjZXNzIHRvIG90aGVycy4gQmUgc3VyZSB0byBmb2xsb3cgeW91ciBjb21wYW55J3MgcG9saWNpZXMgZm9yIGRvaW5nIHNvLg== + - key: ui_extend_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGV4dGVuZGVkOg== + - key: ui_field_first_name_error + value: UGxlYXNlIGVudGVyIGEgdmFsaWQgZmlyc3QgbmFtZS4= + - key: ui_account_action_delete_button + value: RGVsZXRl + - key: ui_notify_import_send_summary_email_label + value: U2VuZCBtZSBhIHN1bW1hcnkgb2YgaW1wb3J0 + - key: ui_extend_account_ok_button + value: T2s= + - key: ui_login_password_label + value: UGFzc3dvcmQ6 + - key: ui_account_details_sponsor_label + value: U3BvbnNvcjo= + - key: ui_notify_random_done_button + value: RG9uZQ== + - key: ui_user_name_label + value: VXNlcm5hbWU6 + - key: ui_approve_account_ok_button + value: T0s= + - key: ui_create_import_select_file_label + value: U2VsZWN0IGZpbGU6 + - key: ui_reset_password_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2V0IHRoZSBwYXNzd29yZCBmb3IgdGhpcyBhY2NvdW50Pw== + - key: ui_account_action_edit_button + value: RWRpdA== + - key: ui_contact_ip_address_label + value: SVAgYWRkcmVzczo= + - key: ui_password_label + value: UGFzc3dvcmQ6 + - key: ui_extend_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZXh0ZW5kZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_create_known_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGNyZWF0ZWQ6 + - key: ui_reset_password_notify_guests_label + value: U2VuZCBndWVzdCBub3RpZmljYXRpb24gdXNpbmc6 + - key: ui_resend_account_success_single_message + value: QWNjb3VudCByZXNlbnQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_create_random_success_single_message + value: UmFuZG9tIGFjY291bnQgY3JlYXRlZCBzdWNjZXNzZnVsbHku + - key: ui_delete_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_approve_accounts_filter_label + value: UGVuZGluZyBhY2NvdW50cyBmb3VuZA== + - key: ui_delete_notice_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2Ygbm90aWNlcyBzdWNjZXNzZnVsbHkgZGVsZXRlZDo= + - key: ui_post_access_optional_content_1 + value: "" + - key: ui_post_access_optional_content_2 + value: "" + - key: ui_sms_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIG51bWJlciBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIHRleH\ + RlZCBpbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_create_known_success_multi_message + value: QWNjb3VudHMgY3JlYXRlZCBzdWNjZXNzZnVsbHku + - key: ui_date_picker_month_march + value: TWFyY2g= + - key: ui_create_import_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGltcG9ydGVkOg== + - key: ui_email_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIG51bWJlciBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGVtY\ + WlsZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_create_accounts_back_button + value: QmFjaw== + - key: ui_notify_import_cancel_button + value: Q2FuY2Vs + - key: ui_delete_notice_total_failure_message + value: VW5hYmxlIHRvIGRlbGV0ZSBub3RpY2VzLg== + - key: ui_delete_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZGVsZXRlZCBzdWNjZXNzZnVsbHku + - key: ui_notify_print_label + value: UHJpbnQ= + - key: ui_account_action_suspend_button + value: U3VzcGVuZA== + - key: ui_reinstate_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_edit_accounts_cancel_button + value: Q2FuY2Vs + - key: ui_time_picker_title + value: Q2hvb3NlIFRpbWU= + - key: ui_notices_action_random_label + value: Q3JlYXRlIFJhbmRvbSBBY2NvdW50cw== + - key: ui_from_time_label + value: RnJvbSB0aW1lOg== + - key: ui_create_accounts_guest_type_access_limit_label + value: TWF4aW11bSBhY2Nlc3MgZHVyYXRpb246 + - key: ui_changepwd_confirmpwd_label + value: Q29uZmlybSBwYXNzd29yZDo= + - key: ui_field_min_error + value: RmllbGQgdmFsdWUgY2Fubm90IGJlIGxlc3MgdGhhbiB7MH0= + - key: ui_create_import_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGltcG9ydCB0aGlzIGFjY291bnQ/ + - key: ui_create_random_success_multi_message + value: UmFuZG9tIGFjY291bnRzIGNyZWF0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_unit_hours + value: aG91cnM= + - key: ui_print_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHByaW50IHRoZSBzZWxlY3RlZCBhY2NvdW50cz8= + - key: ui_footer_label + value: "" + - key: ui_login_instruction_message + value: + "VXNlIHRoZSBTcG9uc29yIHBvcnRhbCB0byBtYW5hZ2UgZ3Vlc3QgYWNjb3VudHMuIFNpZ24gb24gd2l0aCB5b3VyIHVzZXJuY\ + W1lIGFuZCBwYXNzd29yZCBhZnRlciB2ZXJpZnlpbmcgdGhhdCB5b3UgYWdyZWUgdG8gdGhlIHRlcm1zIGFuZCBjb25kaXRpb25zLCBpZiByZXF1aXJlZC4=" + - key: ui_one_click_login_to_other_portals + value: + "VHJ5IHJlLWVudGVyaW5nIHlvdXIgY3JlZGVudGlhbHMgb3IgbG9nZ2luZyBpbiB0byB0aGUgc3BvbnNvciBwb3J0YWwgeW91IHVzd\ + WFsbHkgdXNlIHRvIG1hbnVhbGx5IGFwcHJvdmUgb3IgZGVueSBhIGd1ZXN0IGFjY291bnQu" + - key: ui_sms_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHRleHQgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_post_access_page_title + value: UG9zdCBBY2Nlc3M= + - key: ui_contact_page_title + value: Q29udGFjdCBJbmZvcm1hdGlvbg== + - key: ui_notify_guests_delivery_label + value: RGVsaXZlciBub3RpZmljYXRpb24gdXNpbmc6 + - key: ui_suspend_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgc3VzcGVuZGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_guest_type_label + value: R3Vlc3QgdHlwZTo= + - key: ui_delete_notice_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGRlbGV0ZSB0aGUgc2VsZWN0ZWQgbm90aWNlcz8= + - key: ui_unit_friday + value: RnJpZGF5 + - key: ui_account_state_expired_state_label + value: RXhwaXJlZA== + - key: ui_login_aup_agreement_label + value: QWdyZWUgdG8= + - key: ui_create_accounts_next_button + value: TmV4dA== + - key: ui_reinstate_account_ok_button + value: T2s= + - key: ui_menu_home_button + value: SG9tZQ== + - key: ui_notices_column_accounts_num_header + value: TnVtYmVyIG9mIEFjY291bnRz + - key: ui_login_change_password_button + value: SSB3YW50IHRvIGNoYW5nZSBteSBwYXNzd29yZCBhZnRlciBsb2dpbg== + - key: ui_notices_column_start_time_header + value: U3RhcnQ= + - key: ui_extend_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGV4dGVuZCB0aGlzIGFjY291bnQ/ + - key: ui_login_content_label + value: U2lnbiBPbg== + - key: ui_email_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_aup_page_title + value: QWNjZXB0YWJsZSBVc2UgUG9saWN5 + - key: ui_column_ssid_header + value: U1NJRA== + - key: ui_changepwd_policy_help_label + value: UGFzc3dvcmRzIG11c3QgYmUgOCBjaGFyYWN0ZXJzIGFuZCBjb250YWluIGEgbGV0dGVyIGFuZCBudW1iZXIu + - key: ui_deny_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbnkgYWNjZXNzIGZvciB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_approve_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgYXBwcm92ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_print_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHByaW50ZWQ6 + - key: ui_delete_account_success_single_message + value: QWNjb3VudCBkZWxldGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_list_sort_by_label + value: U29ydCBieTo= + - key: ui_sms_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHRleHQgdGhpcyBhY2NvdW50Pw== + - key: ui_aup_optional_content_2 + value: "" + - key: ui_column_person_visited_header + value: UGVyc29uIEJlaW5nIFZpc2l0ZWQ= + - key: ui_reinstate_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlaW5zdGF0ZSB0aGlzIGFjY291bnQ/ + - key: ui_contact_mac_address_label + value: TUFDIGFkZHJlc3M6 + - key: ui_aup_optional_content_1 + value: "" + - key: ui_error_instruction_message + value: "" + - key: ui_from_date_label + value: RnJvbSBkYXRlICh5eXl5LW1tLWRkKTo= + - key: ui_column_expiration_date_header + value: RXhwaXJhdGlvbiBEYXRl + - key: ui_date_picker_month_october + value: T2N0b2Jlcg== + - key: ui_contact_title_label + value: Q29udGFjdCBJbmZvcm1hdGlvbg== + - key: ui_column_group_tag_header + value: R3JvdXAgVGFn + - key: ui_resend_account_ok_button + value: T0s= + - key: ui_unit_days_symbol + value: RA== + - key: ui_print_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHByaW50IHRoaXMgYWNjb3VudD8= + - key: ui_column_account_state_header + value: U3RhdGU= + - key: ui_sms_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_changepwd_instruction_message + value: WW91IGFyZSByZXF1aXJlZCB0byBjaGFuZ2UgeW91ciBwYXNzd29yZCBub3cuIFBsZWFzZSBlbnRlciBhIG5ldyBwYXNzd29yZC4= + - key: ui_unit_hours_symbol + value: SA== + - key: ui_field_last_name_error + value: UGxlYXNlIGVudGVyIGEgdmFsaWQgbGFzdCBuYW1lLg== + - key: ui_create_accounts_aup_link + value: VGVybXMgYW5kIENvbmRpdGlvbnM= + - key: ui_account_details_suspension_reason_label + value: UmVhc29uIGZvciBzdXNwZW5zaW9uOg== + - key: ui_no_user_error + value: VXNlciBkb2Vzbid0IGV4aXN0Lg== + - key: ui_create_accounts_access_info_location_label + value: TG9jYXRpb246 + - key: ui_reinstate_account_total_failure_message + value: VW5hYmxlIHRvIHJlaW5zdGF0ZSBhY2NvdW50Lg== + - key: ui_reset_password_account_success_single_message + value: QWNjb3VudCBwYXNzd29yZCByZXNldCBzdWNjZXNzZnVsbHku + - key: ui_create_accounts_access_info_hours_label + value: SG91cnM= + - key: ui_notify_known_notify_button + value: Tm90aWZ5 + - key: ui_create_import_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGltcG9ydCB0aGVzZSBhY2NvdW50cz8= + - key: ui_home_page_title + value: U3BvbnNvciBIb21l + - key: ui_notify_known_auto_notify_text + value: R3Vlc3Qgbm90aWZpY2F0aW9ucyBhcmUgc2VudCBhdXRvbWF0aWNhbGx5 + - key: ui_unit_pm + value: UE0= + - key: ui_reason_visit_label + value: UmVhc29uIGZvciB2aXNpdDo= + - key: ui_approve_accounts_content_label + value: UGVuZGluZyBBY2NvdW50cw== + - key: ui_column_notification_language_header + value: TGFuZ3VhZ2U= + - key: ui_column_guest_type_header + value: R3Vlc3QgVHlwZQ== + - key: ui_aup_instruction_message + value: UGxlYXNlIHJlYWQgdGhlIEFjY2VwdGFibGUgVXNlIFBvbGljeS4= + - key: ui_reset_password_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcGFzc3dvcmQgcmVzZXQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_unit_am + value: QU0= + - key: ui_resend_account_total_failure_message + value: VW5hYmxlIHRvIHJlc2VuZCBpbmZvcm1hdGlvbi4= + - key: ui_unit_saturday + value: U2F0dXJkYXk= + - key: ui_portal_label + value: UG9ydGFsIE5hbWU= + - key: ui_notify_known_cancel_button + value: Q2FuY2Vs + - key: ui_print_account_success_single_message + value: QWNjb3VudCBwcmludGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_create_random_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGVzZSByYW5kb20gYWNjb3VudHM/ + - key: ui_account_action_print_button + value: UHJpbnQ= + - key: ui_edit_accounts_save_button + value: U2F2ZQ== + - key: ui_reset_password_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2V0IHRoZSBwYXNzd29yZCBmb3IgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_home_instruction_message + value: Q3JlYXRlLCBtYW5hZ2UsIGFuZCBhcHByb3ZlIGd1ZXN0IGFjY291bnRzLg== + - key: ui_column_reason_visit_header + value: UmVhc29uIGZvciBWaXNpdA== + - key: ui_guest_duration_error + value: VGhlIHBlcmlvZCBiZXR3ZWVuIHN0YXJ0IGFuZCBlbmQgZGF0ZSBleGNlZWRzIG1heGltdW0gZHVyYXRpb24gY29uZmlndXJlZCBvbiBndWVzdCB0eXBlLg== + - key: ui_notices_action_sms_label + value: VGV4dCBHdWVzdHM= + - key: ui_create_accounts_guest_type_device_limit_label + value: TWF4aW11bSBkZXZpY2VzIHRoYXQgY2FuIGJlIGNvbm5lY3RlZDo= + - key: ui_create_accounts_access_info_to_time_label + value: VG8gVGltZQ== + - key: ui_time_left_label + value: VGltZSBsZWZ0Og== + - key: ui_user_last_login_pass_time_label + value: TGFzdCBMb2dpbjo= + - key: ui_email_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGVtYWlsIHRoZSBzZWxlY3RlZCBhY2NvdW50cz8= + - key: ui_create_random_prefix_label + value: VXNlcm5hbWUgcHJlZml4Og== + - key: ui_approve_account_total_failure_message + value: VW5hYmxlIHRvIGFwcHJvdmUgYWNjb3VudC4= + - key: ui_manage_accounts_content_label + value: TWFuYWdlIEFjY291bnRz + - key: ui_notify_content_label + value: QWNjb3VudCBJbmZvcm1hdGlvbg== + - key: ui_login_signon_button + value: U2lnbiBPbg== + - key: ui_delete_notice_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBub3RpY2VzIHdlcmUgc2VsZWN0ZWQuIE5vdGljZX\ + Mgd2lsbCBiZSBkZWxldGVkIGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_error_page_title + value: RXJyb3I= + - key: ui_create_import_total_failure_message_suffix + value: VGhlIGltcG9ydCBmaWxlIG1heSBjb250YWluIGFkZGl0aW9uYWwgZXJyb3JzLCBidXQgdGhlIGltcG9ydCBvcGVyYXRpb24gZGlkIG5vdCByZWFkIHBhc3QgdGhpcyBsaW5lLg== + - key: ui_approve_account_cancel_button + value: Q2FuY2Vs + - key: ui_contact_sessioninfo_text + value: VGhlIGZvbGxvd2luZyBpbmZvcm1hdGlvbiBtaWdodCBiZSB1c2VmdWwgdG8gdGhlIEhlbHAgRGVzayByZXByZXNlbnRhdGl2ZSB3aG8gYXNzaXN0cyB5b3Uu + - key: ui_column_creation_date_header + value: Q3JlYXRpb24gRGF0ZQ== + - key: ui_home_title_label + value: U3BvbnNvciBQb3J0YWw= + - key: ui_edit_accounts_content_label + value: RWRpdCBBY2NvdW50 + - key: ui_date_picker_month_april + value: QXByaWw= + - key: ui_email_account_total_failure_message + value: VW5hYmxlIHRvIHNlbmQgZW1haWwu + - key: ui_notices_action_print_label + value: Q3JlYXRlIFByaW50IEpvYg== + - key: ui_column_last_name_header + value: TGFzdCBOYW1l + - key: ui_create_import_success_single_message + value: QWNjb3VudCBpbXBvcnRlZCBzdWNjZXNzZnVsbHku + - key: ui_create_import_async_message + value: QWNjb3VudCBpbXBvcnRpbmcgd2lsbCBiZSBwcm9jZXNzZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4= + - key: ui_extend_account_success_single_message + value: QWNjb3VudCBleHRlbmRlZCBzdWNjZXNzZnVsbHku + - key: ui_unit_minutes_symbol + value: TQ== + - key: ui_notify_sms_label + value: U01T + - key: ui_extend_account_cancel_button + value: Q2FuY2Vs + - key: ui_unit_days + value: ZGF5cw== + - key: ui_create_import_tab_label + value: SW1wb3J0 + - key: ui_to_label + value: VG86 + - key: ui_changepwd_currentpwd_label + value: Q3VycmVudCBwYXNzd29yZDo= + - key: ui_column_time_left_header + value: VGltZSBMZWZ0 + - key: ui_account_action_approve_button + value: QXBwcm92ZQ== + - key: ui_create_known_instruction_message + value: "" + - key: ui_create_known_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGlzIGFjY291bnQ/ + - key: ui_reinstate_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50c\ + yB3aWxsIGJlIHJlaW5zdGF0ZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_date_picker_month_december + value: RGVjZW1iZXI= + - key: ui_notify_import_accounts_showing_label + value: U2hvd2luZzog + - key: ui_one_click_guest_link_invalid + value: TGluayBpcyBpbnZhbGlkLiBQbGVhc2Ugc2lnbiBvbiB0byB0aGUgc3BvbnNvciBwb3J0YWwgdG8gYXBwcm92ZS9kZW55IGd1ZXN0cy4= + - key: ui_date_picker_calendar_header_format + value: JUIgJVk= + - key: ui_resend_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3a\ + WxsIGJlIHJlc2VudCBpbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_field_email_error + value: RW50ZXIgYSB2YWxpZCBlbWFpbCBhZGRyZXNzLg== + - key: ui_suspend_account_reason_label + value: UmVhc29uIGZvciBzdXNwZW5zaW9uOg== + - key: ui_creation_date_label + value: Q3JlYXRpb24gZGF0ZTo= + - key: ui_field_date_range_limited_error + value: VmFsaWQgZGF0ZXMgYXJlIHswfSB0byB7MX0= + - key: ui_date_picker_short_day_tuesday + value: VA== + - key: ui_menu_switch_mobile_button + value: U3dpdGNoIHRvIG1vYmlsZSBtb2Rl + - key: ui_suspend_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_deny_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50\ + cyB3aWxsIGJlIGRlbmllZCBpbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_person_visited_label + value: UGVyc29uIGJlaW5nIHZpc2l0ZWQgKGVtYWlsKTo= + - key: ui_create_import_success_multi_message + value: QWNjb3VudHMgaW1wb3J0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_changepwd_newpwd_label + value: TmV3IHBhc3N3b3JkOg== + - key: ui_column_guest_location_header + value: TG9jYXRpb24= + - key: ui_field_digit_error + value: RW50ZXIgYSB2YWxpZCBudW1iZXIu + - key: ui_date_picker_short_day_sunday + value: Uw== + - key: ui_create_accounts_guest_info_content_label + value: R3Vlc3QgSW5mb3JtYXRpb24= + - key: ui_unit_minutes + value: bWludXRlcw== + - key: ui_account_action_extend_button + value: RXh0ZW5k + - key: ui_account_details_account_state_label + value: U3RhdGU6 + - key: ui_from_label + value: RnJvbQ== + - key: ui_extend_account_instruction_message + value: "" + - key: ui_account_details_done_button + value: RG9uZQ== + - key: ui_unit_tuesday + value: VHVlc2RheQ== + - key: ui_notify_import_auto_notify_text + value: R3Vlc3Qgbm90aWZpY2F0aW9ucyBhcmUgc2VudCBhdXRvbWF0aWNhbGx5 + - key: ui_company_label + value: Q29tcGFueTo= + - key: ui_date_picker_month_january + value: SmFudWFyeQ== + - key: ui_sms_account_total_failure_message + value: VW5hYmxlIHRvIHNlbmQgdGV4dC4= + - key: ui_delete_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGRlbGV0ZWQ6 + - key: ui_delete_account_ok_button + value: T0s= + - key: ui_notify_random_accounts_created_label + value: QWNjb3VudHMgY3JlYXRlZDog + - key: ui_notices_delete_button + value: RGVsZXRlIE5vdGljZQ== + - key: ui_create_known_tab_label + value: S25vd24= + - key: ui_extend_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGV4dGVuZCB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_create_accounts_access_info_to_date_label + value: VG8gRGF0ZSAoeXl5eS1tbS1kZCk= + - key: ui_time_picker_button + value: U2V0IFRpbWU= + - key: ui_post_access_continue_button + value: Q29udGludWU= + - key: ui_javascript_disabled_message + value: WW91IG11c3QgdHVybiBvbiBKYXZhU2NyaXB0IHRvIHVzZSB0aGlzIHdlYiBzaXRlLg== + - key: ui_field_date_ymd_error + value: SW52YWxpZCBkYXRlIGZvcm1hdCAoeXl5eS1tbS1kZCku + - key: ui_create_import_download_template_link + value: RG93bmxvYWQgVGVtcGxhdGU= + - key: ui_contact_policy_server_label + value: UG9saWN5IHNlcnZlcjo= + - key: ui_prefix_mismatch_policy_error + value: UHJlZml4IGRpZCBub3QgbWF0Y2ggVXNlcm5hbWUgUG9saWN5 + - key: ui_column_company_header + value: Q29tcGFueQ== + - key: ui_notify_import_accounts_created_label + value: QWNjb3VudHMgY3JlYXRlZDog + - key: ui_date_picker_month_september + value: U2VwdGVtYmVy + - key: ui_reset_password_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3\ + aWxsIGJlIHBhc3N3b3JkIHJlc2V0IGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_delete_account_total_failure_message + value: VW5hYmxlIHRvIGRlbGV0ZSBhY2NvdW50Lg== + - key: ui_create_accounts_create_button + value: Q3JlYXRl + - key: ui_contact_helpdesk_title + value: SGVscCBEZXNrIEluZm9ybWF0aW9u + - key: ui_notify_known_done_button + value: RG9uZQ== + - key: ui_notices_done_button + value: RG9uZQ== + - key: ui_phone_number_label + value: TW9iaWxlIG51bWJlcjo= + - key: ui_column_email_address_header + value: RW1haWwgQWRkcmVzcw== + - key: ui_deny_account_total_failure_message + value: VW5hYmxlIHRvIGRlbnkgYWNjb3VudC4= + - key: ui_email_mismatch_policy_error + value: RW1haWwgZGlkIG5vdCBtYXRjaCBVc2VybmFtZSBQb2xpY3k= + - key: ui_aup_decline_button + value: RGVjbGluZQ== + - key: ui_changepwd_username_label + value: VXNlcm5hbWU6 + - key: ui_notify_random_accounts_showing_label + value: U2hvd2luZzog + - key: ui_notices_content_label + value: Tm90aWNlcw== + - key: ui_account_action_deny_button + value: RGVueQ== + - key: ui_delete_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbGV0ZSB0aGlzIGFjY291bnQ/ + - key: ui_field_max_error + value: RmllbGQgdmFsdWUgY2Fubm90IGJlIGdyZWF0ZXIgdGhhbiB7MH0= + - key: ui_contact_message + value: Q29udGFjdCBJbmZvcm1hdGlvbg== + - key: ui_approve_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGFwcHJvdmVkOg== + - key: ui_create_accounts_guest_type_content_label + value: R3Vlc3QgdHlwZTo= + - key: ui_unit_monday + value: TW9uZGF5 + - key: ui_create_accounts_access_info_ssid_label + value: U1NJRDo= + - key: ui_invalid_input_error + value: SW52YWxpZCBpbnB1dC4= + - key: ui_banner_label + value: U3BvbnNvciBQb3J0YWw= + - key: ui_date_label + value: RGF0ZTo= + - key: ui_create_import_instruction_message + value: Q2xpY2sgdG8gZG93bmxvYWQgdGhlIGltcG9ydCB0ZW1wbGF0ZSBmaWxlLg== + - key: ui_create_random_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGlzIHJhbmRvbSBhY2NvdW50Pw== + - key: ui_firstname_mismatch_policy_error + value: Rmlyc3ROYW1lIGRpZCBub3QgbWF0Y2ggVXNlcm5hbWUgUG9saWN5 + - key: ui_date_picker_short_day_saturday + value: Uw== + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/support_bundle.yml b/ansible_collections/cisco/ise/playbooks/support_bundle.yml new file mode 100644 index 00000000..9568bfd0 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/support_bundle.yml @@ -0,0 +1,57 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Create or update an support_bundle + # cisco.ise.support_bundle: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: supportBundle + # description: Support Bundle Generation + # hostName: ise + # supportBundleIncludeOptions: + # includeConfigDB: true + # includeDebugLogs: true + # includeLocalLogs: true + # includeCoreFiles: true + # mntLogs: true + # includeSystemLogs: true + # policyXml: true + # fromDate: 07/19/2021 + # toDate: 07/20/2021 + # register: result + + - name: Support bundle status + cisco.ise.support_bundle_status_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: ise + register: support_bundle_status_result + + - name: Print result + ansible.builtin.debug: + var: support_bundle_status_result + + - name: Support bundle download + cisco.ise.support_bundle_download: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + dirPath: /Users/wilhelm32/Downloads/result/ + fileName: "{{ support_bundle_status_result['ise_response']['fileName']}}" + saveFile: true + when: + - support_bundle_status_result['ise_response'] is defined + - support_bundle_status_result['ise_response']['status'] == "complete" + - support_bundle_status_result['ise_response']['fileName'] + register: support_bundle_download_result + + - name: Print support_bundle_download_result + ansible.builtin.debug: + var: support_bundle_status_result + when: support_bundle_download_result diff --git a/ansible_collections/cisco/ise/playbooks/system_certificate.yml b/ansible_collections/cisco/ise/playbooks/system_certificate.yml new file mode 100644 index 00000000..9986d0ec --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/system_certificate.yml @@ -0,0 +1,67 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.system_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.system_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Get System Certificate by name + cisco.ise.system_certificate_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + hostName: ise + register: result + + - name: Print result + ansible.builtin.debug: + var: result + + # - name: Update a system_certificate + # cisco.ise.system_certificate: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # admin: false + # allowReplacementOfPortalGroupTag: false + # description: ISE + # eap: false + # expirationTTLPeriod: 5 + # expirationTTLUnits: years + # hostName: ise + # ims: false + # name: OU=Certificate Services System Certificate,CN=ise.securitydemo.net#Certificate + # Services Endpoint Sub CA - ise#00002 + # portal: false + # portalGroupTag: Default Portal Certificate Group + # pxgrid: false + # radius: false + # renewSelfSignedCertificate: false + # saml: false + # register: result + + # - name: Print result + # ansible.builtin.debug: + # var: result diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_nbarapp.yml b/ansible_collections/cisco/ise/playbooks/trustsec_nbarapp.yml new file mode 100644 index 00000000..98937292 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_nbarapp.yml @@ -0,0 +1,106 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + # - name: '[Get Nbar Apps]' + # cisco.ise.trustsec_nbar_app_info: + # <<: *ise_login + # page: 1 + # size: 100 + # register: nbar_app_all + + # - name: '[Print Nbar Apps]' + # ansible.builtin.debug: + # var: nbar_app_all + + - name: Get Nbar App filtered by name + cisco.ise.trustsec_nbar_app_info: + <<: *ise_login + filter: name.EQ.hyperwave-isp + register: nbar_app_filtered + + - name: Get Nbar App by id + cisco.ise.trustsec_nbar_app_info: + <<: *ise_login + id: "{{ nbar_app_filtered.ise_responses[0].id }}" + when: + - nbar_app_filtered is defined + - nbar_app_filtered.ise_responses is defined + - nbar_app_filtered.ise_responses | length > 0 + register: nbar_app_by_id + + - name: Print Nbar App by id + ansible.builtin.debug: + var: nbar_app_by_id + + - name: Create Nbar App duplicate + cisco.ise.trustsec_nbar_app: + <<: *ise_login + state: present + name: "{{ nbar_app_by_id.ise_response[0].name}}-2" + description: "{{ nbar_app_by_id.ise_response[0].description|int + 1 }}" + networkIdentities: + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].protocol }}" + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].protocol }}" + when: + - nbar_app_by_id is defined + - nbar_app_by_id.ise_response is defined + - nbar_app_by_id.ise_response | length == 1 + register: nbar_app_manage + + - name: Print Create Nbar + ansible.builtin.debug: + var: nbar_app_manage + + - name: Update Nbar App duplicate + cisco.ise.trustsec_nbar_app: + <<: *ise_login + state: present + name: "{{ nbar_app_by_id.ise_response[0].name}}-2" + description: "{{ nbar_app_by_id.ise_response[0].description|int + 1 }}" + networkIdentities: + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].ports|int +2 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].protocol }}" + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].ports|int +2 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].protocol }}" + when: + - nbar_app_by_id is defined + - nbar_app_by_id.ise_response is defined + - nbar_app_by_id.ise_response | length == 1 + register: nbar_app_manage + + - name: Print Update Nbar + ansible.builtin.debug: + var: nbar_app_manage + + - name: Delete Nbar App duplicate + cisco.ise.trustsec_nbar_app: + <<: *ise_login + state: absent + name: "{{ nbar_app_by_id.ise_response[0].name}}-2" + description: "{{ nbar_app_by_id.ise_response[0].description|int + 1 }}" + networkIdentities: + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].protocol }}" + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].protocol }}" + when: + - nbar_app_by_id is defined + - nbar_app_by_id.ise_response is defined + - nbar_app_by_id.ise_response | length == 1 + register: nbar_app_manage + + - name: "Print Delete Nbar" + ansible.builtin.debug: + var: nbar_app_manage diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_sg_vn_mapping.yml b/ansible_collections/cisco/ise/playbooks/trustsec_sg_vn_mapping.yml new file mode 100644 index 00000000..8dba781d --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_sg_vn_mapping.yml @@ -0,0 +1,81 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + - name: "Create VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + - name: "Create VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Create SG_VN_Mapping" + cisco.ise.trustsec_sg_vn_mapping: + <<: *ise_login + state: present + sgName: BYOD + vnName: vn1 + register: sg_vn_mapping_manage + + - name: "Print Create sg_vn_mapping_manage" + ansible.builtin.debug: + var: sg_vn_mapping_manage + + - name: "Get SG_VN_Mapping filtered" + cisco.ise.trustsec_sg_vn_mapping_info: + <<: *ise_login + filter: vnName.EQ.vn1,sgName.EQ.BYOD + register: sg_vn_mapping_filtered + + - name: "Print Get SG_VN_Mapping filtered" + ansible.builtin.debug: + var: sg_vn_mapping_filtered + + - name: "Delete SG_VN_Mapping" + cisco.ise.trustsec_sg_vn_mapping: + <<: *ise_login + state: absent + sgName: BYOD + vnName: vn1 + # id: "{{ sg_vn_mapping_filtered.ise_response[0].id }}" + when: + - sg_vn_mapping_filtered is defined + - sg_vn_mapping_filtered.ise_response is defined + - sg_vn_mapping_filtered.ise_response | length > 0 + register: sg_vn_mapping_manage + - name: "Print Delete sg_vn_mapping_manage" + ansible.builtin.debug: + var: sg_vn_mapping_manage + + - name: "Delete VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Delete VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_vn.yml b/ansible_collections/cisco/ise/playbooks/trustsec_vn.yml new file mode 100644 index 00000000..18197a71 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_vn.yml @@ -0,0 +1,90 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + # - name: '[Get Virtual Network]' + # cisco.ise.trustsec_vn_info: + # <<: *ise_login + # page: 1 + # size: 100 + # register: vn_all + + # - name: '[Print Virtual Network all]' + # ansible.builtin.debug: + # var: vn_all + + - name: "Get VN filtered by name" + cisco.ise.trustsec_vn_info: + <<: *ise_login + filter: name.EQ.vn1 + register: vn_filtered + + - name: "Create VN" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + when: + - vn_filtered is defined + - vn_filtered.ise_response is defined + - vn_filtered.ise_response | length == 0 + register: vn_manage + + - name: "Print Create Vn" + ansible.builtin.debug: + var: vn_manage + + - name: "Update Vn" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914", "Update": "1616962914"}' + when: + - vn_filtered is defined + - vn_filtered.ise_response is defined + - vn_filtered.ise_response | length > 0 + register: vn_manage + + - name: "Print Update VN" + ansible.builtin.debug: + var: vn_manage + + - name: "Get VN by id" + cisco.ise.trustsec_vn_info: + <<: *ise_login + id: "{{ vn_manage.ise_response.id }}" + when: + - vn_manage is defined + - vn_manage.ise_response is defined + register: vn_by_id + + - name: "Print VN by id" + ansible.builtin.debug: + var: vn_by_id + + - name: "Delete Vn" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn1 + additionalAttributes: '{"Created": "1616961914", "Update": "1616962914"}' + when: + - vn_filtered is defined + - vn_filtered.ise_response is defined + - vn_filtered.ise_response | length > 0 + register: vn_manage + + - name: "Print Delete VN" + ansible.builtin.debug: + var: vn_manage diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_vn_vlan_mapping.yml b/ansible_collections/cisco/ise/playbooks/trustsec_vn_vlan_mapping.yml new file mode 100644 index 00000000..583cd2b0 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_vn_vlan_mapping.yml @@ -0,0 +1,86 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + - name: "Create VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + - name: "Create VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Create VN_VLAN_Mapping" + cisco.ise.trustsec_vn_vlan_mapping: + <<: *ise_login + state: present + isData: true + isDefaultVlan: true + maxValue: 12 + name: vlan1 + vnName: vn1 + register: vn_vlan_mapping_manage + + - name: "Print Create vn_vlan_mapping_manage" + ansible.builtin.debug: + var: vn_vlan_mapping_manage + + - name: "Update VN_VLAN_Mapping" + cisco.ise.trustsec_vn_vlan_mapping: + <<: *ise_login + state: present + isData: true + isDefaultVlan: true + maxValue: 10 + name: vlan1 + vnName: vn1 + register: vn_vlan_mapping_manage + - name: "Print Update vn_vlan_mapping_manage" + ansible.builtin.debug: + var: vn_vlan_mapping_manage + + - name: "Delete VN_VLAN_Mapping" + cisco.ise.trustsec_vn_vlan_mapping: + <<: *ise_login + state: absent + isData: true + isDefaultVlan: true + maxValue: 10 + name: vlan1 + vnName: vn1 + register: vn_vlan_mapping_manage + - name: "Print Delete vn_vlan_mapping_manage" + ansible.builtin.debug: + var: vn_vlan_mapping_manage + + - name: "Delete VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Delete VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage diff --git a/ansible_collections/cisco/ise/playbooks/vars/device_administration_time_date_conditions.yml b/ansible_collections/cisco/ise/playbooks/vars/device_administration_time_date_conditions.yml new file mode 100644 index 00000000..b531eeb2 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/vars/device_administration_time_date_conditions.yml @@ -0,0 +1,16 @@ +--- +condition_type: TimeAndDateCondition +name: Test2 +hours_range_start_time: "22:02" +hours_range_end_time: "13:02" +hours_range_exception_start_time: "23:02" +hours_range_exception_end_time: "23:50" +dates_range_start_date: "2021-06-30" +dates_range_end_date: "2021-07-03" +dates_range_exception_start_date: "2021-06-30" +dates_range_exception_end_date: "2021-06-30" +week_days: + - Saturday + - Sunday +week_days_exception: + - Sunday diff --git a/ansible_collections/cisco/ise/plugins/action/aci_bindings_info.py b/ansible_collections/cisco/ise/plugins/action/aci_bindings_info.py new file mode 100644 index 00000000..53de0a3c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/aci_bindings_info.py @@ -0,0 +1,130 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filterBy=dict(type="list"), + filterValue=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter_by=params.get("filterBy"), + filter_value=params.get("filterValue"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + responses = [] + generator = ise.exec( + family="aci_bindings", + function='get_aci_bindings_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['ACIBindings'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/aci_settings.py b/ansible_collections/cisco/ise/plugins/action/aci_settings.py new file mode 100644 index 00000000..f0f25512 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/aci_settings.py @@ -0,0 +1,253 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + id=dict(type="str"), + enableAci=dict(type="bool"), + ipAddressHostName=dict(type="str"), + adminName=dict(type="str"), + adminPassword=dict(type="str"), + aciipaddress=dict(type="str"), + aciuserName=dict(type="str"), + acipassword=dict(type="str"), + tenantName=dict(type="str"), + l3RouteNetwork=dict(type="str"), + suffixToEpg=dict(type="str"), + suffixToSgt=dict(type="str"), + allSxpDomain=dict(type="bool"), + specificSxpDomain=dict(type="bool"), + specifixSxpDomainList=dict(type="list"), + enableDataPlane=dict(type="bool"), + untaggedPacketIepgName=dict(type="str"), + defaultSgtName=dict(type="str"), + enableElementsLimit=dict(type="bool"), + maxNumIepgFromAci=dict(type="int"), + maxNumSgtToAci=dict(type="int"), + aci50=dict(type="bool"), + aci51=dict(type="bool"), +)) + +required_if = [ + ("state", "present", ["id"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class AciSettings(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + enable_aci=params.get("enableAci"), + ip_address_host_name=params.get("ipAddressHostName"), + admin_name=params.get("adminName"), + admin_password=params.get("adminPassword"), + aciipaddress=params.get("aciipaddress"), + aciuser_name=params.get("aciuserName"), + acipassword=params.get("acipassword"), + tenant_name=params.get("tenantName"), + l3_route_network=params.get("l3RouteNetwork"), + suffix_to_epg=params.get("suffixToEpg"), + suffix_to_sgt=params.get("suffixToSgt"), + all_sxp_domain=params.get("allSxpDomain"), + specific_sxp_domain=params.get("specificSxpDomain"), + specifix_sxp_domain_list=params.get("specifixSxpDomainList"), + enable_data_plane=params.get("enableDataPlane"), + untagged_packet_iepg_name=params.get("untaggedPacketIepgName"), + default_sgt_name=params.get("defaultSgtName"), + enable_elements_limit=params.get("enableElementsLimit"), + max_num_iepg_from_aci=params.get("maxNumIepgFromAci"), + max_num_sgt_to_aci=params.get("maxNumSgtToAci"), + aci50=params.get("aci50"), + aci51=params.get("aci51"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="aci_settings", + function="get_aci_settings" + ).response['AciSettings'] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + try: + result = self.ise.exec( + family="aci_settings", + function="get_aci_settings", + handle_func_exception=False, + ).response['AciSettings'] + # result = get_dict_result(result, 'id', id) + except Exception as e: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("enableAci", "enable_aci"), + ("ipAddressHostName", "ip_address_host_name"), + ("adminName", "admin_name"), + ("adminPassword", "admin_password"), + ("aciipaddress", "aciipaddress"), + ("aciuserName", "aciuser_name"), + ("acipassword", "acipassword"), + ("tenantName", "tenant_name"), + ("l3RouteNetwork", "l3_route_network"), + ("suffixToEpg", "suffix_to_epg"), + ("suffixToSgt", "suffix_to_sgt"), + ("allSxpDomain", "all_sxp_domain"), + ("specificSxpDomain", "specific_sxp_domain"), + ("specifixSxpDomainList", "specifix_sxp_domain_list"), + ("enableDataPlane", "enable_data_plane"), + ("untaggedPacketIepgName", "untagged_packet_iepg_name"), + ("defaultSgtName", "default_sgt_name"), + ("enableElementsLimit", "enable_elements_limit"), + ("maxNumIepgFromAci", "max_num_iepg_from_aci"), + ("maxNumSgtToAci", "max_num_sgt_to_aci"), + ("aci50", "aci50"), + ("aci51", "aci51"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="aci_settings", + function="update_aci_settings_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = AciSettings(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/aci_settings_info.py b/ansible_collections/cisco/ise/plugins/action/aci_settings_info.py new file mode 100644 index 00000000..930fdb51 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/aci_settings_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="aci_settings", + function='get_aci_settings', + params=self.get_object(self._task.args) + ).response['AciSettings'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/aci_test_connectivity.py b/ansible_collections/cisco/ise/plugins/action/aci_test_connectivity.py new file mode 100644 index 00000000..60b95623 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/aci_test_connectivity.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="aci_settings", + function="test_aci_connectivity", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory.py b/ansible_collections/cisco/ise/plugins/action/active_directory.py new file mode 100644 index 00000000..0d2a18d7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory.py @@ -0,0 +1,233 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + domain=dict(type="str"), + enableDomainWhiteList=dict(type="bool"), + adgroups=dict(type="dict"), + advancedSettings=dict(type="dict"), + adAttributes=dict(type="dict"), + adScopesNames=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActiveDirectory(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + domain=params.get("domain"), + enable_domain_white_list=params.get("enableDomainWhiteList"), + adgroups=params.get("adgroups"), + advanced_settings=params.get("advancedSettings"), + ad_attributes=params.get("adAttributes"), + ad_scopes_names=params.get("adScopesNames"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="active_directory", + function="get_active_directory_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['ERSActiveDirectory'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="active_directory", + function="get_active_directory_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['ERSActiveDirectory'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + result = False + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("name", "name"), + ("description", "description"), + ("domain", "domain"), + ("enableDomainWhiteList", "enable_domain_white_list"), + ("adgroups", "adgroups"), + ("advancedSettings", "advanced_settings"), + ("adAttributes", "ad_attributes"), + ("adScopesNames", "ad_scopes_names"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="active_directory", + function="create_active_directory", + params=self.new_object, + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="active_directory", + function="delete_active_directory_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = ActiveDirectory(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + response = prev_obj + ise.object_present_and_different() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_add_groups.py b/ansible_collections/cisco/ise/plugins/action/active_directory_add_groups.py new file mode 100644 index 00000000..e6afb52d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_add_groups.py @@ -0,0 +1,104 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + domain=dict(type="str"), + enableDomainWhiteList=dict(type="bool"), + adgroups=dict(type="dict"), + advancedSettings=dict(type="dict"), + adAttributes=dict(type="dict"), + adScopesNames=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + domain=params.get("domain"), + enable_domain_white_list=params.get("enableDomainWhiteList"), + adgroups=params.get("adgroups"), + advanced_settings=params.get("advancedSettings"), + ad_attributes=params.get("adAttributes"), + ad_scopes_names=params.get("adScopesNames"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="active_directory", + function="load_groups_from_domain", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_groups_by_domain_info.py b/ansible_collections/cisco/ise/plugins/action/active_directory_groups_by_domain_info.py new file mode 100644 index 00000000..c303d3b7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_groups_by_domain_info.py @@ -0,0 +1,94 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + additionalData=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + additional_data=params.get("additionalData"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="active_directory", + function='get_groups_by_domain', + params=self.get_object(self._task.args) + ).response['ERSActiveDirectoryGroups'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_info.py b/ansible_collections/cisco/ise/plugins/action/active_directory_info.py new file mode 100644 index 00000000..673b0870 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="active_directory", + function='get_active_directory_by_id', + params=self.get_object(self._task.args) + ).response['ERSActiveDirectory'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="active_directory", + function='get_active_directory_by_name', + params=self.get_object(self._task.args) + ).response['ERSActiveDirectory'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="active_directory", + function='get_active_directory_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_is_user_member_of_group_info.py b/ansible_collections/cisco/ise/plugins/action/active_directory_is_user_member_of_group_info.py new file mode 100644 index 00000000..1134e7ba --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_is_user_member_of_group_info.py @@ -0,0 +1,94 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + additionalData=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + additional_data=params.get("additionalData"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="active_directory", + function='is_user_member_of_groups', + params=self.get_object(self._task.args) + ).response['ERSActiveDirectoryGroups'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_join_domain.py b/ansible_collections/cisco/ise/plugins/action/active_directory_join_domain.py new file mode 100644 index 00000000..8da2dfe8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_join_domain.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="active_directory", + function="join_domain", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_join_domain_with_all_nodes.py b/ansible_collections/cisco/ise/plugins/action/active_directory_join_domain_with_all_nodes.py new file mode 100644 index 00000000..3c597a0f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_join_domain_with_all_nodes.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="active_directory", + function="join_domain_with_all_nodes", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain.py b/ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain.py new file mode 100644 index 00000000..c3aa7c7e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="active_directory", + function="leave_domain", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain_with_all_nodes.py b/ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain_with_all_nodes.py new file mode 100644 index 00000000..56b8b3b2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_leave_domain_with_all_nodes.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="active_directory", + function="leave_domain_with_all_nodes", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_trusted_domains_info.py b/ansible_collections/cisco/ise/plugins/action/active_directory_trusted_domains_info.py new file mode 100644 index 00000000..1415f4ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_trusted_domains_info.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="active_directory", + function='get_trusted_domains', + params=self.get_object(self._task.args) + ).response['ERSActiveDirectoryDomains'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/active_directory_user_groups_info.py b/ansible_collections/cisco/ise/plugins/action/active_directory_user_groups_info.py new file mode 100644 index 00000000..262c9cd9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/active_directory_user_groups_info.py @@ -0,0 +1,94 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + additionalData=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + additional_data=params.get("additionalData"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="active_directory", + function='get_user_groups', + params=self.get_object(self._task.args) + ).response['ERSActiveDirectoryGroups'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/admin_user_info.py b/ansible_collections/cisco/ise/plugins/action/admin_user_info.py new file mode 100644 index 00000000..6ee351a3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/admin_user_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="admin_user", + function='get_admin_user_by_id', + params=self.get_object(self._task.args) + ).response['AdminUser'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="admin_user", + function='get_admin_users_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/allowed_protocols.py b/ansible_collections/cisco/ise/plugins/action/allowed_protocols.py new file mode 100644 index 00000000..eb9de9f6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/allowed_protocols.py @@ -0,0 +1,308 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + eapTls=dict(type="dict"), + peap=dict(type="dict"), + eapFast=dict(type="dict"), + eapTtls=dict(type="dict"), + teap=dict(type="dict"), + processHostLookup=dict(type="bool"), + allowPapAscii=dict(type="bool"), + allowChap=dict(type="bool"), + allowMsChapV1=dict(type="bool"), + allowMsChapV2=dict(type="bool"), + allowEapMd5=dict(type="bool"), + allowLeap=dict(type="bool"), + allowEapTls=dict(type="bool"), + allowEapTtls=dict(type="bool"), + allowEapFast=dict(type="bool"), + allowPeap=dict(type="bool"), + allowTeap=dict(type="bool"), + allowPreferredEapProtocol=dict(type="bool"), + preferredEapProtocol=dict(type="str"), + eapTlsLBit=dict(type="bool"), + allowWeakCiphersForEap=dict(type="bool"), + requireMessageAuth=dict(type="bool"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class AllowedProtocols(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + eap_tls=params.get("eapTls"), + peap=params.get("peap"), + eap_fast=params.get("eapFast"), + eap_ttls=params.get("eapTtls"), + teap=params.get("teap"), + process_host_lookup=params.get("processHostLookup"), + allow_pap_ascii=params.get("allowPapAscii"), + allow_chap=params.get("allowChap"), + allow_ms_chap_v1=params.get("allowMsChapV1"), + allow_ms_chap_v2=params.get("allowMsChapV2"), + allow_eap_md5=params.get("allowEapMd5"), + allow_leap=params.get("allowLeap"), + allow_eap_tls=params.get("allowEapTls"), + allow_eap_ttls=params.get("allowEapTtls"), + allow_eap_fast=params.get("allowEapFast"), + allow_peap=params.get("allowPeap"), + allow_teap=params.get("allowTeap"), + allow_preferred_eap_protocol=params.get("allowPreferredEapProtocol"), + preferred_eap_protocol=params.get("preferredEapProtocol"), + eap_tls_l_bit=params.get("eapTlsLBit"), + allow_weak_ciphers_for_eap=params.get("allowWeakCiphersForEap"), + require_message_auth=params.get("requireMessageAuth"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="allowed_protocols", + function="get_allowed_protocol_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['AllowedProtocols'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="allowed_protocols", + function="get_allowed_protocol_by_id", + handle_func_exception=False, + params={"id": id} + ).response['AllowedProtocols'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("eapTls", "eap_tls"), + ("peap", "peap"), + ("eapFast", "eap_fast"), + ("eapTtls", "eap_ttls"), + ("teap", "teap"), + ("processHostLookup", "process_host_lookup"), + ("allowPapAscii", "allow_pap_ascii"), + ("allowChap", "allow_chap"), + ("allowMsChapV1", "allow_ms_chap_v1"), + ("allowMsChapV2", "allow_ms_chap_v2"), + ("allowEapMd5", "allow_eap_md5"), + ("allowLeap", "allow_leap"), + ("allowEapTls", "allow_eap_tls"), + ("allowEapTtls", "allow_eap_ttls"), + ("allowEapFast", "allow_eap_fast"), + ("allowPeap", "allow_peap"), + ("allowTeap", "allow_teap"), + ("allowPreferredEapProtocol", "allow_preferred_eap_protocol"), + ("preferredEapProtocol", "preferred_eap_protocol"), + ("eapTlsLBit", "eap_tls_l_bit"), + ("allowWeakCiphersForEap", "allow_weak_ciphers_for_eap"), + ("requireMessageAuth", "require_message_auth"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="allowed_protocols", + function="create_allowed_protocol", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="allowed_protocols", + function="update_allowed_protocol_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="allowed_protocols", + function="delete_allowed_protocol_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = AllowedProtocols(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/allowed_protocols_info.py b/ansible_collections/cisco/ise/plugins/action/allowed_protocols_info.py new file mode 100644 index 00000000..00258f04 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/allowed_protocols_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="allowed_protocols", + function='get_allowed_protocol_by_id', + params=self.get_object(self._task.args) + ).response['AllowedProtocols'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="allowed_protocols", + function='get_allowed_protocol_by_name', + params=self.get_object(self._task.args) + ).response['AllowedProtocols'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="allowed_protocols", + function='get_allowed_protocols_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_endpoint_apply.py b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_apply.py new file mode 100644 index 00000000..e6b6b818 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_apply.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="anc_endpoint", + function="apply_anc_endpoint", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_monitor_status_info.py new file mode 100644 index 00000000..96e51ce6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="anc_endpoint", + function='monitor_bulk_status_anc_endpoint', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_request.py new file mode 100644 index 00000000..eb2dcb10 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="anc_endpoint", + function="bulk_request_for_anc_endpoint", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_endpoint_clear.py b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_clear.py new file mode 100644 index 00000000..696acc0c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_clear.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="anc_endpoint", + function="clear_anc_endpoint", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_endpoint_info.py b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_info.py new file mode 100644 index 00000000..69ccd3d4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_endpoint_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="anc_endpoint", + function='get_anc_endpoint_by_id', + params=self.get_object(self._task.args) + ).response['ErsAncEndpoint'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="anc_endpoint", + function='get_anc_endpoint_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_policy.py b/ansible_collections/cisco/ise/plugins/action/anc_policy.py new file mode 100644 index 00000000..d429c258 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_policy.py @@ -0,0 +1,242 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + actions=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class AncPolicy(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + actions=params.get("actions"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="anc_policy", + function="get_anc_policy_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['ErsAncPolicy'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="anc_policy", + function="get_anc_policy_by_id", + handle_func_exception=False, + params={"id": id} + ).response['ErsAncPolicy'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("actions", "actions"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="anc_policy", + function="create_anc_policy", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="anc_policy", + function="update_anc_policy_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="anc_policy", + function="delete_anc_policy_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = AncPolicy(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_monitor_status_info.py new file mode 100644 index 00000000..8815b1bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="anc_policy", + function='monitor_bulk_status_anc_policy', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_request.py new file mode 100644 index 00000000..bcd09421 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_policy_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="anc_policy", + function="bulk_request_for_anc_policy", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/anc_policy_info.py b/ansible_collections/cisco/ise/plugins/action/anc_policy_info.py new file mode 100644 index 00000000..aa54af4e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/anc_policy_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="anc_policy", + function='get_anc_policy_by_id', + params=self.get_object(self._task.args) + ).response['ErsAncPolicy'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="anc_policy", + function='get_anc_policy_by_name', + params=self.get_object(self._task.args) + ).response['ErsAncPolicy'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="anc_policy", + function='get_anc_policy_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/authorization_profile.py b/ansible_collections/cisco/ise/plugins/action/authorization_profile.py new file mode 100644 index 00000000..cdf71fdc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/authorization_profile.py @@ -0,0 +1,317 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + advancedAttributes=dict(type="list"), + accessType=dict(type="str"), + authzProfileType=dict(type="str"), + vlan=dict(type="dict"), + reauth=dict(type="dict"), + airespaceACL=dict(type="str"), + airespaceIPv6ACL=dict(type="str"), + webRedirection=dict(type="dict"), + acl=dict(type="str"), + trackMovement=dict(type="bool"), + agentlessPosture=dict(type="bool"), + serviceTemplate=dict(type="bool"), + easywiredSessionCandidate=dict(type="bool"), + daclName=dict(type="str"), + voiceDomainPermission=dict(type="bool"), + neat=dict(type="bool"), + webAuth=dict(type="bool"), + autoSmartPort=dict(type="str"), + interfaceTemplate=dict(type="str"), + ipv6ACLFilter=dict(type="str"), + avcProfile=dict(type="str"), + macSecPolicy=dict(type="str"), + asaVpn=dict(type="str"), + profileName=dict(type="str"), + ipv6DaclName=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class AuthorizationProfile(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + advanced_attributes=params.get("advancedAttributes"), + access_type=params.get("accessType"), + authz_profile_type=params.get("authzProfileType"), + vlan=params.get("vlan"), + reauth=params.get("reauth"), + airespace_acl=params.get("airespaceACL"), + airespace_ipv6_acl=params.get("airespaceIPv6ACL"), + web_redirection=params.get("webRedirection"), + acl=params.get("acl"), + track_movement=params.get("trackMovement"), + agentless_posture=params.get("agentlessPosture"), + service_template=params.get("serviceTemplate"), + easywired_session_candidate=params.get("easywiredSessionCandidate"), + dacl_name=params.get("daclName"), + voice_domain_permission=params.get("voiceDomainPermission"), + neat=params.get("neat"), + web_auth=params.get("webAuth"), + auto_smart_port=params.get("autoSmartPort"), + interface_template=params.get("interfaceTemplate"), + ipv6_acl_filter=params.get("ipv6ACLFilter"), + avc_profile=params.get("avcProfile"), + mac_sec_policy=params.get("macSecPolicy"), + asa_vpn=params.get("asaVpn"), + profile_name=params.get("profileName"), + ipv6_dacl_name=params.get("ipv6DaclName"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="authorization_profile", + function="get_authorization_profile_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['AuthorizationProfile'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="authorization_profile", + function="get_authorization_profile_by_id", + handle_func_exception=False, + params={"id": id} + ).response['AuthorizationProfile'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("name", "name"), + ("description", "description"), + ("advancedAttributes", "advanced_attributes"), + ("accessType", "access_type"), + ("authzProfileType", "authz_profile_type"), + ("vlan", "vlan"), + ("reauth", "reauth"), + ("airespaceACL", "airespace_acl"), + ("airespaceIPv6ACL", "airespace_ipv6_acl"), + ("webRedirection", "web_redirection"), + ("acl", "acl"), + ("trackMovement", "track_movement"), + ("agentlessPosture", "agentless_posture"), + ("serviceTemplate", "service_template"), + ("easywiredSessionCandidate", "easywired_session_candidate"), + ("daclName", "dacl_name"), + ("voiceDomainPermission", "voice_domain_permission"), + ("neat", "neat"), + ("webAuth", "web_auth"), + ("autoSmartPort", "auto_smart_port"), + ("interfaceTemplate", "interface_template"), + ("ipv6ACLFilter", "ipv6_acl_filter"), + ("avcProfile", "avc_profile"), + ("macSecPolicy", "mac_sec_policy"), + ("asaVpn", "asa_vpn"), + ("profileName", "profile_name"), + ("ipv6DaclName", "ipv6_dacl_name"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="authorization_profile", + function="create_authorization_profile", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="authorization_profile", + function="update_authorization_profile_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="authorization_profile", + function="delete_authorization_profile_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = AuthorizationProfile(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/authorization_profile_info.py b/ansible_collections/cisco/ise/plugins/action/authorization_profile_info.py new file mode 100644 index 00000000..da068f9d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/authorization_profile_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="authorization_profile", + function='get_authorization_profile_by_id', + params=self.get_object(self._task.args) + ).response['AuthorizationProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="authorization_profile", + function='get_authorization_profile_by_name', + params=self.get_object(self._task.args) + ).response['AuthorizationProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="authorization_profile", + function='get_authorization_profiles_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/backup_cancel.py b/ansible_collections/cisco/ise/plugins/action/backup_cancel.py new file mode 100644 index 00000000..2e27c32b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/backup_cancel.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="backup_and_restore", + function="cancel_backup", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/backup_config.py b/ansible_collections/cisco/ise/plugins/action/backup_config.py new file mode 100644 index 00000000..20b70a7c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/backup_config.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + backupEncryptionKey=dict(type="str"), + backupName=dict(type="str"), + repositoryName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + backup_encryption_key=params.get("backupEncryptionKey"), + backup_name=params.get("backupName"), + repository_name=params.get("repositoryName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="backup_and_restore", + function="config_backup", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/backup_last_status_info.py b/ansible_collections/cisco/ise/plugins/action/backup_last_status_info.py new file mode 100644 index 00000000..6befcecb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/backup_last_status_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="backup_and_restore", + function='get_last_config_backup_status', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/backup_restore.py b/ansible_collections/cisco/ise/plugins/action/backup_restore.py new file mode 100644 index 00000000..9898d6fe --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/backup_restore.py @@ -0,0 +1,94 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + backupEncryptionKey=dict(type="str"), + repositoryName=dict(type="str"), + restoreFile=dict(type="str"), + restoreIncludeAdeos=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + backup_encryption_key=params.get("backupEncryptionKey"), + repository_name=params.get("repositoryName"), + restore_file=params.get("restoreFile"), + restore_include_adeos=params.get("restoreIncludeAdeos"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="backup_and_restore", + function="restore_config_backup", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/backup_schedule_config.py b/ansible_collections/cisco/ise/plugins/action/backup_schedule_config.py new file mode 100644 index 00000000..c26acbfe --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/backup_schedule_config.py @@ -0,0 +1,108 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + backupDescription=dict(type="str"), + backupEncryptionKey=dict(type="str"), + backupName=dict(type="str"), + endDate=dict(type="str"), + frequency=dict(type="str"), + monthDay=dict(type="str"), + repositoryName=dict(type="str"), + startDate=dict(type="str"), + status=dict(type="str"), + time=dict(type="str"), + weekDay=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + backup_description=params.get("backupDescription"), + backup_encryption_key=params.get("backupEncryptionKey"), + backup_name=params.get("backupName"), + end_date=params.get("endDate"), + frequency=params.get("frequency"), + month_day=params.get("monthDay"), + repository_name=params.get("repositoryName"), + start_date=params.get("startDate"), + status=params.get("status"), + time=params.get("time"), + week_day=params.get("weekDay"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="backup_and_restore", + function="create_scheduled_config_backup", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/backup_schedule_config_update.py b/ansible_collections/cisco/ise/plugins/action/backup_schedule_config_update.py new file mode 100644 index 00000000..56aeec22 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/backup_schedule_config_update.py @@ -0,0 +1,108 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + backupDescription=dict(type="str"), + backupEncryptionKey=dict(type="str"), + backupName=dict(type="str"), + endDate=dict(type="str"), + frequency=dict(type="str"), + monthDay=dict(type="str"), + repositoryName=dict(type="str"), + startDate=dict(type="str"), + status=dict(type="str"), + time=dict(type="str"), + weekDay=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + backup_description=params.get("backupDescription"), + backup_encryption_key=params.get("backupEncryptionKey"), + backup_name=params.get("backupName"), + end_date=params.get("endDate"), + frequency=params.get("frequency"), + month_day=params.get("monthDay"), + repository_name=params.get("repositoryName"), + start_date=params.get("startDate"), + status=params.get("status"), + time=params.get("time"), + week_day=params.get("weekDay"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="backup_and_restore", + function="update_scheduled_config_backup", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/bind_signed_certificate.py b/ansible_collections/cisco/ise/plugins/action/bind_signed_certificate.py new file mode 100644 index 00000000..d247db93 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/bind_signed_certificate.py @@ -0,0 +1,120 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + admin=dict(type="bool"), + allowExtendedValidity=dict(type="bool"), + allowOutOfDateCert=dict(type="bool"), + allowReplacementOfCertificates=dict(type="bool"), + allowReplacementOfPortalGroupTag=dict(type="bool"), + data=dict(type="str"), + eap=dict(type="bool"), + hostName=dict(type="str"), + id=dict(type="str"), + ims=dict(type="bool"), + name=dict(type="str"), + portal=dict(type="bool"), + portalGroupTag=dict(type="str"), + pxgrid=dict(type="bool"), + radius=dict(type="bool"), + saml=dict(type="bool"), + validateCertificateExtensions=dict(type="bool"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + admin=params.get("admin"), + allow_extended_validity=params.get("allowExtendedValidity"), + allow_out_of_date_cert=params.get("allowOutOfDateCert"), + allow_replacement_of_certificates=params.get("allowReplacementOfCertificates"), + allow_replacement_of_portal_group_tag=params.get("allowReplacementOfPortalGroupTag"), + data=params.get("data"), + eap=params.get("eap"), + host_name=params.get("hostName"), + id=params.get("id"), + ims=params.get("ims"), + name=params.get("name"), + portal=params.get("portal"), + portal_group_tag=params.get("portalGroupTag"), + pxgrid=params.get("pxgrid"), + radius=params.get("radius"), + saml=params.get("saml"), + validate_certificate_extensions=params.get("validateCertificateExtensions"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="bind_csr", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/byod_portal.py b/ansible_collections/cisco/ise/plugins/action/byod_portal.py new file mode 100644 index 00000000..4de9abd9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/byod_portal.py @@ -0,0 +1,270 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + portalType=dict(type="str"), + portalTestUrl=dict(type="str"), + settings=dict(type="dict"), + customizations=dict(type="dict"), +)) + +required_if = [ + ("state", "present", ["id", "name", "settings"], True), + ("state", "absent", ["id", "name", "settings"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ByodPortal(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + portal_type=params.get("portalType"), + portal_test_url=params.get("portalTestUrl"), + settings=params.get("settings"), + customizations=params.get("customizations"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="byod_portal", + function="get_byod_portal_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="byod_portal", + function="get_byod_portal_by_id", + handle_func_exception=False, + params={"id": id} + ).response['BYODPortal'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("name", "name"), + ("description", "description"), + ("portalType", "portal_type"), + ("portalTestUrl", "portal_test_url"), + ("settings", "settings"), + ("customizations", "customizations"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="byod_portal", + function="create_byod_portal", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="byod_portal", + function="update_byod_portal_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="byod_portal", + function="delete_byod_portal_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = ByodPortal(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/byod_portal_info.py b/ansible_collections/cisco/ise/plugins/action/byod_portal_info.py new file mode 100644 index 00000000..ba4017d9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/byod_portal_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="byod_portal", + function='get_byod_portal_by_id', + params=self.get_object(self._task.args) + ).response['BYODPortal'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="byod_portal", + function='get_byod_portal_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/certificate_profile.py b/ansible_collections/cisco/ise/plugins/action/certificate_profile.py new file mode 100644 index 00000000..a6c13c28 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/certificate_profile.py @@ -0,0 +1,232 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + externalIdentityStoreName=dict(type="str"), + certificateAttributeName=dict(type="str"), + allowedAsUserName=dict(type="bool"), + matchMode=dict(type="str"), + usernameFrom=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class CertificateProfile(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + external_identity_store_name=params.get("externalIdentityStoreName"), + certificate_attribute_name=params.get("certificateAttributeName"), + allowed_as_user_name=params.get("allowedAsUserName"), + match_mode=params.get("matchMode"), + username_from=params.get("usernameFrom"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="certificate_profile", + function="get_certificate_profile_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['CertificateProfile'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="certificate_profile", + function="get_certificate_profile_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['CertificateProfile'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + result = False + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("name", "name"), + ("description", "description"), + ("externalIdentityStoreName", "external_identity_store_name"), + ("certificateAttributeName", "certificate_attribute_name"), + ("allowedAsUserName", "allowed_as_user_name"), + ("matchMode", "match_mode"), + ("usernameFrom", "username_from"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="certificate_profile", + function="create_certificate_profile", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="certificate_profile", + function="update_certificate_profile_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = CertificateProfile(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/certificate_profile_info.py b/ansible_collections/cisco/ise/plugins/action/certificate_profile_info.py new file mode 100644 index 00000000..20505ace --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/certificate_profile_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="certificate_profile", + function='get_certificate_profile_by_id', + params=self.get_object(self._task.args) + ).response['CertificateProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="certificate_profile", + function='get_certificate_profile_by_name', + params=self.get_object(self._task.args) + ).response['CertificateProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="certificate_profile", + function='get_certificate_profile_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/certificate_template_info.py b/ansible_collections/cisco/ise/plugins/action/certificate_template_info.py new file mode 100644 index 00000000..2d0bab58 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/certificate_template_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="certificate_template", + function='get_certificate_template_by_id', + params=self.get_object(self._task.args) + ).response['ERSCertificateTemplate'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="certificate_template", + function='get_certificate_template_by_name', + params=self.get_object(self._task.args) + ).response['ERSCertificateTemplate'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="certificate_template", + function='get_certificate_template_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/csr_delete.py b/ansible_collections/cisco/ise/plugins/action/csr_delete.py new file mode 100644 index 00000000..6c0a2f6d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/csr_delete.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostName=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + host_name=params.get("hostName"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="delete_csr_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/csr_export_info.py b/ansible_collections/cisco/ise/plugins/action/csr_export_info.py new file mode 100644 index 00000000..16e74b49 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/csr_export_info.py @@ -0,0 +1,112 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), + id=dict(type="str"), + dirPath=dict(type="str"), + saveFile=dict(type="bool"), + filename=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + id=params.get("id"), + dirpath=params.get("dirPath"), + save_file=params.get("saveFile"), + filename=params.get("filename"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("filename") + if id: + download_response = ise.exec( + family="certificates", + function='export_csr', + params=self.get_object(self._task.args) + ) + response = dict( + data=download_response.data.decode(encoding='utf-8'), + filename=download_response.filename, + dirpath=download_response.dirpath, + path=download_response.path, + ) + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/csr_generate.py b/ansible_collections/cisco/ise/plugins/action/csr_generate.py new file mode 100644 index 00000000..8c1d62d6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/csr_generate.py @@ -0,0 +1,122 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + allowWildCardCert=dict(type="bool"), + certificatePolicies=dict(type="str"), + digestType=dict(type="str"), + hostnames=dict(type="list"), + keyLength=dict(type="str"), + keyType=dict(type="str"), + portalGroupTag=dict(type="str"), + sanDNS=dict(type="list"), + sanDir=dict(type="list"), + sanIP=dict(type="list"), + sanURI=dict(type="list"), + subjectCity=dict(type="str"), + subjectCommonName=dict(type="str"), + subjectCountry=dict(type="str"), + subjectOrg=dict(type="str"), + subjectOrgUnit=dict(type="str"), + subjectState=dict(type="str"), + usedFor=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + allow_wild_card_cert=params.get("allowWildCardCert"), + certificate_policies=params.get("certificatePolicies"), + digest_type=params.get("digestType"), + hostnames=params.get("hostnames"), + key_length=params.get("keyLength"), + key_type=params.get("keyType"), + portal_group_tag=params.get("portalGroupTag"), + san_dns=params.get("sanDNS"), + san_dir=params.get("sanDir"), + san_ip=params.get("sanIP"), + san_uri=params.get("sanURI"), + subject_city=params.get("subjectCity"), + subject_common_name=params.get("subjectCommonName"), + subject_country=params.get("subjectCountry"), + subject_org=params.get("subjectOrg"), + subject_org_unit=params.get("subjectOrgUnit"), + subject_state=params.get("subjectState"), + used_for=params.get("usedFor"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="generate_csr", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/csr_generate_intermediate_ca.py b/ansible_collections/cisco/ise/plugins/action/csr_generate_intermediate_ca.py new file mode 100644 index 00000000..50eeb940 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/csr_generate_intermediate_ca.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="generate_intermediate_ca_csr", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/csr_info.py b/ansible_collections/cisco/ise/plugins/action/csr_info.py new file mode 100644 index 00000000..028e2f31 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/csr_info.py @@ -0,0 +1,143 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), + hostName=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + host_name=params.get("hostName"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("hostName") + if id: + response = ise.exec( + family="certificates", + function='get_csr_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="certificates", + function='get_csrs_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['response'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/deployment_info.py b/ansible_collections/cisco/ise/plugins/action/deployment_info.py new file mode 100644 index 00000000..206b6673 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/deployment_info.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + timeout=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + timeout=params.get("timeout"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="pull_deployment_info", + function='get_deployment_info', + params=self.get_object(self._task.args) + ).response['ERSDeploymentInfo'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_reset_hitcount.py new file mode 100644 index 00000000..02e4e34a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_reset_hitcount.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="device_administration_authentication_rules", + function="reset_hit_counts_device_admin_authentication_rules", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules.py b/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules.py new file mode 100644 index 00000000..8ef7ec09 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules.py @@ -0,0 +1,269 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + identitySourceName=dict(type="str"), + ifAuthFail=dict(type="str"), + ifProcessFail=dict(type="str"), + ifUserNotFound=dict(type="str"), + link=dict(type="dict"), + rule=dict(type="dict"), + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "present", ["policyId"], True), + ("state", "absent", ["id", "rule"], True), + ("state", "absent", ["policyId"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationAuthenticationRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + identity_source_name=params.get("identitySourceName"), + if_auth_fail=params.get("ifAuthFail"), + if_process_fail=params.get("ifProcessFail"), + if_user_not_found=params.get("ifUserNotFound"), + link=params.get("link"), + rule=params.get("rule"), + policy_id=params.get("policyId"), + id=params.get("id"), + ) + + def get_object_by_name(self, name, policy_id): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="device_administration_authentication_rules", + function="get_device_admin_authentication_rules", + params={"policy_id": policy_id} + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id, policy_id): + try: + result = self.ise.exec( + family="device_administration_authentication_rules", + function="get_device_admin_authentication_rule_by_id", + handle_func_exception=False, + params={"id": id, "policy_id": policy_id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + policy_id = self.new_object.get("policy_id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id, policy_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name, policy_id) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id, policy_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("identitySourceName", "identity_source_name"), + ("ifAuthFail", "if_auth_fail"), + ("ifProcessFail", "if_process_fail"), + ("ifUserNotFound", "if_user_not_found"), + ("link", "link"), + ("rule", "rule"), + ("policyId", "policy_id"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_authentication_rules", + function="create_device_admin_authentication_rule", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authentication_rules", + function="update_device_admin_authentication_rule_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authentication_rules", + function="delete_device_admin_authentication_rule_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationAuthenticationRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules_info.py new file mode 100644 index 00000000..ff175ae6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_authentication_rules_info.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_authentication_rules", + function='get_device_admin_authentication_rule_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_authentication_rules", + function='get_device_admin_authentication_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_reset_hitcount.py new file mode 100644 index 00000000..029a324d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_reset_hitcount.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="device_administration_authorization_rules", + function="reset_hit_counts_device_admin_authorization_rules", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules.py b/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules.py new file mode 100644 index 00000000..c1a42a95 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules.py @@ -0,0 +1,263 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + commands=dict(type="list"), + link=dict(type="dict"), + profile=dict(type="str"), + rule=dict(type="dict"), + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "present", ["policyId"], True), + ("state", "absent", ["id", "rule"], True), + ("state", "absent", ["policyId"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationAuthorizationRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + commands=params.get("commands"), + link=params.get("link"), + profile=params.get("profile"), + rule=params.get("rule"), + policy_id=params.get("policyId"), + id=params.get("id"), + ) + + def get_object_by_name(self, name, policy_id): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="device_administration_authorization_rules", + function="get_device_admin_authorization_rules", + params={"policy_id": policy_id} + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id, policy_id): + try: + result = self.ise.exec( + family="device_administration_authorization_rules", + function="get_device_admin_authorization_rule_by_id", + handle_func_exception=False, + params={"id": id, "policy_id": policy_id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + policy_id = self.new_object.get("policy_id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id, policy_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name, policy_id) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id, policy_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("commands", "commands"), + ("link", "link"), + ("profile", "profile"), + ("rule", "rule"), + ("policyId", "policy_id"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_authorization_rules", + function="create_device_admin_authorization_rule", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authorization_rules", + function="update_device_admin_authorization_rule_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authorization_rules", + function="delete_device_admin_authorization_rule_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationAuthorizationRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules_info.py new file mode 100644 index 00000000..dffaf212 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_authorization_rules_info.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_authorization_rules", + function='get_device_admin_authorization_rule_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_authorization_rules", + function='get_device_admin_authorization_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_command_set_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_command_set_info.py new file mode 100644 index 00000000..e6adeda1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_command_set_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_command_set", + function='get_device_admin_command_sets', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_conditions.py b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions.py new file mode 100644 index 00000000..97df92d6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions.py @@ -0,0 +1,287 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + conditionType=dict(type="str"), + isNegate=dict(type="bool"), + link=dict(type="dict"), + description=dict(type="str"), + id=dict(type="str"), + name=dict(type="str"), + attributeName=dict(type="str"), + attributeValue=dict(type="str"), + dictionaryName=dict(type="str"), + dictionaryValue=dict(type="str"), + operator=dict(type="str"), + children=dict(type="list"), + datesRange=dict(type="dict"), + datesRangeException=dict(type="dict"), + hoursRange=dict(type="dict"), + hoursRangeException=dict(type="dict"), + weekDays=dict(type="list"), + weekDaysException=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationConditions(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition_type=params.get("conditionType"), + is_negate=params.get("isNegate"), + link=params.get("link"), + description=params.get("description"), + id=params.get("id"), + name=params.get("name"), + attribute_name=params.get("attributeName"), + attribute_value=params.get("attributeValue"), + dictionary_name=params.get("dictionaryName"), + dictionary_value=params.get("dictionaryValue"), + operator=params.get("operator"), + children=params.get("children"), + dates_range=params.get("datesRange"), + dates_range_exception=params.get("datesRangeException"), + hours_range=params.get("hoursRange"), + hours_range_exception=params.get("hoursRangeException"), + week_days=params.get("weekDays"), + week_days_exception=params.get("weekDaysException"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="device_administration_conditions", + function="get_device_admin_condition_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="device_administration_conditions", + function="get_device_admin_condition_by_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("conditionType", "condition_type"), + ("isNegate", "is_negate"), + ("link", "link"), + ("description", "description"), + ("id", "id"), + ("name", "name"), + ("attributeName", "attribute_name"), + ("attributeValue", "attribute_value"), + ("dictionaryName", "dictionary_name"), + ("dictionaryValue", "dictionary_value"), + ("operator", "operator"), + ("children", "children"), + ("datesRange", "dates_range"), + ("datesRangeException", "dates_range_exception"), + ("hoursRange", "hours_range"), + ("hoursRangeException", "hours_range_exception"), + ("weekDays", "week_days"), + ("weekDaysException", "week_days_exception"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_conditions", + function="create_device_admin_condition", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="device_administration_conditions", + function="update_device_admin_condition_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="device_administration_conditions", + function="update_device_admin_condition_by_name", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="device_administration_conditions", + function="delete_device_admin_condition_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="device_administration_conditions", + function="delete_device_admin_condition_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationConditions(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authentication_rule_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authentication_rule_info.py new file mode 100644 index 00000000..443fa6b6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authentication_rule_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_conditions", + function='get_device_admin_conditions_for_authentication_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authorization_rule_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authorization_rule_info.py new file mode 100644 index 00000000..39ec5bf9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_authorization_rule_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_conditions", + function='get_device_admin_conditions_for_authorization_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_policy_set_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_policy_set_info.py new file mode 100644 index 00000000..84a3b83e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_for_policy_set_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_conditions", + function='get_device_admin_conditions_for_policy_sets', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_info.py new file mode 100644 index 00000000..4277903c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_conditions_info.py @@ -0,0 +1,112 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_conditions", + function='get_device_admin_condition_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="device_administration_conditions", + function='get_device_admin_condition_by_name', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_conditions", + function='get_device_admin_conditions', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authentication_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authentication_info.py new file mode 100644 index 00000000..56a7137b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authentication_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_dictionary_attributes_list", + function='get_device_admin_dictionaries_authentication', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authorization_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authorization_info.py new file mode 100644 index 00000000..07606e5a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_authorization_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_dictionary_attributes_list", + function='get_device_admin_dictionaries_authorization', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_policy_set_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_policy_set_info.py new file mode 100644 index 00000000..eba17605 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_dictionary_attributes_policy_set_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_dictionary_attributes_list", + function='get_device_admin_dictionaries_policy_set', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules.py b/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules.py new file mode 100644 index 00000000..895c4c6e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules.py @@ -0,0 +1,254 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + commands=dict(type="list"), + link=dict(type="dict"), + profile=dict(type="str"), + rule=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "absent", ["id", "rule"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationGlobalExceptionRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + commands=params.get("commands"), + link=params.get("link"), + profile=params.get("profile"), + rule=params.get("rule"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="device_administration_authorization_global_exception_rules", + function="get_device_admin_policy_set_global_exception_rules", + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="device_administration_authorization_global_exception_rules", + function="get_device_admin_policy_set_global_exception_by_rule_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("commands", "commands"), + ("link", "link"), + ("profile", "profile"), + ("rule", "rule"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_authorization_global_exception_rules", + function="create_device_admin_policy_set_global_exception", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + result = None + if not id: + id_ = self.get_object_by_name(name).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authorization_global_exception_rules", + function="update_device_admin_policy_set_global_exception_by_rule_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + result = None + if not id: + id_ = self.get_object_by_name(name).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authorization_global_exception_rules", + function="delete_device_admin_policy_set_global_exception_by_rule_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationGlobalExceptionRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_info.py new file mode 100644 index 00000000..3bda0eb0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_authorization_global_exception_rules", + function='get_device_admin_policy_set_global_exception_by_rule_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_authorization_global_exception_rules", + function='get_device_admin_policy_set_global_exception_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..494b4aeb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_global_exception_rules_reset_hitcount.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="device_administration_authorization_global_exception_rules", + function="reset_hit_counts_device_admin_global_exceptions", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_identity_stores_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_identity_stores_info.py new file mode 100644 index 00000000..e636a01f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_identity_stores_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_identity_stores", + function='get_device_admin_identity_stores', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules.py b/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules.py new file mode 100644 index 00000000..570495d8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules.py @@ -0,0 +1,263 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + commands=dict(type="list"), + link=dict(type="dict"), + profile=dict(type="str"), + rule=dict(type="dict"), + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "present", ["policyId"], True), + ("state", "absent", ["id", "rule"], True), + ("state", "absent", ["policyId"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationLocalExceptionRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + commands=params.get("commands"), + link=params.get("link"), + profile=params.get("profile"), + rule=params.get("rule"), + policy_id=params.get("policyId"), + id=params.get("id"), + ) + + def get_object_by_name(self, name, policy_id): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="device_administration_authorization_exception_rules", + function="get_device_admin_local_exception_rules", + params={"policy_id": policy_id} + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id, policy_id): + try: + result = self.ise.exec( + family="device_administration_authorization_exception_rules", + function="get_device_admin_local_exception_rule_by_id", + handle_func_exception=False, + params={"id": id, "policy_id": policy_id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + policy_id = self.new_object.get("policy_id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id, policy_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name, policy_id) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id, policy_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("commands", "commands"), + ("link", "link"), + ("profile", "profile"), + ("rule", "rule"), + ("policyId", "policy_id"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_authorization_exception_rules", + function="create_device_admin_local_exception_rule", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authorization_exception_rules", + function="update_device_admin_local_exception_rule_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="device_administration_authorization_exception_rules", + function="delete_device_admin_local_exception_rule_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationLocalExceptionRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_info.py new file mode 100644 index 00000000..71dbfce7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_info.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_authorization_exception_rules", + function='get_device_admin_local_exception_rule_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_authorization_exception_rules", + function='get_device_admin_local_exception_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..ce1b7887 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_local_exception_rules_reset_hitcount.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="device_administration_authorization_exception_rules", + function="reset_hit_counts_device_admin_local_exceptions", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions.py b/ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions.py new file mode 100644 index 00000000..502b5b6c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions.py @@ -0,0 +1,241 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + conditionType=dict(type="str"), + description=dict(type="str"), + id=dict(type="str"), + link=dict(type="dict"), + name=dict(type="str"), + conditions=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationNetworkConditions(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition_type=params.get("conditionType"), + description=params.get("description"), + id=params.get("id"), + link=params.get("link"), + name=params.get("name"), + conditions=params.get("conditions"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="device_administration_network_conditions", + function="get_device_admin_network_conditions", + ).response.get('response', []) or [] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="device_administration_network_conditions", + function="get_device_admin_network_condition_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("conditionType", "condition_type"), + ("description", "description"), + ("id", "id"), + ("link", "link"), + ("name", "name"), + ("conditions", "conditions"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_network_conditions", + function="create_device_admin_network_condition", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="device_administration_network_conditions", + function="update_device_admin_network_condition_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="device_administration_network_conditions", + function="delete_device_admin_network_condition_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationNetworkConditions(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions_info.py new file mode 100644 index 00000000..f04e2979 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_network_conditions_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_network_conditions", + function='get_device_admin_network_condition_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_network_conditions", + function='get_device_admin_network_conditions', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set.py b/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set.py new file mode 100644 index 00000000..23eb54ef --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set.py @@ -0,0 +1,256 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + condition=dict(type="dict"), + default=dict(type="bool"), + description=dict(type="str"), + hitCounts=dict(type="int"), + id=dict(type="str"), + isProxy=dict(type="bool"), + link=dict(type="dict"), + name=dict(type="str"), + rank=dict(type="int"), + serviceName=dict(type="str"), + state_=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationPolicySet(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition=params.get("condition"), + default=params.get("default"), + description=params.get("description"), + hit_counts=params.get("hitCounts"), + id=params.get("id"), + is_proxy=params.get("isProxy"), + link=params.get("link"), + name=params.get("name"), + rank=params.get("rank"), + service_name=params.get("serviceName"), + state=params.get("state_"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="device_administration_policy_set", + function="get_device_admin_policy_sets", + ).response.get('response', []) or [] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="device_administration_policy_set", + function="get_device_admin_policy_set_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("condition", "condition"), + ("default", "default"), + ("description", "description"), + ("hitCounts", "hit_counts"), + ("id", "id"), + ("isProxy", "is_proxy"), + ("link", "link"), + ("name", "name"), + ("rank", "rank"), + ("serviceName", "service_name"), + ("state_", "state"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_policy_set", + function="create_device_admin_policy_set", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="device_administration_policy_set", + function="update_device_admin_policy_set_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="device_administration_policy_set", + function="delete_device_admin_policy_set_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationPolicySet(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_info.py new file mode 100644 index 00000000..b344da3f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_policy_set", + function='get_device_admin_policy_set_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_policy_set", + function='get_device_admin_policy_sets', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_reset_hitcount.py new file mode 100644 index 00000000..8c4ca8e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_policy_set_reset_hitcount.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="device_administration_policy_set", + function="reset_hit_counts_device_admin_policy_sets", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_profiles_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_profiles_info.py new file mode 100644 index 00000000..406618fd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_profiles_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_profiles", + function='get_device_admin_profiles', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_service_names_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_service_names_info.py new file mode 100644 index 00000000..020515c1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_service_names_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="device_administration_service_names", + function='get_device_admin_service_names', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions.py b/ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions.py new file mode 100644 index 00000000..35431f36 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions.py @@ -0,0 +1,277 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + conditionType=dict(type="str"), + isNegate=dict(type="bool"), + link=dict(type="dict"), + description=dict(type="str"), + id=dict(type="str"), + name=dict(type="str"), + attributeName=dict(type="str"), + attributeValue=dict(type="str"), + dictionaryName=dict(type="str"), + dictionaryValue=dict(type="str"), + operator=dict(type="str"), + children=dict(type="list"), + datesRange=dict(type="dict"), + datesRangeException=dict(type="dict"), + hoursRange=dict(type="dict"), + hoursRangeException=dict(type="dict"), + weekDays=dict(type="list"), + weekDaysException=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DeviceAdministrationTimeDateConditions(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition_type=params.get("conditionType"), + is_negate=params.get("isNegate"), + link=params.get("link"), + description=params.get("description"), + id=params.get("id"), + name=params.get("name"), + attribute_name=params.get("attributeName"), + attribute_value=params.get("attributeValue"), + dictionary_name=params.get("dictionaryName"), + dictionary_value=params.get("dictionaryValue"), + operator=params.get("operator"), + children=params.get("children"), + dates_range=params.get("datesRange"), + dates_range_exception=params.get("datesRangeException"), + hours_range=params.get("hoursRange"), + hours_range_exception=params.get("hoursRangeException"), + week_days=params.get("weekDays"), + week_days_exception=params.get("weekDaysException"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="device_administration_time_date_conditions", + function="get_device_admin_time_conditions", + ).response.get('response', []) or [] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="device_administration_time_date_conditions", + function="get_device_admin_time_condition_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("conditionType", "condition_type"), + ("isNegate", "is_negate"), + ("link", "link"), + ("description", "description"), + ("id", "id"), + ("name", "name"), + ("attributeName", "attribute_name"), + ("attributeValue", "attribute_value"), + ("dictionaryName", "dictionary_name"), + ("dictionaryValue", "dictionary_value"), + ("operator", "operator"), + ("children", "children"), + ("datesRange", "dates_range"), + ("datesRangeException", "dates_range_exception"), + ("hoursRange", "hours_range"), + ("hoursRangeException", "hours_range_exception"), + ("weekDays", "week_days"), + ("weekDaysException", "week_days_exception"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="device_administration_time_date_conditions", + function="create_device_admin_time_condition", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="device_administration_time_date_conditions", + function="update_device_admin_time_condition_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="device_administration_time_date_conditions", + function="delete_device_admin_time_condition_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DeviceAdministrationTimeDateConditions(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions_info.py b/ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions_info.py new file mode 100644 index 00000000..3e8bfad3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/device_administration_time_date_conditions_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="device_administration_time_date_conditions", + function='get_device_admin_time_condition_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="device_administration_time_date_conditions", + function='get_device_admin_time_conditions', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/downloadable_acl.py b/ansible_collections/cisco/ise/plugins/action/downloadable_acl.py new file mode 100644 index 00000000..d4a8bf43 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/downloadable_acl.py @@ -0,0 +1,264 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + dacl=dict(type="str"), + daclType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class DownloadableAcl(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + dacl=params.get("dacl"), + dacl_type=params.get("daclType"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + gen_items_responses = self.ise.exec( + family="downloadable_acl", + function="get_downloadable_acl_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="downloadable_acl", + function="get_downloadable_acl_by_id", + handle_func_exception=False, + params={"id": id} + ).response['DownloadableAcl'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("dacl", "dacl"), + ("daclType", "dacl_type"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="downloadable_acl", + function="create_downloadable_acl", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="downloadable_acl", + function="update_downloadable_acl_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="downloadable_acl", + function="delete_downloadable_acl_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = DownloadableAcl(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/downloadable_acl_info.py b/ansible_collections/cisco/ise/plugins/action/downloadable_acl_info.py new file mode 100644 index 00000000..8852b8b4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/downloadable_acl_info.py @@ -0,0 +1,133 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="downloadable_acl", + function='get_downloadable_acl_by_id', + params=self.get_object(self._task.args) + ).response['DownloadableAcl'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="downloadable_acl", + function='get_downloadable_acl_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell.py b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell.py new file mode 100644 index 00000000..42f4b0d2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell.py @@ -0,0 +1,273 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + sourceSgtId=dict(type="str"), + destinationSgtId=dict(type="str"), + matrixCellStatus=dict(type="str"), + defaultRule=dict(type="str"), + sgacls=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class EgressMatrixCell(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + source_sgt_id=params.get("sourceSgtId"), + destination_sgt_id=params.get("destinationSgtId"), + matrix_cell_status=params.get("matrixCellStatus"), + default_rule=params.get("defaultRule"), + sgacls=params.get("sgacls"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="egress_matrix_cell", + function="get_egress_matrix_cell_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="egress_matrix_cell", + function="get_egress_matrix_cell_by_id", + handle_func_exception=False, + params={"id": id} + ).response['EgressMatrixCell'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("sourceSgtId", "source_sgt_id"), + ("destinationSgtId", "destination_sgt_id"), + ("matrixCellStatus", "matrix_cell_status"), + ("defaultRule", "default_rule"), + ("sgacls", "sgacls"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="egress_matrix_cell", + function="create_egress_matrix_cell", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="egress_matrix_cell", + function="update_egress_matrix_cell_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="egress_matrix_cell", + function="delete_egress_matrix_cell_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = EgressMatrixCell(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_monitor_status_info.py new file mode 100644 index 00000000..b64520c5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="egress_matrix_cell", + function='monitor_bulk_status_egress_matrix_cell', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_request.py new file mode 100644 index 00000000..5d4b889d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="egress_matrix_cell", + function="bulk_request_for_egress_matrix_cell", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clear_all.py b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clear_all.py new file mode 100644 index 00000000..d0f567c5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clear_all.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="egress_matrix_cell", + function="clear_all_matrix_cells", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clone.py b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clone.py new file mode 100644 index 00000000..46f78289 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_clone.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + srcSgtId=dict(type="str"), + dstSgtId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + src_sgt_id=params.get("srcSgtId"), + dst_sgt_id=params.get("dstSgtId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="egress_matrix_cell", + function="clone_matrix_cell", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_info.py b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_info.py new file mode 100644 index 00000000..0a903b42 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="egress_matrix_cell", + function='get_egress_matrix_cell_by_id', + params=self.get_object(self._task.args) + ).response['EgressMatrixCell'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="egress_matrix_cell", + function='get_egress_matrix_cell_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_set_all_status.py b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_set_all_status.py new file mode 100644 index 00000000..6e51eb94 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/egress_matrix_cell_set_all_status.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + status=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + status=params.get("status"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="egress_matrix_cell", + function="set_all_cells_status", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint.py b/ansible_collections/cisco/ise/plugins/action/endpoint.py new file mode 100644 index 00000000..b8526e70 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint.py @@ -0,0 +1,275 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +import re +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + description=dict(type="str"), + mac=dict(type="str"), + profileId=dict(type="str"), + staticProfileAssignment=dict(type="bool"), + groupId=dict(type="str"), + staticGroupAssignment=dict(type="bool"), + portalUser=dict(type="str"), + identityStore=dict(type="str"), + identityStoreId=dict(type="str"), + mdmAttributes=dict(type="dict"), + customAttributes=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "mac"], True), + ("state", "absent", ["id", "mac"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class Endpoint(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + description=params.get("description"), + mac=params.get("mac"), + profile_id=params.get("profileId"), + static_profile_assignment=params.get("staticProfileAssignment"), + group_id=params.get("groupId"), + static_group_assignment=params.get("staticGroupAssignment"), + portal_user=params.get("portalUser"), + identity_store=params.get("identityStore"), + identity_store_id=params.get("identityStoreId"), + mdm_attributes=params.get("mdmAttributes"), + custom_attributes=params.get("customAttributes"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="endpoint", + function="get_endpoint_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['ERSEndPoint'] + result["name"] = re.sub("[-:.]", "", result.get("name")).lower() + result["mac"] = re.sub("[-:.]", "", result.get("mac")).lower() + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="endpoint", + function="get_endpoint_by_id", + handle_func_exception=False, + params={"id": id} + ).response['ERSEndPoint'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("mac") + if name: + name = re.sub("[-:.]", "", name).lower() + self.new_object.update(dict(mac=name)) + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("description", "description"), + ("mac", "mac"), + ("profileId", "profile_id"), + ("staticProfileAssignment", "static_profile_assignment"), + ("groupId", "group_id"), + ("staticGroupAssignment", "static_group_assignment"), + ("portalUser", "portal_user"), + ("identityStore", "identity_store"), + ("identityStoreId", "identity_store_id"), + ("mdmAttributes", "mdm_attributes"), + ("customAttributes", "custom_attributes"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="endpoint", + function="create_endpoint", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("mac") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="endpoint", + function="update_endpoint_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("mac") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="endpoint", + function="delete_endpoint_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = Endpoint(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/endpoint_bulk_monitor_status_info.py new file mode 100644 index 00000000..c15d2dad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="endpoint", + function='monitor_bulk_status_endpoint', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/endpoint_bulk_request.py new file mode 100644 index 00000000..346bdb96 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="endpoint", + function="bulk_request_for_endpoint", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_certificate.py b/ansible_collections/cisco/ise/plugins/action/endpoint_certificate.py new file mode 100644 index 00000000..7c54400a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_certificate.py @@ -0,0 +1,106 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + certTemplateName=dict(type="str"), + format=dict(type="str"), + password=dict(type="str", no_log=True), + certificateRequest=dict(type="dict"), + dirPath=dict(type="str"), + saveFile=dict(type="bool"), + filename=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + cert_template_name=params.get("certTemplateName"), + format=params.get("format"), + password=params.get("password"), + certificate_request=params.get("certificateRequest"), + dirpath=params.get("dirPath"), + save_file=params.get("saveFile"), + filename=params.get("filename"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + download_response = ise.exec( + family="endpoint_certificate", + function="create_endpoint_certificate", + params=self.get_object(self._task.args), + ) + response = dict( + data=download_response.data.decode(encoding='utf-8'), + filename=download_response.filename, + dirpath=download_response.dirpath, + path=download_response.path, + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_deregister.py b/ansible_collections/cisco/ise/plugins/action/endpoint_deregister.py new file mode 100644 index 00000000..fad82b3a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_deregister.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="endpoint", + function="deregister_endpoint", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_get_rejected_endpoints_info.py b/ansible_collections/cisco/ise/plugins/action/endpoint_get_rejected_endpoints_info.py new file mode 100644 index 00000000..5b2f513f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_get_rejected_endpoints_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="endpoint", + function='get_rejected_endpoints', + params=self.get_object(self._task.args) + ).response['OperationResult'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_group.py b/ansible_collections/cisco/ise/plugins/action/endpoint_group.py new file mode 100644 index 00000000..aae2a2f3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_group.py @@ -0,0 +1,245 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + systemDefined=dict(type="bool"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class EndpointGroup(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + system_defined=params.get("systemDefined"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="endpoint_identity_group", + function="get_endpoint_group_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['EndPointGroup'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="endpoint_identity_group", + function="get_endpoint_group_by_id", + handle_func_exception=False, + params={"id": id} + ).response['EndPointGroup'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("systemDefined", "system_defined"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="endpoint_identity_group", + function="create_endpoint_group", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="endpoint_identity_group", + function="update_endpoint_group_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="endpoint_identity_group", + function="delete_endpoint_group_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = EndpointGroup(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_group_info.py b/ansible_collections/cisco/ise/plugins/action/endpoint_group_info.py new file mode 100644 index 00000000..36994097 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_group_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="endpoint_identity_group", + function='get_endpoint_group_by_id', + params=self.get_object(self._task.args) + ).response['EndPointGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="endpoint_identity_group", + function='get_endpoint_group_by_name', + params=self.get_object(self._task.args) + ).response['EndPointGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="endpoint_identity_group", + function='get_endpoint_groups_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_info.py b/ansible_collections/cisco/ise/plugins/action/endpoint_info.py new file mode 100644 index 00000000..2dd382b4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="endpoint", + function='get_endpoint_by_id', + params=self.get_object(self._task.args) + ).response['ERSEndPoint'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="endpoint", + function='get_endpoint_by_name', + params=self.get_object(self._task.args) + ).response['ERSEndPoint'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="endpoint", + function='get_endpoints_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_register.py b/ansible_collections/cisco/ise/plugins/action/endpoint_register.py new file mode 100644 index 00000000..8976b3b3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_register.py @@ -0,0 +1,112 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + mac=dict(type="str"), + profileId=dict(type="str"), + staticProfileAssignment=dict(type="bool"), + groupId=dict(type="str"), + staticGroupAssignment=dict(type="bool"), + portalUser=dict(type="str"), + identityStore=dict(type="str"), + identityStoreId=dict(type="str"), + mdmAttributes=dict(type="dict"), + customAttributes=dict(type="dict"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + mac=params.get("mac"), + profile_id=params.get("profileId"), + static_profile_assignment=params.get("staticProfileAssignment"), + group_id=params.get("groupId"), + static_group_assignment=params.get("staticGroupAssignment"), + portal_user=params.get("portalUser"), + identity_store=params.get("identityStore"), + identity_store_id=params.get("identityStoreId"), + mdm_attributes=params.get("mdmAttributes"), + custom_attributes=params.get("customAttributes"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="endpoint", + function="register_endpoint", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/endpoint_release_rejected_endpoint.py b/ansible_collections/cisco/ise/plugins/action/endpoint_release_rejected_endpoint.py new file mode 100644 index 00000000..fdbf701c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/endpoint_release_rejected_endpoint.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="endpoint", + function="release_rejected_endpoint", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/external_radius_server.py b/ansible_collections/cisco/ise/plugins/action/external_radius_server.py new file mode 100644 index 00000000..4beda906 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/external_radius_server.py @@ -0,0 +1,275 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + hostIP=dict(type="str"), + sharedSecret=dict(type="str"), + enableKeyWrap=dict(type="bool"), + encryptionKey=dict(type="str"), + authenticatorKey=dict(type="str"), + keyInputFormat=dict(type="str"), + authenticationPort=dict(type="int"), + accountingPort=dict(type="int"), + timeout=dict(type="int"), + retries=dict(type="int"), + proxyTimeout=dict(type="int"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ExternalRadiusServer(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + host_ip=params.get("hostIP"), + shared_secret=params.get("sharedSecret"), + enable_key_wrap=params.get("enableKeyWrap"), + encryption_key=params.get("encryptionKey"), + authenticator_key=params.get("authenticatorKey"), + key_input_format=params.get("keyInputFormat"), + authentication_port=params.get("authenticationPort"), + accounting_port=params.get("accountingPort"), + timeout=params.get("timeout"), + retries=params.get("retries"), + proxy_timeout=params.get("proxyTimeout"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="external_radius_server", + function="get_external_radius_server_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['ExternalRadiusServer'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="external_radius_server", + function="get_external_radius_server_by_id", + handle_func_exception=False, + params={"id": id} + ).response['ExternalRadiusServer'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("hostIP", "host_ip"), + ("sharedSecret", "shared_secret"), + ("enableKeyWrap", "enable_key_wrap"), + ("encryptionKey", "encryption_key"), + ("authenticatorKey", "authenticator_key"), + ("keyInputFormat", "key_input_format"), + ("authenticationPort", "authentication_port"), + ("accountingPort", "accounting_port"), + ("timeout", "timeout"), + ("retries", "retries"), + ("proxyTimeout", "proxy_timeout"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="external_radius_server", + function="create_external_radius_server", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="external_radius_server", + function="update_external_radius_server_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="external_radius_server", + function="delete_external_radius_server_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = ExternalRadiusServer(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/external_radius_server_info.py b/ansible_collections/cisco/ise/plugins/action/external_radius_server_info.py new file mode 100644 index 00000000..e0043a0d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/external_radius_server_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="external_radius_server", + function='get_external_radius_server_by_id', + params=self.get_object(self._task.args) + ).response['ExternalRadiusServer'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="external_radius_server", + function='get_external_radius_server_by_name', + params=self.get_object(self._task.args) + ).response['ExternalRadiusServer'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="external_radius_server", + function='get_external_radius_server_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/filter_policy.py b/ansible_collections/cisco/ise/plugins/action/filter_policy.py new file mode 100644 index 00000000..3f473205 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/filter_policy.py @@ -0,0 +1,362 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +import re +try: + import ipaddress +except ImportError: + IPADDRESS_INSTALLED = False +else: + IPADDRESS_INSTALLED = True +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + subnet=dict(type="str"), + domains=dict(type="str"), + sgt=dict(type="str"), + vn=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "absent", ["id"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class FilterPolicy(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + subnet=params.get("subnet"), + domains=params.get("domains"), + sgt=params.get("sgt"), + vn=params.get("vn"), + id=params.get("id"), + ) + + def is_same_subnet(self, new, current): + if IPADDRESS_INSTALLED: + new_net = None + current_net = None + try: + new_net = ipaddress.ip_network(new, strict=False) + except ValueError: + new_net = None + try: + current_net = ipaddress.ip_network(current, strict=False) + except ValueError: + current_net = None + if new_net and current_net: + conflict = current_net.overlaps(new_net) or new_net.overlaps(current_net) + # conflict = current_net.subnet_of(new_net) or new_net.subnet_of(current_net) + # They are the mostly the same, both have overlapping net + return conflict + elif new_net is None and current_net is None: + return True + else: + return False + else: + if new and current: + return new == current + else: + return not current and not new + + def get_sgt_by_name(self, name): + if not name: + return None + try: + gen_items_responses = self.ise.exec( + family="filter_policy", + function="get_filter_policy_generator" + ) + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_sgt_by_id(self, id): + if not id: + return None + try: + result = self.ise.exec( + family="sgt", + function="get_security_group_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['Sgt'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def is_same_sgt(self, new, current): + # Values can be id or name + def clean_excess(name): + if name: + return re.sub(r"\s*\(.*\)$", "", name) + else: + return name + has_new = self.get_sgt_by_id(new) or self.get_sgt_by_name(clean_excess(new)) + has_current = self.get_sgt_by_id(current) or self.get_sgt_by_name(clean_excess(current)) + if has_new and has_current: + return has_new.get("id") == has_current.get("id") + else: + return not has_current and not has_new + + def is_same_vn(self, new, current): + if new and current: + return new == current + else: + return not current and not new + + def get_object_by_name(self, name, new_subnet, new_sgt, new_vn): + # NOTICE: Does not have a get by name method or it is in another action + result = None + gen_items_responses = self.ise.exec( + family="filter_policy", + function="get_filter_policy_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + for item in items: + current = self.get_object_by_id(item.get('id')) + if current: + has_same_subnet = self.is_same_subnet(new_subnet, current.get('subnet')) + has_same_sgt = self.is_same_sgt(new_sgt, current.get('sgt')) + has_same_vn = self.is_same_vn(new_vn, current.get('vn')) + if has_same_subnet and has_same_sgt and has_same_vn: + result = dict(current) + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="filter_policy", + function="get_filter_policy_by_id", + handle_func_exception=False, + params={"id": id} + ).response['ERSFilterPolicy'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + id_exists = o_id and self.get_object_by_id(o_id) + if id_exists: + prev_obj = self.get_object_by_id(o_id) + if not id_exists: + name = self.new_object.get("name") + subnet = self.new_object.get("subnet") + sgt = self.new_object.get("sgt") + vn = self.new_object.get("vn") + prev_obj = self.get_object_by_name(name, subnet, sgt, vn) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + id_ = prev_obj.get("id") + self.new_object.update(dict(id=id_)) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("subnet", "subnet"), + ("domains", "domains"), + ("sgt", "sgt"), + ("vn", "vn"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="filter_policy", + function="create_filter_policy", + params=self.new_object, + ).response + return result + + def update(self): + result = self.ise.exec( + family="filter_policy", + function="update_filter_policy_by_id", + params=self.new_object + ).response + return result + + def delete(self): + result = self.ise.exec( + family="filter_policy", + function="delete_filter_policy_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = FilterPolicy(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/filter_policy_info.py b/ansible_collections/cisco/ise/plugins/action/filter_policy_info.py new file mode 100644 index 00000000..8b19e248 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/filter_policy_info.py @@ -0,0 +1,133 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="filter_policy", + function='get_filter_policy_by_id', + params=self.get_object(self._task.args) + ).response['ERSFilterPolicy'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="filter_policy", + function='get_filter_policy_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_location_info.py b/ansible_collections/cisco/ise/plugins/action/guest_location_info.py new file mode 100644 index 00000000..64c33c09 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_location_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="guest_location", + function='get_guest_location_by_id', + params=self.get_object(self._task.args) + ).response['LocationIdentification'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="guest_location", + function='get_guest_location_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings.py b/ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings.py new file mode 100644 index 00000000..2744262b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings.py @@ -0,0 +1,255 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + smtpServer=dict(type="str"), + notificationEnabled=dict(type="bool"), + useDefaultFromAddress=dict(type="bool"), + defaultFromAddress=dict(type="str"), + smtpPort=dict(type="str"), + connectionTimeout=dict(type="str"), + useTLSorSSLEncryption=dict(type="bool"), + usePasswordAuthentication=dict(type="bool"), + userName=dict(type="str"), + password=dict(type="str", no_log=True), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class GuestSmtpNotificationSettings(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + smtp_server=params.get("smtpServer"), + notification_enabled=params.get("notificationEnabled"), + use_default_from_address=params.get("useDefaultFromAddress"), + default_from_address=params.get("defaultFromAddress"), + smtp_port=params.get("smtpPort"), + connection_timeout=params.get("connectionTimeout"), + use_tlsor_ssl_encryption=params.get("useTLSorSSLEncryption"), + use_password_authentication=params.get("usePasswordAuthentication"), + user_name=params.get("userName"), + password=params.get("password"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="guest_smtp_notification_configuration", + function="get_guest_smtp_notification_settings_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="guest_smtp_notification_configuration", + function="get_guest_smtp_notification_settings_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['ERSGuestSmtpNotificationSettings'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("smtpServer", "smtp_server"), + ("notificationEnabled", "notification_enabled"), + ("useDefaultFromAddress", "use_default_from_address"), + ("defaultFromAddress", "default_from_address"), + ("smtpPort", "smtp_port"), + ("connectionTimeout", "connection_timeout"), + ("useTLSorSSLEncryption", "use_tlsor_ssl_encryption"), + ("usePasswordAuthentication", "use_password_authentication"), + ("userName", "user_name"), + ("password", "password"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="guest_smtp_notification_configuration", + function="create_guest_smtp_notification_settings", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="guest_smtp_notification_configuration", + function="update_guest_smtp_notification_settings_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = GuestSmtpNotificationSettings(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings_info.py b/ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings_info.py new file mode 100644 index 00000000..42f64bcf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_smtp_notification_settings_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="guest_smtp_notification_configuration", + function='get_guest_smtp_notification_settings_by_id', + params=self.get_object(self._task.args) + ).response['ERSGuestSmtpNotificationSettings'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="guest_smtp_notification_configuration", + function='get_guest_smtp_notification_settings_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_ssid.py b/ansible_collections/cisco/ise/plugins/action/guest_ssid.py new file mode 100644 index 00000000..b1549161 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_ssid.py @@ -0,0 +1,255 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class GuestSsid(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="guest_ssid", + function="get_guest_ssid_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="guest_ssid", + function="get_guest_ssid_by_id", + handle_func_exception=False, + params={"id": id} + ).response['GuestSSID'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="guest_ssid", + function="create_guest_ssid", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="guest_ssid", + function="update_guest_ssid_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="guest_ssid", + function="delete_guest_ssid_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = GuestSsid(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_ssid_info.py b/ansible_collections/cisco/ise/plugins/action/guest_ssid_info.py new file mode 100644 index 00000000..7e6efd13 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_ssid_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="guest_ssid", + function='get_guest_ssid_by_id', + params=self.get_object(self._task.args) + ).response['GuestSSID'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="guest_ssid", + function='get_guest_ssid_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_type.py b/ansible_collections/cisco/ise/plugins/action/guest_type.py new file mode 100644 index 00000000..0891266e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_type.py @@ -0,0 +1,273 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + isDefaultType=dict(type="bool"), + accessTime=dict(type="dict"), + loginOptions=dict(type="dict"), + expirationNotification=dict(type="dict"), + sponsorGroups=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class GuestType(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + is_default_type=params.get("isDefaultType"), + access_time=params.get("accessTime"), + login_options=params.get("loginOptions"), + expiration_notification=params.get("expirationNotification"), + sponsor_groups=params.get("sponsorGroups"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="guest_type", + function="get_guest_type_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="guest_type", + function="get_guest_type_by_id", + handle_func_exception=False, + params={"id": id} + ).response['GuestType'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("isDefaultType", "is_default_type"), + ("accessTime", "access_time"), + ("loginOptions", "login_options"), + ("expirationNotification", "expiration_notification"), + ("sponsorGroups", "sponsor_groups"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="guest_type", + function="create_guest_type", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="guest_type", + function="update_guest_type_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="guest_type", + function="delete_guest_type_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = GuestType(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_type_email.py b/ansible_collections/cisco/ise/plugins/action/guest_type_email.py new file mode 100644 index 00000000..e8d763c7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_type_email.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_type", + function="update_guest_type_email", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_type_info.py b/ansible_collections/cisco/ise/plugins/action/guest_type_info.py new file mode 100644 index 00000000..1de1cc2d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_type_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="guest_type", + function='get_guest_type_by_id', + params=self.get_object(self._task.args) + ).response['GuestType'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="guest_type", + function='get_guest_type_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_type_sms.py b/ansible_collections/cisco/ise/plugins/action/guest_type_sms.py new file mode 100644 index 00000000..366f1d6f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_type_sms.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_type", + function="update_guest_type_sms", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user.py b/ansible_collections/cisco/ise/plugins/action/guest_user.py new file mode 100644 index 00000000..6e0c4c41 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user.py @@ -0,0 +1,280 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + guestType=dict(type="str"), + status=dict(type="str"), + statusReason=dict(type="str"), + reasonForVisit=dict(type="str"), + sponsorUserId=dict(type="str"), + sponsorUserName=dict(type="str"), + guestInfo=dict(type="dict"), + guestAccessInfo=dict(type="dict"), + portalId=dict(type="str"), + customFields=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class GuestUser(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + guest_type=params.get("guestType"), + status=params.get("status"), + status_reason=params.get("statusReason"), + reason_for_visit=params.get("reasonForVisit"), + sponsor_user_id=params.get("sponsorUserId"), + sponsor_user_name=params.get("sponsorUserName"), + guest_info=params.get("guestInfo"), + guest_access_info=params.get("guestAccessInfo"), + portal_id=params.get("portalId"), + custom_fields=params.get("customFields"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="guest_user", + function="get_guest_user_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['GuestUser'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="guest_user", + function="get_guest_user_by_id", + handle_func_exception=False, + params={"id": id} + ).response['GuestUser'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("guestType", "guest_type"), + ("status", "status"), + ("statusReason", "status_reason"), + ("reasonForVisit", "reason_for_visit"), + ("sponsorUserId", "sponsor_user_id"), + ("sponsorUserName", "sponsor_user_name"), + ("guestInfo", "guest_info"), + ("guestAccessInfo", "guest_access_info"), + ("portalId", "portal_id"), + ("customFields", "custom_fields"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="guest_user", + function="create_guest_user", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="guest_user", + function="update_guest_user_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="guest_user", + function="update_guest_user_by_name", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="guest_user", + function="delete_guest_user_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="guest_user", + function="delete_guest_user_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = GuestUser(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_approve.py b/ansible_collections/cisco/ise/plugins/action/guest_user_approve.py new file mode 100644 index 00000000..0b66958c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_approve.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="approve_guest_user_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/guest_user_bulk_monitor_status_info.py new file mode 100644 index 00000000..738d2a50 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="guest_user", + function='monitor_bulk_status_guest_user', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/guest_user_bulk_request.py new file mode 100644 index 00000000..9f540905 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="bulk_request_for_guest_user", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_change_sponsor_password.py b/ansible_collections/cisco/ise/plugins/action/guest_user_change_sponsor_password.py new file mode 100644 index 00000000..d8cba208 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_change_sponsor_password.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + portalId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + portal_id=params.get("portalId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="change_sponsor_password", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_deny.py b/ansible_collections/cisco/ise/plugins/action/guest_user_deny.py new file mode 100644 index 00000000..6318526b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_deny.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="deny_guest_user_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_email.py b/ansible_collections/cisco/ise/plugins/action/guest_user_email.py new file mode 100644 index 00000000..16c8793b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_email.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + additionalData=dict(type="list"), + id=dict(type="str"), + portalId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + additional_data=params.get("additionalData"), + id=params.get("id"), + portal_id=params.get("portalId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="update_guest_user_email", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_info.py b/ansible_collections/cisco/ise/plugins/action/guest_user_info.py new file mode 100644 index 00000000..f6b61c08 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="guest_user", + function='get_guest_user_by_id', + params=self.get_object(self._task.args) + ).response['GuestUser'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="guest_user", + function='get_guest_user_by_name', + params=self.get_object(self._task.args) + ).response['GuestUser'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="guest_user", + function='get_guest_users_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_reinstate.py b/ansible_collections/cisco/ise/plugins/action/guest_user_reinstate.py new file mode 100644 index 00000000..33d20d1a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_reinstate.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="reinstate_guest_user_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_reset_password.py b/ansible_collections/cisco/ise/plugins/action/guest_user_reset_password.py new file mode 100644 index 00000000..c2eedfac --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_reset_password.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="reset_guest_user_password_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_sms.py b/ansible_collections/cisco/ise/plugins/action/guest_user_sms.py new file mode 100644 index 00000000..9a84b457 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_sms.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + portalId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + portal_id=params.get("portalId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="update_guest_user_sms", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/guest_user_suspend.py b/ansible_collections/cisco/ise/plugins/action/guest_user_suspend.py new file mode 100644 index 00000000..81f8a142 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/guest_user_suspend.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + additionalData=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + additional_data=params.get("additionalData"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="guest_user", + function="suspend_guest_user_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/hotpatch_info.py b/ansible_collections/cisco/ise/plugins/action/hotpatch_info.py new file mode 100644 index 00000000..0ef0efbc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/hotpatch_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="patching", + function='list_installed_hotpatches', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/hotpatch_install.py b/ansible_collections/cisco/ise/plugins/action/hotpatch_install.py new file mode 100644 index 00000000..3343ed07 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/hotpatch_install.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hotpatchName=dict(type="str"), + repositoryName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hotpatch_name=params.get("hotpatchName"), + repository_name=params.get("repositoryName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="patching", + function="install_hotpatch", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/hotpatch_rollback.py b/ansible_collections/cisco/ise/plugins/action/hotpatch_rollback.py new file mode 100644 index 00000000..8e976eb5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/hotpatch_rollback.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hotpatchName=dict(type="str"), + repositoryName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hotpatch_name=params.get("hotpatchName"), + repository_name=params.get("repositoryName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="patching", + function="rollback_hotpatch", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/hotspot_portal.py b/ansible_collections/cisco/ise/plugins/action/hotspot_portal.py new file mode 100644 index 00000000..31894a9c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/hotspot_portal.py @@ -0,0 +1,270 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + portalType=dict(type="str"), + portalTestUrl=dict(type="str"), + settings=dict(type="dict"), + customizations=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name", "settings"], True), + ("state", "absent", ["id", "name", "settings"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class HotspotPortal(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + portal_type=params.get("portalType"), + portal_test_url=params.get("portalTestUrl"), + settings=params.get("settings"), + customizations=params.get("customizations"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="hotspot_portal", + function="get_hotspot_portal_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="hotspot_portal", + function="get_hotspot_portal_by_id", + handle_func_exception=False, + params={"id": id} + ).response['HotspotPortal'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("portalType", "portal_type"), + ("portalTestUrl", "portal_test_url"), + ("settings", "settings"), + ("customizations", "customizations"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="hotspot_portal", + function="create_hotspot_portal", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="hotspot_portal", + function="update_hotspot_portal_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="hotspot_portal", + function="delete_hotspot_portal_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = HotspotPortal(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/hotspot_portal_info.py b/ansible_collections/cisco/ise/plugins/action/hotspot_portal_info.py new file mode 100644 index 00000000..928265df --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/hotspot_portal_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="hotspot_portal", + function='get_hotspot_portal_by_id', + params=self.get_object(self._task.args) + ).response['HotspotPortal'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="hotspot_portal", + function='get_hotspot_portal_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/id_store_sequence.py b/ansible_collections/cisco/ise/plugins/action/id_store_sequence.py new file mode 100644 index 00000000..8fff8a90 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/id_store_sequence.py @@ -0,0 +1,254 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + parent=dict(type="str"), + idSeqItem=dict(type="list"), + certificateAuthenticationProfile=dict(type="str"), + breakOnStoreFail=dict(type="bool"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class IdStoreSequence(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + parent=params.get("parent"), + id_seq_item=params.get("idSeqItem"), + certificate_authentication_profile=params.get("certificateAuthenticationProfile"), + break_on_store_fail=params.get("breakOnStoreFail"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="identity_sequence", + function="get_identity_sequence_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['IdStoreSequence'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="identity_sequence", + function="get_identity_sequence_by_id", + handle_func_exception=False, + params={"id": id} + ).response['IdStoreSequence'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("parent", "parent"), + ("idSeqItem", "id_seq_item"), + ("certificateAuthenticationProfile", "certificate_authentication_profile"), + ("breakOnStoreFail", "break_on_store_fail"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="identity_sequence", + function="create_identity_sequence", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="identity_sequence", + function="update_identity_sequence_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="identity_sequence", + function="delete_identity_sequence_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = IdStoreSequence(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/id_store_sequence_info.py b/ansible_collections/cisco/ise/plugins/action/id_store_sequence_info.py new file mode 100644 index 00000000..ec8ce7d6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/id_store_sequence_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="identity_sequence", + function='get_identity_sequence_by_id', + params=self.get_object(self._task.args) + ).response['IdStoreSequence'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="identity_sequence", + function='get_identity_sequence_by_name', + params=self.get_object(self._task.args) + ).response['IdStoreSequence'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="identity_sequence", + function='get_identity_sequence_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/identity_group.py b/ansible_collections/cisco/ise/plugins/action/identity_group.py new file mode 100644 index 00000000..42bf63fc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/identity_group.py @@ -0,0 +1,220 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + name=dict(type="str"), + description=dict(type="str"), + parent=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class IdentityGroup(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + parent=params.get("parent"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="identity_groups", + function="get_identity_group_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['IdentityGroup'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="identity_groups", + function="get_identity_group_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['IdentityGroup'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + result = False + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("parent", "parent"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="identity_groups", + function="create_identity_group", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="identity_groups", + function="update_identity_group_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = IdentityGroup(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/identity_group_info.py b/ansible_collections/cisco/ise/plugins/action/identity_group_info.py new file mode 100644 index 00000000..efa11397 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/identity_group_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="identity_groups", + function='get_identity_group_by_id', + params=self.get_object(self._task.args) + ).response['IdentityGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="identity_groups", + function='get_identity_group_by_name', + params=self.get_object(self._task.args) + ).response['IdentityGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="identity_groups", + function='get_identity_groups_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/internal_user.py b/ansible_collections/cisco/ise/plugins/action/internal_user.py new file mode 100644 index 00000000..47cb0ea2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/internal_user.py @@ -0,0 +1,338 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +try: + from ciscoisesdk import exceptions +except ImportError: + ISE_SDK_IS_INSTALLED = False +else: + ISE_SDK_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + enabled=dict(type="bool"), + email=dict(type="str"), + password=dict(type="str", no_log=True), + firstName=dict(type="str"), + lastName=dict(type="str"), + changePassword=dict(type="bool"), + identityGroups=dict(type="str"), + expiryDateEnabled=dict(type="bool"), + expiryDate=dict(type="str"), + enablePassword=dict(type="str"), + customAttributes=dict(type="dict"), + passwordIDStore=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class InternalUser(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + enabled=params.get("enabled"), + email=params.get("email"), + password=params.get("password"), + first_name=params.get("firstName"), + last_name=params.get("lastName"), + change_password=params.get("changePassword"), + identity_groups=params.get("identityGroups"), + expiry_date_enabled=params.get("expiryDateEnabled"), + expiry_date=params.get("expiryDate"), + enable_password=params.get("enablePassword"), + custom_attributes=params.get("customAttributes"), + password_idstore=params.get("passwordIDStore"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="internal_user", + function="get_internal_user_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['InternalUser'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="internal_user", + function="get_internal_user_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['InternalUser'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + force_change = False + change_params = [ + ("change_password", bool) + ] + for (change_param, type_) in change_params: + requested_obj_value = requested_obj.get(change_param) + if isinstance(requested_obj_value, type_): + # Next line checks if value is evaluated as True + if requested_obj_value: + force_change = True + break + else: + pass + else: + pass + + if force_change: + return force_change + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("enabled", "enabled"), + ("email", "email"), + ("password", "password"), + ("firstName", "first_name"), + ("lastName", "last_name"), + ("changePassword", "change_password"), + ("identityGroups", "identity_groups"), + ("expiryDateEnabled", "expiry_date_enabled"), + ("expiryDate", "expiry_date"), + ("enablePassword", "enable_password"), + ("customAttributes", "custom_attributes"), + ("passwordIDStore", "password_idstore"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="internal_user", + function="create_internal_user", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + change_password = self.new_object.get("change_password") + result = None + if id: + try: + result = self.ise.exec( + family="internal_user", + function="update_internal_user_by_id", + params=self.new_object, + handle_func_exception=False, + ).response + except exceptions.ApiError as e: + if not change_password and "Password can't be set to one of the earlier" in e.message: + self.ise.object_modify_result(changed=False, result="Object already present, update was attempted but failed because of password") + result = {'_changed_': True} + elif not change_password and "Password can't be set to one of the earlier" in e.details_str: + self.ise.object_modify_result(changed=False, result="Object already present, update was attempted but failed because of password") + result = {'_changed_': True} + else: + raise e + elif name: + try: + result = self.ise.exec( + family="internal_user", + function="update_internal_user_by_name", + params=self.new_object, + handle_func_exception=False, + ).response + except exceptions.ApiError as e: + if not change_password and "Password can't be set to one of the earlier" in e.message: + self.ise.object_modify_result(changed=False, result="Object already present, update was attempted but failed because of password") + result = {'_changed_': True} + elif not change_password and "Password can't be set to one of the earlier" in e.details_str: + self.ise.object_modify_result(changed=False, result="Object already present, update was attempted but failed because of password") + result = {'_changed_': True} + else: + raise e + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="internal_user", + function="delete_internal_user_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="internal_user", + function="delete_internal_user_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = InternalUser(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + try: + response = obj.update() + ise_update_response = response + self._result.update(dict(ise_update_response=ise_update_response)) + if response and response.get('_changed_'): + response = prev_obj + else: + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + ).format(error=e) + ) + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/internal_user_info.py b/ansible_collections/cisco/ise/plugins/action/internal_user_info.py new file mode 100644 index 00000000..5f731539 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/internal_user_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="internal_user", + function='get_internal_user_by_id', + params=self.get_object(self._task.args) + ).response['InternalUser'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="internal_user", + function='get_internal_user_by_name', + params=self.get_object(self._task.args) + ).response['InternalUser'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="internal_user", + function='get_internal_user_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/ise_root_ca_regenerate.py b/ansible_collections/cisco/ise/plugins/action/ise_root_ca_regenerate.py new file mode 100644 index 00000000..37822dd9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/ise_root_ca_regenerate.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + removeExistingISEIntermediateCSR=dict(type="bool"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + remove_existing_ise_intermediate_csr=params.get("removeExistingISEIntermediateCSR"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="regenerate_ise_root_ca", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_connection_type_info.py b/ansible_collections/cisco/ise/plugins/action/licensing_connection_type_info.py new file mode 100644 index 00000000..200fb43c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_connection_type_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="licensing", + function='get_connection_type', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_eval_license_info.py b/ansible_collections/cisco/ise/plugins/action/licensing_eval_license_info.py new file mode 100644 index 00000000..199837b1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_eval_license_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="licensing", + function='get_eval_license_info', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_feature_to_tier_mapping_info.py b/ansible_collections/cisco/ise/plugins/action/licensing_feature_to_tier_mapping_info.py new file mode 100644 index 00000000..106410e6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_feature_to_tier_mapping_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="licensing", + function='get_feature_to_tier_mapping', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_registration_create.py b/ansible_collections/cisco/ise/plugins/action/licensing_registration_create.py new file mode 100644 index 00000000..b5bea165 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_registration_create.py @@ -0,0 +1,96 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + connectionType=dict(type="str"), + registrationType=dict(type="str"), + ssmOnPremServer=dict(type="str"), + tier=dict(type="list"), + token=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + connection_type=params.get("connectionType"), + registration_type=params.get("registrationType"), + ssm_on_prem_server=params.get("ssmOnPremServer"), + tier=params.get("tier"), + token=params.get("token"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="licensing", + function="create_registration_info", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_registration_info.py b/ansible_collections/cisco/ise/plugins/action/licensing_registration_info.py new file mode 100644 index 00000000..becdca1b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_registration_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="licensing", + function='get_registration_info', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_smart_state_create.py b/ansible_collections/cisco/ise/plugins/action/licensing_smart_state_create.py new file mode 100644 index 00000000..6760b508 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_smart_state_create.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="licensing", + function="configure_smart_state", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_smart_state_info.py b/ansible_collections/cisco/ise/plugins/action/licensing_smart_state_info.py new file mode 100644 index 00000000..3ebd9ae9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_smart_state_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="licensing", + function='get_smart_state', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_tier_state_create.py b/ansible_collections/cisco/ise/plugins/action/licensing_tier_state_create.py new file mode 100644 index 00000000..2ef2ac22 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_tier_state_create.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="licensing", + function="update_tier_state_info", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/licensing_tier_state_info.py b/ansible_collections/cisco/ise/plugins/action/licensing_tier_state_info.py new file mode 100644 index 00000000..b4855b92 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/licensing_tier_state_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="licensing", + function='get_tier_state_info', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_account_status_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_account_status_info.py new file mode 100644 index 00000000..335f25c0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_account_status_info.py @@ -0,0 +1,100 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + mac=dict(type="str"), + duration=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + mac=params.get("mac"), + duration=params.get("duration"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="misc", + function='get_account_status_by_mac', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_athentication_status_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_athentication_status_info.py new file mode 100644 index 00000000..31a06b20 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_athentication_status_info.py @@ -0,0 +1,96 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + MAC=dict(type="str"), + SECONDS=dict(type="str"), + RECORDS=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + mac=params.get("MAC"), + seconds=params.get("SECONDS"), + records=params.get("RECORDS"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_authentication_status_by_mac', + params=self.get_object(self._task.args), + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_authentication_status_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_authentication_status_info.py new file mode 100644 index 00000000..7f953845 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_authentication_status_info.py @@ -0,0 +1,96 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + MAC=dict(type="str"), + SECONDS=dict(type="str"), + RECORDS=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + mac=params.get("MAC"), + seconds=params.get("SECONDS"), + records=params.get("RECORDS"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_authentication_status_by_mac', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_failure_reasons_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_failure_reasons_info.py new file mode 100644 index 00000000..4a2bfba1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_failure_reasons_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_failure_reasons', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_active_count_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_active_count_info.py new file mode 100644 index 00000000..c4c74831 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_active_count_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_active_count', + params=self.get_object(self._task.args) + ).response['count'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_active_list_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_active_list_info.py new file mode 100644 index 00000000..4e374bc3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_active_list_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_active_list', + params=self.get_object(self._task.args) + ).response['noOfActiveSession'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_auth_list_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_auth_list_info.py new file mode 100644 index 00000000..991c800c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_auth_list_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_session_auth_list', + params=self.get_object(self._task.args) + ).response['noOfActiveSession'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_by_ip_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_ip_info.py new file mode 100644 index 00000000..41a6b108 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_ip_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + endpoint_ipv4=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + endpoint_ipv4=params.get("endpoint_ipv4"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("endpoint_ipv4") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="misc", + function='get_sessions_by_endpoint_ip', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_by_mac_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_mac_info.py new file mode 100644 index 00000000..57e658c9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_mac_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + mac=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + mac=params.get("mac"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("mac") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="misc", + function='get_sessions_by_mac', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_by_nas_ip_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_nas_ip_info.py new file mode 100644 index 00000000..964c6ab2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_nas_ip_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + nas_ipv4=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + nas_ipv4=params.get("nas_ipv4"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("nas_ipv4") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="misc", + function='get_sessions_by_nas_ip', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_by_username_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_username_info.py new file mode 100644 index 00000000..8c79838f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_by_username_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + username=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + username=params.get("username"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("username") + if name: + response = ise.exec( + family="misc", + function='get_sessions_by_username', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_delete_all.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_delete_all.py new file mode 100644 index 00000000..ce0a3e68 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_delete_all.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="misc", + function="delete_all_sessions", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_disconnect_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_disconnect_info.py new file mode 100644 index 00000000..36218b23 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_disconnect_info.py @@ -0,0 +1,106 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + ENDPOINT_IP=dict(type="str"), + PSN_NAME=dict(type="str"), + MAC=dict(type="str"), + DISCONNECT_TYPE=dict(type="str"), + NAS_IPV4=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + endpoint_ip=params.get("ENDPOINT_IP"), + psn_name=params.get("PSN_NAME"), + mac=params.get("MAC"), + disconnect_type=params.get("DISCONNECT_TYPE"), + nas_ipv4=params.get("NAS_IPV4"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="misc", + function='session_disconnect', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_posture_count_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_posture_count_info.py new file mode 100644 index 00000000..b67f5da4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_posture_count_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_posture_count', + params=self.get_object(self._task.args) + ).response['count'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_profiler_count_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_profiler_count_info.py new file mode 100644 index 00000000..2cbb1a65 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_profiler_count_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_profiler_count', + params=self.get_object(self._task.args) + ).response['count'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_session_reauthentication_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_session_reauthentication_info.py new file mode 100644 index 00000000..351aa4af --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_session_reauthentication_info.py @@ -0,0 +1,102 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + PSN_NAME=dict(type="str"), + ENDPOINT_MAC=dict(type="str"), + REAUTH_TYPE=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + psn_name=params.get("PSN_NAME"), + endpoint_mac=params.get("ENDPOINT_MAC"), + reauth_type=params.get("REAUTH_TYPE"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="misc", + function='session_reauthentication_by_mac', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_sessions_by_session_id_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_sessions_by_session_id_info.py new file mode 100644 index 00000000..2b4a8b24 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_sessions_by_session_id_info.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + session_id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + session_id=params.get("session_id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_sessions_by_session_id', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/mnt_version_info.py b/ansible_collections/cisco/ise/plugins/action/mnt_version_info.py new file mode 100644 index 00000000..f1d1b9d6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/mnt_version_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="misc", + function='get_mnt_version', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/my_device_portal.py b/ansible_collections/cisco/ise/plugins/action/my_device_portal.py new file mode 100644 index 00000000..874389fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/my_device_portal.py @@ -0,0 +1,270 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + portalType=dict(type="str"), + portalTestUrl=dict(type="str"), + settings=dict(type="dict"), + customizations=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name", "settings"], True), + ("state", "absent", ["id", "name", "settings"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class MyDevicePortal(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + portal_type=params.get("portalType"), + portal_test_url=params.get("portalTestUrl"), + settings=params.get("settings"), + customizations=params.get("customizations"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="my_device_portal", + function="get_my_device_portal_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="my_device_portal", + function="get_my_device_portal_by_id", + handle_func_exception=False, + params={"id": id} + ).response['MyDevicePortal'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("portalType", "portal_type"), + ("portalTestUrl", "portal_test_url"), + ("settings", "settings"), + ("customizations", "customizations"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="my_device_portal", + function="create_my_device_portal", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="my_device_portal", + function="update_my_device_portal_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="my_device_portal", + function="delete_my_device_portal_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = MyDevicePortal(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/my_device_portal_info.py b/ansible_collections/cisco/ise/plugins/action/my_device_portal_info.py new file mode 100644 index 00000000..ba6fc031 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/my_device_portal_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="my_device_portal", + function='get_my_device_portal_by_id', + params=self.get_object(self._task.args) + ).response['MyDevicePortal'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="my_device_portal", + function='get_my_device_portal_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/native_supplicant_profile.py b/ansible_collections/cisco/ise/plugins/action/native_supplicant_profile.py new file mode 100644 index 00000000..b5c0a071 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/native_supplicant_profile.py @@ -0,0 +1,248 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + wirelessProfiles=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NativeSupplicantProfile(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + wireless_profiles=params.get("wirelessProfiles"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + gen_items_responses = self.ise.exec( + family="native_supplicant_profile", + function="get_native_supplicant_profile_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="native_supplicant_profile", + function="get_native_supplicant_profile_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['ERSNSPProfile'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("name", "name"), + ("description", "description"), + ("wirelessProfiles", "wireless_profiles"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="native_supplicant_profile", + function="update_native_supplicant_profile_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="native_supplicant_profile", + function="delete_native_supplicant_profile_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NativeSupplicantProfile(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/native_supplicant_profile_info.py b/ansible_collections/cisco/ise/plugins/action/native_supplicant_profile_info.py new file mode 100644 index 00000000..45f45ca2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/native_supplicant_profile_info.py @@ -0,0 +1,133 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="native_supplicant_profile", + function='get_native_supplicant_profile_by_id', + params=self.get_object(self._task.args) + ).response['ERSNSPProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="native_supplicant_profile", + function='get_native_supplicant_profile_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules.py b/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules.py new file mode 100644 index 00000000..63e8d4bc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules.py @@ -0,0 +1,269 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + identitySourceName=dict(type="str"), + ifAuthFail=dict(type="str"), + ifProcessFail=dict(type="str"), + ifUserNotFound=dict(type="str"), + link=dict(type="dict"), + rule=dict(type="dict"), + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "present", ["policyId"], True), + ("state", "absent", ["id", "rule"], True), + ("state", "absent", ["policyId"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessAuthenticationRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + identity_source_name=params.get("identitySourceName"), + if_auth_fail=params.get("ifAuthFail"), + if_process_fail=params.get("ifProcessFail"), + if_user_not_found=params.get("ifUserNotFound"), + link=params.get("link"), + rule=params.get("rule"), + policy_id=params.get("policyId"), + id=params.get("id") or params.get("rule", {}).get("id"), + ) + + def get_object_by_name(self, name, policy_id): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="network_access_authentication_rules", + function="get_network_access_authentication_rules", + params={"policy_id": policy_id} + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id, policy_id): + try: + result = self.ise.exec( + family="network_access_authentication_rules", + function="get_network_access_authentication_rule_by_id", + handle_func_exception=False, + params={"id": id, "policy_id": policy_id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + policy_id = self.new_object.get("policy_id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id, policy_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name, policy_id) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id, policy_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("identitySourceName", "identity_source_name"), + ("ifAuthFail", "if_auth_fail"), + ("ifProcessFail", "if_process_fail"), + ("ifUserNotFound", "if_user_not_found"), + ("link", "link"), + ("rule", "rule"), + ("policyId", "policy_id"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_authentication_rules", + function="create_network_access_authentication_rule", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authentication_rules", + function="update_network_access_authentication_rule_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authentication_rules", + function="delete_network_access_authentication_rule_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessAuthenticationRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_info.py new file mode 100644 index 00000000..a8676637 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_info.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_authentication_rules", + function='get_network_access_authentication_rule_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_authentication_rules", + function='get_network_access_authentication_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_reset_hitcount.py new file mode 100644 index 00000000..ec714f3f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_authentication_rules_reset_hitcount.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="network_access_authentication_rules", + function="reset_hit_counts_network_access_authentication_rules", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules.py b/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules.py new file mode 100644 index 00000000..88996329 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules.py @@ -0,0 +1,269 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + ise_compare_equality2, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + link=dict(type="dict"), + profile=dict(type="list"), + rule=dict(type="dict"), + securityGroup=dict(type="str"), + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "present", ["policyId"], True), + ("state", "absent", ["id", "rule"], True), + ("state", "absent", ["policyId"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessAuthorizationRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + link=params.get("link"), + profile=params.get("profile"), + rule=params.get("rule"), + security_group=params.get("securityGroup"), + policy_id=params.get("policyId"), + id=params.get("id") or params.get("rule", {}).get("id"), + ) + + def get_object_by_name(self, name, policy_id): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="network_access_authorization_rules", + function="get_network_access_authorization_rules", + params={"policy_id": policy_id} + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id, policy_id): + try: + result = self.ise.exec( + family="network_access_authorization_rules", + function="get_network_access_authorization_rule_by_id", + handle_func_exception=False, + params={"id": id, "policy_id": policy_id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + policy_id = self.new_object.get("policy_id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id, policy_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name, policy_id) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id, policy_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("link", "link", False), + ("profile", "profile", False), + ("rule", "rule", False), + ("securityGroup", "security_group", False), + ("policyId", "policy_id", True), + ("id", "id", True), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality2(current_obj.get(ise_param), + requested_obj.get(ansible_param), + is_query_param) + for (ise_param, ansible_param, is_query_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_authorization_rules", + function="create_network_access_authorization_rule", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authorization_rules", + function="update_network_access_authorization_rule_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authorization_rules", + function="delete_network_access_authorization_rule_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessAuthorizationRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + if prev_obj == ise_update_response.response: + response = prev_obj + ise.object_already_present() + else: + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_info.py new file mode 100644 index 00000000..20432e92 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_info.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_authorization_rules", + function='get_network_access_authorization_rule_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_authorization_rules", + function='get_network_access_authorization_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_reset_hitcount.py new file mode 100644 index 00000000..8610301f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_authorization_rules_reset_hitcount.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="network_access_authorization_rules", + function="reset_hit_counts_network_access_authorization_rules", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_conditions.py b/ansible_collections/cisco/ise/plugins/action/network_access_conditions.py new file mode 100644 index 00000000..a8068918 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_conditions.py @@ -0,0 +1,287 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + conditionType=dict(type="str"), + isNegate=dict(type="bool"), + link=dict(type="dict"), + description=dict(type="str"), + id=dict(type="str"), + name=dict(type="str"), + attributeName=dict(type="str"), + attributeValue=dict(type="str"), + dictionaryName=dict(type="str"), + dictionaryValue=dict(type="str"), + operator=dict(type="str"), + children=dict(type="list"), + datesRange=dict(type="dict"), + datesRangeException=dict(type="dict"), + hoursRange=dict(type="dict"), + hoursRangeException=dict(type="dict"), + weekDays=dict(type="list"), + weekDaysException=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessConditions(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition_type=params.get("conditionType"), + is_negate=params.get("isNegate"), + link=params.get("link"), + description=params.get("description"), + id=params.get("id"), + name=params.get("name"), + attribute_name=params.get("attributeName"), + attribute_value=params.get("attributeValue"), + dictionary_name=params.get("dictionaryName"), + dictionary_value=params.get("dictionaryValue"), + operator=params.get("operator"), + children=params.get("children"), + dates_range=params.get("datesRange"), + dates_range_exception=params.get("datesRangeException"), + hours_range=params.get("hoursRange"), + hours_range_exception=params.get("hoursRangeException"), + week_days=params.get("weekDays"), + week_days_exception=params.get("weekDaysException"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="network_access_conditions", + function="get_network_access_condition_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="network_access_conditions", + function="get_network_access_condition_by_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("conditionType", "condition_type"), + ("isNegate", "is_negate"), + ("link", "link"), + ("description", "description"), + ("id", "id"), + ("name", "name"), + ("attributeName", "attribute_name"), + ("attributeValue", "attribute_value"), + ("dictionaryName", "dictionary_name"), + ("dictionaryValue", "dictionary_value"), + ("operator", "operator"), + ("children", "children"), + ("datesRange", "dates_range"), + ("datesRangeException", "dates_range_exception"), + ("hoursRange", "hours_range"), + ("hoursRangeException", "hours_range_exception"), + ("weekDays", "week_days"), + ("weekDaysException", "week_days_exception"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_conditions", + function="create_network_access_condition", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="network_access_conditions", + function="update_network_access_condition_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="network_access_conditions", + function="update_network_access_condition_by_name", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="network_access_conditions", + function="delete_network_access_condition_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="network_access_conditions", + function="delete_network_access_condition_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessConditions(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authentication_rule_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authentication_rule_info.py new file mode 100644 index 00000000..630ae4d4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authentication_rule_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_conditions", + function='get_network_access_conditions_for_authentication_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authorization_rule_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authorization_rule_info.py new file mode 100644 index 00000000..66fcf2fd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_authorization_rule_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_conditions", + function='get_network_access_conditions_for_authorization_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_policy_set_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_policy_set_info.py new file mode 100644 index 00000000..be454029 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_for_policy_set_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_conditions", + function='get_network_access_conditions_for_policy_sets', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_conditions_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_info.py new file mode 100644 index 00000000..13d01ddb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_conditions_info.py @@ -0,0 +1,112 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_conditions", + function='get_network_access_condition_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="network_access_conditions", + function='get_network_access_condition_by_name', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_conditions", + function='get_network_access_conditions', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_dictionary.py b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary.py new file mode 100644 index 00000000..b0383b76 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary.py @@ -0,0 +1,235 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + description=dict(type="str"), + dictionaryAttrType=dict(type="str"), + id=dict(type="str"), + link=dict(type="dict"), + name=dict(type="str"), + version=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["name"], True), + ("state", "absent", ["name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessDictionary(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + description=params.get("description"), + dictionary_attr_type=params.get("dictionaryAttrType"), + id=params.get("id"), + link=params.get("link"), + name=params.get("name"), + version=params.get("version"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="network_access_dictionary", + function="get_network_access_dictionary_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("description", "description"), + ("dictionaryAttrType", "dictionary_attr_type"), + ("id", "id"), + ("link", "link"), + ("name", "name"), + ("version", "version"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_dictionary", + function="create_network_access_dictionaries", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not name: + name_ = self.get_object_by_id(id).get("name") + self.new_object.update(dict(name=name_)) + result = self.ise.exec( + family="network_access_dictionary", + function="update_network_access_dictionary_by_name", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not name: + name_ = self.get_object_by_id(id).get("name") + self.new_object.update(dict(name=name_)) + result = self.ise.exec( + family="network_access_dictionary", + function="delete_network_access_dictionary_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessDictionary(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute.py b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute.py new file mode 100644 index 00000000..7636058a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute.py @@ -0,0 +1,232 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + allowedValues=dict(type="list"), + dataType=dict(type="str"), + description=dict(type="str"), + dictionaryName=dict(type="str"), + directionType=dict(type="str"), + id=dict(type="str"), + internalName=dict(type="str"), + name=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["dictionaryName"], True), + ("state", "present", ["name"], True), + ("state", "absent", ["dictionaryName"], True), + ("state", "absent", ["name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessDictionaryAttribute(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + allowed_values=params.get("allowedValues"), + data_type=params.get("dataType"), + description=params.get("description"), + dictionary_name=params.get("dictionaryName"), + direction_type=params.get("directionType"), + id=params.get("id"), + internal_name=params.get("internalName"), + name=params.get("name"), + ) + + def get_object_by_name(self, name, dictionary_name): + try: + result = self.ise.exec( + family="network_access_dictionary_attribute", + function="get_network_access_dictionary_attribute_by_name", + params={"name": name, "dictionary_name": dictionary_name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + dictionary_name = self.new_object.get("dictionary_name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name, dictionary_name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("allowedValues", "allowed_values"), + ("dataType", "data_type"), + ("description", "description"), + ("dictionaryName", "dictionary_name"), + ("directionType", "direction_type"), + ("id", "id"), + ("internalName", "internal_name"), + ("name", "name"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_dictionary_attribute", + function="create_network_access_dictionary_attribute", + params=self.new_object, + ).response + return result + + def update(self): + result = self.ise.exec( + family="network_access_dictionary_attribute", + function="update_network_access_dictionary_attribute_by_name", + params=self.new_object + ).response + return result + + def delete(self): + result = self.ise.exec( + family="network_access_dictionary_attribute", + function="delete_network_access_dictionary_attribute_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessDictionaryAttribute(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute_info.py new file mode 100644 index 00000000..7eccecf6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attribute_info.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + dictionaryName=dict(type="str"), + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + dictionary_name=params.get("dictionaryName"), + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if name: + response = ise.exec( + family="network_access_dictionary_attribute", + function='get_network_access_dictionary_attribute_by_name', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_dictionary_attribute", + function='get_network_access_dictionary_attributes_by_dictionary_name', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authentication_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authentication_info.py new file mode 100644 index 00000000..433872fe --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authentication_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_dictionary_attributes_list", + function='get_network_access_dictionaries_authentication', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authorization_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authorization_info.py new file mode 100644 index 00000000..94bb7ea6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_authorization_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_dictionary_attributes_list", + function='get_network_access_dictionaries_authorization', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_policy_set_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_policy_set_info.py new file mode 100644 index 00000000..3da3318d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_attributes_policy_set_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_dictionary_attributes_list", + function='get_network_access_dictionaries_policy_set', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_info.py new file mode 100644 index 00000000..e4527b1e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_dictionary_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if name: + response = ise.exec( + family="network_access_dictionary", + function='get_network_access_dictionary_by_name', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_dictionary", + function='get_network_access_dictionaries', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules.py b/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules.py new file mode 100644 index 00000000..b2d3e9bc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules.py @@ -0,0 +1,254 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + link=dict(type="dict"), + profile=dict(type="list"), + rule=dict(type="dict"), + securityGroup=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "absent", ["id", "rule"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessGlobalExceptionRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + link=params.get("link"), + profile=params.get("profile"), + rule=params.get("rule"), + security_group=params.get("securityGroup"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="network_access_authorization_global_exception_rules", + function="get_network_access_policy_set_global_exception_rules", + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="network_access_authorization_global_exception_rules", + function="get_network_access_policy_set_global_exception_rule_by_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("link", "link"), + ("profile", "profile"), + ("rule", "rule"), + ("securityGroup", "security_group"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_authorization_global_exception_rules", + function="create_network_access_policy_set_global_exception_rule", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + result = None + if not id: + id_ = self.get_object_by_name(name).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authorization_global_exception_rules", + function="update_network_access_policy_set_global_exception_rule_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + result = None + if not id: + id_ = self.get_object_by_name(name).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authorization_global_exception_rules", + function="delete_network_access_policy_set_global_exception_rule_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessGlobalExceptionRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_info.py new file mode 100644 index 00000000..9f6a065d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_authorization_global_exception_rules", + function='get_network_access_policy_set_global_exception_rule_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_authorization_global_exception_rules", + function='get_network_access_policy_set_global_exception_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..73db9522 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_global_exception_rules_reset_hitcount.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="network_access_authorization_global_exception_rules", + function="reset_hit_counts_network_access_global_exceptions", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_identity_stores_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_identity_stores_info.py new file mode 100644 index 00000000..27a9769d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_identity_stores_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_identity_stores", + function='get_network_access_identity_stores', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules.py b/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules.py new file mode 100644 index 00000000..462fd608 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules.py @@ -0,0 +1,263 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + link=dict(type="dict"), + profile=dict(type="list"), + rule=dict(type="dict"), + securityGroup=dict(type="str"), + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "rule"], True), + ("state", "present", ["policyId"], True), + ("state", "absent", ["id", "rule"], True), + ("state", "absent", ["policyId"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessLocalExceptionRules(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + link=params.get("link"), + profile=params.get("profile"), + rule=params.get("rule"), + security_group=params.get("securityGroup"), + policy_id=params.get("policyId"), + id=params.get("id"), + ) + + def get_object_by_name(self, name, policy_id): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="network_access_authorization_exception_rules", + function="get_network_access_local_exception_rules", + params={"policy_id": policy_id} + ).response.get('response', []) or [] + for item in items: + if item.get('rule') and item['rule'].get('name') == name and item['rule'].get('id'): + result = dict(item) + return result + return result + + def get_object_by_id(self, id, policy_id): + try: + result = self.ise.exec( + family="network_access_authorization_exception_rules", + function="get_network_access_local_exception_rule_by_id", + handle_func_exception=False, + params={"id": id, "policy_id": policy_id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + name = False + o_id = self.new_object.get("id") + policy_id = self.new_object.get("policy_id") + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + o_id = o_id or self.new_object.get('rule', {}).get("id") + if o_id: + prev_obj = self.get_object_by_id(o_id, policy_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name, policy_id) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get('rule', {}).get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id, policy_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("link", "link"), + ("profile", "profile"), + ("rule", "rule"), + ("securityGroup", "security_group"), + ("policyId", "policy_id"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_authorization_exception_rules", + function="create_network_access_local_exception_rule", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authorization_exception_rules", + function="update_network_access_local_exception_rule_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = False + if self.new_object.get('rule', {}) is not None: + name = self.new_object.get('rule', {}).get("name") + id = id or self.new_object.get('rule', {}).get("id") + policy_id = self.new_object.get("policy_id") + result = None + if not id: + id_ = self.get_object_by_name(name, policy_id).get('rule', {}).get("id") + rule = self.new_object.get('rule', {}) + rule.update(dict(id=id_)) + self.new_object.update(dict(rule=rule, id=id_)) + result = self.ise.exec( + family="network_access_authorization_exception_rules", + function="delete_network_access_local_exception_rule_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessLocalExceptionRules(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_info.py new file mode 100644 index 00000000..f05f7c15 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_info.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_authorization_exception_rules", + function='get_network_access_local_exception_rule_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_authorization_exception_rules", + function='get_network_access_local_exception_rules', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_reset_hitcounts.py b/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_reset_hitcounts.py new file mode 100644 index 00000000..c575a8c8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_local_exception_rules_reset_hitcounts.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + policyId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + policy_id=params.get("policyId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="network_access_authorization_exception_rules", + function="reset_hit_counts_network_access_local_exceptions", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_network_condition.py b/ansible_collections/cisco/ise/plugins/action/network_access_network_condition.py new file mode 100644 index 00000000..dd223d16 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_network_condition.py @@ -0,0 +1,253 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + conditionType=dict(type="str"), + description=dict(type="str"), + id=dict(type="str"), + link=dict(type="dict"), + name=dict(type="str"), + deviceList=dict(type="list"), + cliDnisList=dict(type="list"), + ipAddrList=dict(type="list"), + macAddrList=dict(type="list"), + deviceGroupList=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessNetworkCondition(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition_type=params.get("conditionType"), + description=params.get("description"), + id=params.get("id"), + link=params.get("link"), + name=params.get("name"), + device_list=params.get("deviceList"), + cli_dnis_list=params.get("cliDnisList"), + ip_addr_list=params.get("ipAddrList"), + mac_addr_list=params.get("macAddrList"), + device_group_list=params.get("deviceGroupList"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="network_access_network_conditions", + function="get_network_access_network_conditions", + ).response.get('response', []) or [] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="network_access_network_conditions", + function="get_network_access_network_condition_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("conditionType", "condition_type"), + ("description", "description"), + ("id", "id"), + ("link", "link"), + ("name", "name"), + ("deviceList", "device_list"), + ("cliDnisList", "cli_dnis_list"), + ("ipAddrList", "ip_addr_list"), + ("macAddrList", "mac_addr_list"), + ("deviceGroupList", "device_group_list"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_network_conditions", + function="create_network_access_network_condition", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_access_network_conditions", + function="update_network_access_network_condition_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_access_network_conditions", + function="delete_network_access_network_condition_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessNetworkCondition(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_network_condition_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_network_condition_info.py new file mode 100644 index 00000000..5dbf02a0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_network_condition_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_network_conditions", + function='get_network_access_network_condition_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_network_conditions", + function='get_network_access_network_conditions', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_policy_set.py b/ansible_collections/cisco/ise/plugins/action/network_access_policy_set.py new file mode 100644 index 00000000..a11f40f0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_policy_set.py @@ -0,0 +1,256 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + condition=dict(type="dict"), + default=dict(type="bool"), + description=dict(type="str"), + hitCounts=dict(type="int"), + id=dict(type="str"), + isProxy=dict(type="bool"), + link=dict(type="dict"), + name=dict(type="str"), + rank=dict(type="int"), + serviceName=dict(type="str"), + state_=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessPolicySet(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition=params.get("condition"), + default=params.get("default"), + description=params.get("description"), + hit_counts=params.get("hitCounts"), + id=params.get("id"), + is_proxy=params.get("isProxy"), + link=params.get("link"), + name=params.get("name"), + rank=params.get("rank"), + service_name=params.get("serviceName"), + state=params.get("state_"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="network_access_policy_set", + function="get_network_access_policy_sets", + ).response.get('response', []) or [] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="network_access_policy_set", + function="get_network_access_policy_set_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("condition", "condition"), + ("default", "default"), + ("description", "description"), + ("hitCounts", "hit_counts"), + ("id", "id"), + ("isProxy", "is_proxy"), + ("link", "link"), + ("name", "name"), + ("rank", "rank"), + ("serviceName", "service_name"), + ("state_", "state"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_policy_set", + function="create_network_access_policy_set", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_access_policy_set", + function="update_network_access_policy_set_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_access_policy_set", + function="delete_network_access_policy_set_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessPolicySet(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_policy_set_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_policy_set_info.py new file mode 100644 index 00000000..6c329de5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_policy_set_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_policy_set", + function='get_network_access_policy_set_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_policy_set", + function='get_network_access_policy_sets', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_policy_set_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/action/network_access_policy_set_reset_hitcount.py new file mode 100644 index 00000000..fca1b223 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_policy_set_reset_hitcount.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="network_access_policy_set", + function="reset_hit_counts_network_access_policy_sets", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_profiles_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_profiles_info.py new file mode 100644 index 00000000..d89bf00a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_profiles_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_profiles", + function='get_network_access_profiles', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_security_groups_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_security_groups_info.py new file mode 100644 index 00000000..8319bac0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_security_groups_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_security_groups", + function='get_network_access_security_groups', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_service_name_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_service_name_info.py new file mode 100644 index 00000000..3e0c7cbb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_service_name_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="network_access_service_names", + function='get_network_access_service_names', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions.py b/ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions.py new file mode 100644 index 00000000..65957d07 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions.py @@ -0,0 +1,277 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + conditionType=dict(type="str"), + isNegate=dict(type="bool"), + link=dict(type="dict"), + description=dict(type="str"), + id=dict(type="str"), + name=dict(type="str"), + attributeName=dict(type="str"), + attributeValue=dict(type="str"), + dictionaryName=dict(type="str"), + dictionaryValue=dict(type="str"), + operator=dict(type="str"), + children=dict(type="list"), + datesRange=dict(type="dict"), + datesRangeException=dict(type="dict"), + hoursRange=dict(type="dict"), + hoursRangeException=dict(type="dict"), + weekDays=dict(type="list"), + weekDaysException=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkAccessTimeDateConditions(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + condition_type=params.get("conditionType"), + is_negate=params.get("isNegate"), + link=params.get("link"), + description=params.get("description"), + id=params.get("id"), + name=params.get("name"), + attribute_name=params.get("attributeName"), + attribute_value=params.get("attributeValue"), + dictionary_name=params.get("dictionaryName"), + dictionary_value=params.get("dictionaryValue"), + operator=params.get("operator"), + children=params.get("children"), + dates_range=params.get("datesRange"), + dates_range_exception=params.get("datesRangeException"), + hours_range=params.get("hoursRange"), + hours_range_exception=params.get("hoursRangeException"), + week_days=params.get("weekDays"), + week_days_exception=params.get("weekDaysException"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="network_access_time_date_conditions", + function="get_network_access_time_conditions", + ).response.get('response', []) or [] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="network_access_time_date_conditions", + function="get_network_access_time_condition_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("conditionType", "condition_type"), + ("isNegate", "is_negate"), + ("link", "link"), + ("description", "description"), + ("id", "id"), + ("name", "name"), + ("attributeName", "attribute_name"), + ("attributeValue", "attribute_value"), + ("dictionaryName", "dictionary_name"), + ("dictionaryValue", "dictionary_value"), + ("operator", "operator"), + ("children", "children"), + ("datesRange", "dates_range"), + ("datesRangeException", "dates_range_exception"), + ("hoursRange", "hours_range"), + ("hoursRangeException", "hours_range_exception"), + ("weekDays", "week_days"), + ("weekDaysException", "week_days_exception"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_access_time_date_conditions", + function="create_network_access_time_condition", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_access_time_date_conditions", + function="update_network_access_time_condition_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_access_time_date_conditions", + function="delete_network_access_time_condition_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkAccessTimeDateConditions(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions_info.py b/ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions_info.py new file mode 100644 index 00000000..5d3f5206 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_access_time_date_conditions_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_access_time_date_conditions", + function='get_network_access_time_condition_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="network_access_time_date_conditions", + function='get_network_access_time_conditions', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_device.py b/ansible_collections/cisco/ise/plugins/action/network_device.py new file mode 100644 index 00000000..f5d9636a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_device.py @@ -0,0 +1,283 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + authenticationSettings=dict(type="dict"), + snmpsettings=dict(type="dict"), + trustsecsettings=dict(type="dict"), + tacacsSettings=dict(type="dict"), + profileName=dict(type="str"), + coaPort=dict(type="int"), + dtlsDnsName=dict(type="str"), + modelName=dict(type="str"), + softwareVersion=dict(type="str"), + NetworkDeviceIPList=dict(type="list"), + NetworkDeviceGroupList=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkDevice(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + authentication_settings=params.get("authenticationSettings"), + snmpsettings=params.get("snmpsettings"), + trustsecsettings=params.get("trustsecsettings"), + tacacs_settings=params.get("tacacsSettings"), + profile_name=params.get("profileName"), + coa_port=params.get("coaPort"), + dtls_dns_name=params.get("dtlsDnsName"), + model_name=params.get("modelName"), + software_version=params.get("softwareVersion"), + network_device_iplist=params.get("NetworkDeviceIPList"), + network_device_group_list=params.get("NetworkDeviceGroupList"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="network_device", + function="get_network_device_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['NetworkDevice'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="network_device", + function="get_network_device_by_id", + handle_func_exception=False, + params={"id": id} + ).response['NetworkDevice'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("authenticationSettings", "authentication_settings"), + ("snmpsettings", "snmpsettings"), + ("trustsecsettings", "trustsecsettings"), + ("tacacsSettings", "tacacs_settings"), + ("profileName", "profile_name"), + ("coaPort", "coa_port"), + ("dtlsDnsName", "dtls_dns_name"), + ("modelName", "model_name"), + ("softwareVersion", "software_version"), + ("NetworkDeviceIPList", "network_device_iplist"), + ("NetworkDeviceGroupList", "network_device_group_list"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_device", + function="create_network_device", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="network_device", + function="update_network_device_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="network_device", + function="update_network_device_by_name", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="network_device", + function="delete_network_device_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="network_device", + function="delete_network_device_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkDevice(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_device_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/network_device_bulk_monitor_status_info.py new file mode 100644 index 00000000..801d0aef --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_device_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_device", + function='monitor_bulk_status_network_device', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_device_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/network_device_bulk_request.py new file mode 100644 index 00000000..49fb1bd9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_device_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="network_device", + function="bulk_request_for_network_device", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_device_group.py b/ansible_collections/cisco/ise/plugins/action/network_device_group.py new file mode 100644 index 00000000..8cd682e9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_device_group.py @@ -0,0 +1,248 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + othername=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NetworkDeviceGroup(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + othername=params.get("othername"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + query_name = name + if query_name: + query_name = query_name.replace('#', ':') + try: + result = self.ise.exec( + family="network_device_group", + function="get_network_device_group_by_name", + params={"name": query_name}, + handle_func_exception=False, + ).response['NetworkDeviceGroup'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="network_device_group", + function="get_network_device_group_by_id", + handle_func_exception=False, + params={"id": id} + ).response['NetworkDeviceGroup'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("othername", "othername"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="network_device_group", + function="create_network_device_group", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_device_group", + function="update_network_device_group_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="network_device_group", + function="delete_network_device_group_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NetworkDeviceGroup(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_device_group_info.py b/ansible_collections/cisco/ise/plugins/action/network_device_group_info.py new file mode 100644 index 00000000..739808f9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_device_group_info.py @@ -0,0 +1,154 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + if params.get("name"): + params["name"] = params["name"].replace('#', ':') + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_device_group", + function='get_network_device_group_by_id', + params=self.get_object(self._task.args) + ).response['NetworkDeviceGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="network_device_group", + function='get_network_device_group_by_name', + params=self.get_object(self._task.args) + ).response['NetworkDeviceGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="network_device_group", + function='get_network_device_group_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/network_device_info.py b/ansible_collections/cisco/ise/plugins/action/network_device_info.py new file mode 100644 index 00000000..454e7ac3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/network_device_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="network_device", + function='get_network_device_by_id', + params=self.get_object(self._task.args) + ).response['NetworkDevice'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="network_device", + function='get_network_device_by_name', + params=self.get_object(self._task.args) + ).response['NetworkDevice'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="network_device", + function='get_network_device_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_deployment.py b/ansible_collections/cisco/ise/plugins/action/node_deployment.py new file mode 100644 index 00000000..2610dd71 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_deployment.py @@ -0,0 +1,226 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + allowCertImport=dict(type="bool"), + fqdn=dict(type="str"), + password=dict(type="str", no_log=True), + roles=dict(type="list"), + services=dict(type="list"), + userName=dict(type="str"), + hostname=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["hostname"], True), + ("state", "absent", ["hostname"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NodeDeployment(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + allow_cert_import=params.get("allowCertImport"), + fqdn=params.get("fqdn"), + password=params.get("password"), + roles=params.get("roles"), + services=params.get("services"), + user_name=params.get("userName"), + hostname=params.get("hostname"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="node_deployment", + function="get_node_details", + params={"hostname": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("hostname") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("allowCertImport", "allow_cert_import"), + ("fqdn", "fqdn"), + ("password", "password"), + ("roles", "roles"), + ("services", "services"), + ("userName", "user_name"), + ("hostname", "hostname"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="node_deployment", + function="register_node", + params=self.new_object, + ).response + return result + + def update(self): + result = self.ise.exec( + family="node_deployment", + function="update_node", + params=self.new_object + ).response + return result + + def delete(self): + result = self.ise.exec( + family="node_deployment", + function="delete_node", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NodeDeployment(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_deployment_info.py b/ansible_collections/cisco/ise/plugins/action/node_deployment_info.py new file mode 100644 index 00000000..7427e473 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_deployment_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + filter=dict(type="list"), + filterType=dict(type="str"), + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + filter=params.get("filter"), + filter_type=params.get("filterType"), + hostname=params.get("hostname"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("hostname") + if name: + response = ise.exec( + family="node_deployment", + function='get_node_details', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="node_deployment", + function='get_nodes', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_deployment_sync.py b/ansible_collections/cisco/ise/plugins/action/node_deployment_sync.py new file mode 100644 index 00000000..90fcaf23 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_deployment_sync.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="node_deployment", + function="sync_node", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_group.py b/ansible_collections/cisco/ise/plugins/action/node_group.py new file mode 100644 index 00000000..be56fbbf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_group.py @@ -0,0 +1,220 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + description=dict(type="str"), + marCache=dict(type="dict"), + name=dict(type="str"), + nodeGroupName=dict(type="str"), + forceDelete=dict(type="bool"), +)) + +required_if = [ + ("state", "present", ["name", "nodeGroupName"], True), + ("state", "absent", ["name", "nodeGroupName"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NodeGroup(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + description=params.get("description"), + mar_cache=params.get("marCache"), + name=params.get("name"), + node_group_name=params.get("nodeGroupName") or params.get("name"), + force_delete=params.get("forceDelete"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="node_group", + function="get_node_group", + handle_func_exception=False, + params={"node_group_name": name} + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("node_group_name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("description", "description"), + ("marCache", "mar_cache"), + ("name", "name"), + ("nodeGroupName", "node_group_name"), + ("forceDelete", "force_delete"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="node_group", + function="create_node_group", + params=self.new_object, + ).response + return result + + def update(self): + result = self.ise.exec( + family="node_group", + function="update_node_group", + params=self.new_object + ).response + return result + + def delete(self): + result = self.ise.exec( + family="node_group", + function="delete_node_group", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NodeGroup(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_group_info.py b/ansible_collections/cisco/ise/plugins/action/node_group_info.py new file mode 100644 index 00000000..91d9a474 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_group_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + nodeGroupName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + node_group_name=params.get("nodeGroupName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("nodeGroupName") + if name: + response = ise.exec( + family="node_group", + function='get_node_group', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="node_group", + function='get_node_groups', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_group_node_create.py b/ansible_collections/cisco/ise/plugins/action/node_group_node_create.py new file mode 100644 index 00000000..e2810770 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_group_node_create.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), + nodeGroupName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + node_group_name=params.get("nodeGroupName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="node_group", + function="add_node", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_group_node_delete.py b/ansible_collections/cisco/ise/plugins/action/node_group_node_delete.py new file mode 100644 index 00000000..a3b33f27 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_group_node_delete.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), + nodeGroupName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + node_group_name=params.get("nodeGroupName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="node_group", + function="remove_node", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_group_node_info.py b/ansible_collections/cisco/ise/plugins/action/node_group_node_info.py new file mode 100644 index 00000000..c2c36914 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_group_node_info.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + nodeGroupName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + node_group_name=params.get("nodeGroupName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("nodeGroupName") + if name and not id: + response = ise.exec( + family="node_group", + function='get_nodes', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_info.py b/ansible_collections/cisco/ise/plugins/action/node_info.py new file mode 100644 index 00000000..aa02ede7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_info.py @@ -0,0 +1,148 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="node_details", + function='get_node_detail_by_id', + params=self.get_object(self._task.args) + ).response['Node'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="node_details", + function='get_node_detail_by_name', + params=self.get_object(self._task.args) + ).response['Node'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="node_details", + function='get_node_details_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_primary_to_standalone.py b/ansible_collections/cisco/ise/plugins/action/node_primary_to_standalone.py new file mode 100644 index 00000000..af546b5e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_primary_to_standalone.py @@ -0,0 +1,168 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [ + ("hostname"), +], +mutually_exclusive = [] +required_together = [] + + +class NodePrimaryToStandalone(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + hostname=params.get("hostname"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="node_deployment", + function="get_node_details", + params={"hostname": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("hostname") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + if "PrimaryAdmin" in current_obj.roles: + return True + return False + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NodePrimaryToStandalone(self._task.args, ise) + + name = self._task.args.get("hostname") + + response = None + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + response = ise.exec( + family="node_deployment", + function="make_standalone", + params=self.get_object(self._task.args), + ).response + ise.object_updated() + else: + if "Standalone" in prev_obj.roles: + ise.result["result"] = "Node is already Standalone" + else: + ise.fail_json("Invoke this API on Primary Node only") + else: + ise.fail_json("No such HostConfig with hostName [{hostname}]".format(hostname=name)) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_promotion.py b/ansible_collections/cisco/ise/plugins/action/node_promotion.py new file mode 100644 index 00000000..be953fd1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_promotion.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + promotionType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + promotion_type=params.get("promotionType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="node_deployment", + function='promote_node', + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_replication_status_info.py b/ansible_collections/cisco/ise/plugins/action/node_replication_status_info.py new file mode 100644 index 00000000..807d9761 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_replication_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + node=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + node=params.get("node"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("node") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="replication_status", + function='get_node_replication_status', + params=self.get_object(self._task.args) + ).response['NodeStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_secondary_to_primary.py b/ansible_collections/cisco/ise/plugins/action/node_secondary_to_primary.py new file mode 100644 index 00000000..9cbd890b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_secondary_to_primary.py @@ -0,0 +1,168 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [ + ("hostname"), +], +mutually_exclusive = [] +required_together = [] + + +class NodeSecondaryToPrimary(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + hostname=params.get("hostname"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="node_deployment", + function="get_node_details", + params={"hostname": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("hostname") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + if "SecondaryAdmin" in current_obj.roles: + return True + return False + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NodeSecondaryToPrimary(self._task.args, ise) + + name = self._task.args.get("hostname") + + response = None + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + response = ise.exec( + family="node_deployment", + function="promote_node", + params=self.get_object(self._task.args), + ).response + ise.object_updated() + else: + if "PrimaryAdmin" in prev_obj.roles: + ise.result["result"] = "Node is already Primary" + else: + ise.fail_json("Invoke this API on Secondary PAN node only") + else: + ise.fail_json("No such HostConfig with hostName [{hostname}]".format(hostname=name)) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_services_interfaces_info.py b/ansible_collections/cisco/ise/plugins/action/node_services_interfaces_info.py new file mode 100644 index 00000000..62c74180 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_services_interfaces_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("hostname") + if name: + response = ise.exec( + family="node_services", + function='get_interfaces', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config.py b/ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config.py new file mode 100644 index 00000000..71f25d3d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config.py @@ -0,0 +1,219 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + ise_compare_equality2, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + activeDirectory=dict(type="dict"), + dhcp=dict(type="dict"), + dhcpSpan=dict(type="dict"), + dns=dict(type="dict"), + http=dict(type="dict"), + netflow=dict(type="dict"), + nmap=dict(type="list"), + pxgrid=dict(type="list"), + radius=dict(type="list"), + snmpQuery=dict(type="dict"), + snmpTrap=dict(type="dict"), + hostname=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["hostname"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NodeServicesProfilerProbeConfig(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + active_directory=params.get("activeDirectory"), + dhcp=params.get("dhcp"), + dhcp_span=params.get("dhcpSpan"), + dns=params.get("dns"), + http=params.get("http"), + netflow=params.get("netflow"), + nmap=params.get("nmap"), + pxgrid=params.get("pxgrid"), + radius=params.get("radius"), + snmp_query=params.get("snmpQuery"), + snmp_trap=params.get("snmpTrap"), + hostname=params.get("hostname"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="node_services", + function="get_profiler_probe_config", + params={"hostname": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("hostname") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("activeDirectory", "active_directory", False), + ("dhcp", "dhcp", False), + ("dhcpSpan", "dhcp_span", False), + ("dns", "dns", False), + ("http", "http", False), + ("netflow", "netflow", False), + ("nmap", "nmap", False), + ("pxgrid", "pxgrid", False), + ("radius", "radius", False), + ("snmpQuery", "snmp_query", False), + ("snmpTrap", "snmp_trap", False), + ("hostname", "hostname", True), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality2(current_obj.get(ise_param), + requested_obj.get(ansible_param), + is_query_param) + for (ise_param, ansible_param, is_query_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("hostname") + result = None + if not name: + name_ = self.get_object_by_id(id).get("hostname") + self.new_object.update(dict(name=name_)) + result = self.ise.exec( + family="node_services", + function="set_profiler_probe_config", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NodeServicesProfilerProbeConfig(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config_info.py b/ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config_info.py new file mode 100644 index 00000000..484b1101 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_services_profiler_probe_config_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("hostname") + if name: + response = ise.exec( + family="node_services", + function='get_profiler_probe_config', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces.py b/ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces.py new file mode 100644 index 00000000..622f25e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces.py @@ -0,0 +1,172 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + interface=dict(type="str"), + hostname=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["hostname"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NodeServicesSxpInterfaces(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + interface=params.get("interface"), + hostname=params.get("hostname"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="node_services", + function="get_sxp_interface", + params={"hostname": name} + ).response['response'] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("hostname") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("interface", "interface"), + ("hostname", "hostname"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("hostname") + result = None + result = self.ise.exec( + family="node_services", + function="set_sxp_interface", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NodeServicesSxpInterfaces(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces_info.py b/ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces_info.py new file mode 100644 index 00000000..48f7d019 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_services_sxp_interfaces_info.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("hostname") + if not name and not id: + response = ise.exec( + family="node_services", + function='get_sxp_interface', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_standalone_to_primary.py b/ansible_collections/cisco/ise/plugins/action/node_standalone_to_primary.py new file mode 100644 index 00000000..def196c6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_standalone_to_primary.py @@ -0,0 +1,167 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) +required_if = [] +required_one_of = [ + ("hostname"), +], +mutually_exclusive = [] +required_together = [] + + +class NodeStandaloneToPrimary(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + hostname=params.get("hostname"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="node_deployment", + function="get_node_details", + params={"hostname": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("hostname") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + if "Standalone" in current_obj.roles: + return True + return False + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = NodeStandaloneToPrimary(self._task.args, ise) + + name = self._task.args.get("hostname") + + response = None + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + response = ise.exec( + family="node_deployment", + function="make_primary", + params=self.get_object(self._task.args), + ).response + ise.object_updated() + else: + if "PrimaryAdmin" in prev_obj.roles: + ise.result["result"] = "Node is already Primary" + else: + ise.fail_json("Invoke this API on Standalone Node only") + else: + ise.fail_json("No such HostConfig with hostName [{hostname}]".format(hostname=name)) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/node_sync.py b/ansible_collections/cisco/ise/plugins/action/node_sync.py new file mode 100644 index 00000000..941729eb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/node_sync.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostname=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + hostname=params.get("hostname"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="sync_ise_node", + function='sync_node', + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pan_ha.py b/ansible_collections/cisco/ise/plugins/action/pan_ha.py new file mode 100644 index 00000000..2b6ce746 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pan_ha.py @@ -0,0 +1,197 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + isEnabled=dict(type="bool"), + primaryHealthCheckNode=dict(type="str"), + secondaryHealthCheckNode=dict(type="str"), + pollingInterval=dict(type="int"), + failedAttempts=dict(type="int"), +)) + +required_if = [ + ("state", "present", [], True), + ("state", "absent", [], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class PanHa(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + is_enabled=params.get("isEnabled"), + primary_health_check_node=params.get("primaryHealthCheckNode"), + secondary_health_check_node=params.get("secondaryHealthCheckNode"), + polling_interval=params.get("pollingInterval"), + failed_attempts=params.get("failedAttempts"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="pan_ha", + function="get_pan_ha_status" + ).response['response'] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("isEnabled", "is_enabled"), + ("primaryHealthCheckNode", "primary_health_check_node"), + ("secondaryHealthCheckNode", "secondary_health_check_node"), + ("pollingInterval", "polling_interval"), + ("failedAttempts", "failed_attempts"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="pan_ha", + function="enable_pan_ha", + params=self.new_object, + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + result = self.ise.exec( + family="pan_ha", + function="disable_pan_ha", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = PanHa(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + response = prev_obj + ise.object_present_and_different() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pan_ha_info.py b/ansible_collections/cisco/ise/plugins/action/pan_ha_info.py new file mode 100644 index 00000000..02a4f1b5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pan_ha_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="pan_ha", + function='get_pan_ha_status', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pan_ha_update.py b/ansible_collections/cisco/ise/plugins/action/pan_ha_update.py new file mode 100644 index 00000000..db7f3c14 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pan_ha_update.py @@ -0,0 +1,96 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + failedAttempts=dict(type="int"), + isEnabled=dict(type="bool"), + pollingInterval=dict(type="int"), + primaryHealthCheckNode=dict(type="dict"), + secondaryHealthCheckNode=dict(type="dict"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + failed_attempts=params.get("failedAttempts"), + is_enabled=params.get("isEnabled"), + polling_interval=params.get("pollingInterval"), + primary_health_check_node=params.get("primaryHealthCheckNode"), + secondary_health_check_node=params.get("secondaryHealthCheckNode"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="pan_ha", + function="update_pan_ha", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/patch_info.py b/ansible_collections/cisco/ise/plugins/action/patch_info.py new file mode 100644 index 00000000..a0493384 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/patch_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="patching", + function='list_installed_patches', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/patch_install.py b/ansible_collections/cisco/ise/plugins/action/patch_install.py new file mode 100644 index 00000000..6e825050 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/patch_install.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + patchName=dict(type="str"), + repositoryName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + patch_name=params.get("patchName"), + repository_name=params.get("repositoryName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="patching", + function="install_patch", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/patch_rollback.py b/ansible_collections/cisco/ise/plugins/action/patch_rollback.py new file mode 100644 index 00000000..246845d7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/patch_rollback.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + patchNumber=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + patch_number=params.get("patchNumber"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="patching", + function="rollback_patch", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/personas_check_standalone.py b/ansible_collections/cisco/ise/plugins/action/personas_check_standalone.py new file mode 100644 index 00000000..e6e6668b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/personas_check_standalone.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from urllib.parse import quote +import time +from ansible_collections.cisco.ise.plugins.plugin_utils.personas_utils import Node + +argument_spec = dict( + ip=dict(type="str", required=True), + username=dict(type="str", required=True), + password=dict(type="str", required=True), + hostname=dict(type="str", required=True), + ise_verify=dict(type="bool", default=True), + ise_version=dict(type="str", default="3.1.0"), + ise_wait_on_rate_limit=dict(type="bool", default=True), +) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail( + "ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'" + ) + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + node = Node(dict(ip=self._task.args.get("ip"), + username=self._task.args.get("username"), + password=self._task.args.get("password"), + hostname=self._task.args.get("hostname") + )) + + if not (node.is_standalone() and node.app_server_is_running()): + raise AnsibleActionFail( + "Node {node_name} is not in STANDALONE state or application server is not running.".format( + node_name=node.name + ) + ) + + response = "Node {hostname} is in STANDALONE mode".format(hostname=self._task.args.get("hostname")) + + self._result.update(dict(ise_response=response)) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/personas_export_certs.py b/ansible_collections/cisco/ise/plugins/action/personas_export_certs.py new file mode 100644 index 00000000..a0a3e6d8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/personas_export_certs.py @@ -0,0 +1,99 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from urllib.parse import quote +import time +from ansible_collections.cisco.ise.plugins.plugin_utils.personas_utils import Node + +argument_spec = dict( + primary_ip=dict(type="str", required=True), + primary_username=dict(type="str", required=True), + primary_password=dict(type="str", required=True), + name=dict(type="str", required=True), + ip=dict(type="str", required=True), + hostname=dict(type="str", required=True), + username=dict(type="str", required=True), + password=dict(type="str", required=True), + ise_verify=dict(type="bool", default=True), + ise_version=dict(type="str", default="3.1.0"), + ise_wait_on_rate_limit=dict(type="bool", default=True), +) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail( + "ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'" + ) + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + primary_node = Node(dict(ip=self._task.args.get("primary_ip"), + username=self._task.args.get("primary_username"), + password=self._task.args.get("primary_password"), + ) + ) + + this_node = Node(dict(name=self._task.args.get("name"), + ip=self._task.args.get("ip"), + hostname=self._task.args.get("hostname"), + username=self._task.args.get("username"), + password=self._task.args.get("password"), + ) + ) + + this_node.import_certificate_into_primary(primary_node) + + response = "The certificate for {hostname} was exported successfully to the primary node".format(hostname=this_node.hostname) + + self._result.update(dict(ise_response=response)) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/personas_promote_primary.py b/ansible_collections/cisco/ise/plugins/action/personas_promote_primary.py new file mode 100644 index 00000000..9de4ae5a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/personas_promote_primary.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from urllib.parse import quote +import time +from ansible_collections.cisco.ise.plugins.plugin_utils.personas_utils import Node + +argument_spec = dict( + ip=dict(type="str", required=True), + username=dict(type="str", required=True), + password=dict(type="str", required=True), + ise_verify=dict(type="bool", default=True), + ise_version=dict(type="str", default="3.1.0"), + ise_wait_on_rate_limit=dict(type="bool", default=True), +) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail( + "ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'" + ) + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + node = Node(dict(ip=self._task.args.get("ip"), + username=self._task.args.get("username"), + password=self._task.args.get("password"), + ) + ) + + node.promote_to_primary() + + response = "Primary node was successfully updated" + + self._result.update(dict(ise_response=response)) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/personas_register_node.py b/ansible_collections/cisco/ise/plugins/action/personas_register_node.py new file mode 100644 index 00000000..708551dd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/personas_register_node.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from urllib.parse import quote +import time +from ansible_collections.cisco.ise.plugins.plugin_utils.personas_utils import Node + +argument_spec = dict( + primary_ip=dict(type="str", required=True), + primary_username=dict(type="str", required=True), + primary_password=dict(type="str", required=True), + fqdn=dict(type="str", required=True), + username=dict(type="str", required=True), + password=dict(type="str", required=True), + roles=dict(type="list", required=True), + services=dict(type="list", required=True), + ise_verify=dict(type="bool", default=True), + ise_version=dict(type="str", default="3.1.0"), + ise_wait_on_rate_limit=dict(type="bool", default=True), +) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail( + "ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'" + ) + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + primary_node = Node(dict(ip=self._task.args.get("primary_ip"), + username=self._task.args.get("primary_username"), + password=self._task.args.get("primary_password"), + ) + ) + + this_node = Node(dict(name=self._task.args.get("name"), + fqdn=self._task.args.get("fqdn"), + username=self._task.args.get("username"), + password=self._task.args.get("password"), + roles=self._task.args.get("roles"), + services=self._task.args.get("services"), + ) + ) + + if primary_node.app_server_is_running(): + this_node.register_to_primary(primary_node) + else: + raise AnsibleActionFail("Application server is not running.") + + response = "Node {fqdn} updated successfully".format(fqdn=self._task.args.get("fqdn")) + + self._result.update(dict(ise_response=response)) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/personas_update_roles_services.py b/ansible_collections/cisco/ise/plugins/action/personas_update_roles_services.py new file mode 100644 index 00000000..bca25ce3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/personas_update_roles_services.py @@ -0,0 +1,115 @@ +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type +from ansible.plugins.action import ActionBase +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from urllib.parse import quote +import time +from ansible_collections.cisco.ise.plugins.plugin_utils.personas_utils import Node +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ise_compare_equality, +) + +argument_spec = dict( + ip=dict(type="str", required=True), + username=dict(type="str", required=True), + password=dict(type="str", required=True), + hostname=dict(type="str", required=True), + roles=dict(type="list", required=True), + services=dict(type="list", required=True), + ise_verify=dict(type="bool", default=True), + ise_version=dict(type="str", default="3.0.0"), + ise_wait_on_rate_limit=dict(type="bool", default=True), # TODO: verify what the true default value should be +) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class NodeDeployment(object): + def requires_update(self, current_obj, requested_obj): + obj_params = [ + ("roles", "roles"), + ("services", "services"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + obj = NodeDeployment() + request_obj = dict(ip=self._task.args.get("ip"), + username=self._task.args.get("username"), + password=self._task.args.get("password"), + hostname=self._task.args.get("hostname"), + roles=self._task.args.get("roles"), + services=self._task.args.get("services"), + ) + node = Node(request_obj) + prev_obj = False + result = dict(changed=False, result="") + response = None + if not node.app_server_is_running(): + raise AnsibleActionFail("Couldn't connect, the node might be still initializing, try again in a few minutes. Error received: 502") + try: + prev_obj = node.get_roles_services() + except Exception as e: + AnsibleActionFail(e) + if prev_obj: + if obj.requires_update(prev_obj, request_obj): + try: + node.update_roles_services() + response = node.get_roles_services() + result["changed"] = True + result["result"] = "Object updated" + except Exception as e: + raise AnsibleActionFail("The node might be still initializing. Error received: {e}".format(e=e)) + else: + response = prev_obj + result["result"] = "Object already present" + self._result.update(dict(ise_response=response)) + self._result.update(result) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/portal_global_setting.py b/ansible_collections/cisco/ise/plugins/action/portal_global_setting.py new file mode 100644 index 00000000..762235af --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/portal_global_setting.py @@ -0,0 +1,219 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + id=dict(type="str"), + customization=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class PortalGlobalSetting(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + customization=params.get("customization"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="portal_global_setting", + function="get_portal_global_settings_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="portal_global_setting", + function="get_portal_global_setting_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['PortalCustomizationGlobalSetting'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("customization", "customization"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="portal_global_setting", + function="update_portal_global_setting_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = PortalGlobalSetting(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/portal_global_setting_info.py b/ansible_collections/cisco/ise/plugins/action/portal_global_setting_info.py new file mode 100644 index 00000000..b27bd26b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/portal_global_setting_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="portal_global_setting", + function='get_portal_global_setting_by_id', + params=self.get_object(self._task.args) + ).response['PortalCustomizationGlobalSetting'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="portal_global_setting", + function='get_portal_global_settings_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/portal_info.py b/ansible_collections/cisco/ise/plugins/action/portal_info.py new file mode 100644 index 00000000..3e4a54e7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/portal_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="portal", + function='get_portal_by_id', + params=self.get_object(self._task.args) + ).response['ERSPortal'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="portal", + function='get_portals_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/portal_theme.py b/ansible_collections/cisco/ise/plugins/action/portal_theme.py new file mode 100644 index 00000000..7b2d2c91 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/portal_theme.py @@ -0,0 +1,261 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + themeData=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class PortalTheme(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + theme_data=params.get("themeData"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="portal_theme", + function="get_portal_themes_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="portal_theme", + function="get_portal_theme_by_id", + handle_func_exception=False, + params={"id": id} + ).response['PortalTheme'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("themeData", "theme_data"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="portal_theme", + function="create_portal_theme", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="portal_theme", + function="update_portal_theme_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="portal_theme", + function="delete_portal_theme_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = PortalTheme(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/portal_theme_info.py b/ansible_collections/cisco/ise/plugins/action/portal_theme_info.py new file mode 100644 index 00000000..ab52db7d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/portal_theme_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="portal_theme", + function='get_portal_theme_by_id', + params=self.get_object(self._task.args) + ).response['PortalTheme'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="portal_theme", + function='get_portal_themes_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/profiler_profile_info.py b/ansible_collections/cisco/ise/plugins/action/profiler_profile_info.py new file mode 100644 index 00000000..50cedbbb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/profiler_profile_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="profiler_profile", + function='get_profiler_profile_by_id', + params=self.get_object(self._task.args) + ).response['ProfilerProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="profiler_profile", + function='get_profiler_profiles_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/proxy_connection_settings.py b/ansible_collections/cisco/ise/plugins/action/proxy_connection_settings.py new file mode 100644 index 00000000..758eebd7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/proxy_connection_settings.py @@ -0,0 +1,183 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + bypassHosts=dict(type="str"), + fqdn=dict(type="str"), + password=dict(type="str", no_log=True), + passwordRequired=dict(type="bool"), + port=dict(type="int"), + userName=dict(type="str"), +)) + +required_if = [ + ("state", "present", [], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ProxyConnectionSettings(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + bypass_hosts=params.get("bypassHosts"), + fqdn=params.get("fqdn"), + password=params.get("password"), + password_required=params.get("passwordRequired"), + port=params.get("port"), + user_name=params.get("userName"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="proxy", + function="get_proxy_connection" + ).response['response'] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("bypassHosts", "bypass_hosts"), + ("fqdn", "fqdn"), + ("password", "password"), + ("passwordRequired", "password_required"), + ("port", "port"), + ("userName", "user_name"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + result = self.ise.exec( + family="proxy", + function="update_proxy_connection", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = ProxyConnectionSettings(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/proxy_connection_settings_info.py b/ansible_collections/cisco/ise/plugins/action/proxy_connection_settings_info.py new file mode 100644 index 00000000..629e4373 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/proxy_connection_settings_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="proxy", + function='get_proxy_connection', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/px_grid_node_approve.py b/ansible_collections/cisco/ise/plugins/action/px_grid_node_approve.py new file mode 100644 index 00000000..d1a28a5a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/px_grid_node_approve.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="px_grid_node", + function="approve_px_grid_node", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/px_grid_node_delete.py b/ansible_collections/cisco/ise/plugins/action/px_grid_node_delete.py new file mode 100644 index 00000000..eff20fc8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/px_grid_node_delete.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="px_grid_node", + function="delete_px_grid_node_by_name", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/px_grid_node_info.py b/ansible_collections/cisco/ise/plugins/action/px_grid_node_info.py new file mode 100644 index 00000000..20e5bdf5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/px_grid_node_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="px_grid_node", + function='get_px_grid_node_by_id', + params=self.get_object(self._task.args) + ).response['PxgridNode'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="px_grid_node", + function='get_px_grid_node_by_name', + params=self.get_object(self._task.args) + ).response['PxgridNode'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="px_grid_node", + function='get_px_grid_node_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/px_grid_settings_auto_approve.py b/ansible_collections/cisco/ise/plugins/action/px_grid_settings_auto_approve.py new file mode 100644 index 00000000..ed674d64 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/px_grid_settings_auto_approve.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + autoApproveCertBasedAccounts=dict(type="bool"), + allowPasswordBasedAccounts=dict(type="bool"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + auto_approve_cert_based_accounts=params.get("autoApproveCertBasedAccounts"), + allow_password_based_accounts=params.get("allowPasswordBasedAccounts"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="px_grid_settings", + function="autoapprove_px_grid_settings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_access_secret.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_access_secret.py new file mode 100644 index 00000000..43bbb95f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_access_secret.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + peerNodeName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + peer_node_name=params.get("peerNodeName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="consumer", + function="access_secret", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_account_activate.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_account_activate.py new file mode 100644 index 00000000..8c7e71aa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_account_activate.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + description=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + description=params.get("description"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="consumer", + function="activate_account", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_account_create.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_account_create.py new file mode 100644 index 00000000..040247a7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_account_create.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + nodeName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + node_name=params.get("nodeName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="consumer", + function="create_account", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_authorization.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_authorization.py new file mode 100644 index 00000000..7ac4e39b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_authorization.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="provider", + function="authorization", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_bindings_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_bindings_info.py new file mode 100644 index 00000000..fba8c50f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_bindings_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="trust_sec_sxp", + function="get_bindings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_egress_matrices_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_egress_matrices_info.py new file mode 100644 index 00000000..51054097 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_egress_matrices_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="trust_sec_configuration", + function="get_egress_matrices", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_egress_policies_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_egress_policies_info.py new file mode 100644 index 00000000..4ef5b302 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_egress_policies_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="trust_sec_configuration", + function="get_egress_policies", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoint_by_mac_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoint_by_mac_info.py new file mode 100644 index 00000000..afcdf865 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoint_by_mac_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="mdm", + function="get_endpoint_by_mac_address", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_os_type_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_os_type_info.py new file mode 100644 index 00000000..0df3187b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_os_type_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="mdm", + function="get_endpoints_by_os_type", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_type_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_type_info.py new file mode 100644 index 00000000..e7508f6d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_by_type_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="mdm", + function="get_endpoints_by_type", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_info.py new file mode 100644 index 00000000..ba538d3a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_endpoints_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="mdm", + function="get_endpoints", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_failures_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_failures_info.py new file mode 100644 index 00000000..14558669 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_failures_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="radius_failure", + function='get_failures', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_healths_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_healths_info.py new file mode 100644 index 00000000..a0ff7012 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_healths_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="system_health", + function="get_healths", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_node_approve.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_node_approve.py new file mode 100644 index 00000000..d1a28a5a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_node_approve.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="px_grid_node", + function="approve_px_grid_node", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_node_delete.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_node_delete.py new file mode 100644 index 00000000..eff20fc8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_node_delete.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="px_grid_node", + function="delete_px_grid_node_by_name", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_node_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_node_info.py new file mode 100644 index 00000000..20e5bdf5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_node_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="px_grid_node", + function='get_px_grid_node_by_id', + params=self.get_object(self._task.args) + ).response['PxgridNode'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="px_grid_node", + function='get_px_grid_node_by_name', + params=self.get_object(self._task.args) + ).response['PxgridNode'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="px_grid_node", + function='get_px_grid_node_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_performances_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_performances_info.py new file mode 100644 index 00000000..9297f8fc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_performances_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="system_health", + function="get_performances", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_profiles_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_profiles_info.py new file mode 100644 index 00000000..ddf5a5ae --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_profiles_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="profiler", + function="get_profiles", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_security_group_acls_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_security_group_acls_info.py new file mode 100644 index 00000000..9f7c69c6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_security_group_acls_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="trust_sec_configuration", + function="get_security_group_acls", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_security_groups_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_security_groups_info.py new file mode 100644 index 00000000..a5e80820 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_security_groups_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="trust_sec_configuration", + function="get_security_groups", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_service_lookup.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_lookup.py new file mode 100644 index 00000000..afc65092 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_lookup.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="consumer", + function="lookup_service", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_service_register.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_register.py new file mode 100644 index 00000000..df3e440c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_register.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="provider", + function="register_service", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_service_reregister.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_reregister.py new file mode 100644 index 00000000..0260f6e6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_reregister.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="provider", + function="reregister_service", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_service_unregister.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_unregister.py new file mode 100644 index 00000000..e245c4d8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_service_unregister.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="provider", + function="unregister_service", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_ip_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_ip_info.py new file mode 100644 index 00000000..82f25569 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_ip_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="session_directory", + function="get_session_by_ip_address", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_mac_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_mac_info.py new file mode 100644 index 00000000..17cdf4e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_session_by_mac_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="session_directory", + function="get_session_by_mac_address", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_session_for_recovery_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_session_for_recovery_info.py new file mode 100644 index 00000000..35c2a0fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_session_for_recovery_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="session_directory", + function="get_sessions_for_recovery", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_sessions_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_sessions_info.py new file mode 100644 index 00000000..86316c1b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_sessions_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="session_directory", + function="get_sessions", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_settings_auto_approve.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_settings_auto_approve.py new file mode 100644 index 00000000..ed674d64 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_settings_auto_approve.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + autoApproveCertBasedAccounts=dict(type="bool"), + allowPasswordBasedAccounts=dict(type="bool"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + auto_approve_cert_based_accounts=params.get("autoApproveCertBasedAccounts"), + allow_password_based_accounts=params.get("allowPasswordBasedAccounts"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="px_grid_settings", + function="autoapprove_px_grid_settings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_user_group_by_username_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_user_group_by_username_info.py new file mode 100644 index 00000000..67513d4c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_user_group_by_username_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="session_directory", + function="get_user_group_by_user_name", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/pxgrid_user_groups_info.py b/ansible_collections/cisco/ise/plugins/action/pxgrid_user_groups_info.py new file mode 100644 index 00000000..ecfd2bb5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/pxgrid_user_groups_info.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="session_directory", + function="get_user_groups", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/radius_server_sequence.py b/ansible_collections/cisco/ise/plugins/action/radius_server_sequence.py new file mode 100644 index 00000000..ab25c9a5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/radius_server_sequence.py @@ -0,0 +1,294 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + stripPrefix=dict(type="bool"), + stripSuffix=dict(type="bool"), + prefixSeparator=dict(type="str"), + suffixSeparator=dict(type="str"), + remoteAccounting=dict(type="bool"), + localAccounting=dict(type="bool"), + useAttrSetOnRequest=dict(type="bool"), + useAttrSetBeforeAcc=dict(type="bool"), + continueAuthorzPolicy=dict(type="bool"), + RadiusServerList=dict(type="list"), + OnRequestAttrManipulatorList=dict(type="list"), + BeforeAcceptAttrManipulatorsList=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class RadiusServerSequence(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + strip_prefix=params.get("stripPrefix"), + strip_suffix=params.get("stripSuffix"), + prefix_separator=params.get("prefixSeparator"), + suffix_separator=params.get("suffixSeparator"), + remote_accounting=params.get("remoteAccounting"), + local_accounting=params.get("localAccounting"), + use_attr_set_on_request=params.get("useAttrSetOnRequest"), + use_attr_set_before_acc=params.get("useAttrSetBeforeAcc"), + continue_authorz_policy=params.get("continueAuthorzPolicy"), + radius_server_list=params.get("RadiusServerList"), + on_request_attr_manipulator_list=params.get("OnRequestAttrManipulatorList"), + before_accept_attr_manipulators_list=params.get("BeforeAcceptAttrManipulatorsList"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + gen_items_responses = self.ise.exec( + family="radius_server_sequence", + function="get_radius_server_sequence_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="radius_server_sequence", + function="get_radius_server_sequence_by_id", + handle_func_exception=False, + params={"id": id} + ).response['RadiusServerSequence'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("stripPrefix", "strip_prefix"), + ("stripSuffix", "strip_suffix"), + ("prefixSeparator", "prefix_separator"), + ("suffixSeparator", "suffix_separator"), + ("remoteAccounting", "remote_accounting"), + ("localAccounting", "local_accounting"), + ("useAttrSetOnRequest", "use_attr_set_on_request"), + ("useAttrSetBeforeAcc", "use_attr_set_before_acc"), + ("continueAuthorzPolicy", "continue_authorz_policy"), + ("RadiusServerList", "radius_server_list"), + ("OnRequestAttrManipulatorList", "on_request_attr_manipulator_list"), + ("BeforeAcceptAttrManipulatorsList", "before_accept_attr_manipulators_list"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="radius_server_sequence", + function="create_radius_server_sequence", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="radius_server_sequence", + function="update_radius_server_sequence_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="radius_server_sequence", + function="delete_radius_server_sequence_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = RadiusServerSequence(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/radius_server_sequence_info.py b/ansible_collections/cisco/ise/plugins/action/radius_server_sequence_info.py new file mode 100644 index 00000000..821f5ac3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/radius_server_sequence_info.py @@ -0,0 +1,133 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="radius_server_sequence", + function='get_radius_server_sequence_by_id', + params=self.get_object(self._task.args) + ).response['RadiusServerSequence'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="radius_server_sequence", + function='get_radius_server_sequence_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/renew_certificate.py b/ansible_collections/cisco/ise/plugins/action/renew_certificate.py new file mode 100644 index 00000000..e8c5aca1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/renew_certificate.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + certType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + cert_type=params.get("certType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="renew_certificates", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/repository.py b/ansible_collections/cisco/ise/plugins/action/repository.py new file mode 100644 index 00000000..0b01c202 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/repository.py @@ -0,0 +1,241 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + protocol=dict(type="str"), + path=dict(type="str"), + password=dict(type="str", no_log=True), + serverName=dict(type="str"), + userName=dict(type="str"), + enablePki=dict(type="bool"), + repositoryName=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["name", "repositoryName"], True), + ("state", "absent", ["name", "repositoryName"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class Repository(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + protocol=params.get("protocol"), + path=params.get("path"), + password=params.get("password"), + server_name=params.get("serverName"), + user_name=params.get("userName"), + enable_pki=params.get("enablePki"), + repository_name=params.get("repositoryName") or params.get("name"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="repository", + function="get_repository", + params={"repository_name": name}, + handle_func_exception=False, + ).response['response'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("repository_name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("protocol", "protocol"), + ("path", "path"), + ("password", "password"), + ("serverName", "server_name"), + ("userName", "user_name"), + ("enablePki", "enable_pki"), + ("repositoryName", "repository_name"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="repository", + function="create_repository", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not name: + name_ = self.get_object_by_id(id).get("name") + self.new_object.update(dict(name=name_)) + result = self.ise.exec( + family="repository", + function="update_repository", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not name: + name_ = self.get_object_by_id(id).get("name") + self.new_object.update(dict(name=name_)) + result = self.ise.exec( + family="repository", + function="delete_repository", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = Repository(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/repository_files_info.py b/ansible_collections/cisco/ise/plugins/action/repository_files_info.py new file mode 100644 index 00000000..f41da0ff --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/repository_files_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + repositoryName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + repository_name=params.get("repositoryName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("repositoryName") + if name: + response = ise.exec( + family="repository", + function='get_repository_files', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="repository", + function='get_repository_files', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/repository_info.py b/ansible_collections/cisco/ise/plugins/action/repository_info.py new file mode 100644 index 00000000..4c27ff60 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/repository_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + repositoryName=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + repository_name=params.get("repositoryName"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("repositoryName") + if name: + response = ise.exec( + family="repository", + function='get_repository', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="repository", + function='get_repositories', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/resource_version_info.py b/ansible_collections/cisco/ise/plugins/action/resource_version_info.py new file mode 100644 index 00000000..4dcf7478 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/resource_version_info.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + resource=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + resource=params.get("resource"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="version_info", + function='get_version_info', + params=self.get_object(self._task.args) + ).response['VersionInfo'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/rest_id_store.py b/ansible_collections/cisco/ise/plugins/action/rest_id_store.py new file mode 100644 index 00000000..1e138018 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/rest_id_store.py @@ -0,0 +1,253 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + ersRestIDStoreAttributes=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class RestIdStore(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + ers_rest_idstore_attributes=params.get("ersRestIDStoreAttributes"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="restid_store", + function="get_rest_id_store_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['ERSRestIDStore'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="restid_store", + function="get_rest_id_store_by_id", + handle_func_exception=False, + params={"id": id} + ).response['ERSRestIDStore'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("ersRestIDStoreAttributes", "ers_rest_idstore_attributes"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="restid_store", + function="create_rest_id_store", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="restid_store", + function="update_rest_id_store_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="restid_store", + function="update_rest_id_store_by_name", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if id: + result = self.ise.exec( + family="restid_store", + function="delete_rest_id_store_by_id", + params=self.new_object + ).response + elif name: + result = self.ise.exec( + family="restid_store", + function="delete_rest_id_store_by_name", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = RestIdStore(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/rest_id_store_info.py b/ansible_collections/cisco/ise/plugins/action/rest_id_store_info.py new file mode 100644 index 00000000..64726af7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/rest_id_store_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="restid_store", + function='get_rest_id_store_by_id', + params=self.get_object(self._task.args) + ).response['ERSRestIDStore'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="restid_store", + function='get_rest_id_store_by_name', + params=self.get_object(self._task.args) + ).response['ERSRestIDStore'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="restid_store", + function='get_rest_id_store_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/self_registered_portal.py b/ansible_collections/cisco/ise/plugins/action/self_registered_portal.py new file mode 100644 index 00000000..fb0bf742 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/self_registered_portal.py @@ -0,0 +1,270 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + portalType=dict(type="str"), + portalTestUrl=dict(type="str"), + settings=dict(type="dict"), + customizations=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name", "settings"], True), + ("state", "absent", ["id", "name", "settings"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SelfRegisteredPortal(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + portal_type=params.get("portalType"), + portal_test_url=params.get("portalTestUrl"), + settings=params.get("settings"), + customizations=params.get("customizations"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="self_registered_portal", + function="get_self_registered_portals_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="self_registered_portal", + function="get_self_registered_portal_by_id", + handle_func_exception=False, + params={"id": id} + ).response['SelfRegPortal'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("portalType", "portal_type"), + ("portalTestUrl", "portal_test_url"), + ("settings", "settings"), + ("customizations", "customizations"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="self_registered_portal", + function="create_self_registered_portal", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="self_registered_portal", + function="update_self_registered_portal_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="self_registered_portal", + function="delete_self_registered_portal_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SelfRegisteredPortal(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/self_registered_portal_info.py b/ansible_collections/cisco/ise/plugins/action/self_registered_portal_info.py new file mode 100644 index 00000000..d02d0016 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/self_registered_portal_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="self_registered_portal", + function='get_self_registered_portal_by_id', + params=self.get_object(self._task.args) + ).response['SelfRegPortal'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="self_registered_portal", + function='get_self_registered_portals_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/selfsigned_certificate_generate.py b/ansible_collections/cisco/ise/plugins/action/selfsigned_certificate_generate.py new file mode 100644 index 00000000..5c1a29bd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/selfsigned_certificate_generate.py @@ -0,0 +1,150 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + admin=dict(type="bool"), + allowExtendedValidity=dict(type="bool"), + allowPortalTagTransferForSameSubject=dict(type="bool"), + allowReplacementOfCertificates=dict(type="bool"), + allowReplacementOfPortalGroupTag=dict(type="bool"), + allowRoleTransferForSameSubject=dict(type="bool"), + allowSanDnsBadName=dict(type="bool"), + allowSanDnsNonResolvable=dict(type="bool"), + allowWildCardCertificates=dict(type="bool"), + certificatePolicies=dict(type="str"), + digestType=dict(type="str"), + eap=dict(type="bool"), + expirationTTL=dict(type="int"), + expirationTTLUnit=dict(type="str"), + hostName=dict(type="str"), + keyLength=dict(type="str"), + keyType=dict(type="str"), + name=dict(type="str"), + portal=dict(type="bool"), + portalGroupTag=dict(type="str"), + pxgrid=dict(type="bool"), + radius=dict(type="bool"), + saml=dict(type="bool"), + sanDNS=dict(type="list"), + sanIP=dict(type="list"), + sanURI=dict(type="list"), + subjectCity=dict(type="str"), + subjectCommonName=dict(type="str"), + subjectCountry=dict(type="str"), + subjectOrg=dict(type="str"), + subjectOrgUnit=dict(type="str"), + subjectState=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + admin=params.get("admin"), + allow_extended_validity=params.get("allowExtendedValidity"), + allow_portal_tag_transfer_for_same_subject=params.get("allowPortalTagTransferForSameSubject"), + allow_replacement_of_certificates=params.get("allowReplacementOfCertificates"), + allow_replacement_of_portal_group_tag=params.get("allowReplacementOfPortalGroupTag"), + allow_role_transfer_for_same_subject=params.get("allowRoleTransferForSameSubject"), + allow_san_dns_bad_name=params.get("allowSanDnsBadName"), + allow_san_dns_non_resolvable=params.get("allowSanDnsNonResolvable"), + allow_wild_card_certificates=params.get("allowWildCardCertificates"), + certificate_policies=params.get("certificatePolicies"), + digest_type=params.get("digestType"), + eap=params.get("eap"), + expiration_ttl=params.get("expirationTTL"), + expiration_ttl_unit=params.get("expirationTTLUnit"), + host_name=params.get("hostName"), + key_length=params.get("keyLength"), + key_type=params.get("keyType"), + name=params.get("name"), + portal=params.get("portal"), + portal_group_tag=params.get("portalGroupTag"), + pxgrid=params.get("pxgrid"), + radius=params.get("radius"), + saml=params.get("saml"), + san_dns=params.get("sanDNS"), + san_ip=params.get("sanIP"), + san_uri=params.get("sanURI"), + subject_city=params.get("subjectCity"), + subject_common_name=params.get("subjectCommonName"), + subject_country=params.get("subjectCountry"), + subject_org=params.get("subjectOrg"), + subject_org_unit=params.get("subjectOrgUnit"), + subject_state=params.get("subjectState"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="generate_self_signed_certificate", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/session_service_node_info.py b/ansible_collections/cisco/ise/plugins/action/session_service_node_info.py new file mode 100644 index 00000000..edd33df5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/session_service_node_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="psn_node_details_with_radius_service", + function='get_session_service_node_by_id', + params=self.get_object(self._task.args) + ).response['SessionServiceNode'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="psn_node_details_with_radius_service", + function='get_session_service_node_by_name', + params=self.get_object(self._task.args) + ).response['SessionServiceNode'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="psn_node_details_with_radius_service", + function='get_session_service_node_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_acl.py b/ansible_collections/cisco/ise/plugins/action/sg_acl.py new file mode 100644 index 00000000..152d6176 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_acl.py @@ -0,0 +1,273 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + generationId=dict(type="str"), + aclcontent=dict(type="str"), + isReadOnly=dict(type="bool"), + modelledContent=dict(type="dict"), + ipVersion=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SgAcl(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + generation_id=params.get("generationId"), + aclcontent=params.get("aclcontent"), + is_read_only=params.get("isReadOnly"), + modelled_content=params.get("modelledContent"), + ip_version=params.get("ipVersion"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="security_groups_acls", + function="get_security_groups_acl_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="security_groups_acls", + function="get_security_groups_acl_by_id", + handle_func_exception=False, + params={"id": id} + ).response['Sgacl'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("generationId", "generation_id"), + ("aclcontent", "aclcontent"), + ("isReadOnly", "is_read_only"), + ("modelledContent", "modelled_content"), + ("ipVersion", "ip_version"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="security_groups_acls", + function="create_security_groups_acl", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="security_groups_acls", + function="update_security_groups_acl_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="security_groups_acls", + function="delete_security_groups_acl_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SgAcl(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_monitor_status_info.py new file mode 100644 index 00000000..863c2f4c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="security_groups_acls", + function='monitor_bulk_status_security_groups_acl', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_request.py new file mode 100644 index 00000000..7cfff24d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_acl_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="security_groups_acls", + function="bulk_request_for_security_groups_acl", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_acl_info.py b/ansible_collections/cisco/ise/plugins/action/sg_acl_info.py new file mode 100644 index 00000000..36b14a20 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_acl_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="security_groups_acls", + function='get_security_groups_acl_by_id', + params=self.get_object(self._task.args) + ).response['Sgacl'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="security_groups_acls", + function='get_security_groups_acl_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping.py new file mode 100644 index 00000000..288fd80b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping.py @@ -0,0 +1,273 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + sgt=dict(type="str"), + deployTo=dict(type="str"), + deployType=dict(type="str"), + hostName=dict(type="str"), + hostIp=dict(type="str"), + mappingGroup=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SgMapping(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + sgt=params.get("sgt"), + deploy_to=params.get("deployTo"), + deploy_type=params.get("deployType"), + host_name=params.get("hostName"), + host_ip=params.get("hostIp"), + mapping_group=params.get("mappingGroup"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="ip_to_sgt_mapping", + function="get_ip_to_sgt_mapping_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="ip_to_sgt_mapping", + function="get_ip_to_sgt_mapping_by_id", + handle_func_exception=False, + params={"id": id} + ).response['SGMapping'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("sgt", "sgt"), + ("deployTo", "deploy_to"), + ("deployType", "deploy_type"), + ("hostName", "host_name"), + ("hostIp", "host_ip"), + ("mappingGroup", "mapping_group"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="ip_to_sgt_mapping", + function="create_ip_to_sgt_mapping", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="ip_to_sgt_mapping", + function="update_ip_to_sgt_mapping_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="ip_to_sgt_mapping", + function="delete_ip_to_sgt_mapping_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SgMapping(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_monitor_status_info.py new file mode 100644 index 00000000..d7f24202 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="ip_to_sgt_mapping", + function='monitor_bulk_status_ip_to_sgt_mapping', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_request.py new file mode 100644 index 00000000..e82eb637 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="ip_to_sgt_mapping", + function="bulk_request_for_ip_to_sgt_mapping", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy.py new file mode 100644 index 00000000..784a828d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="ip_to_sgt_mapping", + function="deploy_ip_to_sgt_mapping_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_all.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_all.py new file mode 100644 index 00000000..cf72239c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_all.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="ip_to_sgt_mapping", + function="deploy_all_ip_to_sgt_mapping", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_status_info.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_status_info.py new file mode 100644 index 00000000..216014fc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_deploy_status_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="ip_to_sgt_mapping", + function='get_deploy_status_ip_to_sgt_mapping', + params=self.get_object(self._task.args) + ).response['OperationResult'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_group.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group.py new file mode 100644 index 00000000..67bac900 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group.py @@ -0,0 +1,264 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + sgt=dict(type="str"), + deployTo=dict(type="str"), + deployType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SgMappingGroup(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + sgt=params.get("sgt"), + deploy_to=params.get("deployTo"), + deploy_type=params.get("deployType"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="ip_to_sgt_mapping_group", + function="get_ip_to_sgt_mapping_group_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="ip_to_sgt_mapping_group", + function="get_ip_to_sgt_mapping_group_by_id", + handle_func_exception=False, + params={"id": id} + ).response['SGMappingGroup'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("sgt", "sgt"), + ("deployTo", "deploy_to"), + ("deployType", "deploy_type"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="ip_to_sgt_mapping_group", + function="create_ip_to_sgt_mapping_group", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="ip_to_sgt_mapping_group", + function="update_ip_to_sgt_mapping_group_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="ip_to_sgt_mapping_group", + function="delete_ip_to_sgt_mapping_group_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SgMappingGroup(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_monitor_status_info.py new file mode 100644 index 00000000..567ab2dc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="ip_to_sgt_mapping_group", + function='monitor_bulk_status_ip_to_sgt_mapping_group', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_request.py new file mode 100644 index 00000000..f1830ce0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="ip_to_sgt_mapping_group", + function="bulk_request_for_ip_to_sgt_mapping_group", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy.py new file mode 100644 index 00000000..e9035f0a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="ip_to_sgt_mapping_group", + function="deploy_ip_to_sgt_mapping_group_by_id", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_all.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_all.py new file mode 100644 index 00000000..55c9a7ae --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_all.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="ip_to_sgt_mapping_group", + function="deploy_all_ip_to_sgt_mapping_group", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_status_info.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_status_info.py new file mode 100644 index 00000000..38f02d4e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_deploy_status_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="ip_to_sgt_mapping_group", + function='get_deploy_status_ip_to_sgt_mapping_group', + params=self.get_object(self._task.args) + ).response['OperationResult'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_info.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_info.py new file mode 100644 index 00000000..04b67c51 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_group_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="ip_to_sgt_mapping_group", + function='get_ip_to_sgt_mapping_group_by_id', + params=self.get_object(self._task.args) + ).response['SGMappingGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="ip_to_sgt_mapping_group", + function='get_ip_to_sgt_mapping_group_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_mapping_info.py b/ansible_collections/cisco/ise/plugins/action/sg_mapping_info.py new file mode 100644 index 00000000..8d8b0bea --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_mapping_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="ip_to_sgt_mapping", + function='get_ip_to_sgt_mapping_by_id', + params=self.get_object(self._task.args) + ).response['SGMapping'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="ip_to_sgt_mapping", + function='get_ip_to_sgt_mapping_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan.py b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan.py new file mode 100644 index 00000000..243b6d20 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan.py @@ -0,0 +1,264 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + name=dict(type="str"), + description=dict(type="str"), + sgtId=dict(type="str"), + virtualnetworklist=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SgToVnToVlan(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + name=params.get("name"), + description=params.get("description"), + sgt_id=params.get("sgtId"), + virtualnetworklist=params.get("virtualnetworklist"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="security_group_to_virtual_network", + function="get_security_groups_to_vn_to_vlan_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="security_group_to_virtual_network", + function="get_security_groups_to_vn_to_vlan_by_id", + handle_func_exception=False, + params={"id": id} + ).response['SgtVNVlanContainer'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("name", "name"), + ("description", "description"), + ("sgtId", "sgt_id"), + ("virtualnetworklist", "virtualnetworklist"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="security_group_to_virtual_network", + function="create_security_groups_to_vn_to_vlan", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="security_group_to_virtual_network", + function="update_security_groups_to_vn_to_vlan_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="security_group_to_virtual_network", + function="delete_security_groups_to_vn_to_vlan_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SgToVnToVlan(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py new file mode 100644 index 00000000..692d4b83 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="security_group_to_virtual_network", + function='monitor_bulk_status_security_groups_to_vn_to_vlan', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_request.py new file mode 100644 index 00000000..23a48207 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="security_group_to_virtual_network", + function="bulk_request_for_security_groups_to_vn_to_vlan", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_info.py b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_info.py new file mode 100644 index 00000000..b0194ce1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sg_to_vn_to_vlan_info.py @@ -0,0 +1,137 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="security_group_to_virtual_network", + function='get_security_groups_to_vn_to_vlan_by_id', + params=self.get_object(self._task.args) + ).response['SgtVNVlanContainer'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="security_group_to_virtual_network", + function='get_security_groups_to_vn_to_vlan_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sgt.py b/ansible_collections/cisco/ise/plugins/action/sgt.py new file mode 100644 index 00000000..6b4c1123 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sgt.py @@ -0,0 +1,274 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + value=dict(type="int"), + generationId=dict(type="str"), + isReadOnly=dict(type="bool"), + propogateToApic=dict(type="bool"), + defaultSGACLs=dict(type="list"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class Sgt(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + value=params.get("value"), + generation_id=params.get("generationId"), + is_read_only=params.get("isReadOnly"), + propogate_to_apic=params.get("propogateToApic"), + default_sgacls=params.get("defaultSGACLs"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="security_groups", + function="get_security_groups_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="security_groups", + function="get_security_group_by_id", + handle_func_exception=False, + params={"id": id} + ).response['Sgt'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + if requested_obj.get("value") and requested_obj.get("value") == -1: + requested_obj["value"] = current_obj.get("value") + obj_params = [ + ("name", "name"), + ("description", "description"), + ("value", "value"), + ("generationId", "generation_id"), + ("isReadOnly", "is_read_only"), + ("propogateToApic", "propogate_to_apic"), + ("defaultSGACLs", "default_sgacls"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="security_groups", + function="create_security_group", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="security_groups", + function="update_security_group_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="security_groups", + function="delete_security_group_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = Sgt(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sgt_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sgt_bulk_monitor_status_info.py new file mode 100644 index 00000000..1ad0b071 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sgt_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="security_groups", + function='monitor_bulk_status_security_group', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sgt_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sgt_bulk_request.py new file mode 100644 index 00000000..2157144b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sgt_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="security_groups", + function="bulk_request_for_security_group", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sgt_info.py b/ansible_collections/cisco/ise/plugins/action/sgt_info.py new file mode 100644 index 00000000..3c1602e7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sgt_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="security_groups", + function='get_security_group_by_id', + params=self.get_object(self._task.args) + ).response['Sgt'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="security_groups", + function='get_security_groups_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sms_provider_info.py b/ansible_collections/cisco/ise/plugins/action/sms_provider_info.py new file mode 100644 index 00000000..75971faf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sms_provider_info.py @@ -0,0 +1,130 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + responses = [] + generator = ise.exec( + family="sms_provider", + function='get_sms_provider_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sponsor_group.py b/ansible_collections/cisco/ise/plugins/action/sponsor_group.py new file mode 100644 index 00000000..8bd4bc92 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sponsor_group.py @@ -0,0 +1,285 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + isEnabled=dict(type="bool"), + isDefaultGroup=dict(type="bool"), + memberGroups=dict(type="list"), + guestTypes=dict(type="list"), + locations=dict(type="list"), + autoNotification=dict(type="bool"), + createPermissions=dict(type="dict"), + managePermission=dict(type="str"), + otherPermissions=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SponsorGroup(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + is_enabled=params.get("isEnabled"), + is_default_group=params.get("isDefaultGroup"), + member_groups=params.get("memberGroups"), + guest_types=params.get("guestTypes"), + locations=params.get("locations"), + auto_notification=params.get("autoNotification"), + create_permissions=params.get("createPermissions"), + manage_permission=params.get("managePermission"), + other_permissions=params.get("otherPermissions"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="sponsor_group", + function="get_sponsor_group_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="sponsor_group", + function="get_sponsor_group_by_id", + handle_func_exception=False, + params={"id": id} + ).response['SponsorGroup'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("isEnabled", "is_enabled"), + ("isDefaultGroup", "is_default_group"), + ("memberGroups", "member_groups"), + ("guestTypes", "guest_types"), + ("locations", "locations"), + ("autoNotification", "auto_notification"), + ("createPermissions", "create_permissions"), + ("managePermission", "manage_permission"), + ("otherPermissions", "other_permissions"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="sponsor_group", + function="create_sponsor_group", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sponsor_group", + function="update_sponsor_group_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sponsor_group", + function="delete_sponsor_group_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SponsorGroup(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sponsor_group_info.py b/ansible_collections/cisco/ise/plugins/action/sponsor_group_info.py new file mode 100644 index 00000000..695b9895 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sponsor_group_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sponsor_group", + function='get_sponsor_group_by_id', + params=self.get_object(self._task.args) + ).response['SponsorGroup'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="sponsor_group", + function='get_sponsor_group_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sponsor_group_member_info.py b/ansible_collections/cisco/ise/plugins/action/sponsor_group_member_info.py new file mode 100644 index 00000000..4efac6fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sponsor_group_member_info.py @@ -0,0 +1,130 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + responses = [] + generator = ise.exec( + family="sponsor_group_member", + function='get_sponsor_group_member_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sponsor_portal.py b/ansible_collections/cisco/ise/plugins/action/sponsor_portal.py new file mode 100644 index 00000000..95a45c1a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sponsor_portal.py @@ -0,0 +1,270 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + portalType=dict(type="str"), + portalTestUrl=dict(type="str"), + settings=dict(type="dict"), + customizations=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name", "settings"], True), + ("state", "absent", ["id", "name", "settings"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SponsorPortal(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + portal_type=params.get("portalType"), + portal_test_url=params.get("portalTestUrl"), + settings=params.get("settings"), + customizations=params.get("customizations"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="sponsor_portal", + function="get_sponsor_portal_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="sponsor_portal", + function="get_sponsor_portal_by_id", + handle_func_exception=False, + params={"id": id} + ).response['SponsorPortal'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("portalType", "portal_type"), + ("portalTestUrl", "portal_test_url"), + ("settings", "settings"), + ("customizations", "customizations"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="sponsor_portal", + function="create_sponsor_portal", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sponsor_portal", + function="update_sponsor_portal_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sponsor_portal", + function="delete_sponsor_portal_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SponsorPortal(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sponsor_portal_info.py b/ansible_collections/cisco/ise/plugins/action/sponsor_portal_info.py new file mode 100644 index 00000000..41ce0dfe --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sponsor_portal_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sponsor_portal", + function='get_sponsor_portal_by_id', + params=self.get_object(self._task.args) + ).response['SponsorPortal'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="sponsor_portal", + function='get_sponsor_portal_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal.py b/ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal.py new file mode 100644 index 00000000..437eb6b1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal.py @@ -0,0 +1,270 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + portalType=dict(type="str"), + portalTestUrl=dict(type="str"), + settings=dict(type="dict"), + customizations=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name", "settings"], True), + ("state", "absent", ["id", "name", "settings"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SponsoredGuestPortal(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + portal_type=params.get("portalType"), + portal_test_url=params.get("portalTestUrl"), + settings=params.get("settings"), + customizations=params.get("customizations"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="sponsored_guest_portal", + function="get_sponsored_guest_portals_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="sponsored_guest_portal", + function="get_sponsored_guest_portal_by_id", + handle_func_exception=False, + params={"id": id} + ).response['SponsoredGuestPortal'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("portalType", "portal_type"), + ("portalTestUrl", "portal_test_url"), + ("settings", "settings"), + ("customizations", "customizations"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="sponsored_guest_portal", + function="create_sponsored_guest_portal", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sponsored_guest_portal", + function="update_sponsored_guest_portal_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sponsored_guest_portal", + function="delete_sponsored_guest_portal_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SponsoredGuestPortal(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal_info.py b/ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal_info.py new file mode 100644 index 00000000..732d3e77 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sponsored_guest_portal_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sponsored_guest_portal", + function='get_sponsored_guest_portal_by_id', + params=self.get_object(self._task.args) + ).response['SponsoredGuestPortal'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="sponsored_guest_portal", + function='get_sponsored_guest_portals_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/support_bundle.py b/ansible_collections/cisco/ise/plugins/action/support_bundle.py new file mode 100644 index 00000000..73e925af --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/support_bundle.py @@ -0,0 +1,94 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + description=dict(type="str"), + hostName=dict(type="str"), + supportBundleIncludeOptions=dict(type="dict"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + description=params.get("description"), + host_name=params.get("hostName"), + support_bundle_include_options=params.get("supportBundleIncludeOptions"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="support_bundle_trigger_configuration", + function="create_support_bundle", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/support_bundle_download.py b/ansible_collections/cisco/ise/plugins/action/support_bundle_download.py new file mode 100644 index 00000000..e21df3e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/support_bundle_download.py @@ -0,0 +1,100 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + fileName=dict(type="str"), + dirPath=dict(type="str"), + saveFile=dict(type="bool"), + filename=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + file_name=params.get("fileName"), + dirpath=params.get("dirPath"), + save_file=params.get("saveFile"), + filename=params.get("filename"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + download_response = ise.exec( + family="support_bundle_download", + function="download_support_bundle", + params=self.get_object(self._task.args), + ) + response = dict( + data=download_response.data.decode(encoding='utf-8'), + filename=download_response.filename, + dirpath=download_response.dirpath, + path=download_response.path, + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/support_bundle_status_info.py b/ansible_collections/cisco/ise/plugins/action/support_bundle_status_info.py new file mode 100644 index 00000000..34f77c21 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/support_bundle_status_info.py @@ -0,0 +1,133 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="support_bundle_status", + function='get_support_bundle_status_by_id', + params=self.get_object(self._task.args) + ).response['SBStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="support_bundle_status", + function='get_support_bundle_status_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_connections.py b/ansible_collections/cisco/ise/plugins/action/sxp_connections.py new file mode 100644 index 00000000..1ad726f4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_connections.py @@ -0,0 +1,275 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + description=dict(type="str"), + sxpPeer=dict(type="str"), + sxpVpn=dict(type="str"), + sxpNode=dict(type="str"), + ipAddress=dict(type="str"), + sxpMode=dict(type="str"), + sxpVersion=dict(type="str"), + enabled=dict(type="bool"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "absent", ["id"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SxpConnections(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + description=params.get("description"), + sxp_peer=params.get("sxpPeer"), + sxp_vpn=params.get("sxpVpn"), + sxp_node=params.get("sxpNode"), + ip_address=params.get("ipAddress"), + sxp_mode=params.get("sxpMode"), + sxp_version=params.get("sxpVersion"), + enabled=params.get("enabled"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="sxp_connections", + function="get_sxp_connections_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="sxp_connections", + function="get_sxp_connections_by_id", + handle_func_exception=False, + params={"id": id} + ).response['ERSSxpConnection'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("description", "description"), + ("sxpPeer", "sxp_peer"), + ("sxpVpn", "sxp_vpn"), + ("sxpNode", "sxp_node"), + ("ipAddress", "ip_address"), + ("sxpMode", "sxp_mode"), + ("sxpVersion", "sxp_version"), + ("enabled", "enabled"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="sxp_connections", + function="create_sxp_connections", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sxp_connections", + function="update_sxp_connections_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sxp_connections", + function="delete_sxp_connections_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SxpConnections(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_monitor_status_info.py new file mode 100644 index 00000000..3376e2f7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sxp_connections", + function='monitor_bulk_status_sxp_connections', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_request.py new file mode 100644 index 00000000..ff5ab9c1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_connections_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="sxp_connections", + function="bulk_request_for_sxp_connections", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_connections_info.py b/ansible_collections/cisco/ise/plugins/action/sxp_connections_info.py new file mode 100644 index 00000000..55411cb9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_connections_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sxp_connections", + function='get_sxp_connections_by_id', + params=self.get_object(self._task.args) + ).response['ERSSxpConnection'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="sxp_connections", + function='get_sxp_connections_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings.py b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings.py new file mode 100644 index 00000000..10451d9b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings.py @@ -0,0 +1,270 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + description=dict(type="str"), + bindingName=dict(type="str"), + ipAddressOrHost=dict(type="str"), + sxpVpn=dict(type="str"), + sgt=dict(type="str"), + vns=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id"], True), + ("state", "absent", ["id"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SxpLocalBindings(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + description=params.get("description"), + binding_name=params.get("bindingName"), + ip_address_or_host=params.get("ipAddressOrHost"), + sxp_vpn=params.get("sxpVpn"), + sgt=params.get("sgt"), + vns=params.get("vns"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="sxp_local_bindings", + function="get_sxp_local_bindings_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="sxp_local_bindings", + function="get_sxp_local_bindings_by_id", + handle_func_exception=False, + params={"id": id} + ).response['ERSSxpLocalBindings'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("description", "description"), + ("bindingName", "binding_name"), + ("ipAddressOrHost", "ip_address_or_host"), + ("sxpVpn", "sxp_vpn"), + ("sgt", "sgt"), + ("vns", "vns"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="sxp_local_bindings", + function="create_sxp_local_bindings", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sxp_local_bindings", + function="update_sxp_local_bindings_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sxp_local_bindings", + function="delete_sxp_local_bindings_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SxpLocalBindings(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_monitor_status_info.py new file mode 100644 index 00000000..da9fe0d1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sxp_local_bindings", + function='monitor_bulk_status_sxp_local_bindings', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_request.py new file mode 100644 index 00000000..ff23aa0d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="sxp_local_bindings", + function="bulk_request_for_sxp_local_bindings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_info.py b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_info.py new file mode 100644 index 00000000..e2856ee0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_local_bindings_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sxp_local_bindings", + function='get_sxp_local_bindings_by_id', + params=self.get_object(self._task.args) + ).response['ERSSxpLocalBindings'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="sxp_local_bindings", + function='get_sxp_local_bindings_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_vpns.py b/ansible_collections/cisco/ise/plugins/action/sxp_vpns.py new file mode 100644 index 00000000..e9021d46 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_vpns.py @@ -0,0 +1,227 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + sxpVpnName=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "absent", ["id"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SxpVpns(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + sxp_vpn_name=params.get("sxpVpnName"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="sxp_vpns", + function="get_sxp_vpns_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['SearchResult']['resources'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="sxp_vpns", + function="get_sxp_vpn_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['ERSSxpVpn'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("sxpVpnName", "sxp_vpn_name"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="sxp_vpns", + function="create_sxp_vpn", + params=self.new_object, + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sxp_vpns", + function="delete_sxp_vpn_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SxpVpns(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + response = prev_obj + ise.object_present_and_different() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_monitor_status_info.py new file mode 100644 index 00000000..74a8cf9d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_monitor_status_info.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + bulkid=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + bulkid=params.get("bulkid"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("bulkid") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sxp_vpns", + function='monitor_bulk_status_sxp_vpns', + params=self.get_object(self._task.args) + ).response['BulkStatus'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_request.py b/ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_request.py new file mode 100644 index 00000000..391deb4c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_vpns_bulk_request.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + operationType=dict(type="str"), + resourceMediaType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + operation_type=params.get("operationType"), + resource_media_type=params.get("resourceMediaType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="sxp_vpns", + function="bulk_request_for_sxp_vpns", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/sxp_vpns_info.py b/ansible_collections/cisco/ise/plugins/action/sxp_vpns_info.py new file mode 100644 index 00000000..ca26ec9b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/sxp_vpns_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + filter=dict(type="list"), + filterType=dict(type="str"), + sortasc=dict(type="str"), + sortdsc=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + sortasc=params.get("sortasc"), + sortdsc=params.get("sortdsc"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sxp_vpns", + function='get_sxp_vpn_by_id', + params=self.get_object(self._task.args) + ).response['ERSSxpVpn'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="sxp_vpns", + function='get_sxp_vpns_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/system_certificate.py b/ansible_collections/cisco/ise/plugins/action/system_certificate.py new file mode 100644 index 00000000..0ca92628 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/system_certificate.py @@ -0,0 +1,268 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + admin=dict(type="bool"), + allowPortalTagTransferForSameSubject=dict(type="bool"), + allowReplacementOfPortalGroupTag=dict(type="bool"), + allowRoleTransferForSameSubject=dict(type="bool"), + description=dict(type="str"), + eap=dict(type="bool"), + expirationTTLPeriod=dict(type="int"), + expirationTTLUnits=dict(type="str"), + ims=dict(type="bool"), + name=dict(type="str"), + portal=dict(type="bool"), + portalGroupTag=dict(type="str"), + pxgrid=dict(type="bool"), + radius=dict(type="bool"), + renewSelfSignedCertificate=dict(type="bool"), + saml=dict(type="bool"), + id=dict(type="str"), + hostName=dict(type="str"), + allowWildcardDelete=dict(type="bool"), +)) + +required_if = [ + ("state", "present", ["hostName"], True), + ("state", "present", ["id", "name"], True), + ("state", "present", ["hostName"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class SystemCertificate(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + admin=params.get("admin"), + allow_portal_tag_transfer_for_same_subject=params.get("allowPortalTagTransferForSameSubject"), + allow_replacement_of_portal_group_tag=params.get("allowReplacementOfPortalGroupTag"), + allow_role_transfer_for_same_subject=params.get("allowRoleTransferForSameSubject"), + description=params.get("description"), + eap=params.get("eap"), + expiration_ttl_period=params.get("expirationTTLPeriod"), + expiration_ttl_units=params.get("expirationTTLUnits"), + ims=params.get("ims"), + name=params.get("name"), + portal=params.get("portal"), + portal_group_tag=params.get("portalGroupTag"), + pxgrid=params.get("pxgrid"), + radius=params.get("radius"), + renew_self_signed_certificate=params.get("renewSelfSignedCertificate"), + saml=params.get("saml"), + id=params.get("id"), + host_name=params.get("hostName"), + allow_wildcard_delete=params.get("allowWildcardDelete"), + ) + + def get_object_by_name(self, name, host_name): + result = None + gen_items_responses = self.ise.exec( + family="certificates", + function="get_system_certificates_generator", + params={"host_name": host_name} + ) + try: + for items_response in gen_items_responses: + items = items_response.response.get('response', []) or [] + result = get_dict_result(items, 'friendlyName', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id, host_name): + try: + result = self.ise.exec( + family="certificates", + function="get_system_certificate_by_id", + params={"id": id, "host_name": host_name}, + handle_func_exception=False, + ).response + except Exception as e: + result = None + return result + + def exists(self): + prev_obj = None + result = False + id = self.new_object.get("id") + name = self.new_object.get("name") + host_name = self.new_object.get("host_name") + if id: + prev_obj = self.get_object_by_id(id, host_name) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name, host_name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("admin", "admin"), + ("allowPortalTagTransferForSameSubject", "allow_portal_tag_transfer_for_same_subject"), + ("allowReplacementOfPortalGroupTag", "allow_replacement_of_portal_group_tag"), + ("allowRoleTransferForSameSubject", "allow_role_transfer_for_same_subject"), + ("description", "description"), + ("eap", "eap"), + ("expirationTTLPeriod", "expiration_ttl_period"), + ("expirationTTLUnits", "expiration_ttl_units"), + ("ims", "ims"), + ("name", "name"), + ("portal", "portal"), + ("portalGroupTag", "portal_group_tag"), + ("pxgrid", "pxgrid"), + ("radius", "radius"), + ("renewSelfSignedCertificate", "renew_self_signed_certificate"), + ("saml", "saml"), + ("id", "id"), + ("hostName", "host_name"), + ("allowWildcardDelete", "allow_wildcard_delete"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + host_name = self.new_object.get("host_name") + result = None + if not id: + id_ = self.get_object_by_name(name, host_name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="certificates", + function="update_system_certificate", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + host_name = self.new_object.get("host_name") + result = None + if not id: + id_ = self.get_object_by_name(name, host_name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="certificates", + function="delete_system_certificate_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = SystemCertificate(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/system_certificate_create.py b/ansible_collections/cisco/ise/plugins/action/system_certificate_create.py new file mode 100644 index 00000000..0b47847a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/system_certificate_create.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + nodeId=dict(type="str"), + ersLocalCertStub=dict(type="dict"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + node_id=params.get("nodeId"), + ers_local_cert_stub=params.get("ersLocalCertStub"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="system_certificate", + function="create_system_certificate", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/system_certificate_export_info.py b/ansible_collections/cisco/ise/plugins/action/system_certificate_export_info.py new file mode 100644 index 00000000..6922b5a9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/system_certificate_export_info.py @@ -0,0 +1,106 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + export=dict(type="str"), + id=dict(type="str"), + password=dict(type="str", no_log=True), + dirPath=dict(type="str"), + saveFile=dict(type="bool"), + filename=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + export=params.get("export"), + id=params.get("id"), + password=params.get("password"), + dirpath=params.get("dirPath"), + save_file=params.get("saveFile"), + filename=params.get("filename"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + download_response = ise.exec( + family="certificates", + function="export_system_certificate", + params=self.get_object(self._task.args), + ) + response = dict( + data=download_response.data.decode(encoding='utf-8'), + filename=download_response.filename, + dirpath=download_response.dirpath, + path=download_response.path, + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/system_certificate_import.py b/ansible_collections/cisco/ise/plugins/action/system_certificate_import.py new file mode 100644 index 00000000..51050e3e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/system_certificate_import.py @@ -0,0 +1,128 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + admin=dict(type="bool"), + allowExtendedValidity=dict(type="bool"), + allowOutOfDateCert=dict(type="bool"), + allowPortalTagTransferForSameSubject=dict(type="bool"), + allowReplacementOfCertificates=dict(type="bool"), + allowReplacementOfPortalGroupTag=dict(type="bool"), + allowRoleTransferForSameSubject=dict(type="bool"), + allowSHA1Certificates=dict(type="bool"), + allowWildCardCertificates=dict(type="bool"), + data=dict(type="str"), + eap=dict(type="bool"), + ims=dict(type="bool"), + name=dict(type="str"), + password=dict(type="str", no_log=True), + portal=dict(type="bool"), + portalGroupTag=dict(type="str"), + privateKeyData=dict(type="str"), + pxgrid=dict(type="bool"), + radius=dict(type="bool"), + saml=dict(type="bool"), + validateCertificateExtensions=dict(type="bool"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + admin=params.get("admin"), + allow_extended_validity=params.get("allowExtendedValidity"), + allow_out_of_date_cert=params.get("allowOutOfDateCert"), + allow_portal_tag_transfer_for_same_subject=params.get("allowPortalTagTransferForSameSubject"), + allow_replacement_of_certificates=params.get("allowReplacementOfCertificates"), + allow_replacement_of_portal_group_tag=params.get("allowReplacementOfPortalGroupTag"), + allow_role_transfer_for_same_subject=params.get("allowRoleTransferForSameSubject"), + allow_sha1_certificates=params.get("allowSHA1Certificates"), + allow_wild_card_certificates=params.get("allowWildCardCertificates"), + data=params.get("data"), + eap=params.get("eap"), + ims=params.get("ims"), + name=params.get("name"), + password=params.get("password"), + portal=params.get("portal"), + portal_group_tag=params.get("portalGroupTag"), + private_key_data=params.get("privateKeyData"), + pxgrid=params.get("pxgrid"), + radius=params.get("radius"), + saml=params.get("saml"), + validate_certificate_extensions=params.get("validateCertificateExtensions"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="import_system_certificate", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/system_certificate_info.py b/ansible_collections/cisco/ise/plugins/action/system_certificate_info.py new file mode 100644 index 00000000..5f1d0e7c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/system_certificate_info.py @@ -0,0 +1,152 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + hostName=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + host_name=params.get("hostName"), + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("hostName") + if id: + response = ise.exec( + family="certificates", + function='get_system_certificate_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="certificates", + function='get_system_certificates', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="certificates", + function='get_system_certificates_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['response'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/system_config_version_info.py b/ansible_collections/cisco/ise/plugins/action/system_config_version_info.py new file mode 100644 index 00000000..17a4d3e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/system_config_version_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="version_and_patch", + function='get_ise_version_and_patch', + params=self.get_object(self._task.args) + ).response['OperationResult'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_command_sets.py b/ansible_collections/cisco/ise/plugins/action/tacacs_command_sets.py new file mode 100644 index 00000000..471cd6b7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_command_sets.py @@ -0,0 +1,248 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + permitUnmatched=dict(type="bool"), + commands=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TacacsCommandSets(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + permit_unmatched=params.get("permitUnmatched"), + commands=params.get("commands"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="tacacs_command_sets", + function="get_tacacs_command_sets_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['TacacsCommandSets'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="tacacs_command_sets", + function="get_tacacs_command_sets_by_id", + handle_func_exception=False, + params={"id": id} + ).response['TacacsCommandSets'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("permitUnmatched", "permit_unmatched"), + ("commands", "commands"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="tacacs_command_sets", + function="create_tacacs_command_sets", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_command_sets", + function="update_tacacs_command_sets_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_command_sets", + function="delete_tacacs_command_sets_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TacacsCommandSets(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_command_sets_info.py b/ansible_collections/cisco/ise/plugins/action/tacacs_command_sets_info.py new file mode 100644 index 00000000..7df402af --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_command_sets_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="tacacs_command_sets", + function='get_tacacs_command_sets_by_id', + params=self.get_object(self._task.args) + ).response['TacacsCommandSets'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="tacacs_command_sets", + function='get_tacacs_command_sets_by_name', + params=self.get_object(self._task.args) + ).response['TacacsCommandSets'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="tacacs_command_sets", + function='get_tacacs_command_sets_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_external_servers.py b/ansible_collections/cisco/ise/plugins/action/tacacs_external_servers.py new file mode 100644 index 00000000..60c07d1d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_external_servers.py @@ -0,0 +1,257 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + hostIP=dict(type="str"), + connectionPort=dict(type="int"), + singleConnect=dict(type="bool"), + sharedSecret=dict(type="str"), + timeout=dict(type="int"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TacacsExternalServers(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + host_ip=params.get("hostIP"), + connection_port=params.get("connectionPort"), + single_connect=params.get("singleConnect"), + shared_secret=params.get("sharedSecret"), + timeout=params.get("timeout"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="tacacs_external_servers", + function="get_tacacs_external_servers_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['TacacsExternalServer'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="tacacs_external_servers", + function="get_tacacs_external_servers_by_id", + handle_func_exception=False, + params={"id": id} + ).response['TacacsExternalServer'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("hostIP", "host_ip"), + ("connectionPort", "connection_port"), + ("singleConnect", "single_connect"), + ("sharedSecret", "shared_secret"), + ("timeout", "timeout"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="tacacs_external_servers", + function="create_tacacs_external_servers", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_external_servers", + function="update_tacacs_external_servers_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_external_servers", + function="delete_tacacs_external_servers_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TacacsExternalServers(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_external_servers_info.py b/ansible_collections/cisco/ise/plugins/action/tacacs_external_servers_info.py new file mode 100644 index 00000000..e64bf2d8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_external_servers_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="tacacs_external_servers", + function='get_tacacs_external_servers_by_id', + params=self.get_object(self._task.args) + ).response['TacacsExternalServer'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="tacacs_external_servers", + function='get_tacacs_external_servers_by_name', + params=self.get_object(self._task.args) + ).response['TacacsExternalServer'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="tacacs_external_servers", + function='get_tacacs_external_servers_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_profile.py b/ansible_collections/cisco/ise/plugins/action/tacacs_profile.py new file mode 100644 index 00000000..d87faab8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_profile.py @@ -0,0 +1,245 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + sessionAttributes=dict(type="dict"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TacacsProfile(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + session_attributes=params.get("sessionAttributes"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="tacacs_profile", + function="get_tacacs_profile_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['TacacsProfile'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="tacacs_profile", + function="get_tacacs_profile_by_id", + handle_func_exception=False, + params={"id": id} + ).response['TacacsProfile'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("sessionAttributes", "session_attributes"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="tacacs_profile", + function="create_tacacs_profile", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_profile", + function="update_tacacs_profile_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_profile", + function="delete_tacacs_profile_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TacacsProfile(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_profile_info.py b/ansible_collections/cisco/ise/plugins/action/tacacs_profile_info.py new file mode 100644 index 00000000..d48f8753 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_profile_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="tacacs_profile", + function='get_tacacs_profile_by_id', + params=self.get_object(self._task.args) + ).response['TacacsProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="tacacs_profile", + function='get_tacacs_profile_by_name', + params=self.get_object(self._task.args) + ).response['TacacsProfile'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="tacacs_profile", + function='get_tacacs_profile_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence.py b/ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence.py new file mode 100644 index 00000000..3292d948 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence.py @@ -0,0 +1,263 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + name=dict(type="str"), + description=dict(type="str"), + serverList=dict(type="str"), + localAccounting=dict(type="bool"), + remoteAccounting=dict(type="bool"), + prefixStrip=dict(type="bool"), + prefixDelimiter=dict(type="str"), + suffixStrip=dict(type="bool"), + suffixDelimiter=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TacacsServerSequence(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + name=params.get("name"), + description=params.get("description"), + server_list=params.get("serverList"), + local_accounting=params.get("localAccounting"), + remote_accounting=params.get("remoteAccounting"), + prefix_strip=params.get("prefixStrip"), + prefix_delimiter=params.get("prefixDelimiter"), + suffix_strip=params.get("suffixStrip"), + suffix_delimiter=params.get("suffixDelimiter"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + try: + result = self.ise.exec( + family="tacacs_server_sequence", + function="get_tacacs_server_sequence_by_name", + params={"name": name}, + handle_func_exception=False, + ).response['TacacsServerSequence'] + result = get_dict_result(result, 'name', name) + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="tacacs_server_sequence", + function="get_tacacs_server_sequence_by_id", + handle_func_exception=False, + params={"id": id} + ).response['TacacsServerSequence'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + result = False + prev_obj = None + id = self.new_object.get("id") + name = self.new_object.get("name") + if id: + prev_obj = self.get_object_by_id(id) + result = prev_obj is not None and isinstance(prev_obj, dict) + elif name: + prev_obj = self.get_object_by_name(name) + result = prev_obj is not None and isinstance(prev_obj, dict) + return (result, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("name", "name"), + ("description", "description"), + ("serverList", "server_list"), + ("localAccounting", "local_accounting"), + ("remoteAccounting", "remote_accounting"), + ("prefixStrip", "prefix_strip"), + ("prefixDelimiter", "prefix_delimiter"), + ("suffixStrip", "suffix_strip"), + ("suffixDelimiter", "suffix_delimiter"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="tacacs_server_sequence", + function="create_tacacs_server_sequence", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_server_sequence", + function="update_tacacs_server_sequence_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="tacacs_server_sequence", + function="delete_tacacs_server_sequence_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TacacsServerSequence(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + has_changed = None + has_changed = ise_update_response.get("UpdatedFieldsList").get("updatedField") + if (len(has_changed) == 0 or + has_changed[0].get("newValue") == "" and + has_changed[0].get("newValue") == has_changed[0].get("oldValue")): + self._result.pop("ise_update_response", None) + ise.object_already_present() + else: + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence_info.py b/ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence_info.py new file mode 100644 index 00000000..6b3cee9f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tacacs_server_sequence_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + name=dict(type="str"), + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + name=params.get("name"), + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="tacacs_server_sequence", + function='get_tacacs_server_sequence_by_id', + params=self.get_object(self._task.args) + ).response['TacacsServerSequence'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if name: + response = ise.exec( + family="tacacs_server_sequence", + function='get_tacacs_server_sequence_by_name', + params=self.get_object(self._task.args) + ).response['TacacsServerSequence'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="tacacs_server_sequence", + function='get_tacacs_server_sequence_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/tasks_info.py b/ansible_collections/cisco/ise/plugins/action/tasks_info.py new file mode 100644 index 00000000..a99af781 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/tasks_info.py @@ -0,0 +1,101 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + taskId=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + task_id=params.get("taskId"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("taskId") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="tasks", + function='get_task_status_by_id', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + response = ise.exec( + family="tasks", + function='get_task_status', + params=self.get_object(self._task.args) + ).response + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/telemetry_info.py b/ansible_collections/cisco/ise/plugins/action/telemetry_info.py new file mode 100644 index 00000000..c2981dff --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/telemetry_info.py @@ -0,0 +1,137 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + page=dict(type="int"), + size=dict(type="int"), + filter=dict(type="list"), + filterType=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + page=params.get("page"), + size=params.get("size"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="telemetry_information", + function='get_telemetry_info_by_id', + params=self.get_object(self._task.args) + ).response['TelemetryInfo'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="telemetry_information", + function='get_telemetry_information_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['SearchResult']['resources'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/threat_vulnerabilities_clear.py b/ansible_collections/cisco/ise/plugins/action/threat_vulnerabilities_clear.py new file mode 100644 index 00000000..6360671d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/threat_vulnerabilities_clear.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + macAddresses=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + mac_addresses=params.get("macAddresses"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="clear_threats_and_vulnerabilities", + function="clear_threats_and_vulnerabilities", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/transport_gateway_settings.py b/ansible_collections/cisco/ise/plugins/action/transport_gateway_settings.py new file mode 100644 index 00000000..10555db0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/transport_gateway_settings.py @@ -0,0 +1,171 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present"]), + enableTransportGateway=dict(type="bool"), + url=dict(type="str"), +)) + +required_if = [ + ("state", "present", [], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TransportGatewaySettings(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + enable_transport_gateway=params.get("enableTransportGateway"), + url=params.get("url"), + ) + + def get_object_by_name(self, name): + # NOTICE: Does not have a get by name method or it is in another action + result = None + items = self.ise.exec( + family="telemetry", + function="get_transport_gateway" + ).response['response'] + result = get_dict_result(items, 'name', name) + return result + + def get_object_by_id(self, id): + # NOTICE: Does not have a get by id method or it is in another action + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("enableTransportGateway", "enable_transport_gateway"), + ("url", "url"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + result = self.ise.exec( + family="telemetry", + function="update_transport_gateway", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TransportGatewaySettings(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/transport_gateway_settings_info.py b/ansible_collections/cisco/ise/plugins/action/transport_gateway_settings_info.py new file mode 100644 index 00000000..8aa18150 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/transport_gateway_settings_info.py @@ -0,0 +1,90 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if not name and not id: + response = ise.exec( + family="telemetry", + function='get_transport_gateway', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trusted_certificate.py b/ansible_collections/cisco/ise/plugins/action/trusted_certificate.py new file mode 100644 index 00000000..8b86c914 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trusted_certificate.py @@ -0,0 +1,300 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + authenticateBeforeCRLReceived=dict(type="bool"), + automaticCRLUpdate=dict(type="bool"), + automaticCRLUpdatePeriod=dict(type="int"), + automaticCRLUpdateUnits=dict(type="str"), + crlDistributionUrl=dict(type="str"), + crlDownloadFailureRetries=dict(type="int"), + crlDownloadFailureRetriesUnits=dict(type="str"), + description=dict(type="str"), + downloadCRL=dict(type="bool"), + enableOCSPValidation=dict(type="bool"), + enableServerIdentityCheck=dict(type="bool"), + ignoreCRLExpiration=dict(type="bool"), + name=dict(type="str"), + nonAutomaticCRLUpdatePeriod=dict(type="int"), + nonAutomaticCRLUpdateUnits=dict(type="str"), + rejectIfNoStatusFromOCSP=dict(type="bool"), + rejectIfUnreachableFromOCSP=dict(type="bool"), + selectedOCSPService=dict(type="str"), + status=dict(type="str"), + trustForCertificateBasedAdminAuth=dict(type="bool"), + trustForCiscoServicesAuth=dict(type="bool"), + trustForClientAuth=dict(type="bool"), + trustForIseAuth=dict(type="bool"), + id=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TrustedCertificate(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + authenticate_before_crl_received=params.get("authenticateBeforeCRLReceived"), + automatic_crl_update=params.get("automaticCRLUpdate"), + automatic_crl_update_period=params.get("automaticCRLUpdatePeriod"), + automatic_crl_update_units=params.get("automaticCRLUpdateUnits"), + crl_distribution_url=params.get("crlDistributionUrl"), + crl_download_failure_retries=params.get("crlDownloadFailureRetries"), + crl_download_failure_retries_units=params.get("crlDownloadFailureRetriesUnits"), + description=params.get("description"), + download_crl=params.get("downloadCRL"), + enable_ocsp_validation=params.get("enableOCSPValidation"), + enable_server_identity_check=params.get("enableServerIdentityCheck"), + ignore_crl_expiration=params.get("ignoreCRLExpiration"), + name=params.get("name"), + non_automatic_crl_update_period=params.get("nonAutomaticCRLUpdatePeriod"), + non_automatic_crl_update_units=params.get("nonAutomaticCRLUpdateUnits"), + reject_if_no_status_from_ocs_p=params.get("rejectIfNoStatusFromOCSP"), + reject_if_unreachable_from_ocs_p=params.get("rejectIfUnreachableFromOCSP"), + selected_ocsp_service=params.get("selectedOCSPService"), + status=params.get("status"), + trust_for_certificate_based_admin_auth=params.get("trustForCertificateBasedAdminAuth"), + trust_for_cisco_services_auth=params.get("trustForCiscoServicesAuth"), + trust_for_client_auth=params.get("trustForClientAuth"), + trust_for_ise_auth=params.get("trustForIseAuth"), + id=params.get("id"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="certificates", + function="get_trusted_certificates_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response.get('response', []) + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="certificates", + function="get_trusted_certificate_by_id", + params={"id": id}, + handle_func_exception=False, + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + + def exists(self): + prev_obj = None + id_exists = False + name_exists = False + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("authenticateBeforeCRLReceived", "authenticate_before_crl_received"), + ("automaticCRLUpdate", "automatic_crl_update"), + ("automaticCRLUpdatePeriod", "automatic_crl_update_period"), + ("automaticCRLUpdateUnits", "automatic_crl_update_units"), + ("crlDistributionUrl", "crl_distribution_url"), + ("crlDownloadFailureRetries", "crl_download_failure_retries"), + ("crlDownloadFailureRetriesUnits", "crl_download_failure_retries_units"), + ("description", "description"), + ("downloadCRL", "download_crl"), + ("enableOCSPValidation", "enable_ocsp_validation"), + ("enableServerIdentityCheck", "enable_server_identity_check"), + ("ignoreCRLExpiration", "ignore_crl_expiration"), + ("name", "name"), + ("nonAutomaticCRLUpdatePeriod", "non_automatic_crl_update_period"), + ("nonAutomaticCRLUpdateUnits", "non_automatic_crl_update_units"), + ("rejectIfNoStatusFromOCSP", "reject_if_no_status_from_ocs_p"), + ("rejectIfUnreachableFromOCSP", "reject_if_unreachable_from_ocs_p"), + ("selectedOCSPService", "selected_ocsp_service"), + ("status", "status"), + ("trustForCertificateBasedAdminAuth", "trust_for_certificate_based_admin_auth"), + ("trustForCiscoServicesAuth", "trust_for_cisco_services_auth"), + ("trustForClientAuth", "trust_for_client_auth"), + ("trustForIseAuth", "trust_for_ise_auth"), + ("id", "id"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="certificates", + function="update_trusted_certificate", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="certificates", + function="delete_trusted_certificate_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TrustedCertificate(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise.fail_json("Object does not exists, plugin only has update") + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trusted_certificate_export_info.py b/ansible_collections/cisco/ise/plugins/action/trusted_certificate_export_info.py new file mode 100644 index 00000000..fc1e9d07 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trusted_certificate_export_info.py @@ -0,0 +1,110 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + id=dict(type="str"), + dirPath=dict(type="str"), + saveFile=dict(type="bool"), + filename=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + id=params.get("id"), + dirpath=params.get("dirPath"), + save_file=params.get("saveFile"), + filename=params.get("filename"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response={})) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("filename") + if id: + download_response = ise.exec( + family="certificates", + function='export_trusted_certificate', + params=self.get_object(self._task.args) + ) + response = dict( + data=download_response.data.decode(encoding='utf-8'), + filename=download_response.filename, + dirpath=download_response.dirpath, + path=download_response.path, + ) + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + # NOTICE: Does not have a get all method or it is in another action + response = None + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trusted_certificate_import.py b/ansible_collections/cisco/ise/plugins/action/trusted_certificate_import.py new file mode 100644 index 00000000..c36cdf54 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trusted_certificate_import.py @@ -0,0 +1,108 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + allowBasicConstraintCAFalse=dict(type="bool"), + allowOutOfDateCert=dict(type="bool"), + allowSHA1Certificates=dict(type="bool"), + data=dict(type="str"), + description=dict(type="str"), + name=dict(type="str"), + trustForCertificateBasedAdminAuth=dict(type="bool"), + trustForCiscoServicesAuth=dict(type="bool"), + trustForClientAuth=dict(type="bool"), + trustForIseAuth=dict(type="bool"), + validateCertificateExtensions=dict(type="bool"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + allow_basic_constraint_cafalse=params.get("allowBasicConstraintCAFalse"), + allow_out_of_date_cert=params.get("allowOutOfDateCert"), + allow_sha1_certificates=params.get("allowSHA1Certificates"), + data=params.get("data"), + description=params.get("description"), + name=params.get("name"), + trust_for_certificate_based_admin_auth=params.get("trustForCertificateBasedAdminAuth"), + trust_for_cisco_services_auth=params.get("trustForCiscoServicesAuth"), + trust_for_client_auth=params.get("trustForClientAuth"), + trust_for_ise_auth=params.get("trustForIseAuth"), + validate_certificate_extensions=params.get("validateCertificateExtensions"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="certificates", + function="import_trust_certificate", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trusted_certificate_info.py b/ansible_collections/cisco/ise/plugins/action/trusted_certificate_info.py new file mode 100644 index 00000000..b0fd68fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trusted_certificate_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="certificates", + function='get_trusted_certificate_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="certificates", + function='get_trusted_certificates_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['response'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app.py b/ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app.py new file mode 100644 index 00000000..3cb7209b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app.py @@ -0,0 +1,256 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + description=dict(type="str"), + id=dict(type="str"), + name=dict(type="str"), + networkIdentities=dict(type="list"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TrustsecNbarApp(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + description=params.get("description"), + id=params.get("id"), + name=params.get("name"), + network_identities=params.get("networkIdentities"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="nbar_app", + function="get_nbar_apps_generator", + params={"filter": "name.EQ.{name}".format(name=name)} + ) + try: + for items_response in gen_items_responses: + items = items_response.response['response'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="nbar_app", + function="get_nbar_app_by_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + if isinstance(result, list) and len(result) > 0: + return result[0] + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("description", "description"), + ("id", "id"), + ("name", "name"), + ("networkIdentities", "network_identities"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="nbar_app", + function="create_nbar_app", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="nbar_app", + function="update_nbar_app_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="nbar_app", + function="delete_nbar_app_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TrustsecNbarApp(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app_info.py b/ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app_info.py new file mode 100644 index 00000000..e0390f20 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_nbar_app_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="nbar_app", + function='get_nbar_app_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="nbar_app", + function='get_nbar_apps_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['response'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping.py b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping.py new file mode 100644 index 00000000..f522e929 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping.py @@ -0,0 +1,267 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + lastUpdate=dict(type="str"), + sgName=dict(type="str"), + sgtId=dict(type="str"), + vnId=dict(type="str"), + vnName=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "sgName", "vnName"], True), + ("state", "absent", ["id", "sgName", "vnName"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TrustsecSgVnMapping(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + last_update=params.get("lastUpdate"), + sg_name=params.get("sgName"), + sgt_id=params.get("sgtId"), + vn_id=params.get("vnId"), + vn_name=params.get("vnName"), + ) + + def get_object_by_name(self, sg_name, vn_name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="sg_vn_mapping", + function="get_sg_vn_mappings_generator" + ) + try: + for items_response in gen_items_responses: + items = items_response.response['response'] + for item in items: + if isinstance(item, dict) and item.get('sgName') == sg_name and item.get('vnName') == vn_name: + result = item + break + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="sg_vn_mapping", + function="get_sg_vn_mapping_by_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + if isinstance(result, list) and len(result) > 0: + return result[0] + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + sg_name = self.new_object.get("sg_name") + vn_name = self.new_object.get("vn_name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and sg_name and vn_name: + prev_obj = self.get_object_by_name(sg_name, vn_name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("lastUpdate", "last_update"), + ("sgName", "sg_name"), + ("sgtId", "sgt_id"), + ("vnId", "vn_id"), + ("vnName", "vn_name"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="sg_vn_mapping", + function="create_sg_vn_mapping", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + sg_name = self.new_object.get("sg_name") + vn_name = self.new_object.get("vn_name") + result = None + if not id: + id_ = self.get_object_by_name(sg_name, vn_name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sg_vn_mapping", + function="update_sg_vn_mapping_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + sg_name = self.new_object.get("sg_name") + vn_name = self.new_object.get("vn_name") + result = None + if not id: + id_ = self.get_object_by_name(sg_name, vn_name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="sg_vn_mapping", + function="delete_sg_vn_mapping_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TrustsecSgVnMapping(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_create.py b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_create.py new file mode 100644 index 00000000..349b4bc8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_create.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="sg_vn_mapping", + function="bulk_create_sg_vn_mappings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_delete.py b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_delete.py new file mode 100644 index 00000000..ab7effb6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_delete.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="sg_vn_mapping", + function="bulk_delete_sg_vn_mappings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_update.py b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_update.py new file mode 100644 index 00000000..f84f9110 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_bulk_update.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="sg_vn_mapping", + function="bulk_update_sg_vn_mappings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_info.py b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_info.py new file mode 100644 index 00000000..42820bc3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_sg_vn_mapping_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="sg_vn_mapping", + function='get_sg_vn_mapping_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="sg_vn_mapping", + function='get_sg_vn_mappings_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['response'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn.py new file mode 100644 index 00000000..ff1dd8fd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn.py @@ -0,0 +1,256 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + additionalAttributes=dict(type="str"), + id=dict(type="str"), + lastUpdate=dict(type="str"), + name=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TrustsecVn(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + additional_attributes=params.get("additionalAttributes"), + id=params.get("id"), + last_update=params.get("lastUpdate"), + name=params.get("name"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="virtual_network", + function="get_virtual_networks_generator", + params={"filter": "name.EQ.{name}".format(name=name)} + ) + try: + for items_response in gen_items_responses: + items = items_response.response['response'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="virtual_network", + function="get_virtual_network_by_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + if isinstance(result, list) and len(result) > 0: + return result[0] + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("additionalAttributes", "additional_attributes"), + ("id", "id"), + ("lastUpdate", "last_update"), + ("name", "name"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="virtual_network", + function="create_virtual_network", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="virtual_network", + function="update_virtual_network_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="virtual_network", + function="delete_virtual_network_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TrustsecVn(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_create.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_create.py new file mode 100644 index 00000000..95943d62 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_create.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="virtual_network", + function="bulk_create_virtual_networks", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_delete.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_delete.py new file mode 100644 index 00000000..d6aed540 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_delete.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="virtual_network", + function="bulk_delete_virtual_networks", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_update.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_update.py new file mode 100644 index 00000000..4b37b331 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_bulk_update.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="virtual_network", + function="bulk_update_virtual_networks", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_info.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_info.py new file mode 100644 index 00000000..0029067e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="virtual_network", + function='get_virtual_network_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="virtual_network", + function='get_virtual_networks_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['response'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping.py new file mode 100644 index 00000000..b137aa8c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping.py @@ -0,0 +1,268 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, + ise_compare_equality, + get_dict_result, +) +from ansible_collections.cisco.ise.plugins.plugin_utils.exceptions import ( + InconsistentParameters, +) + +# Get common arguments specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + state=dict(type="str", default="present", choices=["present", "absent"]), + id=dict(type="str"), + isData=dict(type="bool"), + isDefaultVlan=dict(type="bool"), + lastUpdate=dict(type="str"), + maxValue=dict(type="int"), + name=dict(type="str"), + vnId=dict(type="str"), + vnName=dict(type="str"), +)) + +required_if = [ + ("state", "present", ["id", "name"], True), + ("state", "absent", ["id", "name"], True), +] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class TrustsecVnVlanMapping(object): + def __init__(self, params, ise): + self.ise = ise + self.new_object = dict( + id=params.get("id"), + is_data=params.get("isData"), + is_default_vlan=params.get("isDefaultVlan"), + last_update=params.get("lastUpdate"), + max_value=params.get("maxValue"), + name=params.get("name"), + vn_id=params.get("vnId"), + vn_name=params.get("vnName"), + ) + + def get_object_by_name(self, name): + # NOTICE: Get does not support/work for filter by name with EQ + result = None + gen_items_responses = self.ise.exec( + family="vn_vlan_mapping", + function="get_vn_vlan_mappings_generator", + params={"filter": "name.EQ.{name}".format(name=name)} + ) + try: + for items_response in gen_items_responses: + items = items_response.response['response'] + result = get_dict_result(items, 'name', name) + if result: + return result + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + return result + return result + + def get_object_by_id(self, id): + try: + result = self.ise.exec( + family="vn_vlan_mapping", + function="get_vn_vlan_mapping_by_id", + handle_func_exception=False, + params={"id": id} + ).response['response'] + except (TypeError, AttributeError) as e: + self.ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception: + result = None + if isinstance(result, list) and len(result) > 0: + return result[0] + return result + + def exists(self): + id_exists = False + name_exists = False + prev_obj = None + o_id = self.new_object.get("id") + name = self.new_object.get("name") + if o_id: + prev_obj = self.get_object_by_id(o_id) + id_exists = prev_obj is not None and isinstance(prev_obj, dict) + if not id_exists and name: + prev_obj = self.get_object_by_name(name) + name_exists = prev_obj is not None and isinstance(prev_obj, dict) + if name_exists: + _id = prev_obj.get("id") + if id_exists and name_exists and o_id != _id: + raise InconsistentParameters("The 'id' and 'name' params don't refer to the same object") + if _id: + prev_obj = self.get_object_by_id(_id) + it_exists = prev_obj is not None and isinstance(prev_obj, dict) + return (it_exists, prev_obj) + + def requires_update(self, current_obj): + requested_obj = self.new_object + + obj_params = [ + ("id", "id"), + ("isData", "is_data"), + ("isDefaultVlan", "is_default_vlan"), + ("lastUpdate", "last_update"), + ("maxValue", "max_value"), + ("name", "name"), + ("vnId", "vn_id"), + ("vnName", "vn_name"), + ] + # Method 1. Params present in request (Ansible) obj are the same as the current (ISE) params + # If any does not have eq params, it requires update + return any(not ise_compare_equality(current_obj.get(ise_param), + requested_obj.get(ansible_param)) + for (ise_param, ansible_param) in obj_params) + + def create(self): + result = self.ise.exec( + family="vn_vlan_mapping", + function="create_vn_vlan_mapping", + params=self.new_object, + ).response + return result + + def update(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="vn_vlan_mapping", + function="update_vn_vlan_mapping_by_id", + params=self.new_object + ).response + return result + + def delete(self): + id = self.new_object.get("id") + name = self.new_object.get("name") + result = None + if not id: + id_ = self.get_object_by_name(name).get("id") + self.new_object.update(dict(id=id_)) + result = self.ise.exec( + family="vn_vlan_mapping", + function="delete_vn_vlan_mapping_by_id", + params=self.new_object + ).response + return result + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + obj = TrustsecVnVlanMapping(self._task.args, ise) + + state = self._task.args.get("state") + + response = None + + if state == "present": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + if obj.requires_update(prev_obj): + ise_update_response = obj.update() + self._result.update(dict(ise_update_response=ise_update_response)) + (obj_exists, updated_obj) = obj.exists() + response = updated_obj + ise.object_updated() + else: + response = prev_obj + ise.object_already_present() + else: + ise_create_response = obj.create() + (obj_exists, created_obj) = obj.exists() + response = created_obj + ise.object_created() + + elif state == "absent": + (obj_exists, prev_obj) = obj.exists() + if obj_exists: + obj.delete() + response = prev_obj + ise.object_deleted() + else: + ise.object_already_absent() + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_create.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_create.py new file mode 100644 index 00000000..361916f3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_create.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="vn_vlan_mapping", + function="bulk_create_vn_vlan_mappings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py new file mode 100644 index 00000000..6cb9d935 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="vn_vlan_mapping", + function="bulk_delete_vn_vlan_mappings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_update.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_update.py new file mode 100644 index 00000000..fa6f11ed --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_bulk_update.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + payload=dict(type="list"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = False + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + payload=params.get("payload"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + ise = ISESDK(params=self._task.args) + + response = ise.exec( + family="vn_vlan_mapping", + function="bulk_update_vn_vlan_mappings", + params=self.get_object(self._task.args), + ).response + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_info.py b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_info.py new file mode 100644 index 00000000..f99235f7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/action/trustsec_vn_vlan_mapping_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible.plugins.action import ActionBase + +try: + from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, + ) +except ImportError: + ANSIBLE_UTILS_IS_INSTALLED = False +else: + ANSIBLE_UTILS_IS_INSTALLED = True +from ansible.errors import AnsibleActionFail +from ansible_collections.cisco.ise.plugins.plugin_utils.ise import ( + ISESDK, + ise_argument_spec, +) + +# Get common arguements specification +argument_spec = ise_argument_spec() +# Add arguments specific for this module +argument_spec.update(dict( + page=dict(type="int"), + size=dict(type="int"), + sort=dict(type="str"), + sortBy=dict(type="str"), + filter=dict(type="list"), + filterType=dict(type="str"), + id=dict(type="str"), +)) + +required_if = [] +required_one_of = [] +mutually_exclusive = [] +required_together = [] + + +class ActionModule(ActionBase): + def __init__(self, *args, **kwargs): + if not ANSIBLE_UTILS_IS_INSTALLED: + raise AnsibleActionFail("ansible.utils is not installed. Execute 'ansible-galaxy collection install ansible.utils'") + super(ActionModule, self).__init__(*args, **kwargs) + self._supports_async = False + self._supports_check_mode = True + self._result = None + + # Checks the supplied parameters against the argument spec for this module + def _check_argspec(self): + aav = AnsibleArgSpecValidator( + data=self._task.args, + schema=dict(argument_spec=argument_spec), + schema_format="argspec", + schema_conditionals=dict( + required_if=required_if, + required_one_of=required_one_of, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + ), + name=self._task.action, + ) + valid, errors, self._task.args = aav.validate() + if not valid: + raise AnsibleActionFail(errors) + + def get_object(self, params): + new_object = dict( + page=params.get("page"), + size=params.get("size"), + sort=params.get("sort"), + sort_by=params.get("sortBy"), + filter=params.get("filter"), + filter_type=params.get("filterType"), + id=params.get("id"), + ) + return new_object + + def run(self, tmp=None, task_vars=None): + self._task.diff = False + self._result = super(ActionModule, self).run(tmp, task_vars) + self._result["changed"] = False + self._check_argspec() + + self._result.update(dict(ise_response=[])) + + ise = ISESDK(params=self._task.args) + + id = self._task.args.get("id") + name = self._task.args.get("name") + if id: + response = ise.exec( + family="vn_vlan_mapping", + function='get_vn_vlan_mapping_by_id', + params=self.get_object(self._task.args) + ).response['response'] + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result + if not name and not id: + responses = [] + generator = ise.exec( + family="vn_vlan_mapping", + function='get_vn_vlan_mappings_generator', + params=self.get_object(self._task.args), + ) + try: + for item in generator: + tmp_response = item.response['response'] + if isinstance(tmp_response, list): + responses += tmp_response + else: + responses.append(tmp_response) + response = responses + except (TypeError, AttributeError) as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " Check the configuration of your API Settings and API Gateway settings on your ISE server." + " This collection assumes that the API Gateway, the ERS APIs and OpenAPIs are enabled." + " You may want to enable the (ise_debug: True) argument." + " The error was: {error}" + ).format(error=e) + ) + except Exception as e: + ise.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + " You may want to enable the (ise_debug: True) argument." + ).format(error=e) + ) + + self._result.update(dict(ise_response=response)) + self._result.update(ise.exit_json()) + return self._result diff --git a/ansible_collections/cisco/ise/plugins/doc_fragments/__init__.py b/ansible_collections/cisco/ise/plugins/doc_fragments/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/ansible_collections/cisco/ise/plugins/doc_fragments/module.py b/ansible_collections/cisco/ise/plugins/doc_fragments/module.py new file mode 100644 index 00000000..dfb7ad90 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/doc_fragments/module.py @@ -0,0 +1,72 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +class ModuleDocFragment(object): + + # Standard files documentation fragment + DOCUMENTATION = r''' +options: + ise_hostname: + description: + - The Identity Services Engine hostname. + type: str + required: true + ise_username: + description: + - The Identity Services Engine username to authenticate. + type: str + required: true + ise_password: + description: + - The Identity Services Engine password to authenticate. + type: str + required: true + ise_verify: + description: + - Flag to enable or disable SSL certificate verification. + type: bool + default: true + ise_version: + description: + - Informs the SDK which version of Identity Services Engine to use. + type: str + default: 3.1_Patch_1 + ise_wait_on_rate_limit: + description: + - Flag for Identity Services Engine SDK to enable automatic rate-limit handling. + type: bool + default: true + ise_debug: + description: + - Flag for Identity Services Engine SDK to enable debugging. + type: bool + default: false + ise_uses_api_gateway: + description: + - Flag that informs the SDK whether to use the Identity Services Engine's API Gateway to send requests. + - If it is true, it uses the ISE's API Gateway and sends requests to https://{{ise_hostname}}. + - If it is false, it sends the requests to https://{{ise_hostname}}:{{port}}, where the port value depends on the Service used (ERS, Mnt, UI, PxGrid). + type: bool + default: true + version_added: '1.1.0' + ise_uses_csrf_token: + description: + - Flag that informs the SDK whether we send the CSRF token to ISE's ERS APIs. + - If it is True, the SDK assumes that your ISE CSRF Check is enabled. + - If it is True, it assumes you need the SDK to manage the CSRF token automatically for you. + type: bool + default: false + version_added: '3.0.0' +notes: + - "Does not support C(check_mode)" + - "The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco ISE SDK" + - "The parameters starting with ise_ are used by the Cisco ISE Python SDK to establish the connection" +''' diff --git a/ansible_collections/cisco/ise/plugins/doc_fragments/module_info.py b/ansible_collections/cisco/ise/plugins/doc_fragments/module_info.py new file mode 100644 index 00000000..57e385ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/doc_fragments/module_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +class ModuleDocFragment(object): + + # Standard files documentation fragment + DOCUMENTATION = r''' +options: + ise_hostname: + description: + - The Identity Services Engine hostname. + type: str + required: true + ise_username: + description: + - The Identity Services Engine username to authenticate. + type: str + required: true + ise_password: + description: + - The Identity Services Engine password to authenticate. + type: str + required: true + ise_verify: + description: + - Flag to enable or disable SSL certificate verification. + type: bool + default: true + ise_version: + description: + - Informs the SDK which version of Identity Services Engine to use. + type: str + default: 3.1_Patch_1 + ise_wait_on_rate_limit: + description: + - Flag for Identity Services Engine SDK to enable automatic rate-limit handling. + type: bool + default: true + ise_debug: + description: + - Flag for Identity Services Engine SDK to enable debugging. + type: bool + default: false + ise_uses_api_gateway: + description: + - Flag that informs the SDK whether to use the Identity Services Engine's API Gateway to send requests. + - If it is true, it uses the ISE's API Gateway and sends requests to https://{{ise_hostname}}. + - If it is false, it sends the requests to https://{{ise_hostname}}:{{port}}, where the port value depends on the Service used (ERS, Mnt, UI, PxGrid). + type: bool + default: true + version_added: '1.1.0' + ise_uses_csrf_token: + description: + - Flag that informs the SDK whether we send the CSRF token to ISE's ERS APIs. + - If it is True, the SDK assumes that your ISE CSRF Check is enabled. + - If it is True, it assumes you need the SDK to manage the CSRF token automatically for you. + type: bool + default: false + version_added: '3.0.0' +notes: + - "Supports C(check_mode)" + - "The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco ISE SDK" + - "The parameters starting with ise_ are used by the Cisco ISE Python SDK to establish the connection" +''' diff --git a/ansible_collections/cisco/ise/plugins/modules/__init__.py b/ansible_collections/cisco/ise/plugins/modules/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_bindings_info.py b/ansible_collections/cisco/ise/plugins/modules/aci_bindings_info.py new file mode 100644 index 00000000..d08c9ebf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_bindings_info.py @@ -0,0 +1,112 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_bindings_info +short_description: Information module for ACI Bindings +description: +- Get all ACI Bindings. +- This API allows clients to retrieve all the bindings that were sent to Cisco. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filterBy: + description: + - FilterBy query parameter. + elements: str + type: list + filterValue: + description: + - FilterValue query parameter. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_bindings.AciBindings.get_aci_bindings_generator, + + - Paths used are + get /ers/config/acibindings/getall, + +""" + +EXAMPLES = r""" +- name: Get all ACI Bindings + cisco.ise.aci_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sort: asc + sortBy: string + filterBy: [] + filterValue: [] + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ip": "string", + "sgtValue": "string", + "vn": "string", + "psn": "string", + "learnedFrom": "string", + "learnedBy": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "ip": "string", + "sgtValue": "string", + "vn": "string", + "psn": "string", + "learnedFrom": "string", + "learnedBy": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_settings.py b/ansible_collections/cisco/ise/plugins/modules/aci_settings.py new file mode 100644 index 00000000..3c6e5f13 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_settings.py @@ -0,0 +1,190 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_settings +short_description: Resource module for ACI Settings +description: +- Manage operation update of the resource ACI Settings. +- This API allows the client to update ACI settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + aci50: + description: Enable 5.0 ACI Version. + type: bool + aci51: + description: Enable 5.1 ACI Version. + type: bool + aciipaddress: + description: ACI Domain manager Ip Address. + type: str + acipassword: + description: ACI Domain manager Password. + type: str + aciuserName: + description: ACI Domain manager Username. + type: str + adminName: + description: ACI Cluster Admin name. + type: str + adminPassword: + description: ACI Cluster Admin password. + type: str + allSXPDomain: + description: AllSXPDomain flag. + type: bool + defaultSGtName: + description: ACI Settings's defaultSGtName. + type: str + enableACI: + description: Enable ACI Integration. + type: bool + enableDataPlane: + description: EnableDataPlane flag. + type: bool + enableElementsLimit: + description: EnableElementsLimit flag. + type: bool + id: + description: Resource UUID value. + type: str + ipAddressHostName: + description: ACI Cluster IP Address / Host name. + type: str + l3RouteNetwork: + description: ACI Settings's l3RouteNetwork. + type: str + maxNumIepgFromACI: + description: ACI Settings's maxNumIepgFromACI. + type: int + maxNumSGtToACI: + description: ACI Settings's maxNumSGtToACI. + type: int + specificSXPDomain: + description: SpecificSXPDomain flag. + type: bool + specifixSXPDomainList: + description: ACI Settings's specifixSXPDomainList. + elements: str + type: list + suffixToEpg: + description: ACI Settings's suffixToEpg. + type: str + suffixToSGt: + description: ACI Settings's suffixToSGt. + type: str + tenantName: + description: ACI Settings's tenantName. + type: str + untaggedPacketIepgName: + description: ACI Settings's untaggedPacketIepgName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_settings.AciSettings.update_aci_settings_by_id, + + - Paths used are + put /ers/config/acisettings/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.aci_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + aci50: true + aci51: true + aciipaddress: string + acipassword: string + aciuserName: string + adminName: string + adminPassword: string + allSxpDomain: true + defaultSgtName: string + enableAci: true + enableDataPlane: true + enableElementsLimit: true + id: string + ipAddressHostName: string + l3RouteNetwork: string + maxNumIepgFromAci: 0 + maxNumSgtToAci: 0 + specificSxpDomain: true + specifixSxpDomainList: + - string + suffixToEpg: string + suffixToSgt: string + tenantName: string + untaggedPacketIepgName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "enableAci": true, + "ipAddressHostName": "string", + "adminName": "string", + "adminPassword": "string", + "aciipaddress": "string", + "aciuserName": "string", + "acipassword": "string", + "tenantName": "string", + "l3RouteNetwork": "string", + "suffixToEpg": "string", + "suffixToSgt": "string", + "allSxpDomain": true, + "specificSxpDomain": true, + "specifixSxpDomainList": [ + "string" + ], + "enableDataPlane": true, + "untaggedPacketIepgName": "string", + "defaultSgtName": "string", + "enableElementsLimit": true, + "maxNumIepgFromAci": 0, + "maxNumSgtToAci": 0, + "aci50": true, + "aci51": true + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/aci_settings_info.py new file mode 100644 index 00000000..5884b472 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_settings_info.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_settings_info +short_description: Information module for ACI Settings +description: +- Get all ACI Settings. +- This API allows the client to get ACI Settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_settings.AciSettings.get_aci_settings, + + - Paths used are + get /ers/config/acisettings, + +""" + +EXAMPLES = r""" +- name: Get all ACI Settings + cisco.ise.aci_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "enableAci": true, + "ipAddressHostName": "string", + "adminName": "string", + "adminPassword": "string", + "aciipaddress": "string", + "aciuserName": "string", + "acipassword": "string", + "tenantName": "string", + "l3RouteNetwork": "string", + "suffixToEpg": "string", + "suffixToSgt": "string", + "allSxpDomain": true, + "specificSxpDomain": true, + "specifixSxpDomainList": [ + "string" + ], + "enableDataPlane": true, + "untaggedPacketIepgName": "string", + "defaultSgtName": "string", + "enableElementsLimit": true, + "maxNumIepgFromAci": 0, + "maxNumSgtToAci": 0, + "aci50": true, + "aci51": true + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_test_connectivity.py b/ansible_collections/cisco/ise/plugins/modules/aci_test_connectivity.py new file mode 100644 index 00000000..5608cde0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_test_connectivity.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_test_connectivity +short_description: Resource module for ACI Test Connectivity +description: +- Manage operation update of the resource ACI Test Connectivity. +- This API allows the client to test ACI Domain Manager connection. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_settings.AciSettings.test_aci_connectivity, + + - Paths used are + put /ers/config/acisettings/testACIConnectivity, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.aci_test_connectivity: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "ACITestConnectionResult": { + "result": true + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory.py b/ansible_collections/cisco/ise/plugins/modules/active_directory.py new file mode 100644 index 00000000..5fa9d41b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory.py @@ -0,0 +1,347 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory +short_description: Resource module for Active Directory +description: +- Manage operations create and delete of the resource Active Directory. +- This API creates an AD join point in Cisco ISE. +- This API deletes an AD join point from Cisco ISE. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + adAttributes: + description: Holds list of AD Attributes. + suboptions: + attributes: + description: List of Attributes. + elements: dict + suboptions: + defaultValue: + description: Required for each attribute in the attribute list. Can contain + an empty string. All characters are allowed except <%". + type: str + internalName: + description: Required for each attribute in the attribute list. All characters + are allowed except <%". + type: str + name: + description: Required for each attribute in the attribute list with no duplication + between attributes. All characters are allowed except <%". + type: str + type: + description: Required for each group in the group list. Allowed values STRING, + IP, BOOLEAN, INT, OCTET_STRING. + type: str + type: list + type: dict + adScopesNames: + description: String that contains the names of the scopes that the active directory + belongs to. Names are separated by comma. Alphanumeric, underscore (_) characters + are allowed. + type: str + adgroups: + description: Holds list of AD Groups. + suboptions: + groups: + description: List of Groups. + elements: dict + suboptions: + name: + description: Required for each group in the group list with no duplication + between groups. All characters are allowed except %. + type: str + sid: + description: Cisco ISE uses security identifiers (SIDs) for optimization + of group membership evaluation. SIDs are useful for efficiency (speed) + when the groups are evaluated. All characters are allowed except %. + type: str + type: + description: No character restriction. + type: str + type: list + type: dict + advancedSettings: + description: Active Directory's advancedSettings. + suboptions: + agingTime: + description: Range 1-8760 hours. + type: int + authProtectionType: + description: Enable prevent AD account lockout. Allowed values - WIRELESS, - + WIRED, - BOTH. + type: str + country: + description: User info attribute. All characters are allowed except %. + type: str + department: + description: User info attribute. All characters are allowed except %. + type: str + email: + description: User info attribute. All characters are allowed except %. + type: str + enableCallbackForDialinClient: + description: EnableCallbackForDialinClient flag. + type: bool + enableDialinPermissionCheck: + description: EnableDialinPermissionCheck flag. + type: bool + enableFailedAuthProtection: + description: Enable prevent AD account lockout due to too many bad password + attempts. + type: bool + enableMachineAccess: + description: EnableMachineAccess flag. + type: bool + enableMachineAuth: + description: EnableMachineAuth flag. + type: bool + enablePassChange: + description: EnablePassChange flag. + type: bool + enableRewrites: + description: EnableRewrites flag. + type: bool + failedAuthThreshold: + description: Number of bad password attempts. + type: int + firstName: + description: User info attribute. All characters are allowed except %. + type: str + identityNotInAdBehaviour: + description: Allowed values REJECT, SEARCH_JOINED_FOREST, SEARCH_ALL. + type: str + jobTitle: + description: User info attribute. All characters are allowed except %. + type: str + lastName: + description: User info attribute. All characters are allowed except %. + type: str + locality: + description: User info attribute. All characters are allowed except %. + type: str + organizationalUnit: + description: User info attribute. All characters are allowed except %. + type: str + plaintextAuth: + description: PlaintextAuth flag. + type: bool + rewriteRules: + description: Identity rewrite is an advanced feature that directs Cisco ISE + to manipulate the identity before it is passed to the external Active Directory + system. You can create rules to change the identity to a desired format that + includes or excludes a domain prefix and/or suffix or other additional markup + of your choice. + elements: dict + suboptions: + rewriteMatch: + description: Required for each rule in the list with no duplication between + rules. All characters are allowed except %". + type: str + rewriteResult: + description: Required for each rule in the list. All characters are allowed + except %". + type: str + rowId: + description: Required for each rule in the list in serial order. + type: int + type: list + schema: + description: Allowed values ACTIVE_DIRECTORY, CUSTOM. Choose ACTIVE_DIRECTORY + schema when the AD attributes defined in AD can be copied to relevant attributes + in Cisco ISE. If customization is needed, choose CUSTOM schema. All User info + attributes are always set to default value if schema is ACTIVE_DIRECTORY. + Values can be changed only for CUSTOM schema. + type: str + stateOrProvince: + description: User info attribute. All characters are allowed except %. + type: str + streetAddress: + description: User info attribute. All characters are allowed except %. + type: str + telephone: + description: User info attribute. All characters are allowed except %. + type: str + unreachableDomainsBehaviour: + description: Allowed values PROCEED, DROP. + type: str + type: dict + description: + description: No character restriction. + type: str + domain: + description: The AD domain. Alphanumeric, hyphen (-) and dot (.) characters are + allowed. + type: str + enableDomainWhiteList: + description: EnableDomainWhiteList flag. + type: bool + id: + description: Id path parameter. + type: str + name: + description: Resource Name. Maximum 32 characters allowed. Allowed characters are + alphanumeric and .-_/\\ characters. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.create_active_directory, + active_directory.ActiveDirectory.delete_active_directory_by_id, + + - Paths used are + post /ers/config/activedirectory, + delete /ers/config/activedirectory/{id}, + +""" + +EXAMPLES = r""" +- name: Delete by id + cisco.ise.active_directory: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.active_directory: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + adAttributes: + attributes: + - defaultValue: string + internalName: string + name: string + type: string + adScopesNames: string + adgroups: + groups: + - name: string + sid: string + type: string + advancedSettings: + agingTime: 0 + authProtectionType: string + country: string + department: string + email: string + enableCallbackForDialinClient: true + enableDialinPermissionCheck: true + enableFailedAuthProtection: true + enableMachineAccess: true + enableMachineAuth: true + enablePassChange: true + enableRewrites: true + failedAuthThreshold: 0 + firstName: string + identityNotInAdBehaviour: string + jobTitle: string + lastName: string + locality: string + organizationalUnit: string + plaintextAuth: true + rewriteRules: + - rewriteMatch: string + rewriteResult: string + rowId: 0 + schema: string + stateOrProvince: string + streetAddress: string + telephone: string + unreachableDomainsBehaviour: string + description: string + domain: string + enableDomainWhiteList: true + id: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "domain": "string", + "enableDomainWhiteList": true, + "enableDomainAllowedList": true, + "adgroups": { + "groups": [ + { + "name": "string", + "sid": "string", + "type": "string" + } + ] + }, + "advancedSettings": { + "enablePassChange": true, + "enableMachineAuth": true, + "enableMachineAccess": true, + "agingTime": 0, + "enableDialinPermissionCheck": true, + "enableCallbackForDialinClient": true, + "plaintextAuth": true, + "enableFailedAuthProtection": true, + "authProtectionType": "string", + "failedAuthThreshold": 0, + "identityNotInAdBehaviour": "string", + "unreachableDomainsBehaviour": "string", + "enableRewrites": true, + "rewriteRules": [ + { + "rowId": 0, + "rewriteMatch": "string", + "rewriteResult": "string" + } + ], + "firstName": "string", + "department": "string", + "lastName": "string", + "organizationalUnit": "string", + "jobTitle": "string", + "locality": "string", + "email": "string", + "stateOrProvince": "string", + "telephone": "string", + "country": "string", + "streetAddress": "string", + "schema": "string" + }, + "adAttributes": { + "attributes": [ + { + "name": "string", + "type": "string", + "internalName": "string", + "defaultValue": "string" + } + ] + }, + "adScopesNames": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_add_groups.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_add_groups.py new file mode 100644 index 00000000..298a05eb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_add_groups.py @@ -0,0 +1,268 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_add_groups +short_description: Resource module for Active Directory Add Groups +description: +- Manage operation update of the resource Active Directory Add Groups. +- This API loads domain groups configuration from Active Directory into Cisco. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + adAttributes: + description: Holds list of AD Attributes. + suboptions: + attributes: + description: List of Attributes. + elements: dict + suboptions: + defaultValue: + description: Required for each attribute in the attribute list. Can contain + an empty string. All characters are allowed except <%". + type: str + internalName: + description: Required for each attribute in the attribute list. All characters + are allowed except <%". + type: str + name: + description: Required for each attribute in the attribute list with no duplication + between attributes. All characters are allowed except <%". + type: str + type: + description: Required for each group in the group list. Allowed values STRING, + IP, BOOLEAN, INT, OCTET_STRING. + type: str + type: list + type: dict + adScopesNames: + description: String that contains the names of the scopes that the active directory + belongs to. Names are separated by comma. Alphanumeric, underscore (_) characters + are allowed. + type: str + adgroups: + description: Holds list of AD Groups. + suboptions: + groups: + description: List of Groups. + elements: dict + suboptions: + name: + description: Required for each group in the group list with no duplication + between groups. All characters are allowed except %. + type: str + sid: + description: Cisco ISE uses security identifiers (SIDs) for optimization + of group membership evaluation. SIDs are useful for efficiency (speed) + when the groups are evaluated. All characters are allowed except %. + type: str + type: + description: No character restriction. + type: str + type: list + type: dict + advancedSettings: + description: Active Directory Add Groups's advancedSettings. + suboptions: + agingTime: + description: Range 1-8760 hours. + type: int + authProtectionType: + description: Enable prevent AD account lockout. Allowed values - WIRELESS, - + WIRED, - BOTH. + type: str + country: + description: User info attribute. All characters are allowed except %. + type: str + department: + description: User info attribute. All characters are allowed except %. + type: str + email: + description: User info attribute. All characters are allowed except %. + type: str + enableCallbackForDialinClient: + description: EnableCallbackForDialinClient flag. + type: bool + enableDialinPermissionCheck: + description: EnableDialinPermissionCheck flag. + type: bool + enableFailedAuthProtection: + description: Enable prevent AD account lockout due to too many bad password + attempts. + type: bool + enableMachineAccess: + description: EnableMachineAccess flag. + type: bool + enableMachineAuth: + description: EnableMachineAuth flag. + type: bool + enablePassChange: + description: EnablePassChange flag. + type: bool + enableRewrites: + description: EnableRewrites flag. + type: bool + failedAuthThreshold: + description: Number of bad password attempts. + type: int + firstName: + description: User info attribute. All characters are allowed except %. + type: str + identityNotInAdBehaviour: + description: Allowed values REJECT, SEARCH_JOINED_FOREST, SEARCH_ALL. + type: str + jobTitle: + description: User info attribute. All characters are allowed except %. + type: str + lastName: + description: User info attribute. All characters are allowed except %. + type: str + locality: + description: User info attribute. All characters are allowed except %. + type: str + organizationalUnit: + description: User info attribute. All characters are allowed except %. + type: str + plaintextAuth: + description: PlaintextAuth flag. + type: bool + rewriteRules: + description: Identity rewrite is an advanced feature that directs Cisco ISE + to manipulate the identity before it is passed to the external Active Directory + system. You can create rules to change the identity to a desired format that + includes or excludes a domain prefix and/or suffix or other additional markup + of your choice. + elements: dict + suboptions: + rewriteMatch: + description: Required for each rule in the list with no duplication between + rules. All characters are allowed except %". + type: str + rewriteResult: + description: Required for each rule in the list. All characters are allowed + except %". + type: str + rowId: + description: Required for each rule in the list in serial order. + type: int + type: list + schema: + description: Allowed values ACTIVE_DIRECTORY, CUSTOM. Choose ACTIVE_DIRECTORY + schema when the AD attributes defined in AD can be copied to relevant attributes + in Cisco ISE. If customization is needed, choose CUSTOM schema. All User info + attributes are always set to default value if schema is ACTIVE_DIRECTORY. + Values can be changed only for CUSTOM schema. + type: str + stateOrProvince: + description: User info attribute. All characters are allowed except %. + type: str + streetAddress: + description: User info attribute. All characters are allowed except %. + type: str + telephone: + description: User info attribute. All characters are allowed except %. + type: str + unreachableDomainsBehaviour: + description: Allowed values PROCEED, DROP. + type: str + type: dict + description: + description: No character restriction. + type: str + domain: + description: The AD domain. Alphanumeric, hyphen (-) and dot (.) characters are + allowed. + type: str + enableDomainWhiteList: + description: EnableDomainWhiteList flag. + type: bool + id: + description: Resource UUID value. + type: str + name: + description: Resource Name. Maximum 32 characters allowed. Allowed characters are + alphanumeric and .-_/\\ characters. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.load_groups_from_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/addGroups, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_add_groups: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + adAttributes: + attributes: + - defaultValue: string + internalName: string + name: string + type: string + adScopesNames: string + adgroups: + groups: + - name: string + sid: string + type: string + advancedSettings: + agingTime: 0 + authProtectionType: string + country: string + department: string + email: string + enableCallbackForDialinClient: true + enableDialinPermissionCheck: true + enableFailedAuthProtection: true + enableMachineAccess: true + enableMachineAuth: true + enablePassChange: true + enableRewrites: true + failedAuthThreshold: 0 + firstName: string + identityNotInAdBehaviour: string + jobTitle: string + lastName: string + locality: string + organizationalUnit: string + plaintextAuth: true + rewriteRules: + - rewriteMatch: string + rewriteResult: string + rowId: 0 + schema: string + stateOrProvince: string + streetAddress: string + telephone: string + unreachableDomainsBehaviour: string + description: string + domain: string + enableDomainWhiteList: true + id: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_groups_by_domain_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_groups_by_domain_info.py new file mode 100644 index 00000000..46dd9467 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_groups_by_domain_info.py @@ -0,0 +1,83 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_groups_by_domain_info +short_description: Information module for Active Directory Groups By Domain +description: +- Get all Active Directory Groups By Domain. +- This API lists the groups of the given domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + additionalData: + description: Active Directory Get Groups By Domain Info's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Get Groups By Domain Info's name. + type: str + value: + description: Active Directory Get Groups By Domain Info's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_groups_by_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/getGroupsByDomain, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory Groups By Domain + cisco.ise.active_directory_groups_by_domain_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + additionalData: + - name: domain + value: Required. The domain whose groups we want to fetch + - name: filter + value: Optional. Exact match filter on group's CN + - name: sidFilter + value: Optional. Exact match filter on group's SID, optionally specifying the domain + as prefix. e.g. S-1-5-33-544 and R1.dom/S-1-5-33-544 are legal + - name: typeFilter + value: Optional. Can be exactly one of:BUILTIN, DOMAIN LOCAL, GLOBAL, UNIVERSAL + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "groups": [ + { + "groupName": "string", + "sid": "string", + "type": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_info.py new file mode 100644 index 00000000..5291dfc1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_info.py @@ -0,0 +1,236 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_info +short_description: Information module for Active Directory +description: +- Get all Active Directory. +- Get Active Directory by id. +- Get Active Directory by name. +- This API allows the client to get Active Directory by name. +- This API fetchs the join point details by ID. The ID can be retrieved with the. +- This API lists all the join points for Active Directory domains in Cisco ISE. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_active_directory_by_id, + active_directory.ActiveDirectory.get_active_directory_by_name, + active_directory.ActiveDirectory.get_active_directory_generator, + + - Paths used are + get /ers/config/activedirectory, + get /ers/config/activedirectory/name/{name}, + get /ers/config/activedirectory/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory + cisco.ise.active_directory_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Active Directory by id + cisco.ise.active_directory_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Active Directory by name + cisco.ise.active_directory_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "domain": "string", + "enableDomainWhiteList": true, + "enableDomainAllowedList": true, + "adgroups": { + "groups": [ + { + "name": "string", + "sid": "string", + "type": "string" + } + ] + }, + "advancedSettings": { + "enablePassChange": true, + "enableMachineAuth": true, + "enableMachineAccess": true, + "agingTime": 0, + "enableDialinPermissionCheck": true, + "enableCallbackForDialinClient": true, + "plaintextAuth": true, + "enableFailedAuthProtection": true, + "authProtectionType": "string", + "failedAuthThreshold": 0, + "identityNotInAdBehaviour": "string", + "unreachableDomainsBehaviour": "string", + "enableRewrites": true, + "rewriteRules": [ + { + "rowId": 0, + "rewriteMatch": "string", + "rewriteResult": "string" + } + ], + "firstName": "string", + "department": "string", + "lastName": "string", + "organizationalUnit": "string", + "jobTitle": "string", + "locality": "string", + "email": "string", + "stateOrProvince": "string", + "telephone": "string", + "country": "string", + "streetAddress": "string", + "schema": "string" + }, + "adAttributes": { + "attributes": [ + { + "name": "string", + "type": "string", + "internalName": "string", + "defaultValue": "string" + } + ] + }, + "adScopesNames": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "domain": "string", + "enableDomainWhiteList": true, + "enableDomainAllowedList": true, + "adgroups": { + "groups": [ + { + "name": "string", + "sid": "string", + "type": "string" + } + ] + }, + "advancedSettings": { + "enablePassChange": true, + "enableMachineAuth": true, + "enableMachineAccess": true, + "agingTime": 0, + "enableDialinPermissionCheck": true, + "enableCallbackForDialinClient": true, + "plaintextAuth": true, + "enableFailedAuthProtection": true, + "authProtectionType": "string", + "failedAuthThreshold": 0, + "identityNotInAdBehaviour": "string", + "unreachableDomainsBehaviour": "string", + "enableRewrites": true, + "rewriteRules": [ + { + "rowId": 0, + "rewriteMatch": "string", + "rewriteResult": "string" + } + ], + "firstName": "string", + "department": "string", + "lastName": "string", + "organizationalUnit": "string", + "jobTitle": "string", + "locality": "string", + "email": "string", + "stateOrProvince": "string", + "telephone": "string", + "country": "string", + "streetAddress": "string", + "schema": "string" + }, + "adAttributes": { + "attributes": [ + { + "name": "string", + "type": "string", + "internalName": "string", + "defaultValue": "string" + } + ] + }, + "adScopesNames": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_is_user_member_of_group_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_is_user_member_of_group_info.py new file mode 100644 index 00000000..2584e6f5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_is_user_member_of_group_info.py @@ -0,0 +1,79 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_is_user_member_of_group_info +short_description: Information module for Active Directory Is User Member Of Group +description: +- Get all Active Directory Is User Member Of Group. +- This API verifies if the user is a member of the given groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + additionalData: + description: Active Directory Is User Member Of Group's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Is User Member Of Group's name. + type: str + value: + description: Active Directory Is User Member Of Group's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.is_user_member_of_groups, + + - Paths used are + put /ers/config/activedirectory/{id}/isUserMemberOf, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory Is User Member Of Group + cisco.ise.active_directory_is_user_member_of_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + additionalData: + - name: username + value: Required. Perform the check on this user + - name: groupsids + value: Required. Membership is looked for. The result will be a subset of this list + of the groups the user is a member of + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "groups": [ + { + "groupName": "string", + "sid": "string", + "type": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain.py new file mode 100644 index 00000000..b07f435c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain.py @@ -0,0 +1,74 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_join_domain +short_description: Resource module for Active Directory Join Domain +description: +- Manage operation update of the resource Active Directory Join Domain. +- This API joins a Cisco ISE node to an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Join Domain's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Join Domain's name. + type: str + value: + description: Active Directory Join Domain's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.join_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/join, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_join_domain: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + - name: node + value: Required. The name of the ISE node to join the domain. The node names can + be retrieved with the "Node Details/Get All" ERS operation + - name: orgunit + value: Optional. The organizational unit in AD where the machine object for the + joined ISE will be stored. + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain_with_all_nodes.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain_with_all_nodes.py new file mode 100644 index 00000000..bc2e3055 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain_with_all_nodes.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_join_domain_with_all_nodes +short_description: Resource module for Active Directory Join Domain With All Nodes +description: +- Manage operation update of the resource Active Directory Join Domain With All Nodes. +- This API joins all Cisco ISE Nodes to an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Join Domain With All Nodes's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Join Domain With All Nodes's name. + type: str + value: + description: Active Directory Join Domain With All Nodes's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.join_domain_with_all_nodes, + + - Paths used are + put /ers/config/activedirectory/{id}/joinAllNodes, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_join_domain_with_all_nodes: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain.py new file mode 100644 index 00000000..26d84718 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain.py @@ -0,0 +1,74 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_leave_domain +short_description: Resource module for Active Directory Leave Domain +description: +- Manage operation update of the resource Active Directory Leave Domain. +- This API makes a Cisco ISE node to leave an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Leave Domain's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Leave Domain's name. + type: str + value: + description: Active Directory Leave Domain's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.leave_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/leave, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_leave_domain: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + - name: node + value: Required. The name of the ISE node to leave the domain. The node names can + be retrieved with the "Node Details/Get All" ERS operation + - name: orgunit + value: Optional. The organizational unit in AD where the machine object for the + joined ISE will be stored + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain_with_all_nodes.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain_with_all_nodes.py new file mode 100644 index 00000000..78710362 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain_with_all_nodes.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_leave_domain_with_all_nodes +short_description: Resource module for Active Directory Leave Domain With All Nodes +description: +- Manage operation update of the resource Active Directory Leave Domain With All Nodes. +- This API joins makes all Cisco ISE nodes leave an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Leave Domain With All Nodes's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Leave Domain With All Nodes's name. + type: str + value: + description: Active Directory Leave Domain With All Nodes's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.leave_domain_with_all_nodes, + + - Paths used are + put /ers/config/activedirectory/{id}/leaveAllNodes, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_leave_domain_with_all_nodes: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_trusted_domains_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_trusted_domains_info.py new file mode 100644 index 00000000..748478d7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_trusted_domains_info.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_trusted_domains_info +short_description: Information module for Active Directory Trusted Domains +description: +- Get all Active Directory Trusted Domains. +- This API gets the list of domains that are accessible through the given join. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_trusted_domains, + + - Paths used are + put /ers/config/activedirectory/{id}/getTrustedDomains, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory Trusted Domains + cisco.ise.active_directory_trusted_domains_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "domains": [ + { + "dnsName": "string", + "forest": "string", + "unusableReason": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_user_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_user_groups_info.py new file mode 100644 index 00000000..78692e0f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_user_groups_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_user_groups_info +short_description: Information module for Active Directory User Groups +description: +- Get all Active Directory User Groups. +- This API allows the client to get groups of which a given user is a member. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + additionalData: + description: Active Directory Get User Groups Info's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Get User Groups Info's name. + type: str + value: + description: Active Directory Get User Groups Info's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_user_groups, + + - Paths used are + put /ers/config/activedirectory/{id}/getUserGroups, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory User Groups + cisco.ise.active_directory_user_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + additionalData: + - name: username + value: Required. The user to get its groups. + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "groups": [ + { + "groupName": "string", + "sid": "string", + "type": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/admin_user_info.py b/ansible_collections/cisco/ise/plugins/modules/admin_user_info.py new file mode 100644 index 00000000..23c7bc99 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/admin_user_info.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: admin_user_info +short_description: Information module for Admin User +description: +- Get all Admin User. +- Get Admin User by id. +- This API allows the client to get all the admin users. +- This API allows the client to get an admin user by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + admin_user.AdminUser.get_admin_user_by_id, + admin_user.AdminUser.get_admin_users_generator, + + - Paths used are + get /ers/config/adminuser, + get /ers/config/adminuser/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Admin User + cisco.ise.admin_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Admin User by id + cisco.ise.admin_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "id": "string", + "description": "string", + "enabled": true, + "password": "string", + "changePassword": true, + "includeSystemAlarmsInEmail": true, + "externalUser": true, + "inactiveAccountNeverDisabled": true, + "adminGroups": "string", + "customAttributes": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "name": "string", + "id": "string", + "description": "string", + "enabled": true, + "password": "string", + "changePassword": true, + "includeSystemAlarmsInEmail": true, + "externalUser": true, + "inactiveAccountNeverDisabled": true, + "adminGroups": "string", + "customAttributes": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/allowed_protocols.py b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols.py new file mode 100644 index 00000000..6a9d3868 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols.py @@ -0,0 +1,637 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: allowed_protocols +short_description: Resource module for Allowed Protocols +description: +- Manage operations create, update and delete of the resource Allowed Protocols. +- This API creates an allowed protocol. +- This API deletes an allowed protocol. +- This API allows the client to update an allowed protocol. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowChap: + description: AllowChap flag. + type: bool + allowEapFast: + description: AllowEapFast flag. + type: bool + allowEapMd5: + description: AllowEapMd5 flag. + type: bool + allowEapTls: + description: AllowEapTls flag. + type: bool + allowEapTtls: + description: AllowEapTtls flag. + type: bool + allowLeap: + description: AllowLeap flag. + type: bool + allowMsChapV1: + description: AllowMsChapV1 flag. + type: bool + allowMsChapV2: + description: AllowMsChapV2 flag. + type: bool + allowPapAscii: + description: AllowPapAscii flag. + type: bool + allowPeap: + description: AllowPeap flag. + type: bool + allowPreferredEapProtocol: + description: AllowPreferredEapProtocol flag. + type: bool + allowTeap: + description: AllowTeap flag. + type: bool + allowWeakCiphersForEap: + description: AllowWeakCiphersForEap flag. + type: bool + description: + description: Allowed Protocols's description. + type: str + eapFast: + description: The eapFast is required only if allowEapFast is true, otherwise it + must be ignored. The object eapFast contains the settings for EAP FAST protocol. + suboptions: + allowEapFastEapGtc: + description: AllowEapFastEapGtc flag. + type: bool + allowEapFastEapGtcPwdChange: + description: The allowEapFastEapGtcPwdChange is required only if allowEapFastEapGtc + is true, otherwise it must be ignored. + type: bool + allowEapFastEapGtcPwdChangeRetries: + description: The allowEapFastEapGtcPwdChangeRetries is required only if allowEapFastEapGtc + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowEapFastEapMsChapV2: + description: AllowEapFastEapMsChapV2 flag. + type: bool + allowEapFastEapMsChapV2PwdChange: + description: The allowEapFastEapMsChapV2PwdChange is required only if allowEapFastEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + allowEapFastEapMsChapV2PwdChangeRetries: + description: The allowEapFastEapMsChapV2PwdChangeRetries is required only if + eapTtlsEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowEapFastEapTls: + description: AllowEapFastEapTls flag. + type: bool + allowEapFastEapTlsAuthOfExpiredCerts: + description: The allowEapFastEapTlsAuthOfExpiredCerts is required only if allowEapFastEapTls + is true, otherwise it must be ignored. + type: bool + eapFastDontUsePacsAcceptClientCert: + description: The eapFastDontUsePacsAcceptClientCert is required only if eapFastUsePacs + is FALSE, otherwise it must be ignored. + type: bool + eapFastDontUsePacsAllowMachineAuthentication: + description: The eapFastDontUsePacsAllowMachineAuthentication is required only + if eapFastUsePacs is FALSE, otherwise it must be ignored. + type: bool + eapFastEnableEAPChaining: + description: EapFastEnableEAPChaining flag. + type: bool + eapFastUsePacs: + description: EapFastUsePacs flag. + type: bool + eapFastUsePacsAcceptClientCert: + description: The eapFastUsePacsAcceptClientCert is required only if eapFastUsePacsAllowAuthenProvisioning + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsAllowAnonymProvisioning: + description: The eapFastUsePacsAllowAnonymProvisioning is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsAllowAuthenProvisioning: + description: The eapFastUsePacsAllowAuthenProvisioning is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsAllowMachineAuthentication: + description: EapFastUsePacsAllowMachineAuthentication flag. + type: bool + eapFastUsePacsAuthorizationPacTtl: + description: The eapFastUsePacsAuthorizationPacTtl is required only if eapFastUsePacsStatelessSessionResume + is true, otherwise it must be ignored. + type: int + eapFastUsePacsAuthorizationPacTtlUnits: + description: The eapFastUsePacsAuthorizationPacTtlUnits is required only if + eapFastUsePacsStatelessSessionResume is true, otherwise it must be ignored. + Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS. + type: str + eapFastUsePacsMachinePacTtl: + description: The eapFastUsePacsMachinePacTtl is required only if eapFastUsePacsAllowMachineAuthentication + is true, otherwise it must be ignored. + type: int + eapFastUsePacsMachinePacTtlUnits: + description: The eapFastUsePacsMachinePacTtlUnits is required only if eapFastUsePacsAllowMachineAuthentication + is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, + - HOURS, - DAYS, - WEEKS. + type: str + eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: + description: The eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning + is required only if eapFastUsePacsAllowAuthenProvisioning is true, otherwise + it must be ignored. + type: bool + eapFastUsePacsStatelessSessionResume: + description: The eapFastUsePacsStatelessSessionResume is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsTunnelPacTtl: + description: The eapFastUsePacsTunnelPacTtl is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: int + eapFastUsePacsTunnelPacTtlUnits: + description: The eapFastUsePacsTunnelPacTtlUnits is required only if eapFastUsePacs + is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, + - HOURS, - DAYS, - WEEKS. + type: str + eapFastUsePacsUseProactivePacUpdatePrecentage: + description: The eapFastUsePacsUseProactivePacUpdatePrecentage is required only + if eapFastUsePacs is true, otherwise it must be ignored. + type: int + type: dict + eapTls: + description: The eapTls is required only if allowEapTls is true, otherwise it must + be ignored. The object eapTls contains the settings for EAP TLS protocol. + suboptions: + allowEapTlsAuthOfExpiredCerts: + description: AllowEapTlsAuthOfExpiredCerts flag. + type: bool + eapTlsEnableStatelessSessionResume: + description: EapTlsEnableStatelessSessionResume flag. + type: bool + eapTlsSessionTicketPrecentage: + description: The eapTlsSessionTicketPrecentage is required only if eapTlsEnableStatelessSessionResume + is true, otherwise it must be ignored. + type: int + eapTlsSessionTicketTtl: + description: Time to live. The eapTlsSessionTicketTtl is required only if eapTlsEnableStatelessSessionResume + is true, otherwise it must be ignored. + type: int + eapTlsSessionTicketTtlUnits: + description: Time to live time units. The eapTlsSessionTicketTtlUnits is required + only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored. + Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS. + type: str + type: dict + eapTlsLBit: + description: EapTlsLBit flag. + type: bool + eapTtls: + description: The eapTtls is required only if allowEapTtls is true, otherwise it + must be ignored. The object eapTtls contains the settings for EAP TTLS protocol. + suboptions: + eapTtlsChap: + description: EapTtlsChap flag. + type: bool + eapTtlsEapMd5: + description: EapTtlsEapMd5 flag. + type: bool + eapTtlsEapMsChapV2: + description: EapTtlsEapMsChapV2 flag. + type: bool + eapTtlsEapMsChapV2PwdChange: + description: The eapTtlsEapMsChapV2PwdChange is required only if eapTtlsEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + eapTtlsEapMsChapV2PwdChangeRetries: + description: The eapTtlsEapMsChapV2PwdChangeRetries is required only if eapTtlsEapMsChapV2 + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + eapTtlsMsChapV1: + description: EapTtlsMsChapV1 flag. + type: bool + eapTtlsMsChapV2: + description: EapTtlsMsChapV2 flag. + type: bool + eapTtlsPapAscii: + description: EapTtlsPapAscii flag. + type: bool + type: dict + id: + description: Resource UUID, Mandatory for update. + type: str + name: + description: Resource Name. + type: str + peap: + description: Allowed Protocols's peap. + suboptions: + allowPeapEapGtc: + description: AllowPeapEapGtc flag. + type: bool + allowPeapEapGtcPwdChange: + description: The allowPeapEapGtcPwdChange is required only if allowPeapEapGtc + is true, otherwise it must be ignored. + type: bool + allowPeapEapGtcPwdChangeRetries: + description: The allowPeapEapGtcPwdChangeRetries is required only if allowPeapEapGtc + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowPeapEapMsChapV2: + description: AllowPeapEapMsChapV2 flag. + type: bool + allowPeapEapMsChapV2PwdChange: + description: The allowPeapEapMsChapV2PwdChange is required only if allowPeapEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + allowPeapEapMsChapV2PwdChangeRetries: + description: The allowPeapEapMsChapV2PwdChangeRetries is required only if allowPeapEapMsChapV2 + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowPeapEapTls: + description: AllowPeapEapTls flag. + type: bool + allowPeapEapTlsAuthOfExpiredCerts: + description: The allowPeapEapTlsAuthOfExpiredCerts is required only if allowPeapEapTls + is true, otherwise it must be ignored. + type: bool + allowPeapV0: + description: AllowPeapV0 flag. + type: bool + requireCryptobinding: + description: RequireCryptobinding flag. + type: bool + type: dict + preferredEapProtocol: + description: The preferredEapProtocol is required only if allowPreferredEapProtocol + is true, otherwise it must be ignored. Allowed Values - EAP_FAST, - PEAP, - LEAP, + - EAP_MD5, - EAP_TLS, - EAP_TTLS, - TEAP. + type: str + processHostLookup: + description: ProcessHostLookup flag. + type: bool + requireMessageAuth: + description: RequireMessageAuth flag. + type: bool + teap: + description: The teap is required only if allowTeap is true, otherwise it must be + ignored. The object teap contains the settings for TEAP protocol. + suboptions: + acceptClientCertDuringTunnelEst: + description: AcceptClientCertDuringTunnelEst flag. + type: bool + allowDowngradeMsk: + description: AllowDowngradeMsk flag. + type: bool + allowTeapEapMsChapV2: + description: AllowTeapEapMsChapV2 flag. + type: bool + allowTeapEapMsChapV2PwdChange: + description: The allowTeapEapMsChapV2PwdChange is required only if allowTeapEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + allowTeapEapMsChapV2PwdChangeRetries: + description: The allowTeapEapMsChapV2PwdChangeRetries is required only if allowTeapEapMsChapV2 + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowTeapEapTls: + description: AllowTeapEapTls flag. + type: bool + allowTeapEapTlsAuthOfExpiredCerts: + description: The allowTeapEapTlsAuthOfExpiredCerts is required only if allowTeapEapTls + is true, otherwise it must be ignored. + type: bool + enableEapChaining: + description: EnableEapChaining flag. + type: bool + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + allowed_protocols.AllowedProtocols.create_allowed_protocol, + allowed_protocols.AllowedProtocols.delete_allowed_protocol_by_id, + allowed_protocols.AllowedProtocols.update_allowed_protocol_by_id, + + - Paths used are + post /ers/config/allowedprotocols, + delete /ers/config/allowedprotocols/{id}, + put /ers/config/allowedprotocols/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.allowed_protocols: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowChap: true + allowEapFast: true + allowEapMd5: true + allowEapTls: true + allowEapTtls: true + allowLeap: true + allowMsChapV1: true + allowMsChapV2: true + allowPapAscii: true + allowPeap: true + allowPreferredEapProtocol: true + allowTeap: true + allowWeakCiphersForEap: true + description: string + eapFast: + allowEapFastEapGtc: true + allowEapFastEapGtcPwdChange: true + allowEapFastEapGtcPwdChangeRetries: 0 + allowEapFastEapMsChapV2: true + allowEapFastEapMsChapV2PwdChange: true + allowEapFastEapMsChapV2PwdChangeRetries: 0 + allowEapFastEapTls: true + allowEapFastEapTlsAuthOfExpiredCerts: true + eapFastDontUsePacsAcceptClientCert: true + eapFastDontUsePacsAllowMachineAuthentication: true + eapFastEnableEAPChaining: true + eapFastUsePacs: true + eapFastUsePacsAcceptClientCert: true + eapFastUsePacsAllowAnonymProvisioning: true + eapFastUsePacsAllowAuthenProvisioning: true + eapFastUsePacsAllowMachineAuthentication: true + eapFastUsePacsAuthorizationPacTtl: 0 + eapFastUsePacsAuthorizationPacTtlUnits: string + eapFastUsePacsMachinePacTtl: 0 + eapFastUsePacsMachinePacTtlUnits: string + eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: true + eapFastUsePacsStatelessSessionResume: true + eapFastUsePacsTunnelPacTtl: 0 + eapFastUsePacsTunnelPacTtlUnits: string + eapFastUsePacsUseProactivePacUpdatePrecentage: 0 + eapTls: + allowEapTlsAuthOfExpiredCerts: true + eapTlsEnableStatelessSessionResume: true + eapTlsSessionTicketPrecentage: 0 + eapTlsSessionTicketTtl: 0 + eapTlsSessionTicketTtlUnits: string + eapTlsLBit: true + eapTtls: + eapTtlsChap: true + eapTtlsEapMd5: true + eapTtlsEapMsChapV2: true + eapTtlsEapMsChapV2PwdChange: true + eapTtlsEapMsChapV2PwdChangeRetries: 0 + eapTtlsMsChapV1: true + eapTtlsMsChapV2: true + eapTtlsPapAscii: true + id: string + name: string + peap: + allowPeapEapGtc: true + allowPeapEapGtcPwdChange: true + allowPeapEapGtcPwdChangeRetries: 0 + allowPeapEapMsChapV2: true + allowPeapEapMsChapV2PwdChange: true + allowPeapEapMsChapV2PwdChangeRetries: 0 + allowPeapEapTls: true + allowPeapEapTlsAuthOfExpiredCerts: true + allowPeapV0: true + requireCryptobinding: true + preferredEapProtocol: string + processHostLookup: true + requireMessageAuth: true + teap: + acceptClientCertDuringTunnelEst: true + allowDowngradeMsk: true + allowTeapEapMsChapV2: true + allowTeapEapMsChapV2PwdChange: true + allowTeapEapMsChapV2PwdChangeRetries: 0 + allowTeapEapTls: true + allowTeapEapTlsAuthOfExpiredCerts: true + enableEapChaining: true + +- name: Delete by id + cisco.ise.allowed_protocols: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.allowed_protocols: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowChap: true + allowEapFast: true + allowEapMd5: true + allowEapTls: true + allowEapTtls: true + allowLeap: true + allowMsChapV1: true + allowMsChapV2: true + allowPapAscii: true + allowPeap: true + allowPreferredEapProtocol: true + allowTeap: true + allowWeakCiphersForEap: true + description: string + eapFast: + allowEapFastEapGtc: true + allowEapFastEapGtcPwdChange: true + allowEapFastEapGtcPwdChangeRetries: 0 + allowEapFastEapMsChapV2: true + allowEapFastEapMsChapV2PwdChange: true + allowEapFastEapMsChapV2PwdChangeRetries: 0 + allowEapFastEapTls: true + allowEapFastEapTlsAuthOfExpiredCerts: true + eapFastDontUsePacsAcceptClientCert: true + eapFastDontUsePacsAllowMachineAuthentication: true + eapFastEnableEAPChaining: true + eapFastUsePacs: true + eapFastUsePacsAcceptClientCert: true + eapFastUsePacsAllowAnonymProvisioning: true + eapFastUsePacsAllowAuthenProvisioning: true + eapFastUsePacsAllowMachineAuthentication: true + eapFastUsePacsAuthorizationPacTtl: 0 + eapFastUsePacsAuthorizationPacTtlUnits: string + eapFastUsePacsMachinePacTtl: 0 + eapFastUsePacsMachinePacTtlUnits: string + eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: true + eapFastUsePacsStatelessSessionResume: true + eapFastUsePacsTunnelPacTtl: 0 + eapFastUsePacsTunnelPacTtlUnits: string + eapFastUsePacsUseProactivePacUpdatePrecentage: 0 + eapTls: + allowEapTlsAuthOfExpiredCerts: true + eapTlsEnableStatelessSessionResume: true + eapTlsSessionTicketPrecentage: 0 + eapTlsSessionTicketTtl: 0 + eapTlsSessionTicketTtlUnits: string + eapTlsLBit: true + eapTtls: + eapTtlsChap: true + eapTtlsEapMd5: true + eapTtlsEapMsChapV2: true + eapTtlsEapMsChapV2PwdChange: true + eapTtlsEapMsChapV2PwdChangeRetries: 0 + eapTtlsMsChapV1: true + eapTtlsMsChapV2: true + eapTtlsPapAscii: true + name: string + peap: + allowPeapEapGtc: true + allowPeapEapGtcPwdChange: true + allowPeapEapGtcPwdChangeRetries: 0 + allowPeapEapMsChapV2: true + allowPeapEapMsChapV2PwdChange: true + allowPeapEapMsChapV2PwdChangeRetries: 0 + allowPeapEapTls: true + allowPeapEapTlsAuthOfExpiredCerts: true + allowPeapV0: true + requireCryptobinding: true + preferredEapProtocol: string + processHostLookup: true + requireMessageAuth: true + teap: + acceptClientCertDuringTunnelEst: true + allowDowngradeMsk: true + allowTeapEapMsChapV2: true + allowTeapEapMsChapV2PwdChange: true + allowTeapEapMsChapV2PwdChangeRetries: 0 + allowTeapEapTls: true + allowTeapEapTlsAuthOfExpiredCerts: true + enableEapChaining: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "eapTls": { + "allowEapTlsAuthOfExpiredCerts": true, + "eapTlsEnableStatelessSessionResume": true, + "eapTlsSessionTicketTtl": 0, + "eapTlsSessionTicketTtlUnits": "string", + "eapTlsSessionTicketPrecentage": 0 + }, + "peap": { + "allowPeapEapMsChapV2": true, + "allowPeapEapMsChapV2PwdChange": true, + "allowPeapEapMsChapV2PwdChangeRetries": 0, + "allowPeapEapGtc": true, + "allowPeapEapGtcPwdChange": true, + "allowPeapEapGtcPwdChangeRetries": 0, + "allowPeapEapTls": true, + "allowPeapEapTlsAuthOfExpiredCerts": true, + "requireCryptobinding": true, + "allowPeapV0": true + }, + "eapFast": { + "allowEapFastEapMsChapV2": true, + "allowEapFastEapMsChapV2PwdChange": true, + "allowEapFastEapMsChapV2PwdChangeRetries": 0, + "allowEapFastEapGtc": true, + "allowEapFastEapGtcPwdChange": true, + "allowEapFastEapGtcPwdChangeRetries": 0, + "allowEapFastEapTls": true, + "allowEapFastEapTlsAuthOfExpiredCerts": true, + "eapFastUsePacs": true, + "eapFastUsePacsTunnelPacTtl": 0, + "eapFastUsePacsTunnelPacTtlUnits": "string", + "eapFastUsePacsUseProactivePacUpdatePrecentage": 0, + "eapFastUsePacsAllowAnonymProvisioning": true, + "eapFastUsePacsAllowAuthenProvisioning": true, + "eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning": true, + "eapFastUsePacsAcceptClientCert": true, + "eapFastUsePacsMachinePacTtl": 0, + "eapFastUsePacsMachinePacTtlUnits": "string", + "eapFastUsePacsAllowMachineAuthentication": true, + "eapFastUsePacsStatelessSessionResume": true, + "eapFastUsePacsAuthorizationPacTtl": 0, + "eapFastUsePacsAuthorizationPacTtlUnits": "string", + "eapFastDontUsePacsAcceptClientCert": true, + "eapFastDontUsePacsAllowMachineAuthentication": true, + "eapFastEnableEAPChaining": true + }, + "eapTtls": { + "eapTtlsPapAscii": true, + "eapTtlsChap": true, + "eapTtlsMsChapV1": true, + "eapTtlsMsChapV2": true, + "eapTtlsEapMd5": true, + "eapTtlsEapMsChapV2": true, + "eapTtlsEapMsChapV2PwdChange": true, + "eapTtlsEapMsChapV2PwdChangeRetries": 0 + }, + "teap": { + "allowTeapEapMsChapV2": true, + "allowTeapEapMsChapV2PwdChange": true, + "allowTeapEapMsChapV2PwdChangeRetries": 0, + "allowTeapEapTls": true, + "allowTeapEapTlsAuthOfExpiredCerts": true, + "acceptClientCertDuringTunnelEst": true, + "enableEapChaining": true, + "allowDowngradeMsk": true + }, + "processHostLookup": true, + "allowPapAscii": true, + "allowChap": true, + "allowMsChapV1": true, + "allowMsChapV2": true, + "allowEapMd5": true, + "allowLeap": true, + "allowEapTls": true, + "allowEapTtls": true, + "allowEapFast": true, + "allowPeap": true, + "allowTeap": true, + "allowPreferredEapProtocol": true, + "preferredEapProtocol": "string", + "eapTlsLBit": true, + "allowWeakCiphersForEap": true, + "requireMessageAuth": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/allowed_protocols_info.py b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols_info.py new file mode 100644 index 00000000..69241303 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols_info.py @@ -0,0 +1,288 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: allowed_protocols_info +short_description: Information module for Allowed Protocols +description: +- Get all Allowed Protocols. +- Get Allowed Protocols by id. +- Get Allowed Protocols by name. +- This API allows the client to get all the allowed protocols. +- This API allows the client to get an allowed protocol by ID. +- This API allows the client to get an allowed protocol by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + allowed_protocols.AllowedProtocols.get_allowed_protocol_by_id, + allowed_protocols.AllowedProtocols.get_allowed_protocol_by_name, + allowed_protocols.AllowedProtocols.get_allowed_protocols_generator, + + - Paths used are + get /ers/config/allowedprotocols, + get /ers/config/allowedprotocols/name/{name}, + get /ers/config/allowedprotocols/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Allowed Protocols + cisco.ise.allowed_protocols_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Allowed Protocols by id + cisco.ise.allowed_protocols_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Allowed Protocols by name + cisco.ise.allowed_protocols_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "eapTls": { + "allowEapTlsAuthOfExpiredCerts": true, + "eapTlsEnableStatelessSessionResume": true, + "eapTlsSessionTicketTtl": 0, + "eapTlsSessionTicketTtlUnits": "string", + "eapTlsSessionTicketPrecentage": 0 + }, + "peap": { + "allowPeapEapMsChapV2": true, + "allowPeapEapMsChapV2PwdChange": true, + "allowPeapEapMsChapV2PwdChangeRetries": 0, + "allowPeapEapGtc": true, + "allowPeapEapGtcPwdChange": true, + "allowPeapEapGtcPwdChangeRetries": 0, + "allowPeapEapTls": true, + "allowPeapEapTlsAuthOfExpiredCerts": true, + "requireCryptobinding": true, + "allowPeapV0": true + }, + "eapFast": { + "allowEapFastEapMsChapV2": true, + "allowEapFastEapMsChapV2PwdChange": true, + "allowEapFastEapMsChapV2PwdChangeRetries": 0, + "allowEapFastEapGtc": true, + "allowEapFastEapGtcPwdChange": true, + "allowEapFastEapGtcPwdChangeRetries": 0, + "allowEapFastEapTls": true, + "allowEapFastEapTlsAuthOfExpiredCerts": true, + "eapFastUsePacs": true, + "eapFastUsePacsTunnelPacTtl": 0, + "eapFastUsePacsTunnelPacTtlUnits": "string", + "eapFastUsePacsUseProactivePacUpdatePrecentage": 0, + "eapFastUsePacsAllowAnonymProvisioning": true, + "eapFastUsePacsAllowAuthenProvisioning": true, + "eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning": true, + "eapFastUsePacsAcceptClientCert": true, + "eapFastUsePacsMachinePacTtl": 0, + "eapFastUsePacsMachinePacTtlUnits": "string", + "eapFastUsePacsAllowMachineAuthentication": true, + "eapFastUsePacsStatelessSessionResume": true, + "eapFastUsePacsAuthorizationPacTtl": 0, + "eapFastUsePacsAuthorizationPacTtlUnits": "string", + "eapFastDontUsePacsAcceptClientCert": true, + "eapFastDontUsePacsAllowMachineAuthentication": true, + "eapFastEnableEAPChaining": true + }, + "eapTtls": { + "eapTtlsPapAscii": true, + "eapTtlsChap": true, + "eapTtlsMsChapV1": true, + "eapTtlsMsChapV2": true, + "eapTtlsEapMd5": true, + "eapTtlsEapMsChapV2": true, + "eapTtlsEapMsChapV2PwdChange": true, + "eapTtlsEapMsChapV2PwdChangeRetries": 0 + }, + "teap": { + "allowTeapEapMsChapV2": true, + "allowTeapEapMsChapV2PwdChange": true, + "allowTeapEapMsChapV2PwdChangeRetries": 0, + "allowTeapEapTls": true, + "allowTeapEapTlsAuthOfExpiredCerts": true, + "acceptClientCertDuringTunnelEst": true, + "enableEapChaining": true, + "allowDowngradeMsk": true + }, + "processHostLookup": true, + "allowPapAscii": true, + "allowChap": true, + "allowMsChapV1": true, + "allowMsChapV2": true, + "allowEapMd5": true, + "allowLeap": true, + "allowEapTls": true, + "allowEapTtls": true, + "allowEapFast": true, + "allowPeap": true, + "allowTeap": true, + "allowPreferredEapProtocol": true, + "preferredEapProtocol": "string", + "eapTlsLBit": true, + "allowWeakCiphersForEap": true, + "requireMessageAuth": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "eapTls": { + "allowEapTlsAuthOfExpiredCerts": true, + "eapTlsEnableStatelessSessionResume": true, + "eapTlsSessionTicketTtl": 0, + "eapTlsSessionTicketTtlUnits": "string", + "eapTlsSessionTicketPrecentage": 0 + }, + "peap": { + "allowPeapEapMsChapV2": true, + "allowPeapEapMsChapV2PwdChange": true, + "allowPeapEapMsChapV2PwdChangeRetries": 0, + "allowPeapEapGtc": true, + "allowPeapEapGtcPwdChange": true, + "allowPeapEapGtcPwdChangeRetries": 0, + "allowPeapEapTls": true, + "allowPeapEapTlsAuthOfExpiredCerts": true, + "requireCryptobinding": true, + "allowPeapV0": true + }, + "eapFast": { + "allowEapFastEapMsChapV2": true, + "allowEapFastEapMsChapV2PwdChange": true, + "allowEapFastEapMsChapV2PwdChangeRetries": 0, + "allowEapFastEapGtc": true, + "allowEapFastEapGtcPwdChange": true, + "allowEapFastEapGtcPwdChangeRetries": 0, + "allowEapFastEapTls": true, + "allowEapFastEapTlsAuthOfExpiredCerts": true, + "eapFastUsePacs": true, + "eapFastUsePacsTunnelPacTtl": 0, + "eapFastUsePacsTunnelPacTtlUnits": "string", + "eapFastUsePacsUseProactivePacUpdatePrecentage": 0, + "eapFastUsePacsAllowAnonymProvisioning": true, + "eapFastUsePacsAllowAuthenProvisioning": true, + "eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning": true, + "eapFastUsePacsAcceptClientCert": true, + "eapFastUsePacsMachinePacTtl": 0, + "eapFastUsePacsMachinePacTtlUnits": "string", + "eapFastUsePacsAllowMachineAuthentication": true, + "eapFastUsePacsStatelessSessionResume": true, + "eapFastUsePacsAuthorizationPacTtl": 0, + "eapFastUsePacsAuthorizationPacTtlUnits": "string", + "eapFastDontUsePacsAcceptClientCert": true, + "eapFastDontUsePacsAllowMachineAuthentication": true, + "eapFastEnableEAPChaining": true + }, + "eapTtls": { + "eapTtlsPapAscii": true, + "eapTtlsChap": true, + "eapTtlsMsChapV1": true, + "eapTtlsMsChapV2": true, + "eapTtlsEapMd5": true, + "eapTtlsEapMsChapV2": true, + "eapTtlsEapMsChapV2PwdChange": true, + "eapTtlsEapMsChapV2PwdChangeRetries": 0 + }, + "teap": { + "allowTeapEapMsChapV2": true, + "allowTeapEapMsChapV2PwdChange": true, + "allowTeapEapMsChapV2PwdChangeRetries": 0, + "allowTeapEapTls": true, + "allowTeapEapTlsAuthOfExpiredCerts": true, + "acceptClientCertDuringTunnelEst": true, + "enableEapChaining": true, + "allowDowngradeMsk": true + }, + "processHostLookup": true, + "allowPapAscii": true, + "allowChap": true, + "allowMsChapV1": true, + "allowMsChapV2": true, + "allowEapMd5": true, + "allowLeap": true, + "allowEapTls": true, + "allowEapTtls": true, + "allowEapFast": true, + "allowPeap": true, + "allowTeap": true, + "allowPreferredEapProtocol": true, + "preferredEapProtocol": "string", + "eapTlsLBit": true, + "allowWeakCiphersForEap": true, + "requireMessageAuth": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_apply.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_apply.py new file mode 100644 index 00000000..ebb530e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_apply.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_apply +short_description: Resource module for ANC Endpoint Apply +description: +- Manage operation update of the resource ANC Endpoint Apply. +- This API allows the client to apply the required configuration. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: ANC Endpoint Apply's additionalData. + elements: dict + suboptions: + name: + description: ANC Endpoint Apply's name. + type: str + value: + description: ANC Endpoint Apply's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.apply_anc_endpoint, + + - Paths used are + put /ers/config/ancendpoint/apply, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_endpoint_apply: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: macAddress + value: MAC address + - name: ipAddress + value: IP address + - name: policyName + value: Policy Name + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_monitor_status_info.py new file mode 100644 index 00000000..64b14136 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_monitor_status_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_bulk_monitor_status_info +short_description: Information module for ANC Endpoint Bulk Monitor Status +description: +- Get ANC Endpoint Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.monitor_bulk_status_anc_endpoint, + + - Paths used are + get /ers/config/ancendpoint/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get ANC Endpoint Bulk Monitor Status by id + cisco.ise.anc_endpoint_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkID": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_request.py new file mode 100644 index 00000000..f2d1971d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_bulk_request +short_description: Resource module for ANC Endpoint Bulk Request +description: +- Manage operation update of the resource ANC Endpoint Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: ANC Endpoint Bulk Request's operationType. + type: str + resourceMediaType: + description: ANC Endpoint Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.bulk_request_for_anc_endpoint, + + - Paths used are + put /ers/config/ancendpoint/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_endpoint_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_clear.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_clear.py new file mode 100644 index 00000000..371f16a2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_clear.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_clear +short_description: Resource module for ANC Endpoint Clear +description: +- Manage operation update of the resource ANC Endpoint Clear. +- This API allows the client to clear the required configuration. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: ANC Endpoint Clear's additionalData. + elements: dict + suboptions: + name: + description: ANC Endpoint Clear's name. + type: str + value: + description: ANC Endpoint Clear's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.clear_anc_endpoint, + + - Paths used are + put /ers/config/ancendpoint/clear, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_endpoint_clear: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: macAddress + value: MAC address + - name: ipAddress + value: IP address + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_info.py new file mode 100644 index 00000000..8a198d96 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_info.py @@ -0,0 +1,143 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_info +short_description: Information module for ANC Endpoint +description: +- Get all ANC Endpoint. +- Get ANC Endpoint by id. +- This API allows the client to get all the ANC endpoints. +- This API allows the client to get an ANC endpoint by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.get_anc_endpoint_by_id, + anc_endpoint.AncEndpoint.get_anc_endpoint_generator, + + - Paths used are + get /ers/config/ancendpoint, + get /ers/config/ancendpoint/{id}, + +""" + +EXAMPLES = r""" +- name: Get all ANC Endpoint + cisco.ise.anc_endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get ANC Endpoint by id + cisco.ise.anc_endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "macAddress": "string", + "policyName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "macAddress": "string", + "policyName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy.py new file mode 100644 index 00000000..67ae179e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy.py @@ -0,0 +1,122 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy +short_description: Resource module for ANC Policy +description: +- Manage operations create, update and delete of the resource ANC Policy. +- This API allows the client to create an ANC policy. +- This API allows the client to delete an ANC policy. +- This API allows the client to update an ANC policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + actions: + description: '- QUARANTINE Allows you to use Exception policies (authorization policies) + to limit or deny an endpoint access to the network. - PORTBOUNCE Resets the port + on the network device to which the endpoint is connected. - SHUTDOWN Shuts down + the port on the network device to which the endpoint is connected. - RE_AUTHENTICATE + Re-authenticates the session from the endpoint.' + elements: str + type: list + id: + description: ANC Policy's id. + type: str + name: + description: ANC Policy's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.create_anc_policy, + anc_policy.AncPolicy.delete_anc_policy_by_id, + anc_policy.AncPolicy.update_anc_policy_by_id, + + - Paths used are + post /ers/config/ancpolicy, + delete /ers/config/ancpolicy/{id}, + put /ers/config/ancpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.anc_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + actions: + - string + id: string + name: string + +- name: Delete by id + cisco.ise.anc_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.anc_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + actions: + - string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "actions": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_monitor_status_info.py new file mode 100644 index 00000000..1a3f9c08 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_monitor_status_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy_bulk_monitor_status_info +short_description: Information module for ANC Policy Bulk Monitor Status +description: +- Get ANC Policy Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.monitor_bulk_status_anc_policy, + + - Paths used are + get /ers/config/ancpolicy/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get ANC Policy Bulk Monitor Status by id + cisco.ise.anc_policy_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkID": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_request.py new file mode 100644 index 00000000..0161c722 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy_bulk_request +short_description: Resource module for ANC Policy Bulk Request +description: +- Manage operation update of the resource ANC Policy Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: ANC Policy Bulk Request's operationType. + type: str + resourceMediaType: + description: ANC Policy Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.bulk_request_for_anc_policy, + + - Paths used are + put /ers/config/ancpolicy/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_policy_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy_info.py new file mode 100644 index 00000000..904267a3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy_info.py @@ -0,0 +1,164 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy_info +short_description: Information module for ANC Policy +description: +- Get all ANC Policy. +- Get ANC Policy by id. +- Get ANC Policy by name. +- This API allows the client to get all the ANC policies. +- This API allows the client to get an ANC policy by ID. +- This API allows the client to get an ANC policy by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.get_anc_policy_by_id, + anc_policy.AncPolicy.get_anc_policy_by_name, + anc_policy.AncPolicy.get_anc_policy_generator, + + - Paths used are + get /ers/config/ancpolicy, + get /ers/config/ancpolicy/name/{name}, + get /ers/config/ancpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Get all ANC Policy + cisco.ise.anc_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get ANC Policy by id + cisco.ise.anc_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get ANC Policy by name + cisco.ise.anc_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "actions": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "actions": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/authorization_profile.py b/ansible_collections/cisco/ise/plugins/modules/authorization_profile.py new file mode 100644 index 00000000..b00dd4aa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/authorization_profile.py @@ -0,0 +1,403 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: authorization_profile +short_description: Resource module for Authorization Profile +description: +- Manage operations create, update and delete of the resource Authorization Profile. +- This API creates an authorization profile. +- This API deletes an authorization profile. +- This API allows the client to update an authorization profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + accessType: + description: Allowed Values - ACCESS_ACCEPT, - ACCESS_REJECT. + type: str + acl: + description: Authorization Profile's acl. + type: str + advancedAttributes: + description: Authorization Profile's advancedAttributes. + elements: dict + suboptions: + leftHandSideDictionaryAttribue: + description: Authorization Profile's leftHandSideDictionaryAttribue. + suboptions: + AdvancedAttributeValueType: + description: Authorization Profile's AdvancedAttributeValueType. + type: str + attributeName: + description: Authorization Profile's attributeName. + type: str + dictionaryName: + description: Authorization Profile's dictionaryName. + type: str + value: + description: Authorization Profile's value. + type: str + type: dict + rightHandSideAttribueValue: + description: Attribute value can be of type AttributeValue or AdvancedDictionaryAttribute. + For AttributeValue the value is String, For AdvancedDictionaryAttribute the + value is dictionaryName and attributeName properties. + suboptions: + AdvancedAttributeValueType: + description: Authorization Profile's AdvancedAttributeValueType. + type: str + attributeName: + description: Authorization Profile's attributeName. + type: str + dictionaryName: + description: Authorization Profile's dictionaryName. + type: str + value: + description: Authorization Profile's value. + type: str + type: dict + type: list + agentlessPosture: + description: AgentlessPosture flag. + type: bool + airespaceACL: + description: Authorization Profile's airespaceACL. + type: str + airespaceIPv6ACL: + description: Authorization Profile's airespaceIPv6ACL. + type: str + asaVpn: + description: Authorization Profile's asaVpn. + type: str + authzProfileType: + description: Allowed Values - SWITCH, - TRUSTSEC, - TACACS SWITCH is used for Standard + Authorization Profiles. + type: str + autoSmartPort: + description: Authorization Profile's autoSmartPort. + type: str + avcProfile: + description: Authorization Profile's avcProfile. + type: str + daclName: + description: Authorization Profile's daclName. + type: str + description: + description: Authorization Profile's description. + type: str + easywiredSessionCandidate: + description: EasywiredSessionCandidate flag. + type: bool + id: + description: Resource UUID value. + type: str + interfaceTemplate: + description: Authorization Profile's interfaceTemplate. + type: str + ipv6ACLFilter: + description: Authorization Profile's ipv6ACLFilter. + type: str + ipv6DaclName: + description: Authorization Profile's ipv6DaclName. + type: str + macSecPolicy: + description: Allowed Values - MUST_SECURE, - MUST_NOT_SECURE, - SHOULD_SECURE. + type: str + name: + description: Resource Name. + type: str + neat: + description: Neat flag. + type: bool + profileName: + description: Authorization Profile's profileName. + type: str + reauth: + description: Authorization Profile's reauth. + suboptions: + connectivity: + description: Allowed Values - DEFAULT, - RADIUS_REQUEST. + type: str + timer: + description: Valid range is 1-65535. + type: int + type: dict + serviceTemplate: + description: ServiceTemplate flag. + type: bool + trackMovement: + description: TrackMovement flag. + type: bool + vlan: + description: Authorization Profile's vlan. + suboptions: + nameID: + description: Authorization Profile's nameID. + type: str + tagID: + description: Valid range is 0-31. + type: int + type: dict + voiceDomainPermission: + description: VoiceDomainPermission flag. + type: bool + webAuth: + description: WebAuth flag. + type: bool + webRedirection: + description: Authorization Profile's webRedirection. + suboptions: + WebRedirectionType: + description: Value MUST be one of the following CentralizedWebAuth, HotSpot, + NativeSupplicanProvisioning, ClientProvisioning. The WebRedirectionType must + fit the portalName. + type: str + acl: + description: Authorization Profile's acl. + type: str + displayCertificatesRenewalMessages: + description: The displayCertificatesRenewalMessages is mandatory when 'WebRedirectionType' + value is 'CentralizedWebAuth'. For all other 'WebRedirectionType' values the + field must be ignored. + type: bool + portalName: + description: A portal that exist in the DB and fits the WebRedirectionType. + type: str + staticIPHostNameFQDN: + description: Authorization Profile's staticIPHostNameFQDN. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + authorization_profile.AuthorizationProfile.create_authorization_profile, + authorization_profile.AuthorizationProfile.delete_authorization_profile_by_id, + authorization_profile.AuthorizationProfile.update_authorization_profile_by_id, + + - Paths used are + post /ers/config/authorizationprofile, + delete /ers/config/authorizationprofile/{id}, + put /ers/config/authorizationprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.authorization_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessType: string + acl: string + advancedAttributes: + - leftHandSideDictionaryAttribue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + rightHandSideAttribueValue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + agentlessPosture: true + airespaceACL: string + airespaceIPv6ACL: string + asaVpn: string + authzProfileType: string + autoSmartPort: string + avcProfile: string + daclName: string + description: string + easywiredSessionCandidate: true + id: string + interfaceTemplate: string + ipv6ACLFilter: string + ipv6DaclName: string + macSecPolicy: string + name: string + neat: true + profileName: string + reauth: + connectivity: string + timer: 0 + serviceTemplate: true + trackMovement: true + vlan: + nameID: string + tagID: 0 + voiceDomainPermission: true + webAuth: true + webRedirection: + WebRedirectionType: string + acl: string + displayCertificatesRenewalMessages: true + portalName: string + staticIPHostNameFQDN: string + +- name: Delete by id + cisco.ise.authorization_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.authorization_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessType: string + acl: string + advancedAttributes: + - leftHandSideDictionaryAttribue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + rightHandSideAttribueValue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + agentlessPosture: true + airespaceACL: string + airespaceIPv6ACL: string + asaVpn: string + authzProfileType: string + autoSmartPort: string + avcProfile: string + daclName: string + description: string + easywiredSessionCandidate: true + id: string + interfaceTemplate: string + ipv6ACLFilter: string + ipv6DaclName: string + macSecPolicy: string + name: string + neat: true + profileName: string + reauth: + connectivity: string + timer: 0 + serviceTemplate: true + trackMovement: true + vlan: + nameID: string + tagID: 0 + voiceDomainPermission: true + webAuth: true + webRedirection: + WebRedirectionType: string + acl: string + displayCertificatesRenewalMessages: true + portalName: string + staticIPHostNameFQDN: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "advancedAttributes": [ + { + "leftHandSideDictionaryAttribue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + }, + "rightHandSideAttribueValue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + } + } + ], + "accessType": "string", + "authzProfileType": "string", + "vlan": { + "nameID": "string", + "tagID": 0 + }, + "reauth": { + "timer": 0, + "connectivity": "string" + }, + "airespaceACL": "string", + "airespaceIPv6ACL": "string", + "webRedirection": { + "WebRedirectionType": "string", + "acl": "string", + "portalName": "string", + "staticIPHostNameFQDN": "string", + "displayCertificatesRenewalMessages": true + }, + "acl": "string", + "trackMovement": true, + "agentlessPosture": true, + "serviceTemplate": true, + "easywiredSessionCandidate": true, + "daclName": "string", + "voiceDomainPermission": true, + "neat": true, + "webAuth": true, + "autoSmartPort": "string", + "interfaceTemplate": "string", + "ipv6ACLFilter": "string", + "avcProfile": "string", + "macSecPolicy": "string", + "asaVpn": "string", + "profileName": "string", + "ipv6DaclName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/authorization_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/authorization_profile_info.py new file mode 100644 index 00000000..c4b89790 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/authorization_profile_info.py @@ -0,0 +1,226 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: authorization_profile_info +short_description: Information module for Authorization Profile +description: +- Get all Authorization Profile. +- Get Authorization Profile by id. +- Get Authorization Profile by name. +- This API allows the client to get all authorization profiles. +- This API allows the client to get an authorization profile by ID. +- This API allows the client to get an authorization profile by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + authorization_profile.AuthorizationProfile.get_authorization_profile_by_id, + authorization_profile.AuthorizationProfile.get_authorization_profile_by_name, + authorization_profile.AuthorizationProfile.get_authorization_profiles_generator, + + - Paths used are + get /ers/config/authorizationprofile, + get /ers/config/authorizationprofile/name/{name}, + get /ers/config/authorizationprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Authorization Profile + cisco.ise.authorization_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Authorization Profile by id + cisco.ise.authorization_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Authorization Profile by name + cisco.ise.authorization_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "advancedAttributes": [ + { + "leftHandSideDictionaryAttribue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + }, + "rightHandSideAttribueValue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + } + } + ], + "accessType": "string", + "authzProfileType": "string", + "vlan": { + "nameID": "string", + "tagID": 0 + }, + "reauth": { + "timer": 0, + "connectivity": "string" + }, + "airespaceACL": "string", + "airespaceIPv6ACL": "string", + "webRedirection": { + "WebRedirectionType": "string", + "acl": "string", + "portalName": "string", + "staticIPHostNameFQDN": "string", + "displayCertificatesRenewalMessages": true + }, + "acl": "string", + "trackMovement": true, + "agentlessPosture": true, + "serviceTemplate": true, + "easywiredSessionCandidate": true, + "daclName": "string", + "voiceDomainPermission": true, + "neat": true, + "webAuth": true, + "autoSmartPort": "string", + "interfaceTemplate": "string", + "ipv6ACLFilter": "string", + "avcProfile": "string", + "macSecPolicy": "string", + "asaVpn": "string", + "profileName": "string", + "ipv6DaclName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "advancedAttributes": [ + { + "leftHandSideDictionaryAttribue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + }, + "rightHandSideAttribueValue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + } + } + ], + "accessType": "string", + "authzProfileType": "string", + "vlan": { + "nameID": "string", + "tagID": 0 + }, + "reauth": { + "timer": 0, + "connectivity": "string" + }, + "airespaceACL": "string", + "airespaceIPv6ACL": "string", + "webRedirection": { + "WebRedirectionType": "string", + "acl": "string", + "portalName": "string", + "staticIPHostNameFQDN": "string", + "displayCertificatesRenewalMessages": true + }, + "acl": "string", + "trackMovement": true, + "agentlessPosture": true, + "serviceTemplate": true, + "easywiredSessionCandidate": true, + "daclName": "string", + "voiceDomainPermission": true, + "neat": true, + "webAuth": true, + "autoSmartPort": "string", + "interfaceTemplate": "string", + "ipv6ACLFilter": "string", + "avcProfile": "string", + "macSecPolicy": "string", + "asaVpn": "string", + "profileName": "string", + "ipv6DaclName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_cancel.py b/ansible_collections/cisco/ise/plugins/modules/backup_cancel.py new file mode 100644 index 00000000..421c086d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_cancel.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_cancel +short_description: Resource module for Backup Cancel +description: +- Manage operation create of the resource Backup Cancel. +- Cancels the backup job running on the node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.cancel_backup, + + - Paths used are + post /api/v1/backup-restore/config/cancel-backup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_cancel: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "action": "string", + "details": "string", + "error": "string", + "hostName": "string", + "initiatedFrom": "string", + "justComplete": "string", + "message": "string", + "name": "string", + "percentComplete": "string", + "repository": "string", + "scheduled": "string", + "startDate": "string", + "status": "string", + "type": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_config.py b/ansible_collections/cisco/ise/plugins/modules/backup_config.py new file mode 100644 index 00000000..ce5a43eb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_config.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_config +short_description: Resource module for Backup Config +description: +- Manage operation create of the resource Backup Config. +- Triggers on demand configuration backup on the ISE node. The API returns the task ID. Use the Task Service status API to get the status of the backup job. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupEncryptionKey: + description: The encyption key for the backed up file. Encryption key must satisfy + the following criteria - Contains at least one uppercase letter A-Z, Contains + at least one lowercase letter a-z, Contains at least one digit 0-9, Contain only + A-Za-z0-9_#, Has at least 8 characters, Has not more than 15 characters, Must + not contain 'CcIiSsCco', Must not begin with. + type: str + backupName: + description: The backup file will get saved with this name. + type: str + repositoryName: + description: Name of the configured repository where the generated backup file will + get copied. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.config_backup, + + - Paths used are + post /api/v1/backup-restore/config/backup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_config: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupEncryptionKey: string + backupName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_last_status_info.py b/ansible_collections/cisco/ise/plugins/modules/backup_last_status_info.py new file mode 100644 index 00000000..9b176d70 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_last_status_info.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_last_status_info +short_description: Information module for Backup Last Status +description: +- Get all Backup Last Status. +- Gives the last backup status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.get_last_config_backup_status, + + - Paths used are + get /api/v1/backup-restore/config/last-backup-status, + +""" + +EXAMPLES = r""" +- name: Get all Backup Last Status + cisco.ise.backup_last_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "action": "string", + "details": "string", + "error": "string", + "hostName": "string", + "initiatedFrom": "string", + "justComplete": "string", + "message": "string", + "name": "string", + "percentComplete": "string", + "repository": "string", + "scheduled": "string", + "startDate": "string", + "status": "string", + "type": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_restore.py b/ansible_collections/cisco/ise/plugins/modules/backup_restore.py new file mode 100644 index 00000000..1480f8d6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_restore.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_restore +short_description: Resource module for Backup RESTore +description: +- Manage operation create of the resource Backup RESTore. +- Triggers a configuration DB restore job on the ISE node. The API returns the task ID. Use the Task Service status API to get the status of the backup job. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupEncryptionKey: + description: The encryption key which was provided at the time of taking backup. + type: str + repositoryName: + description: Name of the configred repository where the backup file exists. + type: str + restoreFile: + description: Name of the backup file to be restored on ISE node. + type: str + restoreIncludeAdeos: + description: Determines whether the ADE-OS configure is restored. Possible values + true, false. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.restore_config_backup, + + - Paths used are + post /api/v1/backup-restore/config/restore, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_restore: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupEncryptionKey: string + repositoryName: string + restoreFile: string + restoreIncludeAdeos: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config.py b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config.py new file mode 100644 index 00000000..74ab9ab7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config.py @@ -0,0 +1,113 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_schedule_config +short_description: Resource module for Backup Schedule Config +description: +- Manage operation create of the resource Backup Schedule Config. +- Schedules the configuration backup on the ISE node as per the input parameters. This API helps in creating the schedule for the first time. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupDescription: + description: Description of the backup. + type: str + backupEncryptionKey: + description: The encyption key for the backed up file. Encryption key must satisfy + the following criteria - Contains at least one uppercase letter A-Z, Contains + at least one lowercase letter a-z, Contains at least one digit 0-9, Contain only + A-Za-z0-9_#, Has at least 8 characters, Has not more than 15 characters, Must + not contain 'CcIiSsCco', Must not begin with. + type: str + backupName: + description: The backup file will get saved with this name. + type: str + endDate: + description: End date of the scheduled backup job. Allowed format MM/DD/YYYY. End + date is not required in case of ONE_TIME frequency. + type: str + frequency: + description: Backup Schedule Config's frequency. + type: str + monthDay: + description: Day of month you want backup to be performed on when scheduled frequency + is MONTHLY. Allowed values - from 1 to 28. + type: str + repositoryName: + description: Name of the configured repository where the generated backup file will + get copied. + type: str + startDate: + description: Start date for scheduling the backup job. Allowed format MM/DD/YYYY. + type: str + status: + description: Backup Schedule Config's status. + type: str + time: + description: Time at which backup job get scheduled. Example- 12 00 AM. + type: str + weekDay: + description: Backup Schedule Config's weekDay. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.create_scheduled_config_backup, + + - Paths used are + post /api/v1/backup-restore/config/schedule-config-backup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_schedule_config: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupDescription: string + backupEncryptionKey: string + backupName: string + endDate: string + frequency: string + monthDay: string + repositoryName: string + startDate: string + status: string + time: string + weekDay: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config_update.py b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config_update.py new file mode 100644 index 00000000..9babddc2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config_update.py @@ -0,0 +1,113 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_schedule_config_update +short_description: Resource module for Backup Schedule Config Update +description: +- Manage operation update of the resource Backup Schedule Config Update. +- Update the Schedule of the configuration backup on the ISE node as per the input parameters. This API only helps in editing the schedule. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupDescription: + description: Description of the backup. + type: str + backupEncryptionKey: + description: The encyption key for the backed up file. Encryption key must satisfy + the following criteria - Contains at least one uppercase letter A-Z, Contains + at least one lowercase letter a-z, Contains at least one digit 0-9, Contain only + A-Za-z0-9_#, Has at least 8 characters, Has not more than 15 characters, Must + not contain 'CcIiSsCco', Must not begin with. + type: str + backupName: + description: The backup file will get saved with this name. + type: str + endDate: + description: End date of the scheduled backup job. Allowed format MM/DD/YYYY. End + date is not required in case of ONE_TIME frequency. + type: str + frequency: + description: Backup Schedule Config Update's frequency. + type: str + monthDay: + description: Day of month you want backup to be performed on when scheduled frequency + is MONTHLY. Allowed values - from 1 to 28. + type: str + repositoryName: + description: Name of the configured repository where the generated backup file will + get copied. + type: str + startDate: + description: Start date for scheduling the backup job. Allowed format MM/DD/YYYY. + type: str + status: + description: Backup Schedule Config Update's status. + type: str + time: + description: Time at which backup job get scheduled. Example- 12 00 AM. + type: str + weekDay: + description: Backup Schedule Config Update's weekDay. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.update_scheduled_config_backup, + + - Paths used are + put /api/v1/backup-restore/config/schedule-config-backup, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.backup_schedule_config_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupDescription: string + backupEncryptionKey: string + backupName: string + endDate: string + frequency: string + monthDay: string + repositoryName: string + startDate: string + status: string + time: string + weekDay: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/bind_signed_certificate.py b/ansible_collections/cisco/ise/plugins/modules/bind_signed_certificate.py new file mode 100644 index 00000000..74576e8c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/bind_signed_certificate.py @@ -0,0 +1,126 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: bind_signed_certificate +short_description: Resource module for Bind Signed Certificate +description: +- Manage operation create of the resource Bind Signed Certificate. +- Bind CA Signed Certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowExtendedValidity: + description: Allow import of certificates with validity greater than 398 days (required). + type: bool + allowOutOfDateCert: + description: Allow out of date certificates (required). + type: bool + allowReplacementOfCertificates: + description: Allow Replacement of certificates (required). + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag (required). + type: bool + data: + description: Signed certificate data (required). + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + hostName: + description: Name of Host whose CSR ID has been provided (required). + type: str + id: + description: ID of the generated CSR (required). + type: str + ims: + description: Use certificate for the Cisco ISE Messaging Service. + type: bool + name: + description: Friendly Name of the certificate. + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool + validateCertificateExtensions: + description: Validate Certificate Extensions. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.bind_csr, + + - Paths used are + post /api/v1/certs/signed-certificate/bind, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.bind_signed_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + admin: true + allowExtendedValidity: true + allowOutOfDateCert: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + data: string + eap: true + hostName: string + id: string + ims: true + name: string + portal: true + portalGroupTag: string + pxgrid: true + radius: true + saml: true + validateCertificateExtensions: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/byod_portal.py b/ansible_collections/cisco/ise/plugins/modules/byod_portal.py new file mode 100644 index 00000000..c3b77fad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/byod_portal.py @@ -0,0 +1,561 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: byod_portal +short_description: Resource module for BYOD Portal +description: +- Manage operations create, update and delete of the resource BYOD Portal. +- This API creates a BYOD portal. +- This API deletes a BYOD portal by ID. +- This API allows the client to update a BYOD portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available for a BYOD. + suboptions: + globalCustomizations: + description: Represent the portal Global customizations. + suboptions: + backgroundImage: + description: BYOD Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: BYOD Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: BYOD Portal's bannerTitle. + type: str + contactText: + description: BYOD Portal's contactText. + type: str + desktopLogoImage: + description: BYOD Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: BYOD Portal's footerElement. + type: str + mobileLogoImage: + description: BYOD Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: BYOD Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: BYOD Portal's key. + type: str + value: + description: BYOD Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Defines the configuration for portal theme. + suboptions: + id: + description: The unique internal identifier of the portal theme. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: BYOD Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: BYOD Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: BYOD Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: BYOD Portal's description. + type: str + id: + description: Resource UUID, mandatory for update. + type: str + name: + description: Resource Name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a BYOD. + suboptions: + byodSettings: + description: Configuration of BYOD Device Welcome, Registration and Success + steps. + suboptions: + byodRegistrationSettings: + description: BYOD Portal's byodRegistrationSettings. + suboptions: + endPointIdentityGroupId: + description: BYOD Portal's endPointIdentityGroupId. + type: str + showDeviceID: + description: ShowDeviceID flag. + type: bool + type: dict + byodRegistrationSuccessSettings: + description: BYOD Portal's byodRegistrationSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = + URL. + type: str + successRedirect: + description: After an Authentication Success where should device be + redirected. Allowed values. + type: str + type: dict + byodWelcomeSettings: + description: Configuration of BYOD endpoint welcome step configuration. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a + link. Only valid if includeAup = true. Allowed values - ONPAGE, - + ASLINK. + type: str + enableBYOD: + description: EnableBYOD flag. + type: bool + enableGuestAccess: + description: EnableGuestAccess flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireMDM: + description: RequireMDM flag. + type: bool + requireScrolling: + description: Require BYOD devices to scroll down to the bottom of the + AUP, Only valid if includeAup = true. + type: bool + type: dict + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Used when displayLang = ALWAYSUSE. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + endpointIdentityGroup: + description: Unique Id of the endpoint identity group where user's devices + will be added. Used only in Hotspot Portal. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + supportInfoSettings: + description: BYOD Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + byod_portal.ByodPortal.create_byod_portal, + byod_portal.ByodPortal.delete_byod_portal_by_id, + byod_portal.ByodPortal.update_byod_portal_by_id, + + - Paths used are + post /ers/config/byodportal, + delete /ers/config/byodportal/{id}, + put /ers/config/byodportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.byod_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.byod_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.byod_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/byod_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/byod_portal_info.py new file mode 100644 index 00000000..ed187dfa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/byod_portal_info.py @@ -0,0 +1,313 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: byod_portal_info +short_description: Information module for BYOD Portal +description: +- Get all BYOD Portal. +- Get BYOD Portal by id. +- This API allows the client to get a BYOD portal by ID. +- This API allows the client to get all the BYOD portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Portal id. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + byod_portal.ByodPortal.get_byod_portal_by_id, + byod_portal.ByodPortal.get_byod_portal_generator, + + - Paths used are + get /ers/config/byodportal, + get /ers/config/byodportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all BYOD Portal + cisco.ise.byod_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get BYOD Portal by id + cisco.ise.byod_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/certificate_profile.py b/ansible_collections/cisco/ise/plugins/modules/certificate_profile.py new file mode 100644 index 00000000..dcddcd19 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/certificate_profile.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: certificate_profile +short_description: Resource module for Certificate Profile +description: +- Manage operations create and update of the resource Certificate Profile. +- This API allows the client to create a certificate profile. +- This API allows the client to update a certificate profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowedAsUserName: + description: AllowedAsUserName flag. + type: bool + certificateAttributeName: + description: Attribute name of the Certificate Profile - used only when CERTIFICATE + is chosen in usernameFrom. Allowed values - SUBJECT_COMMON_NAME - SUBJECT_ALTERNATIVE_NAME + - SUBJECT_SERIAL_NUMBER - SUBJECT - SUBJECT_ALTERNATIVE_NAME_OTHER_NAME - SUBJECT_ALTERNATIVE_NAME_EMAIL + - SUBJECT_ALTERNATIVE_NAME_DNS. - Additional internal value ALL_SUBJECT_AND_ALTERNATIVE_NAMES + is used automatically when usernameFrom=UPN. + type: str + description: + description: Certificate Profile's description. + type: str + externalIdentityStoreName: + description: Referred IDStore name for the Certificate Profile or not applicable + in case no identity store is chosen. + type: str + id: + description: Certificate Profile's id. + type: str + matchMode: + description: Match mode of the Certificate Profile. Allowed values - NEVER - RESOLVE_IDENTITY_AMBIGUITY + - BINARY_COMPARISON. + type: str + name: + description: Certificate Profile's name. + type: str + usernameFrom: + description: The attribute in the certificate where the user name should be taken + from. Allowed values - CERTIFICATE (for a specific attribute as defined in certificateAttributeName) + - UPN (for using any Subject or Alternative Name Attributes in the Certificate + - an option only in AD). + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + certificate_profile.CertificateProfile.create_certificate_profile, + certificate_profile.CertificateProfile.update_certificate_profile_by_id, + + - Paths used are + post /ers/config/certificateprofile, + put /ers/config/certificateprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.certificate_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedAsUserName: true + certificateAttributeName: string + description: string + externalIdentityStoreName: string + id: string + matchMode: string + name: string + usernameFrom: string + +- name: Create + cisco.ise.certificate_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedAsUserName: true + certificateAttributeName: string + description: string + externalIdentityStoreName: string + id: string + matchMode: string + name: string + usernameFrom: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "externalIdentityStoreName": "string", + "certificateAttributeName": "string", + "allowedAsUserName": true, + "matchMode": "string", + "usernameFrom": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/certificate_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/certificate_profile_info.py new file mode 100644 index 00000000..d996fb14 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/certificate_profile_info.py @@ -0,0 +1,132 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: certificate_profile_info +short_description: Information module for Certificate Profile +description: +- Get all Certificate Profile. +- Get Certificate Profile by id. +- Get Certificate Profile by name. +- This API allows the client to get a certificate profile by ID. +- This API allows the client to get a certificate profile by name. +- This API allows the client to get all the certificate profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + certificate_profile.CertificateProfile.get_certificate_profile_by_id, + certificate_profile.CertificateProfile.get_certificate_profile_by_name, + certificate_profile.CertificateProfile.get_certificate_profile_generator, + + - Paths used are + get /ers/config/certificateprofile, + get /ers/config/certificateprofile/name/{name}, + get /ers/config/certificateprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Certificate Profile + cisco.ise.certificate_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Certificate Profile by id + cisco.ise.certificate_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Certificate Profile by name + cisco.ise.certificate_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "externalIdentityStoreName": "string", + "certificateAttributeName": "string", + "allowedAsUserName": true, + "matchMode": "string", + "usernameFrom": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "externalIdentityStoreName": "string", + "certificateAttributeName": "string", + "allowedAsUserName": true, + "matchMode": "string", + "usernameFrom": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/certificate_template_info.py b/ansible_collections/cisco/ise/plugins/modules/certificate_template_info.py new file mode 100644 index 00000000..4d6d0d18 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/certificate_template_info.py @@ -0,0 +1,118 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: certificate_template_info +short_description: Information module for Certificate Template +description: +- Get all Certificate Template. +- Get Certificate Template by id. +- Get Certificate Template by name. +- This API allows the client to get a certificate template by ID. +- This API allows the client to get a certificate template by name. +- This API allows the client to get aall the certificate templates. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + certificate_template.CertificateTemplate.get_certificate_template_by_id, + certificate_template.CertificateTemplate.get_certificate_template_by_name, + certificate_template.CertificateTemplate.get_certificate_template_generator, + + - Paths used are + get /ers/config/certificatetemplate/, + get /ers/config/certificatetemplate/name/{name}, + get /ers/config/certificatetemplate/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Certificate Template + cisco.ise.certificate_template_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Certificate Template by id + cisco.ise.certificate_template_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Certificate Template by name + cisco.ise.certificate_template_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "keySize": 0, + "validityPeriod": 0, + "raprofile": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "keySize": 0, + "validityPeriod": 0, + "raprofile": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_delete.py b/ansible_collections/cisco/ise/plugins/modules/csr_delete.py new file mode 100644 index 00000000..13d1f134 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_delete.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_delete +short_description: Resource module for CSR Delete +description: +- Manage operation delete of the resource CSR Delete. +- This API deletes a Certificate Signing Request of a particular node based on given HostName and ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostName: + description: HostName path parameter. Name of the host of which CSR's should be + deleted. + type: str + id: + description: Id path parameter. ID of the Certificate Signing Request to be deleted. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.delete_csr_by_id, + + - Paths used are + delete /api/v1/certs/certificate-signing-request/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Delete by id + cisco.ise.csr_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostName: string + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_export_info.py b/ansible_collections/cisco/ise/plugins/modules/csr_export_info.py new file mode 100644 index 00000000..a1f8b85e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_export_info.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_export_info +short_description: Information module for CSR Export +description: +- Get CSR Export by id. +- Response of this API carries a CSR corresponding to the requested ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname to which the CSR belongs. + type: str + id: + description: + - Id path parameter. ID of the CSR to be exported. + type: str + dirPath: + description: + - Directory absolute path. Defaults to the current working directory. + type: str + saveFile: + description: + - Enable or disable automatic file creation of raw response. + type: bool + filename: + description: + - The filename used to save the download file. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.export_csr, + + - Paths used are + get /api/v1/certs/certificate-signing-request/export/{hostname}/{id}, + +""" + +EXAMPLES = r""" +- name: Get CSR Export by id + cisco.ise.csr_export_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_generate.py b/ansible_collections/cisco/ise/plugins/modules/csr_generate.py new file mode 100644 index 00000000..3116b380 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_generate.py @@ -0,0 +1,147 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_generate +short_description: Resource module for CSR Generate +description: +- Manage operation create of the resource CSR Generate. +- Generate a certificate signing request for Multi-Use, Admin, EAP. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowWildCardCert: + description: AllowWildCardCert flag. + type: bool + certificatePolicies: + description: CSR Generate's certificatePolicies. + type: str + digestType: + description: CSR Generate's digestType. + type: str + hostnames: + description: CSR Generate's hostnames. + elements: str + type: list + keyLength: + description: CSR Generate's keyLength. + type: str + keyType: + description: CSR Generate's keyType. + type: str + portalGroupTag: + description: CSR Generate's portalGroupTag. + type: str + sanDNS: + description: CSR Generate's sanDNS. + elements: str + type: list + sanDir: + description: CSR Generate's sanDir. + elements: str + type: list + sanIP: + description: CSR Generate's sanIP. + elements: str + type: list + sanURI: + description: CSR Generate's sanURI. + elements: str + type: list + subjectCity: + description: CSR Generate's subjectCity. + type: str + subjectCommonName: + description: CSR Generate's subjectCommonName. + type: str + subjectCountry: + description: CSR Generate's subjectCountry. + type: str + subjectOrg: + description: CSR Generate's subjectOrg. + type: str + subjectOrgUnit: + description: CSR Generate's subjectOrgUnit. + type: str + subjectState: + description: CSR Generate's subjectState. + type: str + usedFor: + description: CSR Generate's usedFor. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.generate_csr, + + - Paths used are + post /api/v1/certs/certificate-signing-request, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.csr_generate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowWildCardCert: true + certificatePolicies: string + digestType: string + hostnames: + - string + keyLength: string + keyType: string + portalGroupTag: string + sanDNS: + - string + sanDir: + - string + sanIP: + - string + sanURI: + - string + subjectCity: string + subjectCommonName: string + subjectCountry: string + subjectOrg: string + subjectOrgUnit: string + subjectState: string + usedFor: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": [ + { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + } + ], + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_generate_intermediate_ca.py b/ansible_collections/cisco/ise/plugins/modules/csr_generate_intermediate_ca.py new file mode 100644 index 00000000..f7eaaf20 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_generate_intermediate_ca.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_generate_intermediate_ca +short_description: Resource module for CSR Generate Intermediate CA +description: +- Manage operation create of the resource CSR Generate Intermediate CA. +- CSR Generation for Intermediate Certificates. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.generate_intermediate_ca_csr, + + - Paths used are + post /api/v1/certs/certificate-signing-request/intermediate-ca, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.csr_generate_intermediate_ca: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_info.py b/ansible_collections/cisco/ise/plugins/modules/csr_info.py new file mode 100644 index 00000000..6dee74b1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_info.py @@ -0,0 +1,166 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_info +short_description: Information module for CSR +description: +- Get all CSR. +- Get CSR by id. +- This API displays details of a Certificate Signing Request of a particular node for given HostName and ID. +- This API supports Filtering, Sorting and Pagination. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + hostName: + description: + - HostName path parameter. Name of the host of which CSR's should be returned. + type: str + id: + description: + - Id path parameter. ID of the Certificate Signing Request returned. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.get_csr_by_id, + certificates.Certificates.get_csrs_generator, + + - Paths used are + get /api/v1/certs/certificate-signing-request, + get /api/v1/certs/certificate-signing-request/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Get all CSR + cisco.ise.csr_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get CSR by id + cisco.ise.csr_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostName: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "csrContents": "string", + "friendlyName": "string", + "groupTag": "string", + "hostName": "string", + "id": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "signatureAlgorithm": "string", + "subject": "string", + "timeStamp": "string", + "usedFor": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "csrContents": "string", + "friendlyName": "string", + "groupTag": "string", + "hostName": "string", + "id": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "signatureAlgorithm": "string", + "subject": "string", + "timeStamp": "string", + "usedFor": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/deployment_info.py b/ansible_collections/cisco/ise/plugins/modules/deployment_info.py new file mode 100644 index 00000000..bc2f7074 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/deployment_info.py @@ -0,0 +1,183 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: deployment_info +short_description: Information module for Deployment +description: +- Get all Deployment. +- This API allows the client to pull the deployment information. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + timeout: + description: + - How long to wait for the server to send data before giving up. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PullDeploymentInfo + description: Complete reference of the PullDeploymentInfo API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deploymentinfo +notes: + - SDK Method used are + pull_deployment_info.PullDeploymentInfo.get_deployment_info, + + - Paths used are + get /ers/config/deploymentinfo/getAllInfo, + +""" + +EXAMPLES = r""" +- name: Get all Deployment + cisco.ise.deployment_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "networkAccessInfo": { + "deploymentID": "string", + "isCsnEnabled": true, + "nodeList": { + "nodeAndScope": [ + {} + ] + }, + "sdaVNs": [], + "trustSecControl": "string", + "radius3RdParty": [] + }, + "profilerInfo": { + "deploymentID": "string", + "nodeList": { + "node": [ + { + "onlineSubscriptionEnabled": true, + "lastAppliedFeedDateTime": "string", + "scope": "string", + "profiles": [ + { + "profile": [], + "customProfilesCount": 0, + "endpointTypes": "string", + "totalProfilesCount": 0, + "uniqueEndpointsCount": 0, + "unknownEndpointsCount": 0, + "totalEndpointsCount": 0, + "unknownEndpointsPercentage": 0 + } + ] + } + ] + } + }, + "deploymentInfo": { + "deploymentID": "string", + "versionHistoryInfo": [ + { + "opType": "string", + "mainVersion": "string", + "epochTime": 0 + } + ], + "nodeList": { + "nodeAndNodeCountAndCountInfo": [ + { + "name": "string", + "value": {}, + "declaredType": "string", + "scope": "string", + "nil": true, + "globalScope": true, + "typeSubstituted": true + } + ] + }, + "fipsstatus": "string" + }, + "nadInfo": { + "nodeList": { + "nodeAndScope": [ + {} + ] + }, + "nadcountInfo": { + "totalActiveNADCount": 0 + } + }, + "mdmInfo": { + "activeMdmServersCount": "string", + "activeDesktopMdmServersCount": "string", + "activeMobileMdmServersCount": "string", + "deploymentID": "string", + "nodeList": { + "nodeAndScope": [ + {} + ] + } + }, + "licensesInfo": { + "deploymentID": "string", + "nodeList": { + "node": [ + {} + ] + } + }, + "postureInfo": { + "content": [ + { + "name": "string", + "value": {}, + "declaredType": "string", + "scope": "string", + "nil": true, + "globalScope": true, + "typeSubstituted": true + } + ] + }, + "kongInfo": { + "deploymentID": "string", + "nodeList": { + "node": [ + { + "sn": "string", + "service": [ + { + "serviceName": "string", + "route": [ + { + "routeName": "string", + "httpCount": {}, + "latencyCount": {}, + "latencySum": {} + } + ] + } + ] + } + ] + } + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_reset_hitcount.py new file mode 100644 index 00000000..a238380a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authentication_reset_hitcount +short_description: Resource module for Device Administration Authentication Reset Hitcount +description: +- Manage operation create of the resource Device Administration Authentication Reset Hitcount. +- Device Admin - Reset HitCount for Authentication Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authentication Rules + description: Complete reference of the Device Administration - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.reset_hit_counts_device_admin_authentication_rules, + + - Paths used are + post /device-admin/policy-set/{policyId}/authentication/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authentication_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules.py new file mode 100644 index 00000000..29c2db6d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules.py @@ -0,0 +1,535 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authentication_rules +short_description: Resource module for Device Administration Authentication Rules +description: +- Manage operations create, update and delete of the resource Device Administration Authentication Rules. +- Device Admin - Create authentication rule. +- Device Admin - Delete rule. +- Device Admin - - Update rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + identitySourceName: + description: Identity source name from the identity stores. + type: str + ifAuthFail: + description: Action to perform when authentication fails such as Bad credentials, + disabled user and so on. + type: str + ifProcessFail: + description: Action to perform when ISE is uanble to access the identity database. + type: str + ifUserNotFound: + description: Action to perform when user is not found in any of identity stores. + type: str + link: + description: Device Administration Authentication Rules's link. + suboptions: + href: + description: Device Administration Authentication Rules's href. + type: str + rel: + description: Device Administration Authentication Rules's rel. + type: str + type: + description: Device Administration Authentication Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Authentication Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authentication Rules's link. + suboptions: + href: + description: Device Administration Authentication Rules's href. + type: str + rel: + description: Device Administration Authentication Rules's rel. + type: str + type: + description: Device Administration Authentication Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Authentication Rules's endDate. + type: str + startDate: + description: Device Administration Authentication Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Authentication Rules's endDate. + type: str + startDate: + description: Device Administration Authentication Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Authentication Rules's endTime. + type: str + startTime: + description: Device Administration Authentication Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Authentication Rules's endTime. + type: str + startTime: + description: Device Administration Authentication Rules's startTime. + type: str + type: dict + id: + description: Device Administration Authentication Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authentication Rules's link. + suboptions: + href: + description: Device Administration Authentication Rules's href. + type: str + rel: + description: Device Administration Authentication Rules's rel. + type: str + type: + description: Device Administration Authentication Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authentication Rules + description: Complete reference of the Device Administration - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.create_device_admin_authentication_rule, + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.delete_device_admin_authentication_rule_by_id, + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.update_device_admin_authentication_rule_by_id, + + - Paths used are + post /device-admin/policy-set/{policyId}/authentication, + delete /device-admin/policy-set/{policyId}/authentication/{id}, + put /device-admin/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules_info.py new file mode 100644 index 00000000..3e0dfce6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authentication_rules_info +short_description: Information module for Device Administration Authentication Rules +description: +- Get all Device Administration Authentication Rules. +- Get Device Administration Authentication Rules by id. +- Device Admin - Get authentication rules. +- Device Admin - Get rule attributes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authentication Rules + description: Complete reference of the Device Administration - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.get_device_admin_authentication_rule_by_id, + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.get_device_admin_authentication_rules, + + - Paths used are + get /device-admin/policy-set/{policyId}/authentication, + get /device-admin/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Authentication Rules + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Device Administration Authentication Rules by id + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_reset_hitcount.py new file mode 100644 index 00000000..a34b3aec --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authorization_reset_hitcount +short_description: Resource module for Device Administration Authorization Reset Hitcount +description: +- Manage operation create of the resource Device Administration Authorization Reset Hitcount. +- Device Admin - Reset HitCount for Authorization Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Rules + description: Complete reference of the Device Administration - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.reset_hit_counts_device_admin_authorization_rules, + + - Paths used are + post /device-admin/policy-set/{policyId}/authorization/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authorization_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules.py new file mode 100644 index 00000000..1e5058c6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules.py @@ -0,0 +1,529 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authorization_rules +short_description: Resource module for Device Administration Authorization Rules +description: +- Manage operations create, update and delete of the resource Device Administration Authorization Rules. +- Device Admin - Create authorization rule. +- Device Admin - Delete authorization rule. +- Device Admin - Update authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: Command sets enforce the specified list of commands that can be executed + by a device administrator. + elements: str + type: list + id: + description: Id path parameter. Rule id. + type: str + link: + description: Device Administration Authorization Rules's link. + suboptions: + href: + description: Device Administration Authorization Rules's href. + type: str + rel: + description: Device Administration Authorization Rules's rel. + type: str + type: + description: Device Administration Authorization Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: Device admin profiles control the initial login session of the device + administrator. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Authorization Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authorization Rules's link. + suboptions: + href: + description: Device Administration Authorization Rules's href. + type: str + rel: + description: Device Administration Authorization Rules's rel. + type: str + type: + description: Device Administration Authorization Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Authorization Rules's endDate. + type: str + startDate: + description: Device Administration Authorization Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Authorization Rules's endDate. + type: str + startDate: + description: Device Administration Authorization Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Authorization Rules's endTime. + type: str + startTime: + description: Device Administration Authorization Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Authorization Rules's endTime. + type: str + startTime: + description: Device Administration Authorization Rules's startTime. + type: str + type: dict + id: + description: Device Administration Authorization Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authorization Rules's link. + suboptions: + href: + description: Device Administration Authorization Rules's href. + type: str + rel: + description: Device Administration Authorization Rules's rel. + type: str + type: + description: Device Administration Authorization Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Rules + description: Complete reference of the Device Administration - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.create_device_admin_authorization_rule, + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.delete_device_admin_authorization_rule_by_id, + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.update_device_admin_authorization_rule_by_id, + + - Paths used are + post /device-admin/policy-set/{policyId}/authorization, + delete /device-admin/policy-set/{policyId}/authorization/{id}, + put /device-admin/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules_info.py new file mode 100644 index 00000000..8c5f6de1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authorization_rules_info +short_description: Information module for Device Administration Authorization Rules +description: +- Get all Device Administration Authorization Rules. +- Get Device Administration Authorization Rules by id. +- Device Admin - Get authorization rule attributes. +- Device Admin - Get authorization rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Rules + description: Complete reference of the Device Administration - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.get_device_admin_authorization_rule_by_id, + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.get_device_admin_authorization_rules, + + - Paths used are + get /device-admin/policy-set/{policyId}/authorization, + get /device-admin/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Authorization Rules + cisco.ise.device_administration_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Device Administration Authorization Rules by id + cisco.ise.device_administration_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_command_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_command_set_info.py new file mode 100644 index 00000000..23aa5817 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_command_set_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_command_set_info +short_description: Information module for Device Administration Command Set +description: +- Get all Device Administration Command Set. +- Device Admin - Return list of command sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Command Set + description: Complete reference of the Device Administration - Command Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_command_set.DeviceAdministrationCommandSet.get_device_admin_command_sets, + + - Paths used are + get /device-admin/command-sets, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Command Set + cisco.ise.device_administration_command_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions.py new file mode 100644 index 00000000..9db7c229 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions.py @@ -0,0 +1,457 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions +short_description: Resource module for Device Administration Conditions +description: +- Manage operations create, update and delete of the resource Device Administration Conditions. +- Device Admin - Creates a library condition. +- Device Admin - Delete a library condition. +- NDevice Admin - Delete a library condition using condition Name. +- Device Admin - Update library condition using condition name. +- Device Admin - Update library condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is specified + in dictionary object
  • if multiple values allowed is specified in dictionary + object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both
  • Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Conditions's link. + suboptions: + href: + description: Device Administration Conditions's href. + type: str + rel: + description: Device Administration Conditions's rel. + type: str + type: + description: Device Administration Conditions's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both
  • Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Device Administration Conditions's endDate. + type: str + startDate: + description: Device Administration Conditions's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Device Administration Conditions's endDate. + type: str + startDate: + description: Device Administration Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Device Administration Conditions's endTime. + type: str + startTime: + description: Device Administration Conditions's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Device Administration Conditions's endTime. + type: str + startTime: + description: Device Administration Conditions's startTime. + type: str + type: dict + id: + description: Device Administration Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Conditions's link. + suboptions: + href: + description: Device Administration Conditions's href. + type: str + rel: + description: Device Administration Conditions's rel. + type: str + type: + description: Device Administration Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
Days format + - Arrays of WeekDay enums
Default - List of All week days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
Days + format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.create_device_admin_condition, + device_administration_conditions.DeviceAdministrationConditions.delete_device_admin_condition_by_id, + device_administration_conditions.DeviceAdministrationConditions.delete_device_admin_condition_by_name, + device_administration_conditions.DeviceAdministrationConditions.update_device_admin_condition_by_id, + device_administration_conditions.DeviceAdministrationConditions.update_device_admin_condition_by_name, + + - Paths used are + post /device-admin/condition, + delete /device-admin/condition/condition-by-name/{name}, + delete /device-admin/condition/{id}, + put /device-admin/condition/condition-by-name/{name}, + put /device-admin/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by name + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by name + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authentication_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authentication_rule_info.py new file mode 100644 index 00000000..073e3b88 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authentication_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_for_authentication_rule_info +short_description: Information module for Device Administration Conditions For Authentication Rule +description: +- Get all Device Administration Conditions For Authentication Rule. +- Device Admin - Returns list of library conditions for authentication rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions_for_authentication_rules, + + - Paths used are + get /device-admin/condition/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions For Authentication Rule + cisco.ise.device_administration_conditions_for_authentication_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authorization_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authorization_rule_info.py new file mode 100644 index 00000000..e2db5781 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authorization_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_for_authorization_rule_info +short_description: Information module for Device Administration Conditions For Authorization Rule +description: +- Get all Device Administration Conditions For Authorization Rule. +- Device Admin - Returns list of library conditions for authorization rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions_for_authorization_rules, + + - Paths used are + get /device-admin/condition/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions For Authorization Rule + cisco.ise.device_administration_conditions_for_authorization_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_policy_set_info.py new file mode 100644 index 00000000..c5add18b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_policy_set_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_for_policy_set_info +short_description: Information module for Device Administration Conditions For Policy Set +description: +- Get all Device Administration Conditions For Policy Set. +- Device Admin - Returns list of library conditions for policy sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions_for_policy_sets, + + - Paths used are + get /device-admin/condition/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions For Policy Set + cisco.ise.device_administration_conditions_for_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_info.py new file mode 100644 index 00000000..90657433 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_info.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_info +short_description: Information module for Device Administration Conditions +description: +- Get all Device Administration Conditions. +- Get Device Administration Conditions by id. +- Get Device Administration Conditions by name. +- Device Admin - Returns a library condition. +- Device Admin - Returns a library condition. +- Device Admin - Returns list of library conditions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. Condition name. + type: str + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_condition_by_id, + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_condition_by_name, + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions, + + - Paths used are + get /device-admin/condition, + get /device-admin/condition/condition-by-name/{name}, + get /device-admin/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions + cisco.ise.device_administration_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Conditions by id + cisco.ise.device_administration_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Device Administration Conditions by name + cisco.ise.device_administration_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authentication_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authentication_info.py new file mode 100644 index 00000000..c603181b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authentication_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_dictionary_attributes_authentication_info +short_description: Information module for Device Administration Dictionary Attributes Authentication +description: +- Get all Device Administration Dictionary Attributes Authentication. +- Network Access - Returns list of dictionary attributes for authentication. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Dictionary Attributes List + description: Complete reference of the Device Administration - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_dictionary_attributes_list.DeviceAdministrationDictionaryAttributesList.get_device_admin_dictionaries_authentication, + + - Paths used are + get /device-admin/dictionaries/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Dictionary Attributes Authentication + cisco.ise.device_administration_dictionary_attributes_authentication_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authorization_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authorization_info.py new file mode 100644 index 00000000..f1685f1a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authorization_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_dictionary_attributes_authorization_info +short_description: Information module for Device Administration Dictionary Attributes Authorization +description: +- Get all Device Administration Dictionary Attributes Authorization. +- Network Access - Returns list of dictionary attributes for authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Dictionary Attributes List + description: Complete reference of the Device Administration - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_dictionary_attributes_list.DeviceAdministrationDictionaryAttributesList.get_device_admin_dictionaries_authorization, + + - Paths used are + get /device-admin/dictionaries/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Dictionary Attributes Authorization + cisco.ise.device_administration_dictionary_attributes_authorization_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_policy_set_info.py new file mode 100644 index 00000000..74afbb5d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_policy_set_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_dictionary_attributes_policy_set_info +short_description: Information module for Device Administration Dictionary Attributes Policy Set +description: +- Get all Device Administration Dictionary Attributes Policy Set. +- Network Access - Returns list of dictionary attributes for policyset. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Dictionary Attributes List + description: Complete reference of the Device Administration - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_dictionary_attributes_list.DeviceAdministrationDictionaryAttributesList.get_device_admin_dictionaries_policy_set, + + - Paths used are + get /device-admin/dictionaries/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Dictionary Attributes Policy Set + cisco.ise.device_administration_dictionary_attributes_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules.py new file mode 100644 index 00000000..6bdd2efe --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules.py @@ -0,0 +1,523 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_global_exception_rules +short_description: Resource module for Device Administration Global Exception Rules +description: +- Manage operations create, update and delete of the resource Device Administration Global Exception Rules. +- Device Admin - Create global exception authorization rule. +- Device Admin - Delete global exception authorization rule. +- Device Admin - Update global exception authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: Command sets enforce the specified list of commands that can be executed + by a device administrator. + elements: str + type: list + id: + description: Id path parameter. Rule id. + type: str + link: + description: Device Administration Global Exception Rules's link. + suboptions: + href: + description: Device Administration Global Exception Rules's href. + type: str + rel: + description: Device Administration Global Exception Rules's rel. + type: str + type: + description: Device Administration Global Exception Rules's type. + type: str + type: dict + profile: + description: Device admin profiles control the initial login session of the device + administrator. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Global Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Global Exception Rules's link. + suboptions: + href: + description: Device Administration Global Exception Rules's href. + type: str + rel: + description: Device Administration Global Exception Rules's rel. + type: str + type: + description: Device Administration Global Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Global Exception Rules's endDate. + type: str + startDate: + description: Device Administration Global Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Global Exception Rules's endDate. + type: str + startDate: + description: Device Administration Global Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Global Exception Rules's endTime. + type: str + startTime: + description: Device Administration Global Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Global Exception Rules's endTime. + type: str + startTime: + description: Device Administration Global Exception Rules's startTime. + type: str + type: dict + id: + description: Device Administration Global Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Global Exception Rules's link. + suboptions: + href: + description: Device Administration Global Exception Rules's href. + type: str + rel: + description: Device Administration Global Exception Rules's rel. + type: str + type: + description: Device Administration Global Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Global Exception Rules + description: Complete reference of the Device Administration - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.create_device_admin_policy_set_global_exception, + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.delete_device_admin_policy_set_global_exception_by_rule_id, + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.update_device_admin_policy_set_global_exception_by_rule_id, + + - Paths used are + post /device-admin/policy-set/global-exception, + delete /device-admin/policy-set/global-exception/{id}, + put /device-admin/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + link: + href: string + rel: string + type: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + id: string + link: + href: string + rel: string + type: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_info.py new file mode 100644 index 00000000..27f969f6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_info.py @@ -0,0 +1,138 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_global_exception_rules_info +short_description: Information module for Device Administration Global Exception Rules +description: +- Get all Device Administration Global Exception Rules. +- Get Device Administration Global Exception Rules by id. +- Device Admin - Get global exception rule attribute. +- Device Admin - Get global execption rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Global Exception Rules + description: Complete reference of the Device Administration - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.get_device_admin_policy_set_global_exception_by_rule_id, + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.get_device_admin_policy_set_global_exception_rules, + + - Paths used are + get /device-admin/policy-set/global-exception, + get /device-admin/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Global Exception Rules + cisco.ise.device_administration_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Global Exception Rules by id + cisco.ise.device_administration_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..7a7e1a82 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_global_exception_rules_reset_hitcount +short_description: Resource module for Device Administration Global Exception Rules Reset Hitcount +description: +- Manage operation create of the resource Device Administration Global Exception Rules Reset Hitcount. +- Device Admin - Reset HitCount for Global Exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Global Exception Rules + description: Complete reference of the Device Administration - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.reset_hit_counts_device_admin_global_exceptions, + + - Paths used are + post /device-admin/policy-set/global-exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_global_exception_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_identity_stores_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_identity_stores_info.py new file mode 100644 index 00000000..a0556f72 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_identity_stores_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_identity_stores_info +short_description: Information module for Device Administration Identity Stores +description: +- Get all Device Administration Identity Stores. +- Device Admin - Return list of identity stores for authentication. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Identity Stores + description: Complete reference of the Device Administration - Identity Stores API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_identity_stores.DeviceAdministrationIdentityStores.get_device_admin_identity_stores, + + - Paths used are + get /device-admin/identity-stores, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Identity Stores + cisco.ise.device_administration_identity_stores_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules.py new file mode 100644 index 00000000..92fe6d8d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules.py @@ -0,0 +1,529 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_local_exception_rules +short_description: Resource module for Device Administration Local Exception Rules +description: +- Manage operations create, update and delete of the resource Device Administration Local Exception Rules. +- Device Admin - Create local authorization exception rule. +- Device Admin - Delete local exception rule. +- Device Admin - Update local exception rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: Command sets enforce the specified list of commands that can be executed + by a device administrator. + elements: str + type: list + id: + description: Id path parameter. Rule id. + type: str + link: + description: Device Administration Local Exception Rules's link. + suboptions: + href: + description: Device Administration Local Exception Rules's href. + type: str + rel: + description: Device Administration Local Exception Rules's rel. + type: str + type: + description: Device Administration Local Exception Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: Device admin profiles control the initial login session of the device + administrator. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Local Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Local Exception Rules's link. + suboptions: + href: + description: Device Administration Local Exception Rules's href. + type: str + rel: + description: Device Administration Local Exception Rules's rel. + type: str + type: + description: Device Administration Local Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Local Exception Rules's endDate. + type: str + startDate: + description: Device Administration Local Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Local Exception Rules's endDate. + type: str + startDate: + description: Device Administration Local Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Local Exception Rules's endTime. + type: str + startTime: + description: Device Administration Local Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Device Administration Local Exception Rules's endTime. + type: str + startTime: + description: Device Administration Local Exception Rules's startTime. + type: str + type: dict + id: + description: Device Administration Local Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Local Exception Rules's link. + suboptions: + href: + description: Device Administration Local Exception Rules's href. + type: str + rel: + description: Device Administration Local Exception Rules's rel. + type: str + type: + description: Device Administration Local Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Exception Rules + description: Complete reference of the Device Administration - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.create_device_admin_local_exception_rule, + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.delete_device_admin_local_exception_rule_by_id, + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.update_device_admin_local_exception_rule_by_id, + + - Paths used are + post /device-admin/policy-set/{policyId}/exception, + delete /device-admin/policy-set/{policyId}/exception/{id}, + put /device-admin/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_info.py new file mode 100644 index 00000000..cb1cd914 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_local_exception_rules_info +short_description: Information module for Device Administration Local Exception Rules +description: +- Get all Device Administration Local Exception Rules. +- Get Device Administration Local Exception Rules by id. +- Device Admin - Get local exception rule attributes. +- Device Admin - Get local exception rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Exception Rules + description: Complete reference of the Device Administration - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.get_device_admin_local_exception_rule_by_id, + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.get_device_admin_local_exception_rules, + + - Paths used are + get /device-admin/policy-set/{policyId}/exception, + get /device-admin/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Local Exception Rules + cisco.ise.device_administration_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Device Administration Local Exception Rules by id + cisco.ise.device_administration_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..8211eb18 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_local_exception_rules_reset_hitcount +short_description: Resource module for Device Administration Local Exception Rules Reset Hitcount +description: +- Manage operation create of the resource Device Administration Local Exception Rules Reset Hitcount. +- Device Admin - Reset HitCount for local exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Exception Rules + description: Complete reference of the Device Administration - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.reset_hit_counts_device_admin_local_exceptions, + + - Paths used are + post /device-admin/policy-set/{policyId}/exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_local_exception_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions.py new file mode 100644 index 00000000..30ade1ac --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions.py @@ -0,0 +1,302 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_network_conditions +short_description: Resource module for Device Administration Network Conditions +description: +- Manage operations create, update and delete of the resource Device Administration Network Conditions. +- Device Admin- Creates network condition. +- Device Admin - Delete network condition. +- Device Admin - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + conditionType: + description: This field determines the content of the conditions field. + type: str + conditions: + description: Device Administration Network Conditions's conditions. + elements: dict + suboptions: + cliDnisList: + description:

This field should contain a Caller ID (CLI), comma, and Called + ID (DNIS).
Line format - Caller ID (CLI), Called ID (DNIS)

. + elements: str + type: list + conditionType: + description: This field determines the content of the conditions field. + type: str + description: + description: Device Administration Network Conditions's description. + type: str + deviceGroupList: + description:

This field should contain a tuple with NDG Root, comma, and + an NDG (that it under the root).
Line format - NDG Root Name, NDG, Port

. + elements: str + type: list + deviceList: + description:

This field should contain Device-Name,port-number. The device + name must be the same as the name field in a Network Device object.
Line + format - Device Name,Port

. + elements: str + type: list + id: + description: Device Administration Network Conditions's id. + type: str + ipAddrList: + description:

This field should contain IP-address-or-subnet,port number
+ IP address can be IPV4 format (n.n.n.n) or IPV6 format (n n n n n n n n).
+ IP subnet can be IPV4 format (n.n.n.n/m) or IPV6 format (n n n n n n n n/m).
+ Line format - IP Address or subnet,Port

. + elements: str + type: list + link: + description: Device Administration Network Conditions's link. + suboptions: + href: + description: Device Administration Network Conditions's href. + type: str + rel: + description: Device Administration Network Conditions's rel. + type: str + type: + description: Device Administration Network Conditions's type. + type: str + type: dict + macAddrList: + description:

This field should contain Endstation MAC address, comma, and + Destination MAC addresses.
Each Max address must include twelve hexadecimal + digits using formats nn nn nn nn nn nn or nn-nn-nn-nn-nn-nn or nnnn.nnnn.nnnn + or nnnnnnnnnnnn.
Line format - Endstation MAC,Destination MAC

. + elements: str + type: list + name: + description: Network Condition name. + type: str + type: list + description: + description: Device Administration Network Conditions's description. + type: str + id: + description: Device Administration Network Conditions's id. + type: str + link: + description: Device Administration Network Conditions's link. + suboptions: + href: + description: Device Administration Network Conditions's href. + type: str + rel: + description: Device Administration Network Conditions's rel. + type: str + type: + description: Device Administration Network Conditions's type. + type: str + type: dict + name: + description: Network Condition name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Network Conditions + description: Complete reference of the Device Administration - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_network_conditions.DeviceAdministrationNetworkConditions.create_device_admin_network_condition, + device_administration_network_conditions.DeviceAdministrationNetworkConditions.delete_device_admin_network_condition_by_id, + device_administration_network_conditions.DeviceAdministrationNetworkConditions.update_device_admin_network_condition_by_id, + + - Paths used are + post /device-admin/network-condition, + delete /device-admin/network-condition/{id}, + put /device-admin/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + conditionType: string + conditions: + - cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + description: string + id: string + link: + href: string + rel: string + type: string + name: string + +- name: Update by id + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + conditionType: string + conditions: + - cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + description: string + id: string + link: + href: string + rel: string + type: string + name: string + +- name: Delete by id + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "conditions": [ + { + "cliDnisList": [ + "string" + ], + "conditionType": "string", + "description": "string", + "id": "string", + "ipAddrList": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "macAddrList": [ + "string" + ], + "name": "string", + "deviceGroupList": [ + "string" + ], + "deviceList": [ + "string" + ] + } + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "conditions": [ + { + "cliDnisList": [ + "string" + ], + "conditionType": "string", + "description": "string", + "id": "string", + "ipAddrList": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "macAddrList": [ + "string" + ], + "name": "string", + "deviceGroupList": [ + "string" + ], + "deviceList": [ + "string" + ] + } + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions_info.py new file mode 100644 index 00000000..318e50bb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions_info.py @@ -0,0 +1,108 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_network_conditions_info +short_description: Information module for Device Administration Network Conditions +description: +- Get all Device Administration Network Conditions. +- Get Device Administration Network Conditions by id. +- Device Admin - Returns a list of network conditions. +- Device Admin - Returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Network Conditions + description: Complete reference of the Device Administration - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_network_conditions.DeviceAdministrationNetworkConditions.get_device_admin_network_condition_by_id, + device_administration_network_conditions.DeviceAdministrationNetworkConditions.get_device_admin_network_conditions, + + - Paths used are + get /device-admin/network-condition, + get /device-admin/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Network Conditions + cisco.ise.device_administration_network_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Network Conditions by id + cisco.ise.device_administration_network_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "conditions": [ + { + "cliDnisList": [ + "string" + ], + "conditionType": "string", + "description": "string", + "id": "string", + "ipAddrList": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "macAddrList": [ + "string" + ], + "name": "string", + "deviceGroupList": [ + "string" + ], + "deviceList": [ + "string" + ] + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set.py new file mode 100644 index 00000000..b6db2058 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set.py @@ -0,0 +1,505 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_policy_set +short_description: Resource module for Device Administration Policy Set +description: +- Manage operations create, update and delete of the resource Device Administration Policy Set. +- Device Admin - Create a new policy set. +- Device Admin - Delete a policy set. +- Device Admin - Update a policy set. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + condition: + description: Device Administration Policy Set's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is specified + in dictionary object
  • if multiple values allowed is specified in dictionary + object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be + aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Policy Set's link. + suboptions: + href: + description: Device Administration Policy Set's href. + type: str + rel: + description: Device Administration Policy Set's rel. + type: str + type: + description: Device Administration Policy Set's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both
  • Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Policy Set's endDate. + type: str + startDate: + description: Device Administration Policy Set's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Device Administration Policy Set's endDate. + type: str + startDate: + description: Device Administration Policy Set's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Device Administration Policy Set's endTime. + type: str + startTime: + description: Device Administration Policy Set's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Device Administration Policy Set's endTime. + type: str + startTime: + description: Device Administration Policy Set's startTime. + type: str + type: dict + id: + description: Device Administration Policy Set's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Policy Set's link. + suboptions: + href: + description: Device Administration Policy Set's href. + type: str + rel: + description: Device Administration Policy Set's rel. + type: str + type: + description: Device Administration Policy Set's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
Days + format - Arrays of WeekDay enums
Default - List of All week days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Flag which indicates if this policy set is the default one. + type: bool + description: + description: The description for the policy set. + type: str + hitCounts: + description: The amount of times the policy was matched. + type: int + id: + description: Identifier for the policy set. + type: str + isProxy: + description: Flag which indicates if the policy set service is of type 'Proxy Sequence' + or 'Allowed Protocols'. + type: bool + link: + description: Device Administration Policy Set's link. + suboptions: + href: + description: Device Administration Policy Set's href. + type: str + rel: + description: Device Administration Policy Set's rel. + type: str + type: + description: Device Administration Policy Set's type. + type: str + type: dict + name: + description: Given name for the policy set, Valid characters are alphanumerics, + underscore, hyphen, space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other policy set. Lower rank is higher + priority. + type: int + serviceName: + description: Policy set service identifier - Allowed Protocols,Server Sequence.. + type: str + state_: + description: The state that the policy set is in. A disabled policy set cannot be + matched. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Policy Set + description: Complete reference of the Device Administration - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_policy_set.DeviceAdministrationPolicySet.create_device_admin_policy_set, + device_administration_policy_set.DeviceAdministrationPolicySet.delete_device_admin_policy_set_by_id, + device_administration_policy_set.DeviceAdministrationPolicySet.update_device_admin_policy_set_by_id, + + - Paths used are + post /device-admin/policy-set, + delete /device-admin/policy-set/{id}, + put /device-admin/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Update by id + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Delete by id + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_info.py new file mode 100644 index 00000000..c6894900 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_info.py @@ -0,0 +1,135 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_policy_set_info +short_description: Information module for Device Administration Policy Set +description: +- Get all Device Administration Policy Set. +- Get Device Administration Policy Set by id. +- Device Admin - Get policy set attributes. +- Device Admin - List of policy sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Policy Set + description: Complete reference of the Device Administration - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_policy_set.DeviceAdministrationPolicySet.get_device_admin_policy_set_by_id, + device_administration_policy_set.DeviceAdministrationPolicySet.get_device_admin_policy_sets, + + - Paths used are + get /device-admin/policy-set, + get /device-admin/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Policy Set + cisco.ise.device_administration_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Policy Set by id + cisco.ise.device_administration_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_reset_hitcount.py new file mode 100644 index 00000000..88893a0d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_policy_set_reset_hitcount +short_description: Resource module for Device Administration Policy Set Reset Hitcount +description: +- Manage operation create of the resource Device Administration Policy Set Reset Hitcount. +- Device Admin - Reset HitCount for PolicySets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Policy Set + description: Complete reference of the Device Administration - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_policy_set.DeviceAdministrationPolicySet.reset_hit_counts_device_admin_policy_sets, + + - Paths used are + post /device-admin/policy-set/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_policy_set_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_profiles_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_profiles_info.py new file mode 100644 index 00000000..2a72e4e9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_profiles_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_profiles_info +short_description: Information module for Device Administration Profiles +description: +- Get all Device Administration Profiles. +- Device Admin - Returns list of shell profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Profiles + description: Complete reference of the Device Administration - Profiles API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_profiles.DeviceAdministrationProfiles.get_device_admin_profiles, + + - Paths used are + get /device-admin/shell-profiles, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Profiles + cisco.ise.device_administration_profiles_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_service_names_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_service_names_info.py new file mode 100644 index 00000000..0cd8de91 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_service_names_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_service_names_info +short_description: Information module for Device Administration Service Names +description: +- Get all Device Administration Service Names. +- Returns list of Allowed Protocols and Server Sequences for Device Admin Policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Service Names + description: Complete reference of the Device Administration - Service Names API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_service_names.DeviceAdministrationServiceNames.get_device_admin_service_names, + + - Paths used are + get /device-admin/service-names, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Service Names + cisco.ise.device_administration_service_names_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isLocalAuthorization": true, + "name": "string", + "serviceType": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions.py new file mode 100644 index 00000000..0e115d18 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions.py @@ -0,0 +1,299 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_time_date_conditions +short_description: Resource module for Device Administration Time Date Conditions +description: +- Manage operations create, update and delete of the resource Device Administration Time Date Conditions. +- Device Admin - Creates time/date condition. +- Device Admin - Delete Time/Date condition. +- Device Admin - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is specified + in dictionary object
  • if multiple values allowed is specified in dictionary + object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both
  • Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Time Date Conditions's link. + suboptions: + href: + description: Device Administration Time Date Conditions's href. + type: str + rel: + description: Device Administration Time Date Conditions's rel. + type: str + type: + description: Device Administration Time Date Conditions's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both
  • Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Device Administration Time Date Conditions's endDate. + type: str + startDate: + description: Device Administration Time Date Conditions's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Device Administration Time Date Conditions's endDate. + type: str + startDate: + description: Device Administration Time Date Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Device Administration Time Date Conditions's endTime. + type: str + startTime: + description: Device Administration Time Date Conditions's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Device Administration Time Date Conditions's endTime. + type: str + startTime: + description: Device Administration Time Date Conditions's startTime. + type: str + type: dict + id: + description: Device Administration Time Date Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Time Date Conditions's link. + suboptions: + href: + description: Device Administration Time Date Conditions's href. + type: str + rel: + description: Device Administration Time Date Conditions's rel. + type: str + type: + description: Device Administration Time Date Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
Days format + - Arrays of WeekDay enums
Default - List of All week days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
Days + format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Time/Date Conditions + description: Complete reference of the Device Administration - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.create_device_admin_time_condition, + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.delete_device_admin_time_condition_by_id, + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.update_device_admin_time_condition_by_id, + + - Paths used are + post /device-admin/time-condition, + delete /device-admin/time-condition/{id}, + put /device-admin/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by id + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": {}, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions_info.py new file mode 100644 index 00000000..55a51384 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions_info.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_time_date_conditions_info +short_description: Information module for Device Administration Time Date Conditions +description: +- Get all Device Administration Time Date Conditions. +- Get Device Administration Time Date Conditions by id. +- Device Admin - Returns a list of time and date conditions. +- Device Admin - Returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Time/Date Conditions + description: Complete reference of the Device Administration - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.get_device_admin_time_condition_by_id, + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.get_device_admin_time_conditions, + + - Paths used are + get /device-admin/time-condition, + get /device-admin/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Time Date Conditions + cisco.ise.device_administration_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Time Date Conditions by id + cisco.ise.device_administration_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/downloadable_acl.py b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl.py new file mode 100644 index 00000000..213fcdbd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl.py @@ -0,0 +1,154 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: downloadable_acl +short_description: Resource module for Downloadable ACL +description: +- Manage operations create, update and delete of the resource Downloadable ACL. +- This API creates a downloadable ACL. +- This API deletes a downloadable ACL. +- This API allows the client to update a downloadable ACL. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + dacl: + description: The DACL Content. Use the string \\n for a newline. + type: str + daclType: + description: Allowed values - IPV4, - IPV6, - IP_AGNOSTIC. + type: str + description: + description: Use the string \\n for a newline. + type: str + id: + description: Downloadable ACL's id. + type: str + name: + description: Resource Name. Name may contain alphanumeric or any of the following + characters _.-. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + downloadable_acl.DownloadableAcl.create_downloadable_acl, + downloadable_acl.DownloadableAcl.delete_downloadable_acl_by_id, + downloadable_acl.DownloadableAcl.update_downloadable_acl_by_id, + + - Paths used are + post /ers/config/downloadableacl, + delete /ers/config/downloadableacl/{id}, + put /ers/config/downloadableacl/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: string + daclType: string + description: string + id: string + name: string + +- name: Update by id with multiline ACL + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: "permit udp any eq bootpc any eq bootps\n permit tcp any host {{ise-ip}} eq www" + daclType: string + description: "this is my\n multiline\n ACL." + id: string + name: string + +- name: Delete by id + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: string + daclType: string + description: string + name: string + +- name: Create with multiline ACL + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: "permit udp any eq bootpc any eq bootps\n permit tcp any host {{ise-ip}} eq www" + daclType: string + description: "this is my\n multiline\n ACL." + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "dacl": "string", + "daclType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/downloadable_acl_info.py b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl_info.py new file mode 100644 index 00000000..3931cdda --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl_info.py @@ -0,0 +1,109 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: downloadable_acl_info +short_description: Information module for Downloadable ACL +description: +- Get all Downloadable ACL. +- Get Downloadable ACL by id. +- This API allows the client to get a downloadable ACL by ID. +- This API allows the client to get all downloadable ACLs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + downloadable_acl.DownloadableAcl.get_downloadable_acl_by_id, + downloadable_acl.DownloadableAcl.get_downloadable_acl_generator, + + - Paths used are + get /ers/config/downloadableacl, + get /ers/config/downloadableacl/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Downloadable ACL + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Downloadable ACL by id + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "dacl": "string", + "daclType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "dacl": "string", + "daclType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell.py new file mode 100644 index 00000000..ac0e06b7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell +short_description: Resource module for Egress Matrix Cell +description: +- Manage operations create, update and delete of the resource Egress Matrix Cell. +- This API creates an egress matrix cell. +- This API deletes an egress matrix cell. +- This API allows the client to update an egress matrix cell. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + defaultRule: + description: Allowed values - NONE, - DENY_IP, - PERMIT_IP. + type: str + description: + description: Egress Matrix Cell's description. + type: str + destinationSGtId: + description: Egress Matrix Cell's destinationSGtId. + type: str + id: + description: Egress Matrix Cell's id. + type: str + matrixCellStatus: + description: Allowed values - DISABLED, - ENABLED, - MONITOR. + type: str + name: + description: Egress Matrix Cell's name. + type: str + sgacls: + description: Egress Matrix Cell's sgacls. + elements: str + type: list + sourceSGtId: + description: Egress Matrix Cell's sourceSGtId. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.create_egress_matrix_cell, + egress_matrix_cell.EgressMatrixCell.delete_egress_matrix_cell_by_id, + egress_matrix_cell.EgressMatrixCell.update_egress_matrix_cell_by_id, + + - Paths used are + post /ers/config/egressmatrixcell, + delete /ers/config/egressmatrixcell/{id}, + put /ers/config/egressmatrixcell/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultRule: string + description: string + destinationSgtId: string + id: string + matrixCellStatus: string + name: string + sgacls: + - string + sourceSgtId: string + +- name: Delete by id + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultRule: string + description: string + destinationSgtId: string + matrixCellStatus: string + name: string + sgacls: + - string + sourceSgtId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sourceSgtId": "string", + "destinationSgtId": "string", + "matrixCellStatus": "string", + "defaultRule": "string", + "sgacls": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py new file mode 100644 index 00000000..a24a81b0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_bulk_monitor_status_info +short_description: Information module for Egress Matrix Cell Bulk Monitor Status +description: +- Get Egress Matrix Cell Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.monitor_bulk_status_egress_matrix_cell, + + - Paths used are + get /ers/config/egressmatrixcell/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Egress Matrix Cell Bulk Monitor Status by id + cisco.ise.egress_matrix_cell_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_request.py new file mode 100644 index 00000000..88df775e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_bulk_request +short_description: Resource module for Egress Matrix Cell Bulk Request +description: +- Manage operation update of the resource Egress Matrix Cell Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Egress Matrix Cell Bulk Request's operationType. + type: str + resourceMediaType: + description: Egress Matrix Cell Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.bulk_request_for_egress_matrix_cell, + + - Paths used are + put /ers/config/egressmatrixcell/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.egress_matrix_cell_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clear_all.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clear_all.py new file mode 100644 index 00000000..3e325339 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clear_all.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_clear_all +short_description: Resource module for Egress Matrix Cell Clear All +description: +- Manage operation update of the resource Egress Matrix Cell Clear All. +- This API allows the client to clear all the egress matrix cells. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.clear_all_matrix_cells, + + - Paths used are + put /ers/config/egressmatrixcell/clearallmatrixcells, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.egress_matrix_cell_clear_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clone.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clone.py new file mode 100644 index 00000000..7dd4fda3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clone.py @@ -0,0 +1,69 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_clone +short_description: Resource module for Egress Matrix Cell Clone +description: +- Manage operation update of the resource Egress Matrix Cell Clone. +- This API allows the client to clone an egress matrix cell. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + dstSGtId: + description: DstSGtId path parameter. + type: str + id: + description: Id path parameter. + type: str + srcSGtId: + description: SrcSGtId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.clone_matrix_cell, + + - Paths used are + put /ers/config/egressmatrixcell/clonecell/{id}/srcSgt/{srcSgtId}/dstSgt/{dstSgtId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.egress_matrix_cell_clone: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dstSgtId: string + id: string + srcSgtId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "OperationResult": { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_info.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_info.py new file mode 100644 index 00000000..eeb4655a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_info.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_info +short_description: Information module for Egress Matrix Cell +description: +- Get all Egress Matrix Cell. +- Get Egress Matrix Cell by id. +- This API allows the client to get all the egress matrix cell. +- This API allows the client to get an egress matrix cell by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.get_egress_matrix_cell_by_id, + egress_matrix_cell.EgressMatrixCell.get_egress_matrix_cell_generator, + + - Paths used are + get /ers/config/egressmatrixcell, + get /ers/config/egressmatrixcell/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Egress Matrix Cell + cisco.ise.egress_matrix_cell_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Egress Matrix Cell by id + cisco.ise.egress_matrix_cell_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sourceSgtId": "string", + "destinationSgtId": "string", + "matrixCellStatus": "string", + "defaultRule": "string", + "sgacls": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "sourceSgtId": "string", + "destinationSgtId": "string", + "matrixCellStatus": "string", + "defaultRule": "string", + "sgacls": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_set_all_status.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_set_all_status.py new file mode 100644 index 00000000..1f416034 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_set_all_status.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_set_all_status +short_description: Resource module for Egress Matrix Cell Set All Status +description: +- Manage operation update of the resource Egress Matrix Cell Set All Status. +- This API allows the client to set status of all the egress matrix cells. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + status: + description: Status path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.set_all_cells_status, + + - Paths used are + put /ers/config/egressmatrixcell/status/{status}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.egress_matrix_cell_set_all_status: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + status: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint.py b/ansible_collections/cisco/ise/plugins/modules/endpoint.py new file mode 100644 index 00000000..74db5cd1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint.py @@ -0,0 +1,262 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint +short_description: Resource module for Endpoint +description: +- Manage operations create, update and delete of the resource Endpoint. +- This API creates an endpoint. +- This API deletes an endpoint. +- This API allows the client to update an endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customAttributes: + description: Endpoint's customAttributes. + suboptions: + customAttributes: + description: Key value map. + type: dict + type: dict + description: + description: Endpoint's description. + type: str + groupId: + description: Endpoint's groupId. + type: str + id: + description: Endpoint's id. + type: str + identityStore: + description: Endpoint's identityStore. + type: str + identityStoreId: + description: Endpoint's identityStoreId. + type: str + mac: + description: Endpoint's mac. + type: str + mdmAttributes: + description: Endpoint's mdmAttributes. + suboptions: + mdmComplianceStatus: + description: MdmComplianceStatus flag. + type: bool + mdmEncrypted: + description: MdmEncrypted flag. + type: bool + mdmEnrolled: + description: MdmEnrolled flag. + type: bool + mdmIMEI: + description: Endpoint's mdmIMEI. + type: str + mdmJailBroken: + description: MdmJailBroken flag. + type: bool + mdmManufacturer: + description: Endpoint's mdmManufacturer. + type: str + mdmModel: + description: Endpoint's mdmModel. + type: str + mdmOS: + description: Endpoint's mdmOS. + type: str + mdmPhoneNumber: + description: Endpoint's mdmPhoneNumber. + type: str + mdmPinlock: + description: MdmPinlock flag. + type: bool + mdmReachable: + description: MdmReachable flag. + type: bool + mdmSerial: + description: Endpoint's mdmSerial. + type: str + mdmServerName: + description: Endpoint's mdmServerName. + type: str + type: dict + name: + description: Endpoint's name. + type: str + portalUser: + description: Endpoint's portalUser. + type: str + profileId: + description: Endpoint's profileId. + type: str + staticGroupAssignment: + description: StaticGroupAssignment flag. + type: bool + staticProfileAssignment: + description: StaticProfileAssignment flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.create_endpoint, + endpoint.Endpoint.delete_endpoint_by_id, + endpoint.Endpoint.update_endpoint_by_id, + + - Paths used are + post /ers/config/endpoint, + delete /ers/config/endpoint/{id}, + put /ers/config/endpoint/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customAttributes: + customAttributes: {} + description: string + groupId: string + id: string + identityStore: string + identityStoreId: string + mac: string + mdmAttributes: + mdmComplianceStatus: true + mdmEncrypted: true + mdmEnrolled: true + mdmIMEI: string + mdmJailBroken: true + mdmManufacturer: string + mdmModel: string + mdmOS: string + mdmPhoneNumber: string + mdmPinlock: true + mdmReachable: true + mdmSerial: string + mdmServerName: string + portalUser: string + profileId: string + staticGroupAssignment: true + staticProfileAssignment: true + +- name: Delete by id + cisco.ise.endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customAttributes: + customAttributes: {} + description: string + groupId: string + identityStore: string + identityStoreId: string + mac: string + mdmAttributes: + mdmComplianceStatus: true + mdmEncrypted: true + mdmEnrolled: true + mdmIMEI: string + mdmJailBroken: true + mdmManufacturer: string + mdmModel: string + mdmOS: string + mdmPhoneNumber: string + mdmPinlock: true + mdmReachable: true + mdmSerial: string + mdmServerName: string + portalUser: string + profileId: string + staticGroupAssignment: true + staticProfileAssignment: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "mac": "string", + "profileId": "string", + "staticProfileAssignment": true, + "groupId": "string", + "staticGroupAssignment": true, + "portalUser": "string", + "identityStore": "string", + "identityStoreId": "string", + "mdmAttributes": { + "mdmServerName": "string", + "mdmReachable": true, + "mdmEnrolled": true, + "mdmComplianceStatus": true, + "mdmOS": "string", + "mdmManufacturer": "string", + "mdmModel": "string", + "mdmSerial": "string", + "mdmEncrypted": true, + "mdmPinlock": true, + "mdmJailBroken": true, + "mdmIMEI": "string", + "mdmPhoneNumber": "string" + }, + "customAttributes": { + "customAttributes": {} + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_monitor_status_info.py new file mode 100644 index 00000000..520910f4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_bulk_monitor_status_info +short_description: Information module for Endpoint Bulk Monitor Status +description: +- Get Endpoint Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.monitor_bulk_status_endpoint, + + - Paths used are + get /ers/config/endpoint/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Endpoint Bulk Monitor Status by id + cisco.ise.endpoint_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_request.py new file mode 100644 index 00000000..dafe2a80 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_bulk_request +short_description: Resource module for Endpoint Bulk Request +description: +- Manage operation update of the resource Endpoint Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Endpoint Bulk Request's operationType. + type: str + resourceMediaType: + description: Endpoint Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.bulk_request_for_endpoint, + + - Paths used are + put /ers/config/endpoint/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_certificate.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_certificate.py new file mode 100644 index 00000000..8f31278f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_certificate.py @@ -0,0 +1,97 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_certificate +short_description: Resource module for Endpoint Certificate +description: +- Manage operation update of the resource Endpoint Certificate. +- This API allows the client to create an endpoint certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + certTemplateName: + description: Name of an Internal CA template. + type: str + certificateRequest: + description: Key value map. Must have CN and SAN entries. + suboptions: + cn: + description: Matches the requester's User Name, unless the Requester is an ERS + Admin. ERS Admins are allowed to create requests for any CN. + type: str + san: + description: Valid MAC Address, delimited by '-'. + type: str + type: dict + dirPath: + description: Directory absolute path. Defaults to the current working directory. + type: str + filename: + description: The filename used to save the download file. + type: str + format: + description: Allowed values - PKCS12, - PKCS12_CHAIN, - PKCS8, - PKCS8_CHAIN. + type: str + password: + description: Protects the private key. Must have more than 8 characters, less than + 15 characters, at least one upper case letter, at least one lower case letter, + at least one digit, and can only contain A-Za-z0-9_#. + type: str + saveFile: + description: Enable or disable automatic file creation of raw response. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for EndpointCertificate + description: Complete reference of the EndpointCertificate API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!endpointcert +notes: + - SDK Method used are + endpoint_certificate.EndpointCertificate.create_endpoint_certificate, + + - Paths used are + put /ers/config/endpointcert/certRequest, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.endpoint_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + certTemplateName: string + certificateRequest: + cn: string + san: string + dirPath: /tmp/downloads/ + filename: download_filename.extension + format: string + password: string + saveFile: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_deregister.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_deregister.py new file mode 100644 index 00000000..2835d630 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_deregister.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_deregister +short_description: Resource module for Endpoint Deregister +description: +- Manage operation update of the resource Endpoint Deregister. +- This API allows the client to de-register an endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.deregister_endpoint, + + - Paths used are + put /ers/config/endpoint/{id}/deregister, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_deregister: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_get_rejected_endpoints_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_get_rejected_endpoints_info.py new file mode 100644 index 00000000..a99a9c02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_get_rejected_endpoints_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_get_rejected_endpoints_info +short_description: Information module for Endpoint Get Rejected Endpoints +description: +- Get all Endpoint Get Rejected Endpoints. +- This API allows the client to get the rejected endpoints. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.get_rejected_endpoints, + + - Paths used are + get /ers/config/endpoint/getrejectedendpoints, + +""" + +EXAMPLES = r""" +- name: Get all Endpoint Get Rejected Endpoints + cisco.ise.endpoint_get_rejected_endpoints_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_group.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_group.py new file mode 100644 index 00000000..95dd6f65 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_group.py @@ -0,0 +1,126 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_group +short_description: Resource module for Endpoint Group +description: +- Manage operations create, update and delete of the resource Endpoint Group. +- This API creates an endpoint identity group. +- This API deletes an endpoint identity group. +- This API allows the client to update an endpoint identity group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Endpoint Group's description. + type: str + id: + description: Endpoint Group's id. + type: str + name: + description: Endpoint Group's name. + type: str + systemDefined: + description: SystemDefined flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for EndpointIdentityGroup + description: Complete reference of the EndpointIdentityGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!endpointgroup +notes: + - SDK Method used are + endpoint_identity_group.EndpointIdentityGroup.create_endpoint_group, + endpoint_identity_group.EndpointIdentityGroup.delete_endpoint_group_by_id, + endpoint_identity_group.EndpointIdentityGroup.update_endpoint_group_by_id, + + - Paths used are + post /ers/config/endpointgroup, + delete /ers/config/endpointgroup/{id}, + put /ers/config/endpointgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.endpoint_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + systemDefined: true + +- name: Delete by id + cisco.ise.endpoint_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.endpoint_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + systemDefined: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "systemDefined": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_group_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_group_info.py new file mode 100644 index 00000000..89823b7c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_group_info.py @@ -0,0 +1,166 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_group_info +short_description: Information module for Endpoint Group +description: +- Get all Endpoint Group. +- Get Endpoint Group by id. +- Get Endpoint Group by name. +- This API allows the client to get all the endpoint identity groups. +- This API allows the client to get an endpoint identity group by ID. +- This API allows the client to get an endpoint identity group by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for EndpointIdentityGroup + description: Complete reference of the EndpointIdentityGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!endpointgroup +notes: + - SDK Method used are + endpoint_identity_group.EndpointIdentityGroup.get_endpoint_group_by_id, + endpoint_identity_group.EndpointIdentityGroup.get_endpoint_group_by_name, + endpoint_identity_group.EndpointIdentityGroup.get_endpoint_groups_generator, + + - Paths used are + get /ers/config/endpointgroup, + get /ers/config/endpointgroup/name/{name}, + get /ers/config/endpointgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Endpoint Group + cisco.ise.endpoint_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Endpoint Group by id + cisco.ise.endpoint_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Endpoint Group by name + cisco.ise.endpoint_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "systemDefined": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "systemDefined": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_info.py new file mode 100644 index 00000000..01587f8b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_info.py @@ -0,0 +1,212 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_info +short_description: Information module for Endpoint +description: +- Get all Endpoint. +- Get Endpoint by id. +- Get Endpoint by name. +- This API allows the client to get all the endpoints. +- This API allows the client to get an endpoint by ID. +- This API allows the client to get an endpoint by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.get_endpoint_by_id, + endpoint.Endpoint.get_endpoint_by_name, + endpoint.Endpoint.get_endpoints_generator, + + - Paths used are + get /ers/config/endpoint, + get /ers/config/endpoint/name/{name}, + get /ers/config/endpoint/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Endpoint + cisco.ise.endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Endpoint by id + cisco.ise.endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Endpoint by name + cisco.ise.endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "mac": "string", + "profileId": "string", + "staticProfileAssignment": true, + "groupId": "string", + "staticGroupAssignment": true, + "portalUser": "string", + "identityStore": "string", + "identityStoreId": "string", + "mdmAttributes": { + "mdmServerName": "string", + "mdmReachable": true, + "mdmEnrolled": true, + "mdmComplianceStatus": true, + "mdmOS": "string", + "mdmManufacturer": "string", + "mdmModel": "string", + "mdmSerial": "string", + "mdmEncrypted": true, + "mdmPinlock": true, + "mdmJailBroken": true, + "mdmIMEI": "string", + "mdmPhoneNumber": "string" + }, + "customAttributes": { + "customAttributes": {} + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "mac": "string", + "profileId": "string", + "staticProfileAssignment": true, + "groupId": "string", + "staticGroupAssignment": true, + "portalUser": "string", + "identityStore": "string", + "identityStoreId": "string", + "mdmAttributes": { + "mdmServerName": "string", + "mdmReachable": true, + "mdmEnrolled": true, + "mdmComplianceStatus": true, + "mdmOS": "string", + "mdmManufacturer": "string", + "mdmModel": "string", + "mdmSerial": "string", + "mdmEncrypted": true, + "mdmPinlock": true, + "mdmJailBroken": true, + "mdmIMEI": "string", + "mdmPhoneNumber": "string" + }, + "customAttributes": { + "customAttributes": {} + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_register.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_register.py new file mode 100644 index 00000000..139631d2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_register.py @@ -0,0 +1,158 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_register +short_description: Resource module for Endpoint Register +description: +- Manage operation update of the resource Endpoint Register. +- This API allows the client to register an endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customAttributes: + description: Endpoint Register's customAttributes. + suboptions: + customAttributes: + description: Key value map. + type: dict + type: dict + description: + description: Endpoint Register's description. + type: str + groupId: + description: Endpoint Register's groupId. + type: str + id: + description: Endpoint Register's id. + type: str + identityStore: + description: Endpoint Register's identityStore. + type: str + identityStoreId: + description: Endpoint Register's identityStoreId. + type: str + mac: + description: Endpoint Register's mac. + type: str + mdmAttributes: + description: Endpoint Register's mdmAttributes. + suboptions: + mdmComplianceStatus: + description: MdmComplianceStatus flag. + type: bool + mdmEncrypted: + description: MdmEncrypted flag. + type: bool + mdmEnrolled: + description: MdmEnrolled flag. + type: bool + mdmIMEI: + description: Endpoint Register's mdmIMEI. + type: str + mdmJailBroken: + description: MdmJailBroken flag. + type: bool + mdmManufacturer: + description: Endpoint Register's mdmManufacturer. + type: str + mdmModel: + description: Endpoint Register's mdmModel. + type: str + mdmOS: + description: Endpoint Register's mdmOS. + type: str + mdmPhoneNumber: + description: Endpoint Register's mdmPhoneNumber. + type: str + mdmPinlock: + description: MdmPinlock flag. + type: bool + mdmReachable: + description: MdmReachable flag. + type: bool + mdmSerial: + description: Endpoint Register's mdmSerial. + type: str + mdmServerName: + description: Endpoint Register's mdmServerName. + type: str + type: dict + name: + description: Endpoint Register's name. + type: str + portalUser: + description: Endpoint Register's portalUser. + type: str + profileId: + description: Endpoint Register's profileId. + type: str + staticGroupAssignment: + description: StaticGroupAssignment flag. + type: bool + staticProfileAssignment: + description: StaticProfileAssignment flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.register_endpoint, + + - Paths used are + put /ers/config/endpoint/register, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_register: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + customAttributes: + customAttributes: {} + description: string + groupId: string + id: string + identityStore: string + identityStoreId: string + mac: string + mdmAttributes: + mdmComplianceStatus: true + mdmEncrypted: true + mdmEnrolled: true + mdmIMEI: string + mdmJailBroken: true + mdmManufacturer: string + mdmModel: string + mdmOS: string + mdmPhoneNumber: string + mdmPinlock: true + mdmReachable: true + mdmSerial: string + mdmServerName: string + name: string + portalUser: string + profileId: string + staticGroupAssignment: true + staticProfileAssignment: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_release_rejected_endpoint.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_release_rejected_endpoint.py new file mode 100644 index 00000000..82888e4e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_release_rejected_endpoint.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_release_rejected_endpoint +short_description: Resource module for Endpoint Release Rejected Endpoint +description: +- Manage operation update of the resource Endpoint Release Rejected Endpoint. +- This API allows the client to release a rejected endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.release_rejected_endpoint, + + - Paths used are + put /ers/config/endpoint/{id}/releaserejectedendpoint, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_release_rejected_endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/external_radius_server.py b/ansible_collections/cisco/ise/plugins/modules/external_radius_server.py new file mode 100644 index 00000000..50d1ff07 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/external_radius_server.py @@ -0,0 +1,188 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: external_radius_server +short_description: Resource module for External RADIUS Server +description: +- Manage operations create, update and delete of the resource External RADIUS Server. +- This API creates an external RADIUS server. +- This API deletes an external RADIUS server. +- This API allows the client to update an external RADIUS server. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + accountingPort: + description: Valid Range 1 to 65535. + type: int + authenticationPort: + description: Valid Range 1 to 65535. + type: int + authenticatorKey: + description: The authenticatorKey is required only if enableKeyWrap is true, otherwise + it must be ignored or empty. The maximum length is 20 ASCII characters or 40 HEXADECIMAL + characters (depend on selection in field 'keyInputFormat'). + type: str + description: + description: External RADIUS Server's description. + type: str + enableKeyWrap: + description: KeyWrap may only be enabled if it is supported on the device. When + running in FIPS mode this option should be enabled for such devices. + type: bool + encryptionKey: + description: The encryptionKey is required only if enableKeyWrap is true, otherwise + it must be ignored or empty. The maximum length is 16 ASCII characters or 32 HEXADECIMAL + characters (depend on selection in field 'keyInputFormat'). + type: str + hostIP: + description: The IP of the host - must be a valid IPV4 address. + type: str + id: + description: External RADIUS Server's id. + type: str + keyInputFormat: + description: Specifies the format of the input for fields 'encryptionKey' and 'authenticatorKey'. + Allowed Values - ASCII - HEXADECIMAL. + type: str + name: + description: Resource Name. Allowed charactera are alphanumeric and _ (underscore). + type: str + proxyTimeout: + description: Valid Range 1 to 600. + type: int + retries: + description: Valid Range 1 to 9. + type: int + sharedSecret: + description: Shared secret maximum length is 128 characters. + type: str + timeout: + description: Valid Range 1 to 120. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + external_radius_server.ExternalRadiusServer.create_external_radius_server, + external_radius_server.ExternalRadiusServer.delete_external_radius_server_by_id, + external_radius_server.ExternalRadiusServer.update_external_radius_server_by_id, + + - Paths used are + post /ers/config/externalradiusserver, + delete /ers/config/externalradiusserver/{id}, + put /ers/config/externalradiusserver/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.external_radius_server: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accountingPort: 0 + authenticationPort: 0 + authenticatorKey: string + description: string + enableKeyWrap: true + encryptionKey: string + hostIP: string + id: string + keyInputFormat: string + name: string + proxyTimeout: 0 + retries: 0 + sharedSecret: string + timeout: 0 + +- name: Delete by id + cisco.ise.external_radius_server: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.external_radius_server: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accountingPort: 0 + authenticationPort: 0 + authenticatorKey: string + description: string + enableKeyWrap: true + encryptionKey: string + hostIP: string + keyInputFormat: string + name: string + proxyTimeout: 0 + retries: 0 + sharedSecret: string + timeout: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "sharedSecret": "string", + "enableKeyWrap": true, + "encryptionKey": "string", + "authenticatorKey": "string", + "keyInputFormat": "string", + "authenticationPort": 0, + "accountingPort": 0, + "timeout": 0, + "retries": 0, + "proxyTimeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/external_radius_server_info.py b/ansible_collections/cisco/ise/plugins/modules/external_radius_server_info.py new file mode 100644 index 00000000..8b597d05 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/external_radius_server_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: external_radius_server_info +short_description: Information module for External RADIUS Server +description: +- Get all External RADIUS Server. +- Get External RADIUS Server by id. +- Get External RADIUS Server by name. +- This API allows the client to get all the external RADIUS servers. +- This API allows the client to get an external RADIUS server by ID. +- This API allows the client to get an external RADIUS server by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + external_radius_server.ExternalRadiusServer.get_external_radius_server_by_id, + external_radius_server.ExternalRadiusServer.get_external_radius_server_by_name, + external_radius_server.ExternalRadiusServer.get_external_radius_server_generator, + + - Paths used are + get /ers/config/externalradiusserver, + get /ers/config/externalradiusserver/name/{name}, + get /ers/config/externalradiusserver/{id}, + +""" + +EXAMPLES = r""" +- name: Get all External RADIUS Server + cisco.ise.external_radius_server_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get External RADIUS Server by id + cisco.ise.external_radius_server_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get External RADIUS Server by name + cisco.ise.external_radius_server_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "sharedSecret": "string", + "enableKeyWrap": true, + "encryptionKey": "string", + "authenticatorKey": "string", + "keyInputFormat": "string", + "authenticationPort": 0, + "accountingPort": 0, + "timeout": 0, + "retries": 0, + "proxyTimeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "sharedSecret": "string", + "enableKeyWrap": true, + "encryptionKey": "string", + "authenticatorKey": "string", + "keyInputFormat": "string", + "authenticationPort": 0, + "accountingPort": 0, + "timeout": 0, + "retries": 0, + "proxyTimeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/filter_policy.py b/ansible_collections/cisco/ise/plugins/modules/filter_policy.py new file mode 100644 index 00000000..9a23b0c1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/filter_policy.py @@ -0,0 +1,123 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: filter_policy +short_description: Resource module for Filter Policy +description: +- Manage operations create, update and delete of the resource Filter Policy. +- This API creates a filter policy. +- This API deletes a filter policy. +- This API allows the client to update a filter policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + domains: + description: List of SXP Domains, separated with comma. + type: str + id: + description: Id path parameter. + type: str + sgt: + description: SGT name or ID. At least one of subnet or sgt or vn should be defined. + type: str + subnet: + description: Subnet for filter policy (hostname is not supported). At least one + of subnet or sgt or vn should be defined. + type: str + vn: + description: Virtual Network. At least one of subnet or sgt or vn should be defined. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + filter_policy.FilterPolicy.create_filter_policy, + filter_policy.FilterPolicy.delete_filter_policy_by_id, + filter_policy.FilterPolicy.update_filter_policy_by_id, + + - Paths used are + post /ers/config/filterpolicy, + delete /ers/config/filterpolicy/{id}, + put /ers/config/filterpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.filter_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + domains: string + id: string + sgt: string + subnet: string + vn: string + +- name: Delete by id + cisco.ise.filter_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.filter_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + domains: string + sgt: string + subnet: string + vn: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "subnet": "string", + "domains": "string", + "sgt": "string", + "vn": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/filter_policy_info.py b/ansible_collections/cisco/ise/plugins/modules/filter_policy_info.py new file mode 100644 index 00000000..01f9c6e7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/filter_policy_info.py @@ -0,0 +1,97 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: filter_policy_info +short_description: Information module for Filter Policy +description: +- Get all Filter Policy. +- Get Filter Policy by id. +- This API allows the client to get a filter policy by ID. +- This API allows the client to get all the filter policies. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + filter_policy.FilterPolicy.get_filter_policy_by_id, + filter_policy.FilterPolicy.get_filter_policy_generator, + + - Paths used are + get /ers/config/filterpolicy, + get /ers/config/filterpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Filter Policy + cisco.ise.filter_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Filter Policy by id + cisco.ise.filter_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "subnet": "string", + "domains": "string", + "sgt": "string", + "vn": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "subnet": "string", + "domains": "string", + "sgt": "string", + "vn": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_location_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_location_info.py new file mode 100644 index 00000000..2c82fa37 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_location_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_location_info +short_description: Information module for Guest Location +description: +- Get all Guest Location. +- Get Guest Location by id. +- This API allows the client to get a guest location by ID. +- This API allows the client to get all the guest locations. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_location.GuestLocation.get_guest_location_by_id, + guest_location.GuestLocation.get_guest_location_generator, + + - Paths used are + get /ers/config/guestlocation, + get /ers/config/guestlocation/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest Location + cisco.ise.guest_location_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest Location by id + cisco.ise.guest_location_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings.py b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings.py new file mode 100644 index 00000000..10910f02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings.py @@ -0,0 +1,155 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_smtp_notification_settings +short_description: Resource module for Guest SMTP Notification Settings +description: +- Manage operations create and update of the resource Guest SMTP Notification Settings. +- This API creates a guest SMTP notification configuration. +- This API allows the client to update a SMTP configuration setting. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + connectionTimeout: + description: Interval in seconds for all the SMTP client connections. + type: str + defaultFromAddress: + description: The default from email address to be used to send emails from. + type: str + id: + description: Guest SMTP Notification Settings's id. + type: str + notificationEnabled: + description: Indicates if the email notification service is to be enabled. + type: bool + password: + description: Password of Secure SMTP server. + type: str + smtpPort: + description: Port at which SMTP Secure Server is listening. + type: str + smtpServer: + description: The SMTP server ip address or fqdn such as outbound.mycompany.com. + type: str + useDefaultFromAddress: + description: If the default from address should be used rather than using a sponsor + user email address. + type: bool + usePasswordAuthentication: + description: If configured to true, SMTP server authentication will happen using + username/password. + type: bool + useTLSorSSLEncryption: + description: If configured to true, SMTP server authentication will happen using + TLS/SSL. + type: bool + userName: + description: Username of Secure SMTP server. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.create_guest_smtp_notification_settings, + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.update_guest_smtp_notification_settings_by_id, + + - Paths used are + post /ers/config/guestsmtpnotificationsettings, + put /ers/config/guestsmtpnotificationsettings/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_smtp_notification_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionTimeout: string + defaultFromAddress: string + id: string + notificationEnabled: true + password: string + smtpPort: string + smtpServer: string + useDefaultFromAddress: true + usePasswordAuthentication: true + useTLSorSSLEncryption: true + userName: string + +- name: Create + cisco.ise.guest_smtp_notification_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionTimeout: string + defaultFromAddress: string + notificationEnabled: true + password: string + smtpPort: string + smtpServer: string + useDefaultFromAddress: true + usePasswordAuthentication: true + useTLSorSSLEncryption: true + userName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "smtpServer": "string", + "notificationEnabled": true, + "useDefaultFromAddress": true, + "defaultFromAddress": "string", + "smtpPort": "string", + "connectionTimeout": "string", + "useTLSorSSLEncryption": true, + "usePasswordAuthentication": true, + "userName": "string", + "password": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings_info.py new file mode 100644 index 00000000..7f815219 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings_info.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_smtp_notification_settings_info +short_description: Information module for Guest SMTP Notification Settings +description: +- Get all Guest SMTP Notification Settings. +- Get Guest SMTP Notification Settings by id. +- This API allows the client to get a guest SMTP notification configuration by. +- This API allows the client to get all the guest SMTP notification. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.get_guest_smtp_notification_settings_by_id, + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.get_guest_smtp_notification_settings_generator, + + - Paths used are + get /ers/config/guestsmtpnotificationsettings, + get /ers/config/guestsmtpnotificationsettings/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest SMTP Notification Settings + cisco.ise.guest_smtp_notification_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest SMTP Notification Settings by id + cisco.ise.guest_smtp_notification_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "smtpServer": "string", + "notificationEnabled": true, + "useDefaultFromAddress": true, + "defaultFromAddress": "string", + "smtpPort": "string", + "connectionTimeout": "string", + "useTLSorSSLEncryption": true, + "usePasswordAuthentication": true, + "userName": "string", + "password": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "smtpServer": "string", + "notificationEnabled": true, + "useDefaultFromAddress": true, + "defaultFromAddress": "string", + "smtpPort": "string", + "connectionTimeout": "string", + "useTLSorSSLEncryption": true, + "usePasswordAuthentication": true, + "userName": "string", + "password": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_ssid.py b/ansible_collections/cisco/ise/plugins/modules/guest_ssid.py new file mode 100644 index 00000000..8caf673c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_ssid.py @@ -0,0 +1,111 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_ssid +short_description: Resource module for Guest SSID +description: +- Manage operations create, update and delete of the resource Guest SSID. +- This API creates a guest SSID. +- This API deletes a guest SSID by ID. +- This API allows the client to update a guest SSID by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Guest SSID's id. + type: str + name: + description: Resource Name. Name may contain alphanumeric or any of the following + characters _.-. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_ssid.GuestSsid.create_guest_ssid, + guest_ssid.GuestSsid.delete_guest_ssid_by_id, + guest_ssid.GuestSsid.update_guest_ssid_by_id, + + - Paths used are + post /ers/config/guestssid, + delete /ers/config/guestssid/{id}, + put /ers/config/guestssid/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_ssid: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + name: string + +- name: Delete by id + cisco.ise.guest_ssid: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.guest_ssid: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_ssid_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_ssid_info.py new file mode 100644 index 00000000..087a7e0e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_ssid_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_ssid_info +short_description: Information module for Guest SSID +description: +- Get all Guest SSID. +- Get Guest SSID by id. +- This API allows the client to get a guest SSID by ID. +- This API allows the client to get all the guest SSIDs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_ssid.GuestSsid.get_guest_ssid_by_id, + guest_ssid.GuestSsid.get_guest_ssid_generator, + + - Paths used are + get /ers/config/guestssid, + get /ers/config/guestssid/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest SSID + cisco.ise.guest_ssid_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest SSID by id + cisco.ise.guest_ssid_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type.py b/ansible_collections/cisco/ise/plugins/modules/guest_type.py new file mode 100644 index 00000000..2318caaa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type.py @@ -0,0 +1,303 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type +short_description: Resource module for Guest Type +description: +- Manage operations create, update and delete of the resource Guest Type. +- This API creates a guest type. +- This API deletes a guest type. +- This API allows the client to update a guest type. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + accessTime: + description: Guest Type's accessTime. + suboptions: + allowAccessOnSpecificDaysTimes: + description: AllowAccessOnSpecificDaysTimes flag. + type: bool + dayTimeLimits: + description: List of Time Ranges for account access. + elements: dict + suboptions: + days: + description: List of Days Values should be one of Week day. Allowed values + are - Sunday, - Monday, - Tuesday, - Wednesday, - Thursday, - Friday, + - Saturday. + elements: str + type: list + endTime: + description: End time in HH mm format. + type: str + startTime: + description: Start time in HH mm format. + type: str + type: list + defaultDuration: + description: Guest Type's defaultDuration. + type: int + durationTimeUnit: + description: Allowed values are - DAYS, - HOURS, - MINUTES. + type: str + fromFirstLogin: + description: When Account Duration starts from first login or specified date. + type: bool + maxAccountDuration: + description: Maximum value of Account Duration. + type: int + type: dict + description: + description: Guest Type's description. + type: str + expirationNotification: + description: Expiration Notification Settings. + suboptions: + advanceNotificationDuration: + description: Send Account Expiration Notification Duration before ( Days, Hours, + Minutes ). + type: int + advanceNotificationUnits: + description: Allowed values are - DAYS, - HOURS, - MINUTES. + type: str + emailText: + description: Guest Type's emailText. + type: str + enableNotification: + description: Enable Notification settings. + type: bool + sendEmailNotification: + description: Enable Email Notification. + type: bool + sendSMSNotification: + description: Maximum devices guests can register. + type: bool + smsText: + description: Guest Type's smsText. + type: str + type: dict + id: + description: Guest Type's id. + type: str + isDefaultType: + description: IsDefaultType flag. + type: bool + loginOptions: + description: Guest Type's loginOptions. + suboptions: + allowGuestPortalBypass: + description: AllowGuestPortalBypass flag. + type: bool + failureAction: + description: When Guest Exceeds limit this action will be invoked. Allowed values + are - Disconnect_Oldest_Connection, - Disconnect_Newest_Connection. + type: str + identityGroupId: + description: Guest Type's identityGroupId. + type: str + limitSimultaneousLogins: + description: Enable Simultaneous Logins. + type: bool + maxRegisteredDevices: + description: Maximum devices guests can register. + type: int + maxSimultaneousLogins: + description: Number of Simultaneous Logins. + type: int + type: dict + name: + description: Guest Type's name. + type: str + sponsorGroups: + description: Guest Type's sponsorGroups. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.create_guest_type, + guest_type.GuestType.delete_guest_type_by_id, + guest_type.GuestType.update_guest_type_by_id, + + - Paths used are + post /ers/config/guesttype, + delete /ers/config/guesttype/{id}, + put /ers/config/guesttype/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_type: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessTime: + allowAccessOnSpecificDaysTimes: true + dayTimeLimits: + - days: + - string + endTime: string + startTime: string + defaultDuration: 0 + durationTimeUnit: string + fromFirstLogin: true + maxAccountDuration: 0 + description: string + expirationNotification: + advanceNotificationDuration: 0 + advanceNotificationUnits: string + emailText: string + enableNotification: true + sendEmailNotification: true + sendSmsNotification: true + smsText: string + id: string + isDefaultType: true + loginOptions: + allowGuestPortalBypass: true + failureAction: string + identityGroupId: string + limitSimultaneousLogins: true + maxRegisteredDevices: 0 + maxSimultaneousLogins: 0 + name: string + sponsorGroups: + - string + +- name: Delete by id + cisco.ise.guest_type: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.guest_type: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessTime: + allowAccessOnSpecificDaysTimes: true + dayTimeLimits: + - days: + - string + endTime: string + startTime: string + defaultDuration: 0 + durationTimeUnit: string + fromFirstLogin: true + maxAccountDuration: 0 + description: string + expirationNotification: + advanceNotificationDuration: 0 + advanceNotificationUnits: string + emailText: string + enableNotification: true + sendEmailNotification: true + sendSmsNotification: true + smsText: string + isDefaultType: true + loginOptions: + allowGuestPortalBypass: true + failureAction: string + identityGroupId: string + limitSimultaneousLogins: true + maxRegisteredDevices: 0 + maxSimultaneousLogins: 0 + name: string + sponsorGroups: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isDefaultType": true, + "accessTime": { + "fromFirstLogin": true, + "maxAccountDuration": 0, + "durationTimeUnit": "string", + "defaultDuration": 0, + "allowAccessOnSpecificDaysTimes": true, + "dayTimeLimits": [ + { + "startTime": "string", + "endTime": "string", + "days": [ + "string" + ] + } + ] + }, + "loginOptions": { + "limitSimultaneousLogins": true, + "maxSimultaneousLogins": 0, + "failureAction": "string", + "maxRegisteredDevices": 0, + "identityGroupId": "string", + "allowGuestPortalBypass": true + }, + "expirationNotification": { + "enableNotification": true, + "advanceNotificationDuration": 0, + "advanceNotificationUnits": "string", + "sendEmailNotification": true, + "emailText": "string", + "sendSmsNotification": true, + "smsText": "string" + }, + "sponsorGroups": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type_email.py b/ansible_collections/cisco/ise/plugins/modules/guest_type_email.py new file mode 100644 index 00000000..12b593e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type_email.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type_email +short_description: Resource module for Guest Type Email +description: +- Manage operation update of the resource Guest Type Email. +- This API allows the client to update a guest type email by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest Type Email's additionalData. + elements: dict + suboptions: + name: + description: Guest Type Email's name. + type: str + value: + description: Guest Type Email's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.update_guest_type_email, + + - Paths used are + put /ers/config/guesttype/email/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_type_email: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: emailAddress + value: emailAddress + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_type_info.py new file mode 100644 index 00000000..dcf1461a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type_info.py @@ -0,0 +1,217 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type_info +short_description: Information module for Guest Type +description: +- Get all Guest Type. +- Get Guest Type by id. +- This API allows the client to get a guest type by ID. +- This API allows the client to get all the guest types. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.get_guest_type_by_id, + guest_type.GuestType.get_guest_type_generator, + + - Paths used are + get /ers/config/guesttype, + get /ers/config/guesttype/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest Type + cisco.ise.guest_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest Type by id + cisco.ise.guest_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isDefaultType": true, + "accessTime": { + "fromFirstLogin": true, + "maxAccountDuration": 0, + "durationTimeUnit": "string", + "defaultDuration": 0, + "allowAccessOnSpecificDaysTimes": true, + "dayTimeLimits": [ + { + "startTime": "string", + "endTime": "string", + "days": [ + "string" + ] + } + ] + }, + "loginOptions": { + "limitSimultaneousLogins": true, + "maxSimultaneousLogins": 0, + "failureAction": "string", + "maxRegisteredDevices": 0, + "identityGroupId": "string", + "allowGuestPortalBypass": true + }, + "expirationNotification": { + "enableNotification": true, + "advanceNotificationDuration": 0, + "advanceNotificationUnits": "string", + "sendEmailNotification": true, + "emailText": "string", + "sendSmsNotification": true, + "smsText": "string" + }, + "sponsorGroups": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "isDefaultType": true, + "accessTime": { + "fromFirstLogin": true, + "maxAccountDuration": 0, + "durationTimeUnit": "string", + "defaultDuration": 0, + "allowAccessOnSpecificDaysTimes": true, + "dayTimeLimits": [ + { + "startTime": "string", + "endTime": "string", + "days": [ + "string" + ] + } + ] + }, + "loginOptions": { + "limitSimultaneousLogins": true, + "maxSimultaneousLogins": 0, + "failureAction": "string", + "maxRegisteredDevices": 0, + "identityGroupId": "string", + "allowGuestPortalBypass": true + }, + "expirationNotification": { + "enableNotification": true, + "advanceNotificationDuration": 0, + "advanceNotificationUnits": "string", + "sendEmailNotification": true, + "emailText": "string", + "sendSmsNotification": true, + "smsText": "string" + }, + "sponsorGroups": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type_sms.py b/ansible_collections/cisco/ise/plugins/modules/guest_type_sms.py new file mode 100644 index 00000000..d35072ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type_sms.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type_sms +short_description: Resource module for Guest Type SMS +description: +- Manage operation update of the resource Guest Type SMS. +- This API allows the client to update a guest type sms by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest Type SMS's additionalData. + elements: dict + suboptions: + name: + description: Guest Type SMS's name. + type: str + value: + description: Guest Type SMS's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.update_guest_type_sms, + + - Paths used are + put /ers/config/guesttype/sms/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_type_sms: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: phoneNumber + value: phoneNumber + - name: serviceProvider + value: serviceProvider + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user.py b/ansible_collections/cisco/ise/plugins/modules/guest_user.py new file mode 100644 index 00000000..a19118c7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user.py @@ -0,0 +1,337 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user +short_description: Resource module for Guest User +description: +- Manage operations create, update and delete of the resource Guest User. +- This API creates a guest user. +- This API deletes a guest user by ID. +- This API deletes a guest user. +- This API allows the client to update a guest user by ID. +- This API allows the client to update a guest user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customFields: + description: Key value map. + type: dict + description: + description: Guest User's description. + type: str + guestAccessInfo: + description: Guest User's guestAccessInfo. + suboptions: + fromDate: + description: Guest User's fromDate. + type: str + groupTag: + description: Guest User's groupTag. + type: str + location: + description: Guest User's location. + type: str + ssid: + description: Guest User's ssid. + type: str + toDate: + description: Guest User's toDate. + type: str + validDays: + description: Guest User's validDays. + type: int + type: dict + guestInfo: + description: Guest User's guestInfo. + suboptions: + company: + description: Guest User's company. + type: str + creationTime: + description: Guest User's creationTime. + type: str + emailAddress: + description: Guest User's emailAddress. + type: str + enabled: + description: This field is only for Get operation not applicable for Create, + Update operations. + type: bool + firstName: + description: Guest User's firstName. + type: str + lastName: + description: Guest User's lastName. + type: str + notificationLanguage: + description: Guest User's notificationLanguage. + type: str + password: + description: Guest User's password. + type: str + phoneNumber: + description: Phone number should be E.164 format. + type: str + smsServiceProvider: + description: Guest User's smsServiceProvider. + type: str + userName: + description: If account needs be created with mobile number, please provide + mobile number here. + type: str + type: dict + guestType: + description: Guest User's guestType. + type: str + id: + description: Guest User's id. + type: str + name: + description: Guest User's name. + type: str + portalId: + description: Guest User's portalId. + type: str + reasonForVisit: + description: Guest User's reasonForVisit. + type: str + sponsorUserId: + description: Guest User's sponsorUserId. + type: str + sponsorUserName: + description: Guest User's sponsorUserName. + type: str + status: + description: Guest User's status. + type: str + statusReason: + description: Guest User's statusReason. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.create_guest_user, + guest_user.GuestUser.delete_guest_user_by_id, + guest_user.GuestUser.delete_guest_user_by_name, + guest_user.GuestUser.update_guest_user_by_id, + guest_user.GuestUser.update_guest_user_by_name, + + - Paths used are + post /ers/config/guestuser, + delete /ers/config/guestuser/name/{name}, + delete /ers/config/guestuser/{id}, + put /ers/config/guestuser/name/{name}, + put /ers/config/guestuser/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customFields: {} + description: string + guestAccessInfo: + fromDate: string + groupTag: string + location: string + ssid: string + toDate: string + validDays: 0 + guestInfo: + company: string + creationTime: string + emailAddress: string + enabled: true + firstName: string + lastName: string + notificationLanguage: string + password: string + phoneNumber: string + smsServiceProvider: string + userName: string + guestType: string + id: string + name: string + portalId: string + reasonForVisit: string + sponsorUserId: string + sponsorUserName: string + status: string + statusReason: string + +- name: Delete by name + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customFields: {} + description: string + guestAccessInfo: + fromDate: string + groupTag: string + location: string + ssid: string + toDate: string + validDays: 0 + guestInfo: + company: string + creationTime: string + emailAddress: string + enabled: true + firstName: string + lastName: string + notificationLanguage: string + password: string + phoneNumber: string + smsServiceProvider: string + userName: string + guestType: string + id: string + name: string + portalId: string + reasonForVisit: string + sponsorUserId: string + sponsorUserName: string + status: string + statusReason: string + +- name: Delete by id + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customFields: {} + description: string + guestAccessInfo: + fromDate: string + groupTag: string + location: string + ssid: string + toDate: string + validDays: 0 + guestInfo: + company: string + creationTime: string + emailAddress: string + enabled: true + firstName: string + lastName: string + notificationLanguage: string + password: string + phoneNumber: string + smsServiceProvider: string + userName: string + guestType: string + name: string + portalId: string + reasonForVisit: string + sponsorUserId: string + sponsorUserName: string + status: string + statusReason: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "guestType": "string", + "status": "string", + "statusReason": "string", + "reasonForVisit": "string", + "sponsorUserId": "string", + "sponsorUserName": "string", + "guestInfo": { + "firstName": "string", + "lastName": "string", + "company": "string", + "creationTime": "string", + "notificationLanguage": "string", + "userName": "string", + "emailAddress": "string", + "phoneNumber": "string", + "password": "string", + "enabled": true, + "smsServiceProvider": "string" + }, + "guestAccessInfo": { + "validDays": 0, + "fromDate": "string", + "toDate": "string", + "location": "string", + "ssid": "string", + "groupTag": "string" + }, + "portalId": "string", + "customFields": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_approve.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_approve.py new file mode 100644 index 00000000..f5c0295f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_approve.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_approve +short_description: Resource module for Guest User Approve +description: +- Manage operation update of the resource Guest User Approve. +- This API allows the client to approve a guest user by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.approve_guest_user_by_id, + + - Paths used are + put /ers/config/guestuser/approve/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_monitor_status_info.py new file mode 100644 index 00000000..f26fe764 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_bulk_monitor_status_info +short_description: Information module for Guest User Bulk Monitor Status +description: +- Get Guest User Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.monitor_bulk_status_guest_user, + + - Paths used are + get /ers/config/guestuser/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Guest User Bulk Monitor Status by id + cisco.ise.guest_user_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_request.py new file mode 100644 index 00000000..454b982a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_bulk_request +short_description: Resource module for Guest User Bulk Request +description: +- Manage operation update of the resource Guest User Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Guest User Bulk Request's operationType. + type: str + resourceMediaType: + description: Guest User Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.bulk_request_for_guest_user, + + - Paths used are + put /ers/config/guestuser/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.guest_user_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_change_sponsor_password.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_change_sponsor_password.py new file mode 100644 index 00000000..64dc0193 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_change_sponsor_password.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_change_sponsor_password +short_description: Resource module for Guest User Change Sponsor Password +description: +- Manage operation update of the resource Guest User Change Sponsor Password. +- This API allows the client to change the sponsor password. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest User Change Sponsor Password's additionalData. + elements: dict + suboptions: + name: + description: Guest User Change Sponsor Password's name. + type: str + value: + description: Guest User Change Sponsor Password's value. + type: str + type: list + portalId: + description: PortalId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.change_sponsor_password, + + - Paths used are + put /ers/config/guestuser/changeSponsorPassword/{portalId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_change_sponsor_password: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: currentPassword + value: password + - name: newPassword + value: password + portalId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_deny.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_deny.py new file mode 100644 index 00000000..b02f5e41 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_deny.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_deny +short_description: Resource module for Guest User Deny +description: +- Manage operation update of the resource Guest User Deny. +- This API allows the client to deny a guest user by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.deny_guest_user_by_id, + + - Paths used are + put /ers/config/guestuser/deny/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_deny: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_email.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_email.py new file mode 100644 index 00000000..f0ba73a2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_email.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_email +short_description: Resource module for Guest User Email +description: +- Manage operation update of the resource Guest User Email. +- This API allows the client to update a guest user email by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest User Email's additionalData. + elements: dict + suboptions: + name: + description: Guest User Email's name. + type: str + value: + description: Guest User Email's value. + type: str + type: list + id: + description: Id path parameter. + type: str + portalId: + description: PortalId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.update_guest_user_email, + + - Paths used are + put /ers/config/guestuser/email/{id}/portalId/{portalId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_email: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: senderEmail + value: senderEmail + id: string + portalId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_info.py new file mode 100644 index 00000000..651777e0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_info.py @@ -0,0 +1,218 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_info +short_description: Information module for Guest User +description: +- Get all Guest User. +- Get Guest User by id. +- Get Guest User by name. +- This API allows the client to get a guest user by ID. +- This API allows the client to get a guest user by name. +- This API allows the client to get all the guest users. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.get_guest_user_by_id, + guest_user.GuestUser.get_guest_user_by_name, + guest_user.GuestUser.get_guest_users_generator, + + - Paths used are + get /ers/config/guestuser, + get /ers/config/guestuser/name/{name}, + get /ers/config/guestuser/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest User + cisco.ise.guest_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest User by id + cisco.ise.guest_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Guest User by name + cisco.ise.guest_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "guestType": "string", + "status": "string", + "statusReason": "string", + "reasonForVisit": "string", + "sponsorUserId": "string", + "sponsorUserName": "string", + "guestInfo": { + "firstName": "string", + "lastName": "string", + "company": "string", + "creationTime": "string", + "notificationLanguage": "string", + "userName": "string", + "emailAddress": "string", + "phoneNumber": "string", + "password": "string", + "enabled": true, + "smsServiceProvider": "string" + }, + "guestAccessInfo": { + "validDays": 0, + "fromDate": "string", + "toDate": "string", + "location": "string", + "ssid": "string", + "groupTag": "string" + }, + "portalId": "string", + "customFields": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "guestType": "string", + "status": "string", + "statusReason": "string", + "reasonForVisit": "string", + "sponsorUserId": "string", + "sponsorUserName": "string", + "guestInfo": { + "firstName": "string", + "lastName": "string", + "company": "string", + "creationTime": "string", + "notificationLanguage": "string", + "userName": "string", + "emailAddress": "string", + "phoneNumber": "string", + "password": "string", + "enabled": true, + "smsServiceProvider": "string" + }, + "guestAccessInfo": { + "validDays": 0, + "fromDate": "string", + "toDate": "string", + "location": "string", + "ssid": "string", + "groupTag": "string" + }, + "portalId": "string", + "customFields": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_reinstate.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_reinstate.py new file mode 100644 index 00000000..0ead09e6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_reinstate.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_reinstate +short_description: Resource module for Guest User Reinstate +description: +- Manage operation update of the resource Guest User Reinstate. +- This API allows the client to reinstate a guest user by ID. +- This API allows the client to reinstate a guest user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.reinstate_guest_user_by_id, + guest_user.GuestUser.reinstate_guest_user_by_name, + + - Paths used are + put /ers/config/guestuser/reinstate/name/{name}, + put /ers/config/guestuser/reinstate/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.guest_user_reinstate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +- name: Update by id + cisco.ise.guest_user_reinstate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_reset_password.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_reset_password.py new file mode 100644 index 00000000..b55a3147 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_reset_password.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_reset_password +short_description: Resource module for Guest User Reset Password +description: +- Manage operation update of the resource Guest User Reset Password. +- This API allows the client to reset the guest user password. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.reset_guest_user_password_by_id, + + - Paths used are + put /ers/config/guestuser/resetpassword/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_reset_password: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "OperationResult": { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_sms.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_sms.py new file mode 100644 index 00000000..d02bd0d3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_sms.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_sms +short_description: Resource module for Guest User SMS +description: +- Manage operation update of the resource Guest User SMS. +- This API allows the client to update a guest user sms by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str + portalId: + description: PortalId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.update_guest_user_sms, + + - Paths used are + put /ers/config/guestuser/sms/{id}/portalId/{portalId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_sms: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + portalId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_suspend.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_suspend.py new file mode 100644 index 00000000..e53ed5f2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_suspend.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_suspend +short_description: Resource module for Guest User Suspend +description: +- Manage operation update of the resource Guest User Suspend. +- This API allows the client to suspend a guest user by ID. +- This API allows the client to suspend a guest user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest User Suspend's additionalData. + elements: dict + suboptions: + name: + description: Guest User Suspend's name. + type: str + value: + description: Guest User Suspend's value. + type: str + type: list + id: + description: Id path parameter. + type: str + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.suspend_guest_user_by_id, + guest_user.GuestUser.suspend_guest_user_by_name, + + - Paths used are + put /ers/config/guestuser/suspend/name/{name}, + put /ers/config/guestuser/suspend/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.guest_user_suspend: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +- name: Update by id + cisco.ise.guest_user_suspend: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: reason + value: reason + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotpatch_info.py b/ansible_collections/cisco/ise/plugins/modules/hotpatch_info.py new file mode 100644 index 00000000..90d37d15 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotpatch_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotpatch_info +short_description: Information module for Hotpatch +description: +- Get all Hotpatch. +- List all the installed hot patches in the system. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.list_installed_hotpatches, + + - Paths used are + get /api/v1/hotpatch, + +""" + +EXAMPLES = r""" +- name: Get all Hotpatch + cisco.ise.hotpatch_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "hotpatchName": "string", + "installDate": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotpatch_install.py b/ansible_collections/cisco/ise/plugins/modules/hotpatch_install.py new file mode 100644 index 00000000..d4cef09b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotpatch_install.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotpatch_install +short_description: Resource module for Hotpatch Install +description: +- Manage operation create of the resource Hotpatch Install. +- > + Triggers hot patch installation on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the hot patch installation + process. As hot patch installation triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hotpatchName: + description: Hotpatch Install's hotpatchName. + type: str + repositoryName: + description: Hotpatch Install's repositoryName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.install_hotpatch, + + - Paths used are + post /api/v1/hotpatch/install, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.hotpatch_install: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hotpatchName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotpatch_rollback.py b/ansible_collections/cisco/ise/plugins/modules/hotpatch_rollback.py new file mode 100644 index 00000000..d1ce43a8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotpatch_rollback.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotpatch_rollback +short_description: Resource module for Hotpatch Rollback +description: +- Manage operation create of the resource Hotpatch Rollback. +- > + Triggers hot patch rollback on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the hot patch rollback process. As + hot patch rollback triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hotpatchName: + description: Hotpatch Rollback's hotpatchName. + type: str + repositoryName: + description: Hotpatch Rollback's repositoryName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.rollback_hotpatch, + + - Paths used are + post /api/v1/hotpatch/rollback, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.hotpatch_rollback: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hotpatchName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotspot_portal.py b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal.py new file mode 100644 index 00000000..aa7f5591 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal.py @@ -0,0 +1,546 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotspot_portal +short_description: Resource module for Hotspot Portal +description: +- Manage operations create, update and delete of the resource Hotspot Portal. +- This API creates a hotspot portal. +- This API deletes a hotspot portal by ID. +- This API allows the client to update a hotspot portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: Hotspot Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Hotspot Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Hotspot Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Hotspot Portal's bannerTitle. + type: str + contactText: + description: Hotspot Portal's contactText. + type: str + desktopLogoImage: + description: Hotspot Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Hotspot Portal's footerElement. + type: str + mobileLogoImage: + description: Hotspot Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Hotspot Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Hotspot Portal's pageCustomizations. + suboptions: + data: + description: Hotspot Portal's data. + elements: dict + suboptions: + key: + description: Hotspot Portal's key. + type: str + value: + description: Hotspot Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Defines the configuration for portal theme. + suboptions: + id: + description: The unique internal identifier of the portal theme. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Hotspot Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Hotspot Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Hotspot Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Hotspot Portal's description. + type: str + id: + description: Hotspot Portal's id. + type: str + name: + description: Hotspot Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a BYOD. + suboptions: + aupSettings: + description: Configuration of the Acceptable Use Policy (AUP) for a portal. + suboptions: + accessCode: + description: Access code that must be entered by the portal user (only valid + if requireAccessCode = true). + type: str + includeAup: + description: Require the portal user to read and accept an AUP. + type: bool + requireAccessCode: + description: Require the portal user to enter an access code. Only used + in Hotspot portal. + type: bool + requireScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + type: dict + authSuccessSettings: + description: Hotspot Portal's authSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = URL. + type: str + successRedirect: + description: After an Authentication Success where should device be redirected. + Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - URL. + type: str + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0 - eth1 - eth2 - eth3 - eth4 - eth5 - bond0 - bond1 - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Used when displayLang = ALWAYSUSE. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + coaType: + description: Allowed Values - COAREAUTHENTICATE, - COATERMINATE. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + endpointIdentityGroup: + description: Unique Id of the endpoint identity group where user's devices + will be added. Used only in Hotspot Portal. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: Hotspot Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Hotspot Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + supportInfoSettings: + description: Portal Support Information Settings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + hotspot_portal.HotspotPortal.create_hotspot_portal, + hotspot_portal.HotspotPortal.delete_hotspot_portal_by_id, + hotspot_portal.HotspotPortal.update_hotspot_portal_by_id, + + - Paths used are + post /ers/config/hotspotportal, + delete /ers/config/hotspotportal/{id}, + put /ers/config/hotspotportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.hotspot_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + accessCode: string + includeAup: true + requireAccessCode: true + requireScrolling: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + coaType: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.hotspot_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.hotspot_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + accessCode: string + includeAup: true + requireAccessCode: true + requireScrolling: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + coaType: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "coaType": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "aupSettings": { + "requireAccessCode": true, + "accessCode": "string", + "includeAup": true, + "requireScrolling": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotspot_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal_info.py new file mode 100644 index 00000000..e2cbb748 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal_info.py @@ -0,0 +1,309 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotspot_portal_info +short_description: Information module for Hotspot Portal +description: +- Get all Hotspot Portal. +- Get Hotspot Portal by id. +- This API allows the client to get a hotspot portal by ID. +- This API allows the client to get all the hotspot portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + hotspot_portal.HotspotPortal.get_hotspot_portal_by_id, + hotspot_portal.HotspotPortal.get_hotspot_portal_generator, + + - Paths used are + get /ers/config/hotspotportal, + get /ers/config/hotspotportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Hotspot Portal + cisco.ise.hotspot_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Hotspot Portal by id + cisco.ise.hotspot_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "coaType": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "aupSettings": { + "requireAccessCode": true, + "accessCode": "string", + "includeAup": true, + "requireScrolling": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "coaType": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "aupSettings": { + "requireAccessCode": true, + "accessCode": "string", + "includeAup": true, + "requireScrolling": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/id_store_sequence.py b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence.py new file mode 100644 index 00000000..259f25ae --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence.py @@ -0,0 +1,161 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: id_store_sequence +short_description: Resource module for Id Store Sequence +description: +- Manage operations create, update and delete of the resource Id Store Sequence. +- This API creates an identity sequence. +- This API deletes an identity sequence. +- This API allows the client to update an identity sequence. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + breakOnStoreFail: + description: BreakOnStoreFail flag. + type: bool + certificateAuthenticationProfile: + description: Id Store Sequence's certificateAuthenticationProfile. + type: str + description: + description: Id Store Sequence's description. + type: str + id: + description: Id Store Sequence's id. + type: str + idSeqItem: + description: Id Store Sequence's idSeqItem. + elements: dict + suboptions: + idstore: + description: Id Store Sequence's idstore. + type: str + order: + description: Id Store Sequence's order. + type: int + type: list + name: + description: Id Store Sequence's name. + type: str + parent: + description: Id Store Sequence's parent. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentitySequence + description: Complete reference of the IdentitySequence API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!idstoresequence +notes: + - SDK Method used are + identity_sequence.IdentitySequence.create_identity_sequence, + identity_sequence.IdentitySequence.delete_identity_sequence_by_id, + identity_sequence.IdentitySequence.update_identity_sequence_by_id, + + - Paths used are + post /ers/config/idstoresequence, + delete /ers/config/idstoresequence/{id}, + put /ers/config/idstoresequence/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.id_store_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + breakOnStoreFail: true + certificateAuthenticationProfile: string + description: string + id: string + idSeqItem: + - idstore: string + order: 0 + name: string + parent: string + +- name: Delete by id + cisco.ise.id_store_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.id_store_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + breakOnStoreFail: true + certificateAuthenticationProfile: string + description: string + idSeqItem: + - idstore: string + order: 0 + name: string + parent: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "idSeqItem": [ + { + "idstore": "string", + "order": 0 + } + ], + "certificateAuthenticationProfile": "string", + "breakOnStoreFail": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/id_store_sequence_info.py b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence_info.py new file mode 100644 index 00000000..16e99cfb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: id_store_sequence_info +short_description: Information module for Id Store Sequence +description: +- Get all Id Store Sequence. +- Get Id Store Sequence by id. +- Get Id Store Sequence by name. +- This API allows the client to get all the identity sequences. +- This API allows the client to get an identity sequence by ID. +- This API allows the client to get an identity sequence by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentitySequence + description: Complete reference of the IdentitySequence API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!idstoresequence +notes: + - SDK Method used are + identity_sequence.IdentitySequence.get_identity_sequence_by_id, + identity_sequence.IdentitySequence.get_identity_sequence_by_name, + identity_sequence.IdentitySequence.get_identity_sequence_generator, + + - Paths used are + get /ers/config/idstoresequence, + get /ers/config/idstoresequence/name/{name}, + get /ers/config/idstoresequence/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Id Store Sequence + cisco.ise.id_store_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Id Store Sequence by id + cisco.ise.id_store_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Id Store Sequence by name + cisco.ise.id_store_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "idSeqItem": [ + { + "idstore": "string", + "order": 0 + } + ], + "certificateAuthenticationProfile": "string", + "breakOnStoreFail": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "idSeqItem": [ + { + "idstore": "string", + "order": 0 + } + ], + "certificateAuthenticationProfile": "string", + "breakOnStoreFail": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/identity_group.py b/ansible_collections/cisco/ise/plugins/modules/identity_group.py new file mode 100644 index 00000000..c9e017ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/identity_group.py @@ -0,0 +1,114 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: identity_group +short_description: Resource module for Identity Group +description: +- Manage operations create and update of the resource Identity Group. +- This API creates an identity group. +- This API allows the client to update an identity group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Identity Group's description. + type: str + id: + description: Identity Group's id. + type: str + name: + description: Identity Group's name. + type: str + parent: + description: Identity Group's parent. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentityGroups + description: Complete reference of the IdentityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!identitygroup +notes: + - SDK Method used are + identity_groups.IdentityGroups.create_identity_group, + identity_groups.IdentityGroups.update_identity_group_by_id, + + - Paths used are + post /ers/config/identitygroup, + put /ers/config/identitygroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.identity_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + parent: string + +- name: Create + cisco.ise.identity_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + parent: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/identity_group_info.py b/ansible_collections/cisco/ise/plugins/modules/identity_group_info.py new file mode 100644 index 00000000..460a381e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/identity_group_info.py @@ -0,0 +1,166 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: identity_group_info +short_description: Information module for Identity Group +description: +- Get all Identity Group. +- Get Identity Group by id. +- Get Identity Group by name. +- This API allows the client to get all the identity groups. +- This API allows the client to get an identity group by ID. +- This API allows the client to get an identity group by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentityGroups + description: Complete reference of the IdentityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!identitygroup +notes: + - SDK Method used are + identity_groups.IdentityGroups.get_identity_group_by_id, + identity_groups.IdentityGroups.get_identity_group_by_name, + identity_groups.IdentityGroups.get_identity_groups_generator, + + - Paths used are + get /ers/config/identitygroup, + get /ers/config/identitygroup/name/{name}, + get /ers/config/identitygroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Identity Group + cisco.ise.identity_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Identity Group by id + cisco.ise.identity_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Identity Group by name + cisco.ise.identity_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/internal_user.py b/ansible_collections/cisco/ise/plugins/modules/internal_user.py new file mode 100644 index 00000000..4769df6b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/internal_user.py @@ -0,0 +1,229 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: internal_user +short_description: Resource module for Internal User +description: +- Manage operations create, update and delete of the resource Internal User. +- This API creates an internal user. +- This API deletes an internal user by ID. +- This API deletes an internal user by name. +- This API allows the client to update an internal user by ID. +- This API allows the client to update an internal user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + changePassword: + description: ChangePassword flag. + type: bool + customAttributes: + description: Key value map. + type: dict + description: + description: Internal User's description. + type: str + email: + description: Internal User's email. + type: str + enablePassword: + description: Internal User's enablePassword. + type: str + enabled: + description: Whether the user is enabled/disabled. To use it as filter, the values + should be 'Enabled' or 'Disabled'. The values are case sensitive. For example, + 'ERSObjectURL?filter=enabled.EQ.Enabled'. + type: bool + expiryDate: + description: To store the internal user's expiry date information. It's format is + = 'YYYY-MM-DD'. + type: str + expiryDateEnabled: + description: ExpiryDateEnabled flag. + type: bool + firstName: + description: Internal User's firstName. + type: str + id: + description: Internal User's id. + type: str + identityGroups: + description: CSV of identity group IDs. + type: str + lastName: + description: Internal User's lastName. + type: str + name: + description: Internal User's name. + type: str + password: + description: Internal User's password. + type: str + passwordIDStore: + description: The id store where the internal user's password is kept. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + internal_user.InternalUser.create_internal_user, + internal_user.InternalUser.delete_internal_user_by_id, + internal_user.InternalUser.delete_internal_user_by_name, + internal_user.InternalUser.update_internal_user_by_id, + internal_user.InternalUser.update_internal_user_by_name, + + - Paths used are + post /ers/config/internaluser, + delete /ers/config/internaluser/name/{name}, + delete /ers/config/internaluser/{id}, + put /ers/config/internaluser/name/{name}, + put /ers/config/internaluser/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + changePassword: true + customAttributes: {} + description: string + email: string + enablePassword: string + enabled: true + expiryDate: string + expiryDateEnabled: true + firstName: string + id: string + identityGroups: string + lastName: string + name: string + password: string + passwordIDStore: string + +- name: Delete by name + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + changePassword: true + customAttributes: {} + description: string + email: string + enablePassword: string + enabled: true + expiryDate: string + expiryDateEnabled: true + firstName: string + id: string + identityGroups: string + lastName: string + name: string + password: string + passwordIDStore: string + +- name: Delete by id + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + changePassword: true + customAttributes: {} + description: string + email: string + enablePassword: string + enabled: true + expiryDate: string + expiryDateEnabled: true + firstName: string + identityGroups: string + lastName: string + name: string + password: string + passwordIDStore: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "enabled": true, + "email": "string", + "password": "string", + "firstName": "string", + "lastName": "string", + "changePassword": true, + "identityGroups": "string", + "expiryDateEnabled": true, + "expiryDate": "string", + "enablePassword": "string", + "customAttributes": {}, + "passwordIDStore": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/internal_user_info.py b/ansible_collections/cisco/ise/plugins/modules/internal_user_info.py new file mode 100644 index 00000000..7f90f383 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/internal_user_info.py @@ -0,0 +1,184 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: internal_user_info +short_description: Information module for Internal User +description: +- Get all Internal User. +- Get Internal User by id. +- Get Internal User by name. +- This API allows the client to get all the internal users. +- This API allows the client to get an internal user by ID. +- This API allows the client to get an internal user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + internal_user.InternalUser.get_internal_user_by_id, + internal_user.InternalUser.get_internal_user_by_name, + internal_user.InternalUser.get_internal_user_generator, + + - Paths used are + get /ers/config/internaluser, + get /ers/config/internaluser/name/{name}, + get /ers/config/internaluser/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Internal User + cisco.ise.internal_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Internal User by id + cisco.ise.internal_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Internal User by name + cisco.ise.internal_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "enabled": true, + "email": "string", + "password": "string", + "firstName": "string", + "lastName": "string", + "changePassword": true, + "identityGroups": "string", + "expiryDateEnabled": true, + "expiryDate": "string", + "enablePassword": "string", + "customAttributes": {}, + "passwordIDStore": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "enabled": true, + "email": "string", + "password": "string", + "firstName": "string", + "lastName": "string", + "changePassword": true, + "identityGroups": "string", + "expiryDateEnabled": true, + "expiryDate": "string", + "enablePassword": "string", + "customAttributes": {}, + "passwordIDStore": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/ise_root_ca_regenerate.py b/ansible_collections/cisco/ise/plugins/modules/ise_root_ca_regenerate.py new file mode 100644 index 00000000..2eb5f7e0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/ise_root_ca_regenerate.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: ise_root_ca_regenerate +short_description: Resource module for Ise Root CA Regenerate +description: +- Manage operation create of the resource Ise Root CA Regenerate. +- This API initiates regeneration of Cisco ISE root CA certificate chain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + removeExistingISEIntermediateCSR: + description: Setting this attribute to true removes existing Cisco ISE Intermediate + CSR. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.regenerate_ise_root_ca, + + - Paths used are + post /api/v1/certs/ise-root-ca/regenerate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.ise_root_ca_regenerate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + removeExistingISEIntermediateCSR: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_connection_type_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_connection_type_info.py new file mode 100644 index 00000000..f5cbe33a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_connection_type_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_connection_type_info +short_description: Information module for Licensing Connection Type +description: +- Get all Licensing Connection Type. +- Get connection type. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_connection_type, + + - Paths used are + get /api/v1/license/system/connection-type, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Connection Type + cisco.ise.licensing_connection_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "connectionType": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_eval_license_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_eval_license_info.py new file mode 100644 index 00000000..5f4f2067 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_eval_license_info.py @@ -0,0 +1,55 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_eval_license_info +short_description: Information module for Licensing Eval License +description: +- Get all Licensing Eval License. +- Get registration information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_eval_license_info, + + - Paths used are + get /api/v1/license/system/eval-license, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Eval License + cisco.ise.licensing_eval_license_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "daysRemaining": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_feature_to_tier_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_feature_to_tier_mapping_info.py new file mode 100644 index 00000000..28227901 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_feature_to_tier_mapping_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_feature_to_tier_mapping_info +short_description: Information module for Licensing Feature To Tier Mapping +description: +- Get all Licensing Feature To Tier Mapping. +- Get feature to tier mapping. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_feature_to_tier_mapping, + + - Paths used are + get /api/v1/license/system/feature-to-tier-mapping, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Feature To Tier Mapping + cisco.ise.licensing_feature_to_tier_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "featureName": [ + "string" + ], + "tier": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_registration_create.py b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_create.py new file mode 100644 index 00000000..29712189 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_create.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_registration_create +short_description: Resource module for Licensing Registration Create +description: +- Manage operation create of the resource Licensing Registration Create. +- License - Configure registration information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + connectionType: + description: Licensing Registration Create's connectionType. + type: str + registrationType: + description: Licensing Registration Create's registrationType. + type: str + ssmOnPremServer: + description: If connection type is selected as SSM_ONPREM_SERVER, then IP address + or the hostname (or FQDN) of the SSM On-Prem server Host. + type: str + tier: + description: Licensing Registration Create's tier. + elements: str + type: list + token: + description: Token. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.create_registration_info, + + - Paths used are + post /api/v1/license/system/register, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.licensing_registration_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + connectionType: string + registrationType: string + ssmOnPremServer: string + tier: + - string + token: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: str + sample: > + "'string'" +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_registration_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_info.py new file mode 100644 index 00000000..121e1038 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_registration_info +short_description: Information module for Licensing Registration +description: +- Get all Licensing Registration. +- Get registration information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_registration_info, + + - Paths used are + get /api/v1/license/system/register, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Registration + cisco.ise.licensing_registration_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "connectionType": "string", + "registrationState": "string", + "ssmOnPremServer": "string", + "tier": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_create.py b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_create.py new file mode 100644 index 00000000..73c71772 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_create.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_smart_state_create +short_description: Resource module for Licensing Smart State Create +description: +- Manage operation create of the resource Licensing Smart State Create. +- License - Configure smart state information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.configure_smart_state, + + - Paths used are + post /api/v1/license/system/smart-state, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.licensing_smart_state_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: str + sample: > + "'string'" +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_info.py new file mode 100644 index 00000000..0267753d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_smart_state_info +short_description: Information module for Licensing Smart State +description: +- Get all Licensing Smart State. +- Get smart license information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_smart_state, + + - Paths used are + get /api/v1/license/system/smart-state, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Smart State + cisco.ise.licensing_smart_state_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "connectionType": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_create.py b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_create.py new file mode 100644 index 00000000..b48863dc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_create.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_tier_state_create +short_description: Resource module for Licensing Tier State Create +description: +- Manage operation create of the resource Licensing Tier State Create. +- Applicable values for **name** & **status** parameters. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Licensing Tier State Create's payload. + elements: dict + suboptions: + name: + description: Licensing Tier State Create's name. + type: str + status: + description: Licensing Tier State Create's status. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.update_tier_state_info, + + - Paths used are + post /api/v1/license/system/tier-state, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.licensing_tier_state_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - name: string + status: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": [ + { + "message": "string", + "name": "string", + "status": "string" + } + ], + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_info.py new file mode 100644 index 00000000..a85e9ea2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_tier_state_info +short_description: Information module for Licensing Tier State +description: +- Get all Licensing Tier State. +- Get tier state information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_tier_state_info, + + - Paths used are + get /api/v1/license/system/tier-state, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Tier State + cisco.ise.licensing_tier_state_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "compliance": "string", + "consumptionCounter": 0, + "daysOutOfCompliance": "string", + "lastAuthorization": "string", + "name": "string", + "status": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_account_status_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_account_status_info.py new file mode 100644 index 00000000..f17ae253 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_account_status_info.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_account_status_info +short_description: Information module for MNT Account Status +description: +- Get MNT Account Status by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + mac: + description: + - Mac path parameter. + type: str + duration: + description: + - Duration path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_account_status_by_mac, + + - Paths used are + get /AcctStatus/MACAddress/{mac}/{duration}, + +""" + +EXAMPLES = r""" +- name: Get MNT Account Status by id + cisco.ise.mnt_account_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + mac: string + duration: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_athentication_status_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_athentication_status_info.py new file mode 100644 index 00000000..6a6d498f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_athentication_status_info.py @@ -0,0 +1,65 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_athentication_status_info +short_description: Information module for Mnt Athentication Status +description: +- Get all Mnt Athentication Status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + MAC: + description: + - MAC path parameter. + type: str + SECONDS: + description: + - SECONDS path parameter. + type: str + RECORDS: + description: + - RECORDS path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_authentication_status_by_mac, + + - Paths used are + get /AuthStatus/MACAddress/{MAC}/{SECONDS}/{RECORDS}/All, +seealso: +# Reference by module name +- module: cisco.ise.mnt_authentication_status_info +""" + +EXAMPLES = r""" +- name: Get all Mnt Athentication Status + cisco.ise.mnt_athentication_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + MAC: string + SECONDS: string + RECORDS: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: + - {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_authentication_status_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_authentication_status_info.py new file mode 100644 index 00000000..fb1b30fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_authentication_status_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_authentication_status_info +short_description: Information module for MNT Authentication Status +description: +- Get all MNT Authentication Status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + MAC: + description: + - MAC path parameter. + type: str + SECONDS: + description: + - SECONDS path parameter. + type: str + RECORDS: + description: + - RECORDS path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_authentication_status_by_mac, + + - Paths used are + get /AuthStatus/MACAddress/{MAC}/{SECONDS}/{RECORDS}/All, + +""" + +EXAMPLES = r""" +- name: Get all MNT Authentication Status + cisco.ise.mnt_authentication_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + MAC: string + SECONDS: string + RECORDS: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_failure_reasons_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_failure_reasons_info.py new file mode 100644 index 00000000..53e936d1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_failure_reasons_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_failure_reasons_info +short_description: Information module for MNT Failure Reasons +description: +- Get all MNT Failure Reasons. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_failure_reasons, + + - Paths used are + get /FailureReasons, + +""" + +EXAMPLES = r""" +- name: Get all MNT Failure Reasons + cisco.ise.mnt_failure_reasons_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_count_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_count_info.py new file mode 100644 index 00000000..c2ffbff8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_count_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_active_count_info +short_description: Information module for MNT Session Active Count +description: +- Get all MNT Session Active Count. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_active_count, + + - Paths used are + get /Session/ActiveCount, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Active Count + cisco.ise.mnt_session_active_count_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "count": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_list_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_list_info.py new file mode 100644 index 00000000..352e09bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_list_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_active_list_info +short_description: Information module for MNT Session Active List +description: +- Get all MNT Session Active List. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_active_list, + + - Paths used are + get /Session/ActiveList, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Active List + cisco.ise.mnt_session_active_list_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "noOfActiveSession": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_auth_list_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_auth_list_info.py new file mode 100644 index 00000000..716b60cd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_auth_list_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_auth_list_info +short_description: Information module for MNT Session Auth List +description: +- Get all MNT Session Auth List. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_session_auth_list, + + - Paths used are + get /Session/AuthList/null/null, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Auth List + cisco.ise.mnt_session_auth_list_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "noOfActiveSession": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_ip_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_ip_info.py new file mode 100644 index 00000000..f908a7a6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_ip_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_ip_info +short_description: Information module for MNT Session By Ip +description: +- Get MNT Session By Ip by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + endpoint_ipv4: + description: + - Endpoint_ipv4 path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_endpoint_ip, + + - Paths used are + get /Session/EndPointIPAddress/{endpoint_ipv4}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Ip by id + cisco.ise.mnt_session_by_ip_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + endpoint_ipv4: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_mac_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_mac_info.py new file mode 100644 index 00000000..754aebbc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_mac_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_mac_info +short_description: Information module for MNT Session By Mac +description: +- Get MNT Session By Mac by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + mac: + description: + - Mac path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_mac, + + - Paths used are + get /Session/MACAddress/{mac}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Mac by id + cisco.ise.mnt_session_by_mac_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + mac: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_nas_ip_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_nas_ip_info.py new file mode 100644 index 00000000..09f23798 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_nas_ip_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_nas_ip_info +short_description: Information module for MNT Session By Nas Ip +description: +- Get MNT Session By Nas Ip by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + nas_ipv4: + description: + - Nas_ipv4 path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_nas_ip, + + - Paths used are + get /Session/IPAddress/{nas_ipv4}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Nas Ip by id + cisco.ise.mnt_session_by_nas_ip_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nas_ipv4: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_username_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_username_info.py new file mode 100644 index 00000000..81c75049 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_username_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_username_info +short_description: Information module for MNT Session By Username +description: +- Get MNT Session By Username by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + username: + description: + - Username path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_username, + + - Paths used are + get /Session/UserName/{username}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Username by name + cisco.ise.mnt_session_by_username_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + username: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_delete_all.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_delete_all.py new file mode 100644 index 00000000..a9df0152 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_delete_all.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_delete_all +short_description: Resource module for MNT Session Delete All +description: +- Manage operation delete of the resource MNT Session Delete All. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.delete_all_sessions, + + - Paths used are + delete /Session/Delete/All, + +""" + +EXAMPLES = r""" +- name: Delete all + cisco.ise.mnt_session_delete_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_disconnect_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_disconnect_info.py new file mode 100644 index 00000000..5f1be8c8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_disconnect_info.py @@ -0,0 +1,73 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_disconnect_info +short_description: Information module for MNT Session Disconnect +description: +- Get MNT Session Disconnect by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + ENDPOINT_IP: + description: + - ENDPOINT_IP path parameter. + type: str + PSN_NAME: + description: + - PSN_NAME path parameter. + type: str + MAC: + description: + - MAC path parameter. + type: str + DISCONNECT_TYPE: + description: + - DISCONNECT_TYPE path parameter. + type: str + NAS_IPV4: + description: + - NAS_IPV4 path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.session_disconnect, + + - Paths used are + get /CoA/Disconnect/{PSN_NAME}/{MAC}/{DISCONNECT_TYPE}/{NAS_IPV4}/{{ENDPOINT_IP}}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session Disconnect by id + cisco.ise.mnt_session_disconnect_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + ENDPOINT_IP: string + PSN_NAME: string + MAC: string + DISCONNECT_TYPE: string + NAS_IPV4: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_posture_count_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_posture_count_info.py new file mode 100644 index 00000000..5c8869a9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_posture_count_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_posture_count_info +short_description: Information module for MNT Session Posture Count +description: +- Get all MNT Session Posture Count. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_posture_count, + + - Paths used are + get /Session/PostureCount, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Posture Count + cisco.ise.mnt_session_posture_count_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "count": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_profiler_count_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_profiler_count_info.py new file mode 100644 index 00000000..5a8db7de --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_profiler_count_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_profiler_count_info +short_description: Information module for MNT Session Profiler Count +description: +- Get all MNT Session Profiler Count. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_profiler_count, + + - Paths used are + get /Session/ProfilerCount, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Profiler Count + cisco.ise.mnt_session_profiler_count_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "count": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_reauthentication_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_reauthentication_info.py new file mode 100644 index 00000000..d0516ee4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_reauthentication_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_reauthentication_info +short_description: Information module for MNT Session Reauthentication +description: +- Get MNT Session Reauthentication by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + PSN_NAME: + description: + - PSN_NAME path parameter. + type: str + ENDPOINT_MAC: + description: + - ENDPOINT_MAC path parameter. + type: str + REAUTH_TYPE: + description: + - REAUTH_TYPE path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.session_reauthentication_by_mac, + + - Paths used are + get /CoA/Reauth/{PSN_NAME}/{ENDPOINT_MAC}/{REAUTH_TYPE}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session Reauthentication by id + cisco.ise.mnt_session_reauthentication_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + PSN_NAME: string + ENDPOINT_MAC: string + REAUTH_TYPE: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_sessions_by_session_id_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_sessions_by_session_id_info.py new file mode 100644 index 00000000..d614bab8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_sessions_by_session_id_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_sessions_by_session_id_info +short_description: Information module for MNT Sessions By Session Id +description: +- Get all MNT Sessions By Session Id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + session_id: + description: + - Session_id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_session_id, + + - Paths used are + get /Session/Active/SessionID/{session_id}/0, + +""" + +EXAMPLES = r""" +- name: Get all MNT Sessions By Session Id + cisco.ise.mnt_sessions_by_session_id_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + session_id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_version_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_version_info.py new file mode 100644 index 00000000..7217600d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_version_info.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_version_info +short_description: Information module for MNT Version +description: +- Get all MNT Version. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_mnt_version, + + - Paths used are + get /Version, + +""" + +EXAMPLES = r""" +- name: Get all MNT Version + cisco.ise.mnt_version_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "version": "string", + "type_of_node": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/my_device_portal.py b/ansible_collections/cisco/ise/plugins/modules/my_device_portal.py new file mode 100644 index 00000000..bdec90ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/my_device_portal.py @@ -0,0 +1,593 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: my_device_portal +short_description: Resource module for My Device Portal +description: +- Manage operations create, update and delete of the resource My Device Portal. +- This API creates a my device portal. +- This API deletes a my device portal by ID. +- This API allows the client to update a my device portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: My Device Portal's globalCustomizations. + suboptions: + backgroundImage: + description: My Device Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: My Device Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: My Device Portal's bannerTitle. + type: str + contactText: + description: My Device Portal's contactText. + type: str + desktopLogoImage: + description: My Device Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: My Device Portal's footerElement. + type: str + mobileLogoImage: + description: My Device Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: My Device Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: My Device Portal's key. + type: str + value: + description: My Device Portal's value. + type: str + type: list + type: dict + portalTheme: + description: My Device Portal's portalTheme. + suboptions: + id: + description: My Device Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: My Device Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: My Device Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: My Device Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: My Device Portal's description. + type: str + id: + description: My Device Portal's id. + type: str + name: + description: My Device Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a Mydevice portal. + suboptions: + aupSettings: + description: Configuration of the Acceptable Use Policy (AUP) for a portal. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: Require the portal user to read and accept an AUP. + type: bool + requireScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + type: dict + employeeChangePasswordSettings: + description: My Device Portal's employeeChangePasswordSettings. + suboptions: + allowEmployeeToChangePwd: + description: AllowEmployeeToChangePwd flag. + type: bool + type: dict + loginPageSettings: + description: My Device Portal's loginPageSettings. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + requireScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + socialConfigs: + description: My Device Portal's socialConfigs. + elements: dict + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: My Device Portal's alwaysUsedLanguage. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + endpointIdentityGroup: + description: Unique Id of the endpoint identity group where user's devices + will be added. Used only in Hotspot Portal. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: My Device Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: My Device Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + supportInfoSettings: + description: My Device Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + my_device_portal.MyDevicePortal.create_my_device_portal, + my_device_portal.MyDevicePortal.delete_my_device_portal_by_id, + my_device_portal.MyDevicePortal.update_my_device_portal_by_id, + + - Paths used are + post /ers/config/mydeviceportal, + delete /ers/config/mydeviceportal/{id}, + put /ers/config/mydeviceportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.my_device_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + employeeChangePasswordSettings: + allowEmployeeToChangePwd: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.my_device_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.my_device_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + employeeChangePasswordSettings: + allowEmployeeToChangePwd: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "displayFrequencyIntervalDays": 0, + "displayFrequency": "string", + "includeAup": true, + "requireScrolling": true + }, + "employeeChangePasswordSettings": { + "allowEmployeeToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/my_device_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/my_device_portal_info.py new file mode 100644 index 00000000..c0c1cd87 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/my_device_portal_info.py @@ -0,0 +1,327 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: my_device_portal_info +short_description: Information module for My Device Portal +description: +- Get all My Device Portal. +- Get My Device Portal by id. +- This API allows the client to get a my device portal by ID. +- This API allows the client to get all the my device portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + my_device_portal.MyDevicePortal.get_my_device_portal_by_id, + my_device_portal.MyDevicePortal.get_my_device_portal_generator, + + - Paths used are + get /ers/config/mydeviceportal, + get /ers/config/mydeviceportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all My Device Portal + cisco.ise.my_device_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get My Device Portal by id + cisco.ise.my_device_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "displayFrequencyIntervalDays": 0, + "displayFrequency": "string", + "includeAup": true, + "requireScrolling": true + }, + "employeeChangePasswordSettings": { + "allowEmployeeToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "displayFrequencyIntervalDays": 0, + "displayFrequency": "string", + "includeAup": true, + "requireScrolling": true + }, + "employeeChangePasswordSettings": { + "allowEmployeeToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile.py b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile.py new file mode 100644 index 00000000..e34a702c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile.py @@ -0,0 +1,143 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: native_supplicant_profile +short_description: Resource module for Native Supplicant Profile +description: +- Manage operations update and delete of the resource Native Supplicant Profile. +- This API deletes a native supplicant profile. +- This API allows the client to update a native supplicant profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Native Supplicant Profile's description. + type: str + id: + description: Native Supplicant Profile's id. + type: str + name: + description: Native Supplicant Profile's name. + type: str + wirelessProfiles: + description: Native Supplicant Profile's wirelessProfiles. + elements: dict + suboptions: + actionType: + description: Action type for WifiProfile. Allowed values - ADD, - UPDATE, - + DELETE (required for updating existing WirelessProfile). + type: str + allowedProtocol: + description: Native Supplicant Profile's allowedProtocol. + type: str + certificateTemplateId: + description: Native Supplicant Profile's certificateTemplateId. + type: str + previousSSID: + description: Previous ssid for WifiProfile (required for updating existing WirelessProfile). + type: str + ssid: + description: Native Supplicant Profile's ssid. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for NativeSupplicantProfile + description: Complete reference of the NativeSupplicantProfile API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!nspprofile +notes: + - SDK Method used are + native_supplicant_profile.NativeSupplicantProfile.delete_native_supplicant_profile_by_id, + native_supplicant_profile.NativeSupplicantProfile.update_native_supplicant_profile_by_id, + + - Paths used are + delete /ers/config/nspprofile/{id}, + put /ers/config/nspprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.native_supplicant_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + wirelessProfiles: + - actionType: string + allowedProtocol: string + certificateTemplateId: string + previousSsid: string + ssid: string + +- name: Delete by id + cisco.ise.native_supplicant_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "wirelessProfiles": [ + { + "ssid": "string", + "allowedProtocol": "string", + "certificateTemplateId": "string", + "actionType": "string", + "previousSsid": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile_info.py new file mode 100644 index 00000000..f086ded1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile_info.py @@ -0,0 +1,127 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: native_supplicant_profile_info +short_description: Information module for Native Supplicant Profile +description: +- Get all Native Supplicant Profile. +- Get Native Supplicant Profile by id. +- This API allows the client to get a native supplicant profile by ID. +- This API allows the client to get all the native supplicant profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for NativeSupplicantProfile + description: Complete reference of the NativeSupplicantProfile API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!nspprofile +notes: + - SDK Method used are + native_supplicant_profile.NativeSupplicantProfile.get_native_supplicant_profile_by_id, + native_supplicant_profile.NativeSupplicantProfile.get_native_supplicant_profile_generator, + + - Paths used are + get /ers/config/nspprofile, + get /ers/config/nspprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Native Supplicant Profile + cisco.ise.native_supplicant_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Native Supplicant Profile by id + cisco.ise.native_supplicant_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "wirelessProfiles": [ + { + "ssid": "string", + "allowedProtocol": "string", + "certificateTemplateId": "string", + "actionType": "string", + "previousSsid": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "wirelessProfiles": [ + { + "ssid": "string", + "allowedProtocol": "string", + "certificateTemplateId": "string", + "actionType": "string", + "previousSsid": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules.py new file mode 100644 index 00000000..33ea4762 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules.py @@ -0,0 +1,535 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authentication_rules +short_description: Resource module for Network Access Authentication Rules +description: +- Manage operations create, update and delete of the resource Network Access Authentication Rules. +- Network Access - Create authentication rule. +- Network Access - Delete rule. +- Network Access - Update rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + identitySourceName: + description: Identity source name from the identity stores. + type: str + ifAuthFail: + description: Action to perform when authentication fails such as Bad credentials, + disabled user and so on. + type: str + ifProcessFail: + description: Action to perform when ISE is uanble to access the identity database. + type: str + ifUserNotFound: + description: Action to perform when user is not found in any of identity stores. + type: str + link: + description: Network Access Authentication Rules's link. + suboptions: + href: + description: Network Access Authentication Rules's href. + type: str + rel: + description: Network Access Authentication Rules's rel. + type: str + type: + description: Network Access Authentication Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Authentication Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authentication Rules's link. + suboptions: + href: + description: Network Access Authentication Rules's href. + type: str + rel: + description: Network Access Authentication Rules's rel. + type: str + type: + description: Network Access Authentication Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Authentication Rules's endDate. + type: str + startDate: + description: Network Access Authentication Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Authentication Rules's endDate. + type: str + startDate: + description: Network Access Authentication Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Authentication Rules's endTime. + type: str + startTime: + description: Network Access Authentication Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Authentication Rules's endTime. + type: str + startTime: + description: Network Access Authentication Rules's startTime. + type: str + type: dict + id: + description: Network Access Authentication Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authentication Rules's link. + suboptions: + href: + description: Network Access Authentication Rules's href. + type: str + rel: + description: Network Access Authentication Rules's rel. + type: str + type: + description: Network Access Authentication Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authentication Rules + description: Complete reference of the Network Access - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authentication_rules.NetworkAccessAuthenticationRules.create_network_access_authentication_rule, + network_access_authentication_rules.NetworkAccessAuthenticationRules.delete_network_access_authentication_rule_by_id, + network_access_authentication_rules.NetworkAccessAuthenticationRules.update_network_access_authentication_rule_by_id, + + - Paths used are + post /network-access/policy-set/{policyId}/authentication, + delete /network-access/policy-set/{policyId}/authentication/{id}, + put /network-access/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_info.py new file mode 100644 index 00000000..a4124342 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authentication_rules_info +short_description: Information module for Network Access Authentication Rules +description: +- Get all Network Access Authentication Rules. +- Get Network Access Authentication Rules by id. +- Network Access - Get authentication rules. +- Network Access - Get rule attributes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authentication Rules + description: Complete reference of the Network Access - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authentication_rules.NetworkAccessAuthenticationRules.get_network_access_authentication_rule_by_id, + network_access_authentication_rules.NetworkAccessAuthenticationRules.get_network_access_authentication_rules, + + - Paths used are + get /network-access/policy-set/{policyId}/authentication, + get /network-access/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Authentication Rules + cisco.ise.network_access_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Network Access Authentication Rules by id + cisco.ise.network_access_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_reset_hitcount.py new file mode 100644 index 00000000..1d4de88e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authentication_rules_reset_hitcount +short_description: Resource module for Network Access Authentication Rules Reset Hitcount +description: +- Manage operation create of the resource Network Access Authentication Rules Reset Hitcount. +- Network Access - Reset HitCount for Authentication Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authentication Rules + description: Complete reference of the Network Access - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authentication_rules.NetworkAccessAuthenticationRules.reset_hit_counts_network_access_authentication_rules, + + - Paths used are + post /network-access/policy-set/{policyId}/authentication/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authentication_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules.py new file mode 100644 index 00000000..03b4c64b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules.py @@ -0,0 +1,527 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authorization_rules +short_description: Resource module for Network Access Authorization Rules +description: +- Manage operations create, update and delete of the resource Network Access Authorization Rules. +- Network Access - Create authorization rule. +- Network Access - Delete authorization rule. +- Network Access - Update authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + link: + description: Network Access Authorization Rules's link. + suboptions: + href: + description: Network Access Authorization Rules's href. + type: str + rel: + description: Network Access Authorization Rules's rel. + type: str + type: + description: Network Access Authorization Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: The authorization profile/s. + elements: str + type: list + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Authorization Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authorization Rules's link. + suboptions: + href: + description: Network Access Authorization Rules's href. + type: str + rel: + description: Network Access Authorization Rules's rel. + type: str + type: + description: Network Access Authorization Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Authorization Rules's endDate. + type: str + startDate: + description: Network Access Authorization Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Authorization Rules's endDate. + type: str + startDate: + description: Network Access Authorization Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Authorization Rules's endTime. + type: str + startTime: + description: Network Access Authorization Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Authorization Rules's endTime. + type: str + startTime: + description: Network Access Authorization Rules's startTime. + type: str + type: dict + id: + description: Network Access Authorization Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authorization Rules's link. + suboptions: + href: + description: Network Access Authorization Rules's href. + type: str + rel: + description: Network Access Authorization Rules's rel. + type: str + type: + description: Network Access Authorization Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict + securityGroup: + description: Security group used in authorization policies. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Rules + description: Complete reference of the Network Access - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_rules.NetworkAccessAuthorizationRules.create_network_access_authorization_rule, + network_access_authorization_rules.NetworkAccessAuthorizationRules.delete_network_access_authorization_rule_by_id, + network_access_authorization_rules.NetworkAccessAuthorizationRules.update_network_access_authorization_rule_by_id, + + - Paths used are + post /network-access/policy-set/{policyId}/authorization, + delete /network-access/policy-set/{policyId}/authorization/{id}, + put /network-access/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Update by id + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Delete by id + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_info.py new file mode 100644 index 00000000..ec93647e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authorization_rules_info +short_description: Information module for Network Access Authorization Rules +description: +- Get all Network Access Authorization Rules. +- Get Network Access Authorization Rules by id. +- Network Access - Get authorization rule attributes. +- Network Access - Get authorization rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Rules + description: Complete reference of the Network Access - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_rules.NetworkAccessAuthorizationRules.get_network_access_authorization_rule_by_id, + network_access_authorization_rules.NetworkAccessAuthorizationRules.get_network_access_authorization_rules, + + - Paths used are + get /network-access/policy-set/{policyId}/authorization, + get /network-access/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Authorization Rules + cisco.ise.network_access_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Network Access Authorization Rules by id + cisco.ise.network_access_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_reset_hitcount.py new file mode 100644 index 00000000..55dfe008 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authorization_rules_reset_hitcount +short_description: Resource module for Network Access Authorization Rules Reset Hitcount +description: +- Manage operation create of the resource Network Access Authorization Rules Reset Hitcount. +- Network Access - Reset HitCount for Authorization Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Rules + description: Complete reference of the Network Access - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_rules.NetworkAccessAuthorizationRules.reset_hit_counts_network_access_authorization_rules, + + - Paths used are + post /network-access/policy-set/{policyId}/authorization/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authorization_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions.py new file mode 100644 index 00000000..6321335d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions.py @@ -0,0 +1,457 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions +short_description: Resource module for Network Access Conditions +description: +- Manage operations create, update and delete of the resource Network Access Conditions. +- Network Access - Creates a library condition. +- Network Access - Delete a library condition using condition Name. +- Network Access - Delete a library condition. +- Network Access - Update library condition using condition name. +- Network Access - Update library condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is specified + in dictionary object
  • if multiple values allowed is specified in dictionary + object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both
  • Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Conditions's link. + suboptions: + href: + description: Network Access Conditions's href. + type: str + rel: + description: Network Access Conditions's rel. + type: str + type: + description: Network Access Conditions's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both
  • Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Network Access Conditions's endDate. + type: str + startDate: + description: Network Access Conditions's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Network Access Conditions's endDate. + type: str + startDate: + description: Network Access Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Network Access Conditions's endTime. + type: str + startTime: + description: Network Access Conditions's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Network Access Conditions's endTime. + type: str + startTime: + description: Network Access Conditions's startTime. + type: str + type: dict + id: + description: Network Access Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Conditions's link. + suboptions: + href: + description: Network Access Conditions's href. + type: str + rel: + description: Network Access Conditions's rel. + type: str + type: + description: Network Access Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
Days format + - Arrays of WeekDay enums
Default - List of All week days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
Days + format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.create_network_access_condition, + network_access_conditions.NetworkAccessConditions.delete_network_access_condition_by_id, + network_access_conditions.NetworkAccessConditions.delete_network_access_condition_by_name, + network_access_conditions.NetworkAccessConditions.update_network_access_condition_by_id, + network_access_conditions.NetworkAccessConditions.update_network_access_condition_by_name, + + - Paths used are + post /network-access/condition, + delete /network-access/condition/condition-by-name/{name}, + delete /network-access/condition/{id}, + put /network-access/condition/condition-by-name/{name}, + put /network-access/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by name + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by name + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authentication_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authentication_rule_info.py new file mode 100644 index 00000000..bb37744f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authentication_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_for_authentication_rule_info +short_description: Information module for Network Access Conditions For Authentication Rule +description: +- Get all Network Access Conditions For Authentication Rule. +- Network Access - Returns list of library conditions for Authentication rules scope. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_conditions_for_authentication_rules, + + - Paths used are + get /network-access/condition/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions For Authentication Rule + cisco.ise.network_access_conditions_for_authentication_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authorization_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authorization_rule_info.py new file mode 100644 index 00000000..be93e370 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authorization_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_for_authorization_rule_info +short_description: Information module for Network Access Conditions For Authorization Rule +description: +- Get all Network Access Conditions For Authorization Rule. +- Network Access - Returns list of library conditions for Authorization rules scope. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_conditions_for_authorization_rules, + + - Paths used are + get /network-access/condition/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions For Authorization Rule + cisco.ise.network_access_conditions_for_authorization_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_policy_set_info.py new file mode 100644 index 00000000..a8739b02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_policy_set_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_for_policy_set_info +short_description: Information module for Network Access Conditions For Policy Set +description: +- Get all Network Access Conditions For Policy Set. +- Network Access - Returns list of library conditions for PolicySet scope. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_conditions_for_policy_sets, + + - Paths used are + get /network-access/condition/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions For Policy Set + cisco.ise.network_access_conditions_for_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_info.py new file mode 100644 index 00000000..79273501 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_info.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_info +short_description: Information module for Network Access Conditions +description: +- Get all Network Access Conditions. +- Get Network Access Conditions by id. +- Get Network Access Conditions by name. +- Network Access - Returns a library condition. +- Network Access - Returns a library condition. +- Network Access - Returns all library conditions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. Condition name. + type: str + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_condition_by_id, + network_access_conditions.NetworkAccessConditions.get_network_access_condition_by_name, + network_access_conditions.NetworkAccessConditions.get_network_access_conditions, + + - Paths used are + get /network-access/condition, + get /network-access/condition/condition-by-name/{name}, + get /network-access/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions + cisco.ise.network_access_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Conditions by id + cisco.ise.network_access_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Network Access Conditions by name + cisco.ise.network_access_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary.py new file mode 100644 index 00000000..161c04bc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary.py @@ -0,0 +1,155 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary +short_description: Resource module for Network Access Dictionary +description: +- Manage operations create, update and delete of the resource Network Access Dictionary. +- Network Access - Create a new Dictionary. +- Network Access - Delete a Dictionary. +- Network Access - Update a Dictionary. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: The description of the Dictionary. + type: str + dictionaryAttrType: + description: The dictionary attribute type. + type: str + id: + description: Identifier for the dictionary. + type: str + link: + description: Network Access Dictionary's link. + suboptions: + href: + description: Network Access Dictionary's href. + type: str + rel: + description: Network Access Dictionary's rel. + type: str + type: + description: Network Access Dictionary's type. + type: str + type: dict + name: + description: The dictionary name. + type: str + version: + description: The dictionary version. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary + description: Complete reference of the Network Access - Dictionary API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary.NetworkAccessDictionary.create_network_access_dictionaries, + network_access_dictionary.NetworkAccessDictionary.delete_network_access_dictionary_by_name, + network_access_dictionary.NetworkAccessDictionary.update_network_access_dictionary_by_name, + + - Paths used are + post /network-access/dictionaries, + delete /network-access/dictionaries/{name}, + put /network-access/dictionaries/{name}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_dictionary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + dictionaryAttrType: string + id: string + link: + href: string + rel: string + type: string + name: string + version: string + +- name: Update by name + cisco.ise.network_access_dictionary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + dictionaryAttrType: string + id: string + link: + href: string + rel: string + type: string + name: string + version: string + +- name: Delete by name + cisco.ise.network_access_dictionary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "dictionaryAttrType": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "version": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "description": "string", + "dictionaryAttrType": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "version": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute.py new file mode 100644 index 00000000..4a029c5c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute.py @@ -0,0 +1,176 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attribute +short_description: Resource module for Network Access Dictionary Attribute +description: +- Manage operations create, update and delete of the resource Network Access Dictionary Attribute. +- Create a new Dictionary Attribute for an existing Dictionary. +- Delete a Dictionary Attribute. +- Update a Dictionary Attribute. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowedValues: + description: All of the allowed values for the dictionary attribute. + elements: dict + suboptions: + isDefault: + description: True if this key value is the default between the allowed values + of the dictionary attribute. + type: bool + key: + description: Network Access Dictionary Attribute's key. + type: str + value: + description: Network Access Dictionary Attribute's value. + type: str + type: list + dataType: + description: The data type for the dictionary attribute. + type: str + description: + description: The description of the Dictionary attribute. + type: str + dictionaryName: + description: The name of the dictionary which the dictionary attribute belongs to. + type: str + directionType: + description: The direction for the useage of the dictionary attribute. + type: str + id: + description: Identifier for the dictionary attribute. + type: str + internalName: + description: The internal name of the dictionary attribute. + type: str + name: + description: The dictionary attribute's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attribute + description: Complete reference of the Network Access - Dictionary Attribute API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.create_network_access_dictionary_attribute, + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.delete_network_access_dictionary_attribute_by_name, + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.update_network_access_dictionary_attribute_by_name, + + - Paths used are + post /network-access/dictionaries/{dictionaryName}/attribute, + delete /network-access/dictionaries/{dictionaryName}/attribute/{name}, + put /network-access/dictionaries/{dictionaryName}/attribute/{name}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedValues: + - isDefault: true + key: string + value: string + dataType: string + description: string + dictionaryName: string + directionType: string + id: string + internalName: string + name: string + +- name: Update by name + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedValues: + - isDefault: true + key: string + value: string + dataType: string + description: string + dictionaryName: string + directionType: string + id: string + internalName: string + name: string + +- name: Delete by name + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + dictionaryName: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute_info.py new file mode 100644 index 00000000..92346b68 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute_info.py @@ -0,0 +1,91 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attribute_info +short_description: Information module for Network Access Dictionary Attribute +description: +- Get all Network Access Dictionary Attribute. +- Get Network Access Dictionary Attribute by name. +- Get a Dictionary Attribute. +- Returns a list of Dictionary Attributes for an existing Dictionary. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + dictionaryName: + description: + - DictionaryName path parameter. The name of the dictionary the dictionary attribute belongs to. + type: str + name: + description: + - Name path parameter. The dictionary attribute name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attribute + description: Complete reference of the Network Access - Dictionary Attribute API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.get_network_access_dictionary_attribute_by_name, + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.get_network_access_dictionary_attributes_by_dictionary_name, + + - Paths used are + get /network-access/dictionaries/{dictionaryName}/attribute, + get /network-access/dictionaries/{dictionaryName}/attribute/{name}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attribute + cisco.ise.network_access_dictionary_attribute_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dictionaryName: string + register: result + +- name: Get Network Access Dictionary Attribute by name + cisco.ise.network_access_dictionary_attribute_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + dictionaryName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authentication_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authentication_info.py new file mode 100644 index 00000000..fc420dbf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authentication_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attributes_authentication_info +short_description: Information module for Network Access Dictionary Attributes Authentication +description: +- Get all Network Access Dictionary Attributes Authentication. +- Network Access - Returns list of dictionary attributes for authentication. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attributes List + description: Complete reference of the Network Access - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attributes_list.NetworkAccessDictionaryAttributesList.get_network_access_dictionaries_authentication, + + - Paths used are + get /network-access/dictionaries/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attributes Authentication + cisco.ise.network_access_dictionary_attributes_authentication_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authorization_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authorization_info.py new file mode 100644 index 00000000..88a0a1f0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authorization_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attributes_authorization_info +short_description: Information module for Network Access Dictionary Attributes Authorization +description: +- Get all Network Access Dictionary Attributes Authorization. +- Network Access - Returns list of dictionary attributes for authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attributes List + description: Complete reference of the Network Access - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attributes_list.NetworkAccessDictionaryAttributesList.get_network_access_dictionaries_authorization, + + - Paths used are + get /network-access/dictionaries/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attributes Authorization + cisco.ise.network_access_dictionary_attributes_authorization_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_policy_set_info.py new file mode 100644 index 00000000..4d82fae8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_policy_set_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attributes_policy_set_info +short_description: Information module for Network Access Dictionary Attributes Policy Set +description: +- Get all Network Access Dictionary Attributes Policy Set. +- Network Access - Returns list of dictionary attributes for policyset. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attributes List + description: Complete reference of the Network Access - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attributes_list.NetworkAccessDictionaryAttributesList.get_network_access_dictionaries_policy_set, + + - Paths used are + get /network-access/dictionaries/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attributes Policy Set + cisco.ise.network_access_dictionary_attributes_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_info.py new file mode 100644 index 00000000..4334d517 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_info.py @@ -0,0 +1,81 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_info +short_description: Information module for Network Access Dictionary +description: +- Get all Network Access Dictionary. +- Get Network Access Dictionary by name. +- GET a dictionary by name. +- Get all Dictionaries. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. The dictionary name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary + description: Complete reference of the Network Access - Dictionary API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary.NetworkAccessDictionary.get_network_access_dictionaries, + network_access_dictionary.NetworkAccessDictionary.get_network_access_dictionary_by_name, + + - Paths used are + get /network-access/dictionaries, + get /network-access/dictionaries/{name}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary + cisco.ise.network_access_dictionary_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Dictionary by name + cisco.ise.network_access_dictionary_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "dictionaryAttrType": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules.py new file mode 100644 index 00000000..67f0456d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules.py @@ -0,0 +1,521 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_global_exception_rules +short_description: Resource module for Network Access Global Exception Rules +description: +- Manage operations create, update and delete of the resource Network Access Global Exception Rules. +- Network Access - Create global exception authorization rule. +- Network Access - Delete global exception authorization rule. +- Network Access - Update global exception authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + link: + description: Network Access Global Exception Rules's link. + suboptions: + href: + description: Network Access Global Exception Rules's href. + type: str + rel: + description: Network Access Global Exception Rules's rel. + type: str + type: + description: Network Access Global Exception Rules's type. + type: str + type: dict + profile: + description: The authorization profile/s. + elements: str + type: list + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Global Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Global Exception Rules's link. + suboptions: + href: + description: Network Access Global Exception Rules's href. + type: str + rel: + description: Network Access Global Exception Rules's rel. + type: str + type: + description: Network Access Global Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Global Exception Rules's endDate. + type: str + startDate: + description: Network Access Global Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Global Exception Rules's endDate. + type: str + startDate: + description: Network Access Global Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Global Exception Rules's endTime. + type: str + startTime: + description: Network Access Global Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Global Exception Rules's endTime. + type: str + startTime: + description: Network Access Global Exception Rules's startTime. + type: str + type: dict + id: + description: Network Access Global Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Global Exception Rules's link. + suboptions: + href: + description: Network Access Global Exception Rules's href. + type: str + rel: + description: Network Access Global Exception Rules's rel. + type: str + type: + description: Network Access Global Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict + securityGroup: + description: Security group used in authorization policies. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Global Exception Rules + description: Complete reference of the Network Access - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.create_network_access_policy_set_global_exception_rule, + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.delete_network_access_policy_set_global_exception_rule_by_id, + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.update_network_access_policy_set_global_exception_rule_by_id, + + - Paths used are + post /network-access/policy-set/global-exception, + delete /network-access/policy-set/global-exception/{id}, + put /network-access/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + link: + href: string + rel: string + type: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Update by id + cisco.ise.network_access_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + link: + href: string + rel: string + type: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Delete by id + cisco.ise.network_access_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_info.py new file mode 100644 index 00000000..168ed354 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_info.py @@ -0,0 +1,138 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_global_exception_rules_info +short_description: Information module for Network Access Global Exception Rules +description: +- Get all Network Access Global Exception Rules. +- Get Network Access Global Exception Rules by id. +- Network Access - Get global exception rule attributes. +- Network Access - Get global execption rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Global Exception Rules + description: Complete reference of the Network Access - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.get_network_access_policy_set_global_exception_rule_by_id, + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.get_network_access_policy_set_global_exception_rules, + + - Paths used are + get /network-access/policy-set/global-exception, + get /network-access/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Global Exception Rules + cisco.ise.network_access_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Global Exception Rules by id + cisco.ise.network_access_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..8047fc1d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_global_exception_rules_reset_hitcount +short_description: Resource module for Network Access Global Exception Rules Reset Hitcount +description: +- Manage operation create of the resource Network Access Global Exception Rules Reset Hitcount. +- Network Access - Reset HitCount for Global Exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Global Exception Rules + description: Complete reference of the Network Access - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.reset_hit_counts_network_access_global_exceptions, + + - Paths used are + post /network-access/policy-set/global-exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_global_exception_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_identity_stores_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_identity_stores_info.py new file mode 100644 index 00000000..5bdc15cf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_identity_stores_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_identity_stores_info +short_description: Information module for Network Access Identity Stores +description: +- Get all Network Access Identity Stores. +- Network Access - Return list of identity stores for authentication policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Identity Stores + description: Complete reference of the Network Access - Identity Stores API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_identity_stores.NetworkAccessIdentityStores.get_network_access_identity_stores, + + - Paths used are + get /network-access/identity-stores, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Identity Stores + cisco.ise.network_access_identity_stores_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules.py new file mode 100644 index 00000000..8f88a5fa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules.py @@ -0,0 +1,527 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_local_exception_rules +short_description: Resource module for Network Access Local Exception Rules +description: +- Manage operations create, update and delete of the resource Network Access Local Exception Rules. +- Network Access - Create local authorization exception rule. +- Network Access - Delete local exception rule. +- Network Access - Update local exception rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + link: + description: Network Access Local Exception Rules's link. + suboptions: + href: + description: Network Access Local Exception Rules's href. + type: str + rel: + description: Network Access Local Exception Rules's rel. + type: str + type: + description: Network Access Local Exception Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: The authorization profile/s. + elements: str + type: list + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Local Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is + specified in dictionary object
  • if multiple values allowed is + specified in dictionary object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Local Exception Rules's link. + suboptions: + href: + description: Network Access Local Exception Rules's href. + type: str + rel: + description: Network Access Local Exception Rules's rel. + type: str + type: + description: Network Access Local Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Local Exception Rules's endDate. + type: str + startDate: + description: Network Access Local Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Local Exception Rules's endDate. + type: str + startDate: + description: Network Access Local Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Local Exception Rules's endTime. + type: str + startTime: + description: Network Access Local Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be + matched
Time format - hh mm ( h = hour , mm = minutes )
Default + - All Day

. + suboptions: + endTime: + description: Network Access Local Exception Rules's endTime. + type: str + startTime: + description: Network Access Local Exception Rules's startTime. + type: str + type: dict + id: + description: Network Access Local Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Local Exception Rules's link. + suboptions: + href: + description: Network Access Local Exception Rules's href. + type: str + rel: + description: Network Access Local Exception Rules's rel. + type: str + type: + description: Network Access Local Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
+ Days format - Arrays of WeekDay enums
Default - List of All week + days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict + securityGroup: + description: Security group used in authorization policies. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Exception Rules + description: Complete reference of the Network Access - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.create_network_access_local_exception_rule, + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.delete_network_access_local_exception_rule_by_id, + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.update_network_access_local_exception_rule_by_id, + + - Paths used are + post /network-access/policy-set/{policyId}/exception, + delete /network-access/policy-set/{policyId}/exception/{id}, + put /network-access/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Update by id + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Delete by id + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_info.py new file mode 100644 index 00000000..d93c9bef --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_local_exception_rules_info +short_description: Information module for Network Access Local Exception Rules +description: +- Get all Network Access Local Exception Rules. +- Get Network Access Local Exception Rules by id. +- Network Access - Get local exception rule attributes. +- Network Access - Get local exception rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Exception Rules + description: Complete reference of the Network Access - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.get_network_access_local_exception_rule_by_id, + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.get_network_access_local_exception_rules, + + - Paths used are + get /network-access/policy-set/{policyId}/exception, + get /network-access/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Local Exception Rules + cisco.ise.network_access_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Network Access Local Exception Rules by id + cisco.ise.network_access_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_reset_hitcounts.py b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_reset_hitcounts.py new file mode 100644 index 00000000..25751d4b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_reset_hitcounts.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_local_exception_rules_reset_hitcounts +short_description: Resource module for Network Access Local Exception Rules Reset Hitcounts +description: +- Manage operation create of the resource Network Access Local Exception Rules Reset Hitcounts. +- Network Access - Reset HitCount for local exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Exception Rules + description: Complete reference of the Network Access - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.reset_hit_counts_network_access_local_exceptions, + + - Paths used are + post /network-access/policy-set/{policyId}/exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_local_exception_rules_reset_hitcounts: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition.py b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition.py new file mode 100644 index 00000000..bbdfb592 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition.py @@ -0,0 +1,228 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_network_condition +short_description: Resource module for Network Access Network Condition +description: +- Manage operations create, update and delete of the resource Network Access Network Condition. +- Network Access - Creates network condition. +- Network Access - Delete network condition. +- Network Access - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + cliDnisList: + description:

This field should contain a Caller ID (CLI), comma, and Called ID + (DNIS).
Line format - Caller ID (CLI), Called ID (DNIS)

. + elements: str + type: list + conditionType: + description: This field determines the content of the conditions field. + type: str + description: + description: Network Access Network Condition's description. + type: str + deviceGroupList: + description:

This field should contain a NDG Root, comma, and an NDG + (that it under the root).
Line format - NDG Root Name, NDG, Port

. + elements: str + type: list + deviceList: + description:

This field should contain Device-Name,port-number. The device + name must be the same as the name field in a Network Device object.
Line + format - Device Name,Port

. + elements: str + type: list + id: + description: Network Access Network Condition's id. + type: str + ipAddrList: + description:

This field should contain IP-address-or-subnet,port number
+ IP address can be IPV4 format (n.n.n.n) or IPV6 format (n n n n n n n n).
+ IP subnet can be IPV4 format (n.n.n.n/m) or IPV6 format (n n n n n n n n/m).
+ Line format - IP Address or subnet,Port

. + elements: str + type: list + link: + description: Network Access Network Condition's link. + suboptions: + href: + description: Network Access Network Condition's href. + type: str + rel: + description: Network Access Network Condition's rel. + type: str + type: + description: Network Access Network Condition's type. + type: str + type: dict + macAddrList: + description:

This field should contain Endstation MAC address, comma, and + Destination MAC addresses.
Each Max address must include twelve hexadecimal + digits using formats nn nn nn nn nn nn or nn-nn-nn-nn-nn-nn or nnnn.nnnn.nnnn + or nnnnnnnnnnnn.
Line format - Endstation MAC,Destination MAC

. + elements: str + type: list + name: + description: Network Condition name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Network Conditions + description: Complete reference of the Network Access - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_network_conditions.NetworkAccessNetworkConditions.create_network_access_network_condition, + network_access_network_conditions.NetworkAccessNetworkConditions.delete_network_access_network_condition_by_id, + network_access_network_conditions.NetworkAccessNetworkConditions.update_network_access_network_condition_by_id, + + - Paths used are + post /network-access/network-condition, + delete /network-access/network-condition/{id}, + put /network-access/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_network_condition: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + +- name: Update by id + cisco.ise.network_access_network_condition: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + +- name: Delete by id + cisco.ise.network_access_network_condition: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "deviceList": [ + "string" + ], + "cliDnisList": [ + "string" + ], + "ipAddrList": [ + "string" + ], + "macAddrList": [ + "string" + ], + "deviceGroupList": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "deviceList": [ + "string" + ], + "cliDnisList": [ + "string" + ], + "ipAddrList": [ + "string" + ], + "macAddrList": [ + "string" + ], + "deviceGroupList": [ + "string" + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition_info.py new file mode 100644 index 00000000..8d4f5aef --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition_info.py @@ -0,0 +1,95 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_network_condition_info +short_description: Information module for Network Access Network Condition +description: +- Get all Network Access Network Condition. +- Get Network Access Network Condition by id. +- Network Access - Returns a list of network conditions. +- Network Access - Returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Network Conditions + description: Complete reference of the Network Access - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_network_conditions.NetworkAccessNetworkConditions.get_network_access_network_condition_by_id, + network_access_network_conditions.NetworkAccessNetworkConditions.get_network_access_network_conditions, + + - Paths used are + get /network-access/network-condition, + get /network-access/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Network Condition + cisco.ise.network_access_network_condition_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Network Condition by id + cisco.ise.network_access_network_condition_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "deviceList": [ + "string" + ], + "cliDnisList": [ + "string" + ], + "ipAddrList": [ + "string" + ], + "macAddrList": [ + "string" + ], + "deviceGroupList": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set.py b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set.py new file mode 100644 index 00000000..5d7e27b0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set.py @@ -0,0 +1,505 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_policy_set +short_description: Resource module for Network Access Policy Set +description: +- Manage operations create, update and delete of the resource Network Access Policy Set. +- Network Access - Create a new policy set. +- Network Access - Delete a policy set. +- Network Access - Update a policy set. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + condition: + description: Network Access Policy Set's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is specified + in dictionary object
  • if multiple values allowed is specified in dictionary + object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be + aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both
  • Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Policy Set's link. + suboptions: + href: + description: Network Access Policy Set's href. + type: str + rel: + description: Network Access Policy Set's rel. + type: str + type: + description: Network Access Policy Set's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both
  • Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Policy Set's endDate. + type: str + startDate: + description: Network Access Policy Set's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used + for start/end date
Default - no specific dates
In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)

. + suboptions: + endDate: + description: Network Access Policy Set's endDate. + type: str + startDate: + description: Network Access Policy Set's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Network Access Policy Set's endTime. + type: str + startTime: + description: Network Access Policy Set's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Network Access Policy Set's endTime. + type: str + startTime: + description: Network Access Policy Set's startTime. + type: str + type: dict + id: + description: Network Access Policy Set's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Policy Set's link. + suboptions: + href: + description: Network Access Policy Set's href. + type: str + rel: + description: Network Access Policy Set's rel. + type: str + type: + description: Network Access Policy Set's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
Days + format - Arrays of WeekDay enums
Default - List of All week days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
+ Days format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list + type: dict + default: + description: Flag which indicates if this policy set is the default one. + type: bool + description: + description: The description for the policy set. + type: str + hitCounts: + description: The amount of times the policy was matched. + type: int + id: + description: Identifier for the policy set. + type: str + isProxy: + description: Flag which indicates if the policy set service is of type 'Proxy Sequence' + or 'Allowed Protocols'. + type: bool + link: + description: Network Access Policy Set's link. + suboptions: + href: + description: Network Access Policy Set's href. + type: str + rel: + description: Network Access Policy Set's rel. + type: str + type: + description: Network Access Policy Set's type. + type: str + type: dict + name: + description: Given name for the policy set, Valid characters are alphanumerics, + underscore, hyphen, space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other policy set. Lower rank is higher + priority. + type: int + serviceName: + description: Policy set service identifier - Allowed Protocols,Server Sequence.. + type: str + state_: + description: The state that the policy set is in. A disabled policy set cannot be + matched. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Policy Set + description: Complete reference of the Network Access - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_policy_set.NetworkAccessPolicySet.create_network_access_policy_set, + network_access_policy_set.NetworkAccessPolicySet.delete_network_access_policy_set_by_id, + network_access_policy_set.NetworkAccessPolicySet.update_network_access_policy_set_by_id, + + - Paths used are + post /network-access/policy-set, + delete /network-access/policy-set/{id}, + put /network-access/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Update by id + cisco.ise.network_access_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Delete by id + cisco.ise.network_access_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_info.py new file mode 100644 index 00000000..eb151584 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_info.py @@ -0,0 +1,135 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_policy_set_info +short_description: Information module for Network Access Policy Set +description: +- Get all Network Access Policy Set. +- Get Network Access Policy Set by id. +- Get all network access policy sets. +- Network Access - Get policy set attributes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Policy Set + description: Complete reference of the Network Access - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_policy_set.NetworkAccessPolicySet.get_network_access_policy_set_by_id, + network_access_policy_set.NetworkAccessPolicySet.get_network_access_policy_sets, + + - Paths used are + get /network-access/policy-set, + get /network-access/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Policy Set + cisco.ise.network_access_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Policy Set by id + cisco.ise.network_access_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_reset_hitcount.py new file mode 100644 index 00000000..66f6b6ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_policy_set_reset_hitcount +short_description: Resource module for Network Access Policy Set Reset Hitcount +description: +- Manage operation create of the resource Network Access Policy Set Reset Hitcount. +- Network Access - Reset HitCount for PolicySets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Policy Set + description: Complete reference of the Network Access - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_policy_set.NetworkAccessPolicySet.reset_hit_counts_network_access_policy_sets, + + - Paths used are + post /network-access/policy-set/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_policy_set_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_profiles_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_profiles_info.py new file mode 100644 index 00000000..74a8ea78 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_profiles_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_profiles_info +short_description: Information module for Network Access Profiles +description: +- Get all Network Access Profiles. +- Network Access - Returns list of authorization profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Profiles + description: Complete reference of the Network Access - Profiles API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_profiles.NetworkAccessProfiles.get_network_access_profiles, + + - Paths used are + get /network-access/authorization-profiles, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Profiles + cisco.ise.network_access_profiles_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_security_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_security_groups_info.py new file mode 100644 index 00000000..660fab70 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_security_groups_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_security_groups_info +short_description: Information module for Network Access Security Groups +description: +- Get all Network Access Security Groups. +- Network Access - Return list of available security groups for authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Security Groups + description: Complete reference of the Network Access - Security Groups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_security_groups.NetworkAccessSecurityGroups.get_network_access_security_groups, + + - Paths used are + get /network-access/security-groups, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Security Groups + cisco.ise.network_access_security_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_service_name_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_service_name_info.py new file mode 100644 index 00000000..3bcb433a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_service_name_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_service_name_info +short_description: Information module for Network Access Service Name +description: +- Get all Network Access Service Name. +- Returns list of Allowed Protocols and Server Sequences for Network Access. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Service Names + description: Complete reference of the Network Access - Service Names API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_service_names.NetworkAccessServiceNames.get_network_access_service_names, + + - Paths used are + get /network-access/service-names, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Service Name + cisco.ise.network_access_service_name_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isLocalAuthorization": true, + "name": "string", + "serviceType": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions.py b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions.py new file mode 100644 index 00000000..15d98144 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions.py @@ -0,0 +1,299 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_time_date_conditions +short_description: Resource module for Network Access Time Date Conditions +description: +- Manage operations create, update and delete of the resource Network Access Time Date Conditions. +- Network Access - Creates time/date condition. +- Network Access - Delete Time/Date condition. +- Network Access - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description:
  • Attribute value for condition
  • Value type is specified + in dictionary object
  • if multiple values allowed is specified in dictionary + object
. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both
  • Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field
. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Time Date Conditions's link. + suboptions: + href: + description: Network Access Time Date Conditions's href. + type: str + rel: + description: Network Access Time Date Conditions's rel. + type: str + type: + description: Network Access Time Date Conditions's type. + type: str + type: dict + type: list + conditionType: + description:
  • Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation
  • Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both
  • Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field
. + type: str + datesRange: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Network Access Time Date Conditions's endDate. + type: str + startDate: + description: Network Access Time Date Conditions's startDate. + type: str + type: dict + datesRangeException: + description:

Defines for which date/s TimeAndDate condition will be matched
+ Options are - Date range, for specific date, the same date should be used for + start/end date
Default - no specific dates
In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)

. + suboptions: + endDate: + description: Network Access Time Date Conditions's endDate. + type: str + startDate: + description: Network Access Time Date Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Network Access Time Date Conditions's endTime. + type: str + startTime: + description: Network Access Time Date Conditions's startTime. + type: str + type: dict + hoursRangeException: + description:

Defines for which hours a TimeAndDate condition will be matched
+ Time format - hh mm ( h = hour , mm = minutes )
Default - All Day

. + suboptions: + endTime: + description: Network Access Time Date Conditions's endTime. + type: str + startTime: + description: Network Access Time Date Conditions's startTime. + type: str + type: dict + id: + description: Network Access Time Date Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Time Date Conditions's link. + suboptions: + href: + description: Network Access Time Date Conditions's href. + type: str + rel: + description: Network Access Time Date Conditions's rel. + type: str + type: + description: Network Access Time Date Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description:

Defines for which days this condition will be matched
Days format + - Arrays of WeekDay enums
Default - List of All week days

. + elements: str + type: list + weekDaysException: + description:

Defines for which days this condition will NOT be matched
Days + format - Arrays of WeekDay enums
Default - Not enabled

. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Time/Date Conditions + description: Complete reference of the Network Access - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_time_date_conditions.NetworkAccessTimeDateConditions.create_network_access_time_condition, + network_access_time_date_conditions.NetworkAccessTimeDateConditions.delete_network_access_time_condition_by_id, + network_access_time_date_conditions.NetworkAccessTimeDateConditions.update_network_access_time_condition_by_id, + + - Paths used are + post /network-access/time-condition, + delete /network-access/time-condition/{id}, + put /network-access/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by id + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": {}, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions_info.py new file mode 100644 index 00000000..aa22bfe9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions_info.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_time_date_conditions_info +short_description: Information module for Network Access Time Date Conditions +description: +- Get all Network Access Time Date Conditions. +- Get Network Access Time Date Conditions by id. +- Network Access - Returns a list of time and date conditions. +- Network Access - returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Time/Date Conditions + description: Complete reference of the Network Access - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_time_date_conditions.NetworkAccessTimeDateConditions.get_network_access_time_condition_by_id, + network_access_time_date_conditions.NetworkAccessTimeDateConditions.get_network_access_time_conditions, + + - Paths used are + get /network-access/time-condition, + get /network-access/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Time Date Conditions + cisco.ise.network_access_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Time Date Conditions by id + cisco.ise.network_access_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device.py b/ansible_collections/cisco/ise/plugins/modules/network_device.py new file mode 100644 index 00000000..57a20dad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device.py @@ -0,0 +1,518 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device +short_description: Resource module for Network Device +description: +- Manage operations create, update and delete of the resource Network Device. +- This API creates a network device. +- This API deletes a network device by ID. +- This API deletes a network device by name. +- This API allows the client to update a network device by ID. +- This API allows the client to update a network device by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + NetworkDeviceGroupList: + description: List of Network Device Group names for this node. + elements: str + type: list + NetworkDeviceIPList: + description: List of IP Subnets for this node. + elements: dict + suboptions: + getIpaddressExclude: + description: It can be either single IP address or IP range address. + type: str + ipaddress: + description: Network Device's ipaddress. + type: str + mask: + description: Network Device's mask. + type: int + type: list + authenticationSettings: + description: Network Device's authenticationSettings. + suboptions: + dtlsRequired: + description: This value enforces use of dtls. + type: bool + enableKeyWrap: + description: EnableKeyWrap flag. + type: bool + enableMultiSecret: + description: Network Device's enableMultiSecret. + type: str + enabled: + description: Enabled flag. + type: bool + keyEncryptionKey: + description: Network Device's keyEncryptionKey. + type: str + keyInputFormat: + description: Allowed values - ASCII, - HEXADECIMAL. + type: str + messageAuthenticatorCodeKey: + description: Network Device's messageAuthenticatorCodeKey. + type: str + networkProtocol: + description: Allowed values - RADIUS, - TACACS_PLUS. + type: str + radiusSharedSecret: + description: Network Device's radiusSharedSecret. + type: str + secondRADIUSSharedSecret: + description: Network Device's secondRADIUSSharedSecret. + type: str + type: dict + coaPort: + description: Network Device's coaPort. + type: int + description: + description: Network Device's description. + type: str + dtlsDnsName: + description: This value is used to verify the client identity contained in the X.509 + RADIUS/DTLS client certificate. + type: str + id: + description: Network Device's id. + type: str + modelName: + description: Network Device's modelName. + type: str + name: + description: Network Device's name. + type: str + profileName: + description: Network Device's profileName. + type: str + snmpsettings: + description: Network Device's snmpsettings. + suboptions: + linkTrapQuery: + description: LinkTrapQuery flag. + type: bool + macTrapQuery: + description: MacTrapQuery flag. + type: bool + originatingPolicyServicesNode: + description: Network Device's originatingPolicyServicesNode. + type: str + pollingInterval: + description: Network Device's pollingInterval. + type: int + roCommunity: + description: Network Device's roCommunity. + type: str + version: + description: Network Device's version. + type: str + type: dict + softwareVersion: + description: Network Device's softwareVersion. + type: str + tacacsSettings: + description: Network Device's tacacsSettings. + suboptions: + connectModeOptions: + description: Allowed values - OFF, - ON_LEGACY, - ON_DRAFT_COMPLIANT. + type: str + sharedSecret: + description: Network Device's sharedSecret. + type: str + type: dict + trustsecsettings: + description: Network Device's trustsecsettings. + suboptions: + deviceAuthenticationSettings: + description: Network Device's deviceAuthenticationSettings. + suboptions: + sgaDeviceId: + description: Network Device's sgaDeviceId. + type: str + sgaDevicePassword: + description: Network Device's sgaDevicePassword. + type: str + type: dict + deviceConfigurationDeployment: + description: Network Device's deviceConfigurationDeployment. + suboptions: + enableModePassword: + description: Network Device's enableModePassword. + type: str + execModePassword: + description: Network Device's execModePassword. + type: str + execModeUsername: + description: Network Device's execModeUsername. + type: str + includeWhenDeployingSGTUpdates: + description: IncludeWhenDeployingSGTUpdates flag. + type: bool + type: dict + pushIdSupport: + description: PushIdSupport flag. + type: bool + sgaNotificationAndUpdates: + description: Network Device's sgaNotificationAndUpdates. + suboptions: + coaSourceHost: + description: Network Device's coaSourceHost. + type: str + downlaodEnvironmentDataEveryXSeconds: + description: Network Device's downlaodEnvironmentDataEveryXSeconds. + type: int + downlaodPeerAuthorizationPolicyEveryXSeconds: + description: Network Device's downlaodPeerAuthorizationPolicyEveryXSeconds. + type: int + downloadSGACLListsEveryXSeconds: + description: Network Device's downloadSGACLListsEveryXSeconds. + type: int + otherSGADevicesToTrustThisDevice: + description: OtherSGADevicesToTrustThisDevice flag. + type: bool + reAuthenticationEveryXSeconds: + description: Network Device's reAuthenticationEveryXSeconds. + type: int + sendConfigurationToDevice: + description: SendConfigurationToDevice flag. + type: bool + sendConfigurationToDeviceUsing: + description: Allowed values - ENABLE_USING_COA, - ENABLE_USING_CLI, - DISABLE_ALL. + type: str + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.create_network_device, + network_device.NetworkDevice.delete_network_device_by_id, + network_device.NetworkDevice.delete_network_device_by_name, + network_device.NetworkDevice.update_network_device_by_id, + network_device.NetworkDevice.update_network_device_by_name, + + - Paths used are + post /ers/config/networkdevice, + delete /ers/config/networkdevice/name/{name}, + delete /ers/config/networkdevice/{id}, + put /ers/config/networkdevice/name/{name}, + put /ers/config/networkdevice/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + NetworkDeviceGroupList: + - string + NetworkDeviceIPList: + - getIpaddressExclude: string + ipaddress: string + mask: 0 + authenticationSettings: + dtlsRequired: true + enableKeyWrap: true + enableMultiSecret: string + enabled: true + keyEncryptionKey: string + keyInputFormat: string + messageAuthenticatorCodeKey: string + networkProtocol: string + radiusSharedSecret: string + secondRadiusSharedSecret: string + coaPort: 0 + description: string + dtlsDnsName: string + id: string + modelName: string + name: string + profileName: string + snmpsettings: + linkTrapQuery: true + macTrapQuery: true + originatingPolicyServicesNode: string + pollingInterval: 0 + roCommunity: string + version: string + softwareVersion: string + tacacsSettings: + connectModeOptions: string + sharedSecret: string + trustsecsettings: + deviceAuthenticationSettings: + sgaDeviceId: string + sgaDevicePassword: string + deviceConfigurationDeployment: + enableModePassword: string + execModePassword: string + execModeUsername: string + includeWhenDeployingSGTUpdates: true + pushIdSupport: true + sgaNotificationAndUpdates: + coaSourceHost: string + downlaodEnvironmentDataEveryXSeconds: 0 + downlaodPeerAuthorizationPolicyEveryXSeconds: 0 + downloadSGACLListsEveryXSeconds: 0 + otherSGADevicesToTrustThisDevice: true + reAuthenticationEveryXSeconds: 0 + sendConfigurationToDevice: true + sendConfigurationToDeviceUsing: string + +- name: Delete by name + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + NetworkDeviceGroupList: + - string + NetworkDeviceIPList: + - getIpaddressExclude: string + ipaddress: string + mask: 0 + authenticationSettings: + dtlsRequired: true + enableKeyWrap: true + enableMultiSecret: string + enabled: true + keyEncryptionKey: string + keyInputFormat: string + messageAuthenticatorCodeKey: string + networkProtocol: string + radiusSharedSecret: string + secondRadiusSharedSecret: string + coaPort: 0 + description: string + dtlsDnsName: string + id: string + modelName: string + name: string + profileName: string + snmpsettings: + linkTrapQuery: true + macTrapQuery: true + originatingPolicyServicesNode: string + pollingInterval: 0 + roCommunity: string + version: string + softwareVersion: string + tacacsSettings: + connectModeOptions: string + sharedSecret: string + trustsecsettings: + deviceAuthenticationSettings: + sgaDeviceId: string + sgaDevicePassword: string + deviceConfigurationDeployment: + enableModePassword: string + execModePassword: string + execModeUsername: string + includeWhenDeployingSGTUpdates: true + pushIdSupport: true + sgaNotificationAndUpdates: + coaSourceHost: string + downlaodEnvironmentDataEveryXSeconds: 0 + downlaodPeerAuthorizationPolicyEveryXSeconds: 0 + downloadSGACLListsEveryXSeconds: 0 + otherSGADevicesToTrustThisDevice: true + reAuthenticationEveryXSeconds: 0 + sendConfigurationToDevice: true + sendConfigurationToDeviceUsing: string + +- name: Delete by id + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + NetworkDeviceGroupList: + - string + NetworkDeviceIPList: + - getIpaddressExclude: string + ipaddress: string + mask: 0 + authenticationSettings: + dtlsRequired: true + enableKeyWrap: true + enableMultiSecret: string + enabled: true + keyEncryptionKey: string + keyInputFormat: string + messageAuthenticatorCodeKey: string + networkProtocol: string + radiusSharedSecret: string + secondRadiusSharedSecret: string + coaPort: 0 + description: string + dtlsDnsName: string + modelName: string + name: string + profileName: string + snmpsettings: + linkTrapQuery: true + macTrapQuery: true + originatingPolicyServicesNode: string + pollingInterval: 0 + roCommunity: string + version: string + softwareVersion: string + tacacsSettings: + connectModeOptions: string + sharedSecret: string + trustsecsettings: + deviceAuthenticationSettings: + sgaDeviceId: string + sgaDevicePassword: string + deviceConfigurationDeployment: + enableModePassword: string + execModePassword: string + execModeUsername: string + includeWhenDeployingSGTUpdates: true + pushIdSupport: true + sgaNotificationAndUpdates: + coaSourceHost: string + downlaodEnvironmentDataEveryXSeconds: 0 + downlaodPeerAuthorizationPolicyEveryXSeconds: 0 + downloadSGACLListsEveryXSeconds: 0 + otherSGADevicesToTrustThisDevice: true + reAuthenticationEveryXSeconds: 0 + sendConfigurationToDevice: true + sendConfigurationToDeviceUsing: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "authenticationSettings": { + "networkProtocol": "string", + "secondRadiusSharedSecret": "string", + "radiusSharedSecret": "string", + "enableKeyWrap": true, + "enabled": true, + "dtlsRequired": true, + "enableMultiSecret": "string", + "keyEncryptionKey": "string", + "messageAuthenticatorCodeKey": "string", + "keyInputFormat": "string" + }, + "snmpsettings": { + "version": "string", + "roCommunity": "string", + "pollingInterval": 0, + "linkTrapQuery": true, + "macTrapQuery": true, + "originatingPolicyServicesNode": "string" + }, + "trustsecsettings": { + "deviceAuthenticationSettings": { + "sgaDeviceId": "string", + "sgaDevicePassword": "string" + }, + "sgaNotificationAndUpdates": { + "downlaodEnvironmentDataEveryXSeconds": 0, + "downlaodPeerAuthorizationPolicyEveryXSeconds": 0, + "reAuthenticationEveryXSeconds": 0, + "downloadSGACLListsEveryXSeconds": 0, + "otherSGADevicesToTrustThisDevice": true, + "sendConfigurationToDevice": true, + "sendConfigurationToDeviceUsing": "string", + "coaSourceHost": "string" + }, + "deviceConfigurationDeployment": { + "includeWhenDeployingSGTUpdates": true, + "enableModePassword": "string", + "execModePassword": "string", + "execModeUsername": "string" + }, + "pushIdSupport": true + }, + "tacacsSettings": { + "sharedSecret": "string", + "connectModeOptions": "string" + }, + "profileName": "string", + "coaPort": 0, + "dtlsDnsName": "string", + "modelName": "string", + "softwareVersion": "string", + "NetworkDeviceIPList": [ + { + "ipaddress": "string", + "mask": 0, + "getIpaddressExclude": "string" + } + ], + "NetworkDeviceGroupList": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_monitor_status_info.py new file mode 100644 index 00000000..7f885031 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_bulk_monitor_status_info +short_description: Information module for Network Device Bulk Monitor Status +description: +- Get Network Device Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.monitor_bulk_status_network_device, + + - Paths used are + get /ers/config/networkdevice/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Network Device Bulk Monitor Status by id + cisco.ise.network_device_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_request.py new file mode 100644 index 00000000..0489df3c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_bulk_request +short_description: Resource module for Network Device Bulk Request +description: +- Manage operation update of the resource Network Device Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Network Device Bulk Request's operationType. + type: str + resourceMediaType: + description: Network Device Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.bulk_request_for_network_device, + + - Paths used are + put /ers/config/networkdevice/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.network_device_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_group.py b/ansible_collections/cisco/ise/plugins/modules/network_device_group.py new file mode 100644 index 00000000..12515718 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_group.py @@ -0,0 +1,122 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_group +short_description: Resource module for Network Device Group +description: +- Manage operations create, update and delete of the resource Network Device Group. +- This API creates a network device group. +- This API deletes a network device group. +- This API allows the client to update a network device group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Network Device Group's description. + type: str + id: + description: Network Device Group's id. + type: str + name: + description: Network Device Group's name. + type: str + othername: + description: Network Device Group's othername. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device_group.NetworkDeviceGroup.create_network_device_group, + network_device_group.NetworkDeviceGroup.delete_network_device_group_by_id, + network_device_group.NetworkDeviceGroup.update_network_device_group_by_id, + + - Paths used are + post /ers/config/networkdevicegroup, + delete /ers/config/networkdevicegroup/{id}, + put /ers/config/networkdevicegroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.network_device_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + othername: string + +- name: Delete by id + cisco.ise.network_device_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.network_device_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + othername: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + }, + "othername": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_group_info.py b/ansible_collections/cisco/ise/plugins/modules/network_device_group_info.py new file mode 100644 index 00000000..f729d6e4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_group_info.py @@ -0,0 +1,164 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_group_info +short_description: Information module for Network Device Group +description: +- Get all Network Device Group. +- Get Network Device Group by id. +- Get Network Device Group by name. +- This API allows the client to get a network device group by ID. +- This API allows the client to get a network device group by name. +- This API allows the client to get all the network device groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - > + Name path parameter. Colon is used as a separator instead of (#) in the NDG name. For example, if the name + is a#b#c it should appear in the request URL as a b c. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device_group.NetworkDeviceGroup.get_network_device_group_by_id, + network_device_group.NetworkDeviceGroup.get_network_device_group_by_name, + network_device_group.NetworkDeviceGroup.get_network_device_group_generator, + + - Paths used are + get /ers/config/networkdevicegroup, + get /ers/config/networkdevicegroup/name/{name}, + get /ers/config/networkdevicegroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Device Group + cisco.ise.network_device_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Network Device Group by id + cisco.ise.network_device_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Network Device Group by name + cisco.ise.network_device_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + }, + "othername": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + }, + "othername": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_info.py b/ansible_collections/cisco/ise/plugins/modules/network_device_info.py new file mode 100644 index 00000000..95ef6fce --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_info.py @@ -0,0 +1,284 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_info +short_description: Information module for Network Device +description: +- Get all Network Device. +- Get Network Device by id. +- Get Network Device by name. +- This API allows the client to get a network device by ID. +- This API allows the client to get a network device by name. +- This API allows the client to get all the network devices. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.get_network_device_by_id, + network_device.NetworkDevice.get_network_device_by_name, + network_device.NetworkDevice.get_network_device_generator, + + - Paths used are + get /ers/config/networkdevice, + get /ers/config/networkdevice/name/{name}, + get /ers/config/networkdevice/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Device + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Network Device by id + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Network Device by name + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "authenticationSettings": { + "networkProtocol": "string", + "secondRadiusSharedSecret": "string", + "radiusSharedSecret": "string", + "enableKeyWrap": true, + "enabled": true, + "dtlsRequired": true, + "enableMultiSecret": "string", + "keyEncryptionKey": "string", + "messageAuthenticatorCodeKey": "string", + "keyInputFormat": "string" + }, + "snmpsettings": { + "version": "string", + "roCommunity": "string", + "pollingInterval": 0, + "linkTrapQuery": true, + "macTrapQuery": true, + "originatingPolicyServicesNode": "string" + }, + "trustsecsettings": { + "deviceAuthenticationSettings": { + "sgaDeviceId": "string", + "sgaDevicePassword": "string" + }, + "sgaNotificationAndUpdates": { + "downlaodEnvironmentDataEveryXSeconds": 0, + "downlaodPeerAuthorizationPolicyEveryXSeconds": 0, + "reAuthenticationEveryXSeconds": 0, + "downloadSGACLListsEveryXSeconds": 0, + "otherSGADevicesToTrustThisDevice": true, + "sendConfigurationToDevice": true, + "sendConfigurationToDeviceUsing": "string", + "coaSourceHost": "string" + }, + "deviceConfigurationDeployment": { + "includeWhenDeployingSGTUpdates": true, + "enableModePassword": "string", + "execModePassword": "string", + "execModeUsername": "string" + }, + "pushIdSupport": true + }, + "tacacsSettings": { + "sharedSecret": "string", + "connectModeOptions": "string" + }, + "profileName": "string", + "coaPort": 0, + "dtlsDnsName": "string", + "modelName": "string", + "softwareVersion": "string", + "NetworkDeviceIPList": [ + { + "ipaddress": "string", + "mask": 0, + "getIpaddressExclude": "string" + } + ], + "NetworkDeviceGroupList": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "authenticationSettings": { + "networkProtocol": "string", + "secondRadiusSharedSecret": "string", + "radiusSharedSecret": "string", + "enableKeyWrap": true, + "enabled": true, + "dtlsRequired": true, + "enableMultiSecret": "string", + "keyEncryptionKey": "string", + "messageAuthenticatorCodeKey": "string", + "keyInputFormat": "string" + }, + "snmpsettings": { + "version": "string", + "roCommunity": "string", + "pollingInterval": 0, + "linkTrapQuery": true, + "macTrapQuery": true, + "originatingPolicyServicesNode": "string" + }, + "trustsecsettings": { + "deviceAuthenticationSettings": { + "sgaDeviceId": "string", + "sgaDevicePassword": "string" + }, + "sgaNotificationAndUpdates": { + "downlaodEnvironmentDataEveryXSeconds": 0, + "downlaodPeerAuthorizationPolicyEveryXSeconds": 0, + "reAuthenticationEveryXSeconds": 0, + "downloadSGACLListsEveryXSeconds": 0, + "otherSGADevicesToTrustThisDevice": true, + "sendConfigurationToDevice": true, + "sendConfigurationToDeviceUsing": "string", + "coaSourceHost": "string" + }, + "deviceConfigurationDeployment": { + "includeWhenDeployingSGTUpdates": true, + "enableModePassword": "string", + "execModePassword": "string", + "execModeUsername": "string" + }, + "pushIdSupport": true + }, + "tacacsSettings": { + "sharedSecret": "string", + "connectModeOptions": "string" + }, + "profileName": "string", + "coaPort": 0, + "dtlsDnsName": "string", + "modelName": "string", + "softwareVersion": "string", + "NetworkDeviceIPList": [ + { + "ipaddress": "string", + "mask": 0, + "getIpaddressExclude": "string" + } + ], + "NetworkDeviceGroupList": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_deployment.py b/ansible_collections/cisco/ise/plugins/modules/node_deployment.py new file mode 100644 index 00000000..4af07b07 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_deployment.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_deployment +short_description: Resource module for Node Deployment +description: +- Manage operations create, update and delete of the resource Node Deployment. +- This API registers a Cisco ISE node to form a multi-node deployment. +- The deregistered node becomes a standalone Cisco ISE node. +- This API updates the configuration of the Cisco ISE node with the. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowCertImport: + description: Consent to import the self-signed certificate of the registering node. + type: bool + fqdn: + description: Node Deployment's fqdn. + type: str + hostname: + description: Hostname path parameter. Hostname of the deployed node. + type: str + password: + description: Node Deployment's password. + type: str + roles: + description: Roles can be empty or have many values for a node. + elements: str + type: list + services: + description: Services can be empty or have many values for a node. + elements: str + type: list + userName: + description: Node Deployment's userName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.delete_node, + node_deployment.NodeDeployment.register_node, + node_deployment.NodeDeployment.update_node, + + - Paths used are + post /api/v1/deployment/node, + delete /api/v1/deployment/node/{hostname}, + put /api/v1/deployment/node/{hostname}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_deployment: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowCertImport: true + fqdn: string + password: string + roles: + - string + services: + - string + userName: string + +- name: Update by name + cisco.ise.node_deployment: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + hostname: string + roles: + - string + services: + - string + +- name: Delete by name + cisco.ise.node_deployment: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "fqdn": "string", + "hostname": "string", + "ipAddress": "string", + "nodeStatus": "string", + "roles": [ + "string" + ], + "services": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_deployment_info.py b/ansible_collections/cisco/ise/plugins/modules/node_deployment_info.py new file mode 100644 index 00000000..76363516 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_deployment_info.py @@ -0,0 +1,109 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_deployment_info +short_description: Information module for Node Deployment +description: +- Get all Node Deployment. +- Get Node Deployment by name. +- The API lists all the nodes that are deployed in the cluster. +- This API retrieves detailed information of the deployed node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** is available through the filter query string + parameter. The structure of a filter is a triplet of field operator and value, separated by dots. More than + one filter can be sent. The logical operator common to all filter criteria is AND by default, and can be + changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to all filter criteria is AND by default, and can be + changed by using this parameter. + type: str + hostname: + description: + - Hostname path parameter. Hostname of the deployed node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.get_node_details, + node_deployment.NodeDeployment.get_nodes, + + - Paths used are + get /api/v1/deployment/node, + get /api/v1/deployment/node/{hostname}, + +""" + +EXAMPLES = r""" +- name: Get all Node Deployment + cisco.ise.node_deployment_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + filter: [] + filterType: string + register: result + +- name: Get Node Deployment by name + cisco.ise.node_deployment_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "fqdn": "string", + "hostname": "string", + "ipAddress": "string", + "nodeStatus": "string", + "roles": [ + "string" + ], + "services": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_deployment_sync.py b/ansible_collections/cisco/ise/plugins/modules/node_deployment_sync.py new file mode 100644 index 00000000..5d3d60c9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_deployment_sync.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_deployment_sync +short_description: Resource module for Node Deployment Sync +description: +- Manage operation create of the resource Node Deployment Sync. +- Performing a manual synchronization involves a reload of the target node, but. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.sync_node, + + - Paths used are + post /api/v1/deployment/sync-node/{hostname}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_deployment_sync: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group.py b/ansible_collections/cisco/ise/plugins/modules/node_group.py new file mode 100644 index 00000000..8e28165f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group.py @@ -0,0 +1,147 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group +short_description: Resource module for Node Group +description: +- Manage operations create, update and delete of the resource Node Group. +- This API creates a node group in the cluster. A node group is a group of PSNs,. +- Delete an existing node group in the cluster. Deleting the node group does not delete the nodes, but failover is no longer carried out among the nodes. +- Purpose of this API is to update an existing node group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Node Group's description. + type: str + forceDelete: + description: ForceDelete query parameter. Force delete the group even if the node + group contains one or more nodes. + type: bool + marCache: + description: Node Group's marCache. + suboptions: + query-attempts: + description: The number of times Cisco ISE attempts to perform the cache entry + query. (0 - 5). + type: int + query-timeout: + description: The time, in seconds, after which the cache entry query times out. + (1 - 10). + type: int + replication-attempts: + description: The number of times Cisco ISE attempts to perform MAR cache entry + replication. (0 - 5). + type: int + replication-timeout: + description: The time, in seconds, after which the cache entry replication times + out. (1 - 10). + type: int + type: dict + name: + description: Node Group's name. + type: str + nodeGroupName: + description: NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.create_node_group, + node_group.NodeGroup.delete_node_group, + node_group.NodeGroup.update_node_group, + + - Paths used are + post /api/v1/deployment/node-group, + delete /api/v1/deployment/node-group/{nodeGroupName}, + put /api/v1/deployment/node-group/{nodeGroupName}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + marCache: + query-attempts: 0 + query-timeout: 0 + replication-attempts: 0 + replication-timeout: 0 + name: string + +- name: Update by name + cisco.ise.node_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + marCache: + query-attempts: 0 + query-timeout: 0 + replication-attempts: 0 + replication-timeout: 0 + name: string + nodeGroupName: string + +- name: Delete by name + cisco.ise.node_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + forceDelete: true + nodeGroupName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "marCache": { + "query-attempts": 0, + "query-timeout": 0, + "replication-attempts": 0, + "replication-timeout": 0 + }, + "name": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_info.py b/ansible_collections/cisco/ise/plugins/modules/node_group_info.py new file mode 100644 index 00000000..ee2f50ae --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_info.py @@ -0,0 +1,79 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_info +short_description: Information module for Node Group +description: +- Get all Node Group. +- Get Node Group by name. +- This API retrieves the details of a node group in the cluster using a node group name. +- This API retrieves the details of all the node groups in the cluster. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + nodeGroupName: + description: + - NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.get_node_group, + node_group.NodeGroup.get_node_groups, + + - Paths used are + get /api/v1/deployment/node-group, + get /api/v1/deployment/node-group/{nodeGroupName}, + +""" + +EXAMPLES = r""" +- name: Get all Node Group + cisco.ise.node_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Node Group by name + cisco.ise.node_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nodeGroupName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "marCache": { + "query-attempts": 0, + "query-timeout": 0, + "replication-attempts": 0, + "replication-timeout": 0 + }, + "name": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_node_create.py b/ansible_collections/cisco/ise/plugins/modules/node_group_node_create.py new file mode 100644 index 00000000..f57f5233 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_node_create.py @@ -0,0 +1,65 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_node_create +short_description: Resource module for Node Group Node Create +description: +- Manage operation create of the resource Node Group Node Create. +- This API adds a node to the node group in the cluster. When a node that. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Node Group Node Create's hostname. + type: str + nodeGroupName: + description: NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.add_node, + + - Paths used are + post /api/v1/deployment/node-group/{nodeGroupName}/add-node, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_group_node_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + nodeGroupName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_node_delete.py b/ansible_collections/cisco/ise/plugins/modules/node_group_node_delete.py new file mode 100644 index 00000000..0097d0c8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_node_delete.py @@ -0,0 +1,65 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_node_delete +short_description: Resource module for Node Group Node Delete +description: +- Manage operation create of the resource Node Group Node Delete. +- Purpose of this API is to remove a node from a node group in the cluster. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Node Group Node Delete's hostname. + type: str + nodeGroupName: + description: NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.remove_node, + + - Paths used are + post /api/v1/deployment/node-group/{nodeGroupName}/remove-node, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_group_node_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + nodeGroupName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_node_info.py b/ansible_collections/cisco/ise/plugins/modules/node_group_node_info.py new file mode 100644 index 00000000..46ed0b9e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_node_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_node_info +short_description: Information module for Node Group Node +description: +- Get all Node Group Node. +- This API retrieves the list of nodes associated with a node group in the cluster with a given node group name. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + nodeGroupName: + description: + - NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.get_nodes, + + - Paths used are + get /api/v1/deployment/node-group/{nodeGroupName}/node, + +""" + +EXAMPLES = r""" +- name: Get all Node Group Node + cisco.ise.node_group_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nodeGroupName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "hostname": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_info.py b/ansible_collections/cisco/ise/plugins/modules/node_info.py new file mode 100644 index 00000000..e0ca4751 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_info.py @@ -0,0 +1,184 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_info +short_description: Information module for Node +description: +- Get all Node. +- Get Node by id. +- Get Node by name. +- This API allows the client to get all the node details. +- This API allows the client to get node details by ID. +- This API allows the client to get node details by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for NodeDetails + description: Complete reference of the NodeDetails API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!node +notes: + - SDK Method used are + node_details.NodeDetails.get_node_detail_by_id, + node_details.NodeDetails.get_node_detail_by_name, + node_details.NodeDetails.get_node_details_generator, + + - Paths used are + get /ers/config/node, + get /ers/config/node/name/{name}, + get /ers/config/node/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Node + cisco.ise.node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + register: result + +- name: Get Node by id + cisco.ise.node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Node by name + cisco.ise.node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "gateWay": "string", + "userName": "string", + "passWord": "string", + "displayName": "string", + "inDeployment": true, + "otherPapFqdn": "string", + "ipAddresses": [ + "string" + ], + "ipAddress": "string", + "sxpIpAddress": "string", + "nodeServiceTypes": "string", + "fqdn": "string", + "papNode": true, + "primaryPapNode": true, + "pxGridNode": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "gateWay": "string", + "userName": "string", + "passWord": "string", + "displayName": "string", + "inDeployment": true, + "otherPapFqdn": "string", + "ipAddresses": [ + "string" + ], + "ipAddress": "string", + "sxpIpAddress": "string", + "nodeServiceTypes": "string", + "fqdn": "string", + "papNode": true, + "primaryPapNode": true, + "pxGridNode": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_primary_to_standalone.py b/ansible_collections/cisco/ise/plugins/modules/node_primary_to_standalone.py new file mode 100644 index 00000000..e83c1922 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_primary_to_standalone.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_primary_to_standalone +short_description: Resource module for Node Primary To Standalone +description: +- Manage operation create of the resource Node Primary To Standalone. +- This API changes the primary PAN in a single node cluster on which the API is invoked, to a standalone node. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.make_standalone, + + - Paths used are + post /api/v1/deployment/standalone, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_primary_to_standalone: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_promotion.py b/ansible_collections/cisco/ise/plugins/modules/node_promotion.py new file mode 100644 index 00000000..c3c0bf92 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_promotion.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_promotion +short_description: Resource module for Node Promotion +description: +- Manage operation update of the resource Node Promotion. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + promotionType: + description: Node Promotion's promotionType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + node_deployment.NodeDeployment.promote_node, + + - Paths used are + put /api/v1/deployment/node-promotion/, +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.node_promotion: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + promotionType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string", + "rootCause": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_replication_status_info.py b/ansible_collections/cisco/ise/plugins/modules/node_replication_status_info.py new file mode 100644 index 00000000..86c442d1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_replication_status_info.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_replication_status_info +short_description: Information module for Node Replication Status +description: +- Get Node Replication Status by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + node: + description: + - Node path parameter. ID of the existing node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + replication_status.ReplicationStatus.get_node_replication_status, + + - Paths used are + get /api/v1/replication-status/{node} +""" + +EXAMPLES = r""" +- name: Get Node Replication Status by id + cisco.ise.node_replication_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + node: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "NodeStatus": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_secondary_to_primary.py b/ansible_collections/cisco/ise/plugins/modules/node_secondary_to_primary.py new file mode 100644 index 00000000..236082dc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_secondary_to_primary.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_secondary_to_primary +short_description: Resource module for Node Secondary To Primary +description: +- Manage operation create of the resource Node Secondary To Primary. +- Execute this API in the secondary PAN in the cluster to promote the node to. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.promote_node, + + - Paths used are + post /api/v1/deployment/promote, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_secondary_to_primary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_interfaces_info.py b/ansible_collections/cisco/ise/plugins/modules/node_services_interfaces_info.py new file mode 100644 index 00000000..893da855 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_interfaces_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_interfaces_info +short_description: Information module for Node Services Interfaces +description: +- Get all Node Services Interfaces. +- This API retrieves the list of interfaces on a node in a cluster. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.get_interfaces, + + - Paths used are + get /api/v1/node/{hostname}/interface, + +""" + +EXAMPLES = r""" +- name: Get all Node Services Interfaces + cisco.ise.node_services_interfaces_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "interface": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config.py b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config.py new file mode 100644 index 00000000..b47eff3a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config.py @@ -0,0 +1,284 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_profiler_probe_config +short_description: Resource module for Node Services Profiler Probe Config +description: +- Manage operation update of the resource Node Services Profiler Probe Config. +- This API updates the profiler probe configuration of a PSN. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + activeDirectory: + description: The Active Directory probe queries the Active Directory for Windows + information. + suboptions: + daysBeforeRescan: + description: Node Services Profiler Probe Config's daysBeforeRescan. + type: int + type: dict + dhcp: + description: The DHCP probe listens for DHCP packets from IP helpers. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + port: + description: Node Services Profiler Probe Config's port. + type: int + type: dict + dhcpSpan: + description: The DHCP SPAN probe collects DHCP packets. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + type: dict + dns: + description: The DNS probe performs a DNS lookup for the FQDN. + suboptions: + timeout: + description: Node Services Profiler Probe Config's timeout. + type: int + type: dict + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + http: + description: The HTTP probe receives and parses HTTP packets. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + type: dict + netflow: + description: The NetFlow probe collects the NetFlow packets that are sent to it + from routers. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + port: + description: Node Services Profiler Probe Config's port. + type: int + type: dict + nmap: + description: The NMAP probe scans endpoints for open ports and OS. + elements: dict + type: list + pxgrid: + description: The pxGrid probe fetches attributes of MAC address or IP address as + a subscriber from the pxGrid queue. + elements: dict + type: list + radius: + description: The RADIUS probe collects RADIUS session attributes as well as CDP, + LLDP, DHCP, HTTP, and MDM attributes from IOS Sensors. + elements: dict + type: list + snmpQuery: + description: The SNMP query probe collects details from network devices such as + interface, CDP, LLDP, and ARP. + suboptions: + eventTimeout: + description: Node Services Profiler Probe Config's eventTimeout. + type: int + retries: + description: Node Services Profiler Probe Config's retries. + type: int + timeout: + description: Node Services Profiler Probe Config's timeout. + type: int + type: dict + snmpTrap: + description: The SNMP trap probe receives linkup, linkdown, and MAC notification + traps from network devices. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + linkTrapQuery: + description: LinkTrapQuery flag. + type: bool + macTrapQuery: + description: MacTrapQuery flag. + type: bool + port: + description: Node Services Profiler Probe Config's port. + type: int + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.set_profiler_probe_config, + + - Paths used are + put /api/v1/profile/{hostname}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.node_services_profiler_probe_config: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + activeDirectory: + daysBeforeRescan: 0 + dhcp: + interfaces: + - interface: string + port: 0 + dhcpSpan: + interfaces: + - interface: string + dns: + timeout: 0 + hostname: string + http: + interfaces: + - interface: string + netflow: + interfaces: + - interface: string + port: 0 + nmap: + - {} + pxgrid: + - {} + radius: + - {} + snmpQuery: + eventTimeout: 0 + retries: 0 + timeout: 0 + snmpTrap: + interfaces: + - interface: string + linkTrapQuery: true + macTrapQuery: true + port: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "activeDirectory": { + "daysBeforeRescan": 0 + }, + "dhcp": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "dhcpSpan": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "dns": { + "timeout": 0 + }, + "http": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "netflow": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "nmap": [ + {} + ], + "pxgrid": [ + {} + ], + "radius": [ + {} + ], + "snmpQuery": { + "eventTimeout": 0, + "retries": 0, + "timeout": 0 + }, + "snmpTrap": { + "interfaces": [ + { + "interface": "string" + } + ], + "linkTrapQuery": true, + "macTrapQuery": true, + "port": 0 + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config_info.py b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config_info.py new file mode 100644 index 00000000..10656397 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config_info.py @@ -0,0 +1,119 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_profiler_probe_config_info +short_description: Information module for Node Services Profiler Probe Config +description: +- Get Node Services Profiler Probe Config by name. +- This API retrieves the profiler probe configuration of a PSN. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.get_profiler_probe_config, + + - Paths used are + get /api/v1/profile/{hostname}, + +""" + +EXAMPLES = r""" +- name: Get Node Services Profiler Probe Config by name + cisco.ise.node_services_profiler_probe_config_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "activeDirectory": { + "daysBeforeRescan": 0 + }, + "dhcp": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "dhcpSpan": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "dns": { + "timeout": 0 + }, + "http": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "netflow": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "nmap": [ + {} + ], + "pxgrid": [ + {} + ], + "radius": [ + {} + ], + "snmpQuery": { + "eventTimeout": 0, + "retries": 0, + "timeout": 0 + }, + "snmpTrap": { + "interfaces": [ + { + "interface": "string" + } + ], + "linkTrapQuery": true, + "macTrapQuery": true, + "port": 0 + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces.py b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces.py new file mode 100644 index 00000000..af5961ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_sxp_interfaces +short_description: Resource module for Node Services SXP Interfaces +description: +- Manage operation update of the resource Node Services SXP Interfaces. +- This API configures the SXP interface. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + interface: + description: Node Services SXP Interfaces's interface. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.set_sxp_interface, + + - Paths used are + put /api/v1/node/{hostname}/sxp-interface, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.node_services_sxp_interfaces: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + hostname: string + interface: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "interface": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces_info.py b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces_info.py new file mode 100644 index 00000000..fdd2716d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_sxp_interfaces_info +short_description: Information module for Node Services SXP Interfaces +description: +- Get all Node Services SXP Interfaces. +- This API retrieves the SXP interface. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.get_sxp_interface, + + - Paths used are + get /api/v1/node/{hostname}/sxp-interface, + +""" + +EXAMPLES = r""" +- name: Get all Node Services SXP Interfaces + cisco.ise.node_services_sxp_interfaces_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "interface": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_standalone_to_primary.py b/ansible_collections/cisco/ise/plugins/modules/node_standalone_to_primary.py new file mode 100644 index 00000000..c397cb32 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_standalone_to_primary.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_standalone_to_primary +short_description: Resource module for Node Standalone To Primary +description: +- Manage operation create of the resource Node Standalone To Primary. +- This API promotes the standalone node on which the API is invoked to the primary Policy Administration node PAN . +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.make_primary, + + - Paths used are + post /api/v1/deployment/primary, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_standalone_to_primary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_sync.py b/ansible_collections/cisco/ise/plugins/modules/node_sync.py new file mode 100644 index 00000000..e45a0ae1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_sync.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_sync +short_description: Resource module for Node Sync +description: +- Manage operation create of the resource Node Sync. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Node Sync's hostname. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sync_ise_node.SyncIseNode.sync_node, + + - Paths used are + post /api/v1/deployment/sync-node +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_sync: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string", + "rootCause": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pan_ha.py b/ansible_collections/cisco/ise/plugins/modules/pan_ha.py new file mode 100644 index 00000000..0a33b80f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pan_ha.py @@ -0,0 +1,84 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pan_ha +short_description: Resource module for Pan Ha +description: +- Manage operations create and delete of the resource Pan Ha. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + failedAttempts: + description: Pan Ha's failedAttempts. + type: int + isEnabled: + description: IsEnabled flag. + type: bool + pollingInterval: + description: Pan Ha's pollingInterval. + type: int + primaryHealthCheckNode: + description: Pan Ha's primaryHealthCheckNode. + type: str + secondaryHealthCheckNode: + description: Pan Ha's secondaryHealthCheckNode. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sync_ise_node.ReplicationStatus.get_node_replication_status, + + - Paths used are + get /api/v1/replication-status/{node} +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pan_ha: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + failedAttempts: 0 + isEnabled: true + pollingInterval: 0 + primaryHealthCheckNode: string + secondaryHealthCheckNode: string + +- name: Delete all + cisco.ise.pan_ha: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "isEnabled": true, + "primaryHealthCheckNode": "string", + "secondaryHealthCheckNode": "string", + "pollingInterval": 0, + "failedAttempts": 0 + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pan_ha_info.py b/ansible_collections/cisco/ise/plugins/modules/pan_ha_info.py new file mode 100644 index 00000000..6a6ae62b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pan_ha_info.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pan_ha_info +short_description: Information module for Pan Ha +description: +- Get all Pan Ha. +- > + In a high availability configuration, the primary PAN is in active state. The secondary PAN backup PAN is in standby state, which means that it receives + all the configuration updates from the primary PAN, but is not active in the Cisco ISE cluster. You can configure Cisco ISE to automatically promote the + secondary PAN when the primary PAN becomes unavailable. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PAN HA + description: Complete reference of the PAN HA API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + pan_ha.PanHa.get_pan_ha_status, + + - Paths used are + get /api/v1/deployment/pan-ha, + +""" + +EXAMPLES = r""" +- name: Get all Pan Ha + cisco.ise.pan_ha_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "failedAttempts": 0, + "isEnabled": true, + "pollingInterval": 0, + "primaryHealthCheckNode": { + "hostname": "string" + }, + "secondaryHealthCheckNode": { + "hostname": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pan_ha_update.py b/ansible_collections/cisco/ise/plugins/modules/pan_ha_update.py new file mode 100644 index 00000000..6f0526a0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pan_ha_update.py @@ -0,0 +1,89 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pan_ha_update +short_description: Resource module for Pan Ha Update +description: +- Manage operation update of the resource Pan Ha Update. +- To deploy the auto-failover feature, you must have at least three nodes, where. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + failedAttempts: + description: Failover occurs if the primary PAN is down for the specified number + of failure polls. Count (2 - 60).
The default value is 5. + type: int + isEnabled: + description: IsEnabled flag. + type: bool + pollingInterval: + description: Administration nodes are checked after each interval. Seconds (30 - + 300)
The default value is 120. + type: int + primaryHealthCheckNode: + description: Pan Ha Update's primaryHealthCheckNode. + suboptions: + hostname: + description: Pan Ha Update's hostname. + type: str + type: dict + secondaryHealthCheckNode: + description: Pan Ha Update's secondaryHealthCheckNode. + suboptions: + hostname: + description: Pan Ha Update's hostname. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PAN HA + description: Complete reference of the PAN HA API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + pan_ha.PanHa.update_pan_ha, + + - Paths used are + put /api/v1/deployment/pan-ha, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.pan_ha_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + failedAttempts: 0 + isEnabled: true + pollingInterval: 0 + primaryHealthCheckNode: + hostname: string + secondaryHealthCheckNode: + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/patch_info.py b/ansible_collections/cisco/ise/plugins/modules/patch_info.py new file mode 100644 index 00000000..ec427e64 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/patch_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: patch_info +short_description: Information module for Patch +description: +- Get all Patch. +- List all the installed patches in the system, with the patch number for rollback. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.list_installed_patches, + + - Paths used are + get /api/v1/patch, + +""" + +EXAMPLES = r""" +- name: Get all Patch + cisco.ise.patch_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "iseVersion": "string", + "patchVersion": [ + { + "installDate": "string", + "patchNumber": 0 + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/patch_install.py b/ansible_collections/cisco/ise/plugins/modules/patch_install.py new file mode 100644 index 00000000..94d41ea7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/patch_install.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: patch_install +short_description: Resource module for Patch Install +description: +- Manage operation create of the resource Patch Install. +- > + Triggers patch installation on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the patch installation process. As + the patch installation triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + patchName: + description: Patch Install's patchName. + type: str + repositoryName: + description: Patch Install's repositoryName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.install_patch, + + - Paths used are + post /api/v1/patch/install, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.patch_install: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + patchName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/patch_rollback.py b/ansible_collections/cisco/ise/plugins/modules/patch_rollback.py new file mode 100644 index 00000000..f82dc23d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/patch_rollback.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: patch_rollback +short_description: Resource module for Patch Rollback +description: +- Manage operation create of the resource Patch Rollback. +- > + Triggers patch rollback on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the patch rollback process. As the + patch rollback triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + patchNumber: + description: Patch Rollback's patchNumber. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.rollback_patch, + + - Paths used are + post /api/v1/patch/rollback, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.patch_rollback: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + patchNumber: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_check_standalone.py b/ansible_collections/cisco/ise/plugins/modules/personas_check_standalone.py new file mode 100644 index 00000000..c8053dfd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_check_standalone.py @@ -0,0 +1,78 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_check_standalone +short_description: Ensure the node is in standalone mode +description: +- Ensure the mode is in standalone mode +version_added: '0.0.8' +author: Rafael Campos (@racampos) +options: + ip: + description: + - The IP address of the node + type: str + username: + description: + - The username for the node. + type: str + password: + description: + - The password for the node. + type: str + hostname: + description: + - The hostname for the node for which the certificate will be exported. + type: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_check_standalone +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Check if all nodes are in STANDALONE state + cisco.ise.personas_check_standalone: + ip: "{{ item.ip }}" + username: admin + password: cisco123 + hostname: "{{ item.hostname }}" + loop: + - ip: 10.1.1.1 + hostname: ise-pan-server-1 + - ip: 10.1.1.2 + hostname: ise-pan-server-2 + - ip: 10.1.1.3 + hostname: ise-psn-server-1 + - ip: 10.1.1.4 + hostname: ise-psn-server-2 +""" + +RETURN = r""" +ise_response: + description: A string stating that the node is in standalone mode + returned: always + type: str + sample: Node ise-pan-server-1 is in STANDALONE mode +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_export_certs.py b/ansible_collections/cisco/ise/plugins/modules/personas_export_certs.py new file mode 100644 index 00000000..18717268 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_export_certs.py @@ -0,0 +1,99 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_export_certs +short_description: Export certificate into primary node +description: +- Export certificate into primary node +version_added: '0.0.8' +author: Rafael Campos (@racampos) +options: + primary_ip: + description: + - The IP address of the primary node. + type: str + primary_username: + description: + - The username for the primary node. + type: str + primary_password: + description: + - The password for the primary node. + type: str + name: + description: + - The name of the node for which the certificate will be exported. + type: str + ip: + description: + - The IP address of the node for which the certificate will be exported. + type: str + hostname: + description: + - The hostname for the node for which the certificate will be exported. + type: str + username: + description: + - The username for the node for which the certificate will be exported. + type: str + password: + description: + - The password for the node for which the certificate will be exported. + type: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_export_certs +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Export trusted certificates into primary node + cisco.ise.personas_export_certs: + primary_ip: 10.1.1.1 + primary_username: admin + primary_password: cisco123 + name: "{{ item.name }}" + ip: "{{ item.ip }}" + hostname: "{{ item.hostname }}" + username: admin + password: cisco123 + loop: + - name: ISE PAN Server 2 + ip: 10.1.1.2 + hostname: ise-pan-server-2 + - name: ISE PSN Server 1 + ip: 10.1.1.3 + hostname: ise-psn-server-1 + - name: ISE PSN Server 2 + ip: 10.1.1.4 + hostname: ise-psn-server-2 +""" + +RETURN = r""" +ise_response: + description: A text string stating that the certificate was exported successfully. + returned: always + type: str + sample: The certificate for ISE PAN Server 2 was exported successfully to the primary node +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_promote_primary.py b/ansible_collections/cisco/ise/plugins/modules/personas_promote_primary.py new file mode 100644 index 00000000..428c4823 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_promote_primary.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_promote_primary +short_description: Promote a node as the primary node +description: +- Promote a node as the primary node +version_added: '0.0.8' +author: Rafael Campos (@racampos) +options: + ip: + description: + - The IP address of the primary node + type: str + username: + description: + - The username to log into the primary node. + type: str + password: + description: + - The password to log into the primary node. + type: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_promote_primary +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Promote primary node + cisco.ise.personas_promote_primary: + ip: 10.1.1.1 + username: admin + password: Cisco123 +""" + +RETURN = r""" +ise_response: + description: A string stating that the node was promoted to primary + returned: always + type: str + sample: Primary node was successfully updated +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_register_node.py b/ansible_collections/cisco/ise/plugins/modules/personas_register_node.py new file mode 100644 index 00000000..33830f41 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_register_node.py @@ -0,0 +1,108 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_register_node +short_description: Register a node to the primary +description: +- Register a node to the primary +version_added: '2.4.0' +author: Rafael Campos (@racampos) +options: + primary_ip: + description: + - The IP address of the primary node. + type: str + primary_username: + description: + - The username for the primary node. + type: str + primary_password: + description: + - The password for the primary node. + type: str + fqdn: + description: + - The fully qualified domain name of the node. + type: str + username: + description: + - The username to log into the node. + type: str + password: + description: + - The password to log into the node. + type: str + roles: + description: + - "The roles to be fulfilled by this node. Possible roles are PrimaryAdmin, SecondaryAdmin, \ + PrimaryMonitoring, SecondaryMonitoring, PrimaryDedicatedMonitoring, SecondaryDedicatedMonitoring, Standalone" + type: list + elements: str + services: + description: + - The services this node will run. Possible services are Session, Profiler, TC-NAC, SXP, DeviceAdmin, PassiveIdentity, pxGrid, pxGridCloud + type: list + elements: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_register_node +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Register the secondary node and PSN nodes to the cluster + cisco.ise.personas_register_node: + primary_ip: 10.1.1.1 + primary_username: admin + primary_password: Cisco123 + fqdn: "{{ item.fqdn }}" + username: admin + password: cisco123 + roles: "{{ item.roles }}" + services: "{{ item.services }}" + loop: + - fqdn: ise-pan-server-2.example.com + roles: + - SecondaryAdmin + - SecondaryMonitoring + services: [] + - fqdn: ise-psn-server-1.example.com + roles: [] + services: + - Session + - Profiler + - fqdn: ise-psn-server-2.example.com + roles: [] + services: + - Session + - Profiler +""" + +RETURN = r""" +ise_response: + description: A string stating that the node was successfully registered + returned: always + type: str + sample: Node ise-pan-server-2 updated successfully +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_update_roles_services.py b/ansible_collections/cisco/ise/plugins/modules/personas_update_roles_services.py new file mode 100644 index 00000000..ce4560fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_update_roles_services.py @@ -0,0 +1,83 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_update_roles_services +short_description: Update the roles and services of a node +description: +- Update the roles and services of a node +version_added: '2.4.0' +author: Rafael Campos (@racampos) +options: + ip: + description: + - The IP address of the node to be updated. + type: str + username: + description: + - The username to log into the node. + type: str + password: + description: + - The password to log into the node. + type: str + hostname: + description: + - The hostname of the node. + type: str + roles: + description: + - "The roles to be fulfilled by this node. Possible roles are PrimaryAdmin, SecondaryAdmin, \ + PrimaryMonitoring, SecondaryMonitoring, PrimaryDedicatedMonitoring, SecondaryDedicatedMonitoring, Standalone" + type: list + elements: str + services: + description: + - The services this node will run. Possible services are Session, Profiler, TC-NAC, SXP, DeviceAdmin, PassiveIdentity, pxGrid, pxGridCloud + type: list + elements: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_update_roles_services +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Remove the Primary Monitoring role and the Session and Profiler services from the primary node + cisco.ise.personas_update_roles_services: + ip: 10.1.1.1 + username: admin + password: C1sco123 + hostname: ise-pan-server-1 + roles: + - PrimaryAdmin + services: [] +""" + +RETURN = r""" +ise_response: + description: A string stating that the node was successfully updated + returned: always + type: str + sample: Node ise-pan-server-1 updated successfully +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_global_setting.py b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting.py new file mode 100644 index 00000000..5c3e74e1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting.py @@ -0,0 +1,86 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_global_setting +short_description: Resource module for Portal Global Setting +description: +- Manage operation update of the resource Portal Global Setting. +- This API allows the client to update the portal global settings by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customization: + description: Allowed values - HTML, - HTMLANDJAVASCRIPT. + type: str + id: + description: Portal Global Setting's id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_global_setting.PortalGlobalSetting.update_portal_global_setting_by_id, + + - Paths used are + put /ers/config/portalglobalsetting/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.portal_global_setting: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customization: string + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "customization": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_global_setting_info.py b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting_info.py new file mode 100644 index 00000000..e0bc9c26 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_global_setting_info +short_description: Information module for Portal Global Setting +description: +- Get all Portal Global Setting. +- Get Portal Global Setting by id. +- This API allows the client to get all the portal global settings. +- This API allows the client to get the portal global settings by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_global_setting.PortalGlobalSetting.get_portal_global_setting_by_id, + portal_global_setting.PortalGlobalSetting.get_portal_global_settings_generator, + + - Paths used are + get /ers/config/portalglobalsetting, + get /ers/config/portalglobalsetting/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Portal Global Setting + cisco.ise.portal_global_setting_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Portal Global Setting by id + cisco.ise.portal_global_setting_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "customization": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "customization": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_info.py b/ansible_collections/cisco/ise/plugins/modules/portal_info.py new file mode 100644 index 00000000..315df083 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_info +short_description: Information module for Portal +description: +- Get all Portal. +- Get Portal by id. +- This API allows the client to get a portal by ID. +- This API allows the client to get all the portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal.Portal.get_portal_by_id, + portal.Portal.get_portals_generator, + + - Paths used are + get /ers/config/portal, + get /ers/config/portal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Portal + cisco.ise.portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Portal by id + cisco.ise.portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_theme.py b/ansible_collections/cisco/ise/plugins/modules/portal_theme.py new file mode 100644 index 00000000..f2099274 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_theme.py @@ -0,0 +1,122 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_theme +short_description: Resource module for Portal Theme +description: +- Manage operations create, update and delete of the resource Portal Theme. +- This API creates a portal theme. +- This API deletes a portal theme by ID. +- This API allows the client to update a portal theme by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Portal Theme's description. + type: str + id: + description: Portal Theme's id. + type: str + name: + description: Portal Theme's name. + type: str + themeData: + description: Portal Theme for all portals. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_theme.PortalTheme.create_portal_theme, + portal_theme.PortalTheme.delete_portal_theme_by_id, + portal_theme.PortalTheme.update_portal_theme_by_id, + + - Paths used are + post /ers/config/portaltheme, + delete /ers/config/portaltheme/{id}, + put /ers/config/portaltheme/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.portal_theme: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + themeData: string + +- name: Delete by id + cisco.ise.portal_theme: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.portal_theme: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + themeData: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "themeData": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_theme_info.py b/ansible_collections/cisco/ise/plugins/modules/portal_theme_info.py new file mode 100644 index 00000000..eaa5a691 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_theme_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_theme_info +short_description: Information module for Portal Theme +description: +- Get all Portal Theme. +- Get Portal Theme by id. +- This API allows the client to get a portal theme by ID. +- This API allows the client to get all the portal themes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_theme.PortalTheme.get_portal_theme_by_id, + portal_theme.PortalTheme.get_portal_themes_generator, + + - Paths used are + get /ers/config/portaltheme, + get /ers/config/portaltheme/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Portal Theme + cisco.ise.portal_theme_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Portal Theme by id + cisco.ise.portal_theme_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "themeData": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "themeData": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/profiler_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/profiler_profile_info.py new file mode 100644 index 00000000..be32314d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/profiler_profile_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: profiler_profile_info +short_description: Information module for Profiler Profile +description: +- Get all Profiler Profile. +- Get Profiler Profile by id. +- This API allows the client to get a profiler profile by ID. +- This API allows the client to get all the profiler profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + profiler_profile.ProfilerProfile.get_profiler_profile_by_id, + profiler_profile.ProfilerProfile.get_profiler_profiles_generator, + + - Paths used are + get /ers/config/profilerprofile, + get /ers/config/profilerprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Profiler Profile + cisco.ise.profiler_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Profiler Profile by id + cisco.ise.profiler_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parentId": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "parentId": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings.py b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings.py new file mode 100644 index 00000000..92f4ad27 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings.py @@ -0,0 +1,101 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: proxy_connection_settings +short_description: Resource module for Proxy Connection Settings +description: +- Manage operation update of the resource Proxy Connection Settings. +- The following functionalities are impacted by the proxy settings. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + bypassHosts: + description: Bypass hosts for the proxy connection. + type: str + fqdn: + description: Proxy IP address or DNS-resolvable host name. + type: str + password: + description: Password for the proxy connection. + type: str + passwordRequired: + description: Indicates whether password configuration is required for Proxy. + type: bool + port: + description: Port for proxy connection. Should be between 1 and 65535. + type: int + userName: + description: User name for the proxy connection. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for proxy + description: Complete reference of the proxy API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + proxy.Proxy.update_proxy_connection, + + - Paths used are + put /api/v1/system-settings/proxy, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.proxy_connection_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + bypassHosts: string + fqdn: string + password: string + passwordRequired: true + port: 0 + userName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bypassHosts": "string", + "fqdn": "string", + "password": "string", + "passwordRequired": true, + "port": 0, + "userName": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "bypassHosts": "string", + "fqdn": "string", + "password": "string", + "passwordRequired": true, + "port": 0, + "userName": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings_info.py new file mode 100644 index 00000000..d14440bd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: proxy_connection_settings_info +short_description: Information module for Proxy Connection Settings +description: +- Get all Proxy Connection Settings. +- The following functionalities are impacted by the proxy settings. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for proxy + description: Complete reference of the proxy API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + proxy.Proxy.get_proxy_connection, + + - Paths used are + get /api/v1/system-settings/proxy, + +""" + +EXAMPLES = r""" +- name: Get all Proxy Connection Settings + cisco.ise.proxy_connection_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bypassHosts": "string", + "fqdn": "string", + "password": "string", + "passwordRequired": true, + "port": 0, + "userName": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_node_approve.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_approve.py new file mode 100644 index 00000000..172dab5f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_approve.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_node_approve +short_description: Resource module for Px Grid Node Approve +description: +- Manage operation update of the resource Px Grid Node Approve. +- This API allows the client to approve a pxGrid node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.approve_px_grid_node, + + - Paths used are + put /ers/config/pxgridnode/name/{name}/approve, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.px_grid_node_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_node_delete.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_delete.py new file mode 100644 index 00000000..a620e17c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_delete.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_node_delete +short_description: Resource module for Px Grid Node Delete +description: +- Manage operation delete of the resource Px Grid Node Delete. +- This API deletes a pxGrid node by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.delete_px_grid_node_by_name, + + - Paths used are + delete /ers/config/pxgridnode/name/{name}, + +""" + +EXAMPLES = r""" +- name: Delete by name + cisco.ise.px_grid_node_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_node_info.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_info.py new file mode 100644 index 00000000..43f0e957 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_info.py @@ -0,0 +1,128 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_node_info +short_description: Information module for Px Grid Node +description: +- Get all Px Grid Node. +- Get Px Grid Node by id. +- Get Px Grid Node by name. +- This API allows the client to get a pxGrid node by ID. +- This API allows the client to get a pxGrid node by name. +- This API allows the client to get all the npxGrid nodes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.get_px_grid_node_by_id, + px_grid_node.PxGridNode.get_px_grid_node_by_name, + px_grid_node.PxGridNode.get_px_grid_node_generator, + + - Paths used are + get /ers/config/pxgridnode, + get /ers/config/pxgridnode/name/{name}, + get /ers/config/pxgridnode/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Px Grid Node + cisco.ise.px_grid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Px Grid Node by id + cisco.ise.px_grid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Px Grid Node by name + cisco.ise.px_grid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_settings_auto_approve.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_settings_auto_approve.py new file mode 100644 index 00000000..886991e9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_settings_auto_approve.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_settings_auto_approve +short_description: Resource module for Px Grid Settings Auto Approve +description: +- Manage operation update of the resource Px Grid Settings Auto Approve. +- This API allows the client to auto approve the pxGrid settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowPasswordBasedAccounts: + description: Allow password based accounts when true. + type: bool + autoApproveCertBasedAccounts: + description: Auto approve certificate based accounts when true. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_settings.PxGridSettings.autoapprove_px_grid_settings, + + - Paths used are + put /ers/config/pxgridsettings/autoapprove, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.px_grid_settings_auto_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowPasswordBasedAccounts: true + autoApproveCertBasedAccounts: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_access_secret.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_access_secret.py new file mode 100644 index 00000000..dca5b999 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_access_secret.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_access_secret +short_description: Resource module for pxGrid Access Secret +description: +- Manage operation create of the resource pxGrid Access Secret. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + peerNodeName: + description: pxGrid Access Secret's peerNodeName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.access_secret, + + - Paths used are + post /control/AccessSecret, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_access_secret: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + peerNodeName: ise-admin-pxgrid-002 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_activate.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_activate.py new file mode 100644 index 00000000..8e2571b0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_activate.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_account_activate +short_description: Resource module for pxGrid Account Activate +description: +- Manage operation create of the resource pxGrid Account Activate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: pxGrid Account Activate's description. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.activate_account, + + - Paths used are + post /control/AccountActivate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_account_activate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + description: MyApp 1.0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_create.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_create.py new file mode 100644 index 00000000..4de7c868 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_create.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_account_create +short_description: Resource module for pxGrid Account Create +description: +- Manage operation create of the resource pxGrid Account Create. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + nodeName: + description: pxGrid Account Create's nodeName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.create_account, + + - Paths used are + post /control/AccountCreate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_account_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nodeName: MyName01 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_authorization.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_authorization.py new file mode 100644 index 00000000..7eaf7442 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_authorization.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_authorization +short_description: Resource module for pxGrid Authorization +description: +- Manage operation create of the resource pxGrid Authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.authorization, + + - Paths used are + post /control/Authorization, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_authorization: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_bindings_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_bindings_info.py new file mode 100644 index 00000000..9a27324c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_bindings_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_bindings_info +short_description: Information module for pxGrid Bindings Info +description: +- Get pxGrid Bindings Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_sxp.TrustSecSxp.get_bindings, + + - Paths used are + post /ise/sxp/getBindings, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Bindings Info + cisco.ise.pxgrid_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_matrices_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_matrices_info.py new file mode 100644 index 00000000..33b2e21e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_matrices_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_egress_matrices_info +short_description: Information module for pxGrid Egress Matrices Info +description: +- Get pxGrid Egress Matrices Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_egress_matrices, + + - Paths used are + post /ise/config/trustsec/getEgressMatrices, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Egress Matrices Info + cisco.ise.pxgrid_egress_matrices_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_policies_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_policies_info.py new file mode 100644 index 00000000..38f89a6a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_policies_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_egress_policies_info +short_description: Information module for pxGrid Egress Policies Info +description: +- Get pxGrid Egress Policies Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_egress_policies, + + - Paths used are + post /ise/config/trustsec/getEgressPolicies, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Egress Policies Info + cisco.ise.pxgrid_egress_policies_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoint_by_mac_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoint_by_mac_info.py new file mode 100644 index 00000000..49bcc5e5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoint_by_mac_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoint_by_mac_info +short_description: Information module for pxGrid Endpoint By Mac Info +description: +- Get pxGrid Endpoint By Mac Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoint_by_mac_address, + + - Paths used are + post /ise/mdm/getEndpointByMacAddress, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoint By Mac Info + cisco.ise.pxgrid_endpoint_by_mac_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_os_type_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_os_type_info.py new file mode 100644 index 00000000..15a6ff34 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_os_type_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoints_by_os_type_info +short_description: Information module for pxGrid Endpoints By Os Type Info +description: +- Get pxGrid Endpoints By Os Type Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoints_by_os_type, + + - Paths used are + post /ise/mdm/getEndpointsByOsType, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoints By Os Type Info + cisco.ise.pxgrid_endpoints_by_os_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_type_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_type_info.py new file mode 100644 index 00000000..bdedd95d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_type_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoints_by_type_info +short_description: Information module for pxGrid Endpoints By Type Info +description: +- Get pxGrid Endpoints By Type Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoints_by_type, + + - Paths used are + post /ise/mdm/getEndpointsByType, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoints By Type Info + cisco.ise.pxgrid_endpoints_by_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_info.py new file mode 100644 index 00000000..eec04621 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoints_info +short_description: Information module for pxGrid Endpoints Info +description: +- Get pxGrid Endpoints Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoints, + + - Paths used are + post /ise/mdm/getEndpoints, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoints Info + cisco.ise.pxgrid_endpoints_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_failures_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_failures_info.py new file mode 100644 index 00000000..475b9224 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_failures_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_failures_info +short_description: Information module for pxGrid Failures +description: +- Get all pxGrid Failures. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + radius_failure.RadiusFailure.get_failures, + + - Paths used are + get /getFailures, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Failures + cisco.ise.pxgrid_failures_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_healths_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_healths_info.py new file mode 100644 index 00000000..d247161b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_healths_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_healths_info +short_description: Information module for pxGrid Healths Info +description: +- Get pxGrid Healths Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + system_health.SystemHealth.get_healths, + + - Paths used are + post /ise/system/getHealths, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Healths Info + cisco.ise.pxgrid_healths_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_approve.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_approve.py new file mode 100644 index 00000000..c58e4419 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_approve.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_node_approve +short_description: Resource module for pxGrid Node Approve +description: +- Manage operation update of the resource pxGrid Node Approve. +- This API allows the client to approve a pxGrid node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.approve_px_grid_node, + + - Paths used are + put /ers/config/pxgridnode/name/{name}/approve, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.pxgrid_node_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_delete.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_delete.py new file mode 100644 index 00000000..5248f7a1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_delete.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_node_delete +short_description: Resource module for pxGrid Node Delete +description: +- Manage operation delete of the resource pxGrid Node Delete. +- This API deletes a pxGrid node by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.delete_px_grid_node_by_name, + + - Paths used are + delete /ers/config/pxgridnode/name/{name}, + +""" + +EXAMPLES = r""" +- name: Delete by name + cisco.ise.pxgrid_node_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_info.py new file mode 100644 index 00000000..19f71636 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_info.py @@ -0,0 +1,128 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_node_info +short_description: Information module for pxGrid Node +description: +- Get all pxGrid Node. +- Get pxGrid Node by id. +- Get pxGrid Node by name. +- This API allows the client to get a pxGrid node by ID. +- This API allows the client to get a pxGrid node by name. +- This API allows the client to get all the npxGrid nodes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.get_px_grid_node_by_id, + px_grid_node.PxGridNode.get_px_grid_node_by_name, + px_grid_node.PxGridNode.get_px_grid_node_generator, + + - Paths used are + get /ers/config/pxgridnode, + get /ers/config/pxgridnode/name/{name}, + get /ers/config/pxgridnode/{id}, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Node + cisco.ise.pxgrid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get pxGrid Node by id + cisco.ise.pxgrid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get pxGrid Node by name + cisco.ise.pxgrid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_performances_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_performances_info.py new file mode 100644 index 00000000..9f14887e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_performances_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_performances_info +short_description: Information module for pxGrid Performances Info +description: +- Get pxGrid Performances Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + system_health.SystemHealth.get_performances, + + - Paths used are + post /ise/system/getPerformances, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Performances Info + cisco.ise.pxgrid_performances_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_profiles_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_profiles_info.py new file mode 100644 index 00000000..94944e78 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_profiles_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_profiles_info +short_description: Information module for pxGrid Profiles Info +description: +- Get pxGrid Profiles Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + profiler.Profiler.get_profiles, + + - Paths used are + post /ise/config/profiler/getProfiles, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Profiles Info + cisco.ise.pxgrid_profiles_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_group_acls_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_group_acls_info.py new file mode 100644 index 00000000..b003c914 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_group_acls_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_security_group_acls_info +short_description: Information module for pxGrid Security Group ACLs Info +description: +- Get pxGrid Security Group ACLs Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_security_group_acls, + + - Paths used are + post /ise/config/trustsec/getSecurityGroupAcls, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Security Group ACLs Info + cisco.ise.pxgrid_security_group_acls_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_groups_info.py new file mode 100644 index 00000000..dd6867c4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_groups_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_security_groups_info +short_description: Information module for pxGrid Security Groups Info +description: +- Get pxGrid Security Groups Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_security_groups, + + - Paths used are + post /ise/config/trustsec/getSecurityGroups, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Security Groups Info + cisco.ise.pxgrid_security_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_lookup.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_lookup.py new file mode 100644 index 00000000..5787aecb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_lookup.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_lookup +short_description: Resource module for pxGrid Service Lookup +description: +- Manage operation create of the resource pxGrid Service Lookup. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: pxGrid Service Lookup's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.lookup_service, + + - Paths used are + post /control/ServiceLookup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_lookup: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: com.cisco.ise.pubsub + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_register.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_register.py new file mode 100644 index 00000000..c78f2df8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_register.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_register +short_description: Resource module for pxGrid Service Register +description: +- Manage operation create of the resource pxGrid Service Register. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: pxGrid Service Register's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.register_service, + + - Paths used are + post /control/ServiceRegister, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_register: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: com.cisco.ise.pubsub + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_reregister.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_reregister.py new file mode 100644 index 00000000..a79a00dd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_reregister.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_reregister +short_description: Resource module for pxGrid Service Reregister +description: +- Manage operation create of the resource pxGrid Service Reregister. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.reregister_service, + + - Paths used are + post /control/ServiceReregister, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_reregister: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_unregister.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_unregister.py new file mode 100644 index 00000000..f0316a4f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_unregister.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_unregister +short_description: Resource module for pxGrid Service Unregister +description: +- Manage operation create of the resource pxGrid Service Unregister. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.unregister_service, + + - Paths used are + post /control/ServiceUnregister, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_unregister: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_ip_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_ip_info.py new file mode 100644 index 00000000..6260c36e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_ip_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_session_by_ip_info +short_description: Information module for pxGrid Session By Ip Info +description: +- Get pxGrid Session By Ip Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_session_by_ip_address, + + - Paths used are + post /ise/session/getSessionByIpAddress, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Session By Ip Info + cisco.ise.pxgrid_session_by_ip_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_mac_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_mac_info.py new file mode 100644 index 00000000..6ddea664 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_mac_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_session_by_mac_info +short_description: Information module for pxGrid Session By Mac Info +description: +- Get pxGrid Session By Mac Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_session_by_mac_address, + + - Paths used are + post /ise/session/getSessionByMacAddress, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Session By Mac Info + cisco.ise.pxgrid_session_by_mac_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_for_recovery_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_for_recovery_info.py new file mode 100644 index 00000000..c9b3c975 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_for_recovery_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_session_for_recovery_info +short_description: Information module for pxGrid Session For Recovery Info +description: +- Get pxGrid Session For Recovery Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_sessions_for_recovery, + + - Paths used are + post /ise/session/getSessionsForRecovery, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Session For Recovery Info + cisco.ise.pxgrid_session_for_recovery_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_sessions_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_sessions_info.py new file mode 100644 index 00000000..bf910ac3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_sessions_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_sessions_info +short_description: Information module for pxGrid Sessions Info +description: +- Get pxGrid Sessions Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_sessions, + + - Paths used are + post /ise/session/getSessions, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Sessions Info + cisco.ise.pxgrid_sessions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_settings_auto_approve.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_settings_auto_approve.py new file mode 100644 index 00000000..fb1b90ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_settings_auto_approve.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_settings_auto_approve +short_description: Resource module for pxGrid Settings Auto Approve +description: +- Manage operation update of the resource pxGrid Settings Auto Approve. +- This API allows the client to auto approve the pxGrid settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowPasswordBasedAccounts: + description: Allow password based accounts when true. + type: bool + autoApproveCertBasedAccounts: + description: Auto approve certificate based accounts when true. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_settings.PxGridSettings.autoapprove_px_grid_settings, + + - Paths used are + put /ers/config/pxgridsettings/autoapprove, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.pxgrid_settings_auto_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowPasswordBasedAccounts: true + autoApproveCertBasedAccounts: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_group_by_username_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_group_by_username_info.py new file mode 100644 index 00000000..a7667adb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_group_by_username_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_user_group_by_username_info +short_description: Information module for pxGrid User Group By Username Info +description: +- Get pxGrid User Group By Username Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_user_group_by_user_name, + + - Paths used are + post /ise/session/getUserGroupByUserName, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid User Group By Username Info + cisco.ise.pxgrid_user_group_by_username_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_groups_info.py new file mode 100644 index 00000000..407c42f8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_groups_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_user_groups_info +short_description: Information module for pxGrid User Groups Info +description: +- Get pxGrid User Groups Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_user_groups, + + - Paths used are + post /ise/session/getUserGroups, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid User Groups Info + cisco.ise.pxgrid_user_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence.py b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence.py new file mode 100644 index 00000000..6bf112bd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence.py @@ -0,0 +1,267 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: radius_server_sequence +short_description: Resource module for RADIUS Server Sequence +description: +- Manage operations create, update and delete of the resource RADIUS Server Sequence. +- This API creates a RADIUS server sequence. +- This API deletes a RADIUS server sequence. +- This API allows the client to update a RADIUS server sequence. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + BeforeAcceptAttrManipulatorsList: + description: The beforeAcceptAttrManipulators is required only if useAttrSetBeforeAcc + is true. + elements: dict + suboptions: + action: + description: Allowed Values - ADD, - UPDATE, - REMOVE, - REMOVEANY. + type: str + attributeName: + description: RADIUS Server Sequence's attributeName. + type: str + changedVal: + description: The changedVal is required only if the action equals to 'UPDATE'. + type: str + dictionaryName: + description: RADIUS Server Sequence's dictionaryName. + type: str + value: + description: RADIUS Server Sequence's value. + type: str + type: list + OnRequestAttrManipulatorList: + description: The onRequestAttrManipulators is required only if useAttrSetOnRequest + is true. + elements: dict + suboptions: + action: + description: Allowed Values - ADD, - UPDATE, - REMOVE, - REMOVEANY. + type: str + attributeName: + description: RADIUS Server Sequence's attributeName. + type: str + changedVal: + description: The changedVal is required only if the action equals to 'UPDATE'. + type: str + dictionaryName: + description: RADIUS Server Sequence's dictionaryName. + type: str + value: + description: RADIUS Server Sequence's value. + type: str + type: list + RADIUSServerList: + description: RADIUS Server Sequence's RADIUSServerList. + elements: str + type: list + continueAuthorzPolicy: + description: ContinueAuthorzPolicy flag. + type: bool + description: + description: RADIUS Server Sequence's description. + type: str + id: + description: RADIUS Server Sequence's id. + type: str + localAccounting: + description: LocalAccounting flag. + type: bool + name: + description: RADIUS Server Sequence's name. + type: str + prefixSeparator: + description: The prefixSeparator is required only if stripPrefix is true. The maximum + length is 1 character. + type: str + remoteAccounting: + description: RemoteAccounting flag. + type: bool + stripPrefix: + description: StripPrefix flag. + type: bool + stripSuffix: + description: StripSuffix flag. + type: bool + suffixSeparator: + description: The suffixSeparator is required only if stripSuffix is true. The maximum + length is 1 character. + type: str + useAttrSetBeforeAcc: + description: UseAttrSetBeforeAcc flag. + type: bool + useAttrSetOnRequest: + description: UseAttrSetOnRequest flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + radius_server_sequence.RadiusServerSequence.create_radius_server_sequence, + radius_server_sequence.RadiusServerSequence.delete_radius_server_sequence_by_id, + radius_server_sequence.RadiusServerSequence.update_radius_server_sequence_by_id, + + - Paths used are + post /ers/config/radiusserversequence, + delete /ers/config/radiusserversequence/{id}, + put /ers/config/radiusserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.radius_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + BeforeAcceptAttrManipulatorsList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + OnRequestAttrManipulatorList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + RadiusServerList: + - string + continueAuthorzPolicy: true + description: string + id: string + localAccounting: true + name: string + prefixSeparator: string + remoteAccounting: true + stripPrefix: true + stripSuffix: true + suffixSeparator: string + useAttrSetBeforeAcc: true + useAttrSetOnRequest: true + +- name: Delete by id + cisco.ise.radius_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.radius_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + BeforeAcceptAttrManipulatorsList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + OnRequestAttrManipulatorList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + RadiusServerList: + - string + continueAuthorzPolicy: true + description: string + localAccounting: true + name: string + prefixSeparator: string + remoteAccounting: true + stripPrefix: true + stripSuffix: true + suffixSeparator: string + useAttrSetBeforeAcc: true + useAttrSetOnRequest: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "stripPrefix": true, + "stripSuffix": true, + "prefixSeparator": "string", + "suffixSeparator": "string", + "remoteAccounting": true, + "localAccounting": true, + "useAttrSetOnRequest": true, + "useAttrSetBeforeAcc": true, + "continueAuthorzPolicy": true, + "RadiusServerList": [ + "string" + ], + "OnRequestAttrManipulatorList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "BeforeAcceptAttrManipulatorsList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence_info.py b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence_info.py new file mode 100644 index 00000000..91097fdd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence_info.py @@ -0,0 +1,165 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: radius_server_sequence_info +short_description: Information module for RADIUS Server Sequence +description: +- Get all RADIUS Server Sequence. +- Get RADIUS Server Sequence by id. +- This API allows the client to get a RADIUS server sequence by ID. +- This API allows the client to get all the RADIUS server sequences. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + radius_server_sequence.RadiusServerSequence.get_radius_server_sequence_by_id, + radius_server_sequence.RadiusServerSequence.get_radius_server_sequence_generator, + + - Paths used are + get /ers/config/radiusserversequence, + get /ers/config/radiusserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Get all RADIUS Server Sequence + cisco.ise.radius_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get RADIUS Server Sequence by id + cisco.ise.radius_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "stripPrefix": true, + "stripSuffix": true, + "prefixSeparator": "string", + "suffixSeparator": "string", + "remoteAccounting": true, + "localAccounting": true, + "useAttrSetOnRequest": true, + "useAttrSetBeforeAcc": true, + "continueAuthorzPolicy": true, + "RadiusServerList": [ + "string" + ], + "OnRequestAttrManipulatorList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "BeforeAcceptAttrManipulatorsList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "stripPrefix": true, + "stripSuffix": true, + "prefixSeparator": "string", + "suffixSeparator": "string", + "remoteAccounting": true, + "localAccounting": true, + "useAttrSetOnRequest": true, + "useAttrSetBeforeAcc": true, + "continueAuthorzPolicy": true, + "RadiusServerList": [ + "string" + ], + "OnRequestAttrManipulatorList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "BeforeAcceptAttrManipulatorsList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/renew_certificate.py b/ansible_collections/cisco/ise/plugins/modules/renew_certificate.py new file mode 100644 index 00000000..d91ea35b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/renew_certificate.py @@ -0,0 +1,67 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: renew_certificate +short_description: Resource module for Renew Certificate +description: +- Manage operation create of the resource Renew Certificate. +- This API initiates regeneration of certificates. Response contains ID which can be used to track the status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + certType: + description: Renew Certificate's certType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.renew_certificates, + + - Paths used are + post /api/v1/certs/renew-certificate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.renew_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + certType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/repository.py b/ansible_collections/cisco/ise/plugins/modules/repository.py new file mode 100644 index 00000000..a9236c8f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/repository.py @@ -0,0 +1,138 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: repository +short_description: Resource module for Repository +description: +- Manage operations create, update and delete of the resource Repository. +- Create a new repository in the system. The name provided for the repository must be unique. +- Long description TBD. +- Update the definition of a specific repository, providing ALL parameters for the repository. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + enablePki: + description: EnablePki flag. + type: bool + name: + description: Repository name should be less than 80 characters and can contain alphanumeric, + underscore, hyphen and dot characters. + type: str + password: + description: Password can contain alphanumeric and/or special characters. + type: str + path: + description: Path should always start with "/" and can contain alphanumeric, underscore, + hyphen and dot characters. + type: str + protocol: + description: Repository's protocol. + type: str + repositoryName: + description: RepositoryName path parameter. Unique name for a repository. + type: str + serverName: + description: Repository's serverName. + type: str + userName: + description: Username may contain alphanumeric and _-./@\\$ characters. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Repository + description: Complete reference of the Repository API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!repository-openapi +notes: + - SDK Method used are + repository.Repository.create_repository, + repository.Repository.delete_repository, + repository.Repository.update_repository, + + - Paths used are + post /api/v1/repository, + delete /api/v1/repository/{repositoryName}, + put /api/v1/repository/{repositoryName}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.repository: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + enablePki: true + name: string + password: string + path: string + protocol: string + serverName: string + userName: string + +- name: Update by name + cisco.ise.repository: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + enablePki: true + name: string + password: string + path: string + protocol: string + repositoryName: string + serverName: string + userName: string + +- name: Delete by name + cisco.ise.repository: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "protocol": "string", + "path": "string", + "password": "string", + "serverName": "string", + "userName": "string", + "enablePki": true + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/repository_files_info.py b/ansible_collections/cisco/ise/plugins/modules/repository_files_info.py new file mode 100644 index 00000000..c70d8b7b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/repository_files_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: repository_files_info +short_description: Information module for Repository Files +description: +- Get all Repository Files. +- This will get the full list of files present in the named repository. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + repositoryName: + description: + - RepositoryName path parameter. Unique name for a repository. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Repository + description: Complete reference of the Repository API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!repository-openapi +notes: + - SDK Method used are + repository.Repository.get_repository_files, + + - Paths used are + get /api/v1/repository/{repositoryName}/files, + +""" + +EXAMPLES = r""" +- name: Get all Repository Files + cisco.ise.repository_files_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + repositoryName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: str + sample: > + [ + "string" + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/repository_info.py b/ansible_collections/cisco/ise/plugins/modules/repository_info.py new file mode 100644 index 00000000..524e63a9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/repository_info.py @@ -0,0 +1,78 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: repository_info +short_description: Information module for Repository +description: +- Get all Repository. +- Get Repository by name. +- Get a specific repository identified by the name passed in the URL. +- This will get the full list of repository definitions on the system. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + repositoryName: + description: + - RepositoryName path parameter. Unique name for a repository. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Repository + description: Complete reference of the Repository API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!repository-openapi +notes: + - SDK Method used are + repository.Repository.get_repositories, + repository.Repository.get_repository, + + - Paths used are + get /api/v1/repository, + get /api/v1/repository/{repositoryName}, + +""" + +EXAMPLES = r""" +- name: Get all Repository + cisco.ise.repository_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Repository by name + cisco.ise.repository_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + repositoryName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "protocol": "string", + "path": "string", + "password": "string", + "serverName": "string", + "userName": "string", + "enablePki": true + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/resource_version_info.py b/ansible_collections/cisco/ise/plugins/modules/resource_version_info.py new file mode 100644 index 00000000..b8989b7b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/resource_version_info.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: resource_version_info +short_description: Information module for Resource Version +description: +- Get all Resource Version. +- Get all VersionInfo. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + resource: + description: + - Resource path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + version_info.VersionInfo.get_version_info, + + - Paths used are + get /ers/config/{resource}/versioninfo, + +""" + +EXAMPLES = r""" +- name: Get all Resource Version + cisco.ise.resource_version_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + resource: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "currentServerVersion": "string", + "supportedVersions": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/rest_id_store.py b/ansible_collections/cisco/ise/plugins/modules/rest_id_store.py new file mode 100644 index 00000000..f39aaf8d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/rest_id_store.py @@ -0,0 +1,199 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: rest_id_store +short_description: Resource module for REST Id Store +description: +- Manage operations create, update and delete of the resource REST Id Store. +- This API creates a REST ID store. +- This API deletes a REST ID store by name. +- This API deletes a REST ID store. +- This API allows the client to update a REST ID store by name. +- This API allows the client to update a REST ID store. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: REST Id Store's description. + type: str + ersRESTIDStoreAttributes: + description: REST Id Store's ersRESTIDStoreAttributes. + suboptions: + headers: + description: REST Id Store's headers. + elements: dict + suboptions: + key: + description: REST Id Store's key. + type: str + value: + description: REST Id Store's value. + type: str + type: list + predefined: + description: The cloud provider connected to of the RESTIDStore. Options are + - Azure, - Okta, - None. + type: str + rootUrl: + description: Url of the root of the RESTIDStore. + type: str + usernameSuffix: + description: Suffix of the username domain. + type: str + type: dict + id: + description: REST Id Store's id. + type: str + name: + description: REST Id Store's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + restid_store.RestidStore.create_rest_id_store, + restid_store.RestidStore.delete_rest_id_store_by_id, + restid_store.RestidStore.delete_rest_id_store_by_name, + restid_store.RestidStore.update_rest_id_store_by_id, + restid_store.RestidStore.update_rest_id_store_by_name, + + - Paths used are + post /ers/config/restidstore, + delete /ers/config/restidstore/name/{name}, + delete /ers/config/restidstore/{id}, + put /ers/config/restidstore/name/{name}, + put /ers/config/restidstore/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + ersRestIDStoreAttributes: + headers: + - key: string + value: string + predefined: string + rootUrl: string + usernameSuffix: string + id: string + name: string + +- name: Delete by name + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + ersRestIDStoreAttributes: + headers: + - key: string + value: string + predefined: string + rootUrl: string + usernameSuffix: string + id: string + name: string + +- name: Delete by id + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + ersRestIDStoreAttributes: + headers: + - key: string + value: string + predefined: string + rootUrl: string + usernameSuffix: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ersRestIDStoreAttributes": { + "usernameSuffix": "string", + "rootUrl": "string", + "predefined": "string", + "headers": [ + { + "key": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/rest_id_store_info.py b/ansible_collections/cisco/ise/plugins/modules/rest_id_store_info.py new file mode 100644 index 00000000..f9d5a1cd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/rest_id_store_info.py @@ -0,0 +1,182 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: rest_id_store_info +short_description: Information module for REST Id Store +description: +- Get all REST Id Store. +- Get REST Id Store by id. +- Get REST Id Store by name. +- This API allows the client to get a REST ID store by ID. +- This API allows the client to get a REST ID store by name. +- This API allows the client to get all the REST ID stores. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + restid_store.RestidStore.get_rest_id_store_by_id, + restid_store.RestidStore.get_rest_id_store_by_name, + restid_store.RestidStore.get_rest_id_store_generator, + + - Paths used are + get /ers/config/restidstore, + get /ers/config/restidstore/name/{name}, + get /ers/config/restidstore/{id}, + +""" + +EXAMPLES = r""" +- name: Get all REST Id Store + cisco.ise.rest_id_store_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get REST Id Store by id + cisco.ise.rest_id_store_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get REST Id Store by name + cisco.ise.rest_id_store_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ersRestIDStoreAttributes": { + "usernameSuffix": "string", + "rootUrl": "string", + "predefined": "string", + "headers": [ + { + "key": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "ersRestIDStoreAttributes": { + "usernameSuffix": "string", + "rootUrl": "string", + "predefined": "string", + "headers": [ + { + "key": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/self_registered_portal.py b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal.py new file mode 100644 index 00000000..a7b264ff --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal.py @@ -0,0 +1,1392 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: self_registered_portal +short_description: Resource module for Self Registered Portal +description: +- Manage operations create, update and delete of the resource Self Registered Portal. +- This API creates a self registered portal. +- This API deletes a self registered portal by ID. +- This API allows the client to update a self registered portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: Self Registered Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Self Registered Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Self Registered Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Self Registered Portal's bannerTitle. + type: str + contactText: + description: Self Registered Portal's contactText. + type: str + desktopLogoImage: + description: Self Registered Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Self Registered Portal's footerElement. + type: str + mobileLogoImage: + description: Self Registered Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Self Registered Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: Self Registered Portal's key. + type: str + value: + description: Self Registered Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Self Registered Portal's portalTheme. + suboptions: + id: + description: Self Registered Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Self Registered Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Self Registered Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Self Registered Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Self Registered Portal's description. + type: str + id: + description: Self Registered Portal's id. + type: str + name: + description: Self Registered Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a portal. + suboptions: + aupSettings: + description: Self Registered Portal's aupSettings. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: Require the portal user to read and accept an AUP. + type: bool + requireAupScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + requireScrolling: + description: RequireScrolling flag. + type: bool + skipAupForEmployees: + description: Only valid if requireAupAcceptance = trueG. + type: bool + useDiffAupForEmployees: + description: Only valid if requireAupAcceptance = trueG. + type: bool + type: dict + authSuccessSettings: + description: Self Registered Portal's authSuccessSettings. + suboptions: + redirectUrl: + description: Self Registered Portal's redirectUrl. + type: str + successRedirect: + description: Self Registered Portal's successRedirect. + type: str + type: dict + byodSettings: + description: Configuration of BYOD Device Welcome, Registration and Success + steps. + suboptions: + byodRegistrationSettings: + description: Configuration of BYOD endpoint Registration step configuration. + suboptions: + endPointIdentityGroupId: + description: Identity group id for which endpoint belongs. + type: str + showDeviceID: + description: Display Device ID field during registration. + type: bool + type: dict + byodRegistrationSuccessSettings: + description: Configuration of BYOD endpoint Registration Success step configuration. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = + URL. + type: str + successRedirect: + description: After an Authentication Success where should device be + redirected. Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - + URL. + type: str + type: dict + byodWelcomeSettings: + description: Configuration of BYOD endpoint welcome step configuration. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a + link. Only valid if includeAup = true. Allowed values - ONPAGE, - + ASLINK. + type: str + enableBYOD: + description: EnableBYOD flag. + type: bool + enableGuestAccess: + description: EnableGuestAccess flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireMDM: + description: RequireMDM flag. + type: bool + requireScrolling: + description: Require BYOD devices to scroll down to the bottom of the + AUP, Only valid if includeAup = true. + type: bool + type: dict + type: dict + guestChangePasswordSettings: + description: Self Registered Portal's guestChangePasswordSettings. + suboptions: + allowChangePasswdAtFirstLogin: + description: Allow guest to change their own passwords. + type: bool + type: dict + guestDeviceRegistrationSettings: + description: Self Registered Portal's guestDeviceRegistrationSettings. + suboptions: + allowGuestsToRegisterDevices: + description: Allow guests to register devices. + type: bool + autoRegisterGuestDevices: + description: Automatically register guest devices. + type: bool + type: dict + loginPageSettings: + description: Portal Login Page settings groups follow. + suboptions: + accessCode: + description: Access code that must be entered by the portal user (only valid + if requireAccessCode = true). + type: str + allowAlternateGuestPortal: + description: AllowAlternateGuestPortal flag. + type: bool + allowForgotPassword: + description: AllowForgotPassword flag. + type: bool + allowGuestToChangePassword: + description: Require the portal user to enter an access code. + type: bool + allowGuestToCreateAccounts: + description: AllowGuestToCreateAccounts flag. + type: bool + allowGuestToUseSocialAccounts: + description: AllowGuestToUseSocialAccounts flag. + type: bool + allowShowGuestForm: + description: AllowShowGuestForm flag. + type: bool + alternateGuestPortal: + description: Self Registered Portal's alternateGuestPortal. + type: str + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAccessCode: + description: Require the portal user to enter an access code. + type: bool + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + socialConfigs: + description: Self Registered Portal's socialConfigs. + elements: dict + suboptions: + socialMediaType: + description: Self Registered Portal's socialMediaType. + type: str + socialMediaValue: + description: Self Registered Portal's socialMediaValue. + type: str + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Self Registered Portal's alwaysUsedLanguage. + type: str + assignedGuestTypeForEmployee: + description: Unique Id of a guest type. Employees using this portal as a + guest inherit login options from the guest type. + type: str + authenticationMethod: + description: Unique Id of the identity source sequence. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: Self Registered Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Self Registered Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + selfRegPageSettings: + description: Self Registered Portal's selfRegPageSettings. + suboptions: + accountValidityDuration: + description: Self-registered guest account is valid for this many account_validity_time_units. + type: int + accountValidityTimeUnits: + description: Time units for account_validity_duration. Allowed Values - + DAYS, - HOURS, - MINUTES. + type: str + allowGraceAccess: + description: AllowGraceAccess flag. + type: bool + approvalEmailAddresses: + description: Only valid if requireGuestApproval = true and sendApprovalRequestTo + = SELECTEDEMAILADDRESSES. + type: str + approveDenyLinksTimeUnits: + description: This attribute, along with approveDenyLinksValidFor, specifies + how long the link can be used. Only valid if requireGuestApproval = true. + Allowed Values - DAYS, - HOURS, - MINUTES. + type: str + approveDenyLinksValidFor: + description: This attribute, along with approveDenyLinksTimeUnits, specifies + how long the link can be used. Only valid if requireGuestApproval = true. + type: int + assignGuestsToGuestType: + description: Guests are assigned to this guest type. + type: str + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + authenticateSponsorsUsingPortalList: + description: AuthenticateSponsorsUsingPortalList flag. + type: bool + autoLoginSelfWait: + description: Allow guests to login automatically from self-registration + after sponsor's approval. No need to provide the credentials by guest + to login. + type: bool + autoLoginTimePeriod: + description: Waiting period for auto login until sponsor's approval. If + time exceeds, guest has to login manually by providing the credentials. + Default value is 5 minutes. + type: int + credentialNotificationUsingEmail: + description: If true, send credential notification upon approval using email. + Only valid if requireGuestApproval = true. + type: bool + credentialNotificationUsingSMS: + description: If true, send credential notification upon approval using SMS. + Only valid if requireGuestApproval = true. + type: bool + enableGuestEmailBlacklist: + description: Disallow guests with an e-mail address from selected domains. + type: bool + enableGuestEmailWhitelist: + description: Allow guests with an e-mail address from selected domains. + type: bool + fieldCompany: + description: Self Registered Portal's fieldCompany. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldEmailAddr: + description: Self Registered Portal's fieldEmailAddr. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldFirstName: + description: Self Registered Portal's fieldFirstName. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldLastName: + description: Self Registered Portal's fieldLastName. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldLocation: + description: Self Registered Portal's fieldLocation. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldPersonBeingVisited: + description: Self Registered Portal's fieldPersonBeingVisited. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldPhoneNo: + description: Self Registered Portal's fieldPhoneNo. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldReasonForVisit: + description: Self Registered Portal's fieldReasonForVisit. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldSMSProvider: + description: Self Registered Portal's fieldSMSProvider. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldUserName: + description: Self Registered Portal's fieldUserName. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + graceAccessExpireInterval: + description: Self Registered Portal's graceAccessExpireInterval. + type: int + graceAccessSendAccountExpiration: + description: GraceAccessSendAccountExpiration flag. + type: bool + guestEmailBlacklistDomains: + description: Disallow guests with an e-mail address from selected domains. + elements: str + type: list + guestEmailWhitelistDomains: + description: Self-registered guests whose e-mail address is in one of these + domains will be allowed. Only valid if enableGuestEmailWhitelist = true. + elements: str + type: list + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + postRegistrationRedirect: + description: After the registration submission direct the guest user to + one of the following pages. Only valid if requireGuestApproval = true. + Allowed Values - SELFREGISTRATIONSUCCESS, - LOGINPAGEWITHINSTRUCTIONS + - URL. + type: str + postRegistrationRedirectUrl: + description: URL where guest user is redirected after registration. Only + valid if requireGuestApproval = true and postRegistrationRedirect = URL. + type: str + registrationCode: + description: The registration code that the guest user must enter. + type: str + requireApproverToAuthenticate: + description: When self-registered guests require approval, an approval request + is e-mailed to one or more sponsor users. If the Cisco ISE Administrator + chooses to include an approval link in the e-mail, a sponsor user who + clicks the link will be required to enter their username and password + if this attribute is true. Only valid if requireGuestApproval = true. + type: bool + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + requireGuestApproval: + description: Require self-registered guests to be approved if true. + type: bool + requireRegistrationCode: + description: Self-registered guests are required to enter a registration + code. + type: bool + selectableLocations: + description: Guests can choose from these locations to set their time zone. + elements: str + type: list + selectableSMSProviders: + description: This attribute is an array of SMS provider names. + elements: str + type: list + sendApprovalRequestTo: + description: Specifies where approval requests are sent. Only valid if requireGuestApproval + = true. Allowed Values - SELECTEDEMAILADDRESSES, - PERSONBEINGVISITED. + type: str + sponsorPortalList: + description: Self Registered Portal's sponsorPortalList. + elements: str + type: list + type: dict + selfRegSuccessSettings: + description: Self Registered Portal's selfRegSuccessSettings. + suboptions: + allowGuestLoginFromSelfregSuccessPage: + description: AllowGuestLoginFromSelfregSuccessPage flag. + type: bool + allowGuestSendSelfUsingEmail: + description: AllowGuestSendSelfUsingEmail flag. + type: bool + allowGuestSendSelfUsingPrint: + description: AllowGuestSendSelfUsingPrint flag. + type: bool + allowGuestSendSelfUsingSMS: + description: AllowGuestSendSelfUsingSMS flag. + type: bool + aupOnPage: + description: AupOnPage flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + includeCompany: + description: IncludeCompany flag. + type: bool + includeEmailAddr: + description: IncludeEmailAddr flag. + type: bool + includeFirstName: + description: IncludeFirstName flag. + type: bool + includeLastName: + description: IncludeLastName flag. + type: bool + includeLocation: + description: IncludeLocation flag. + type: bool + includePassword: + description: IncludePassword flag. + type: bool + includePersonBeingVisited: + description: IncludePersonBeingVisited flag. + type: bool + includePhoneNo: + description: IncludePhoneNo flag. + type: bool + includeReasonForVisit: + description: IncludeReasonForVisit flag. + type: bool + includeSMSProvider: + description: IncludeSMSProvider flag. + type: bool + includeUserName: + description: IncludeUserName flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireAupScrolling: + description: RequireAupScrolling flag. + type: bool + type: dict + supportInfoSettings: + description: Self Registered Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SelfRegisteredPortal + description: Complete reference of the SelfRegisteredPortal API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!selfregportal +notes: + - SDK Method used are + self_registered_portal.SelfRegisteredPortal.create_self_registered_portal, + self_registered_portal.SelfRegisteredPortal.delete_self_registered_portal_by_id, + self_registered_portal.SelfRegisteredPortal.update_self_registered_portal_by_id, + + - Paths used are + post /ers/config/selfregportal, + delete /ers/config/selfregportal/{id}, + put /ers/config/selfregportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.self_registered_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + allowGuestToUseSocialAccounts: true + allowShowGuestForm: true + alternateGuestPortal: string + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + selfRegPageSettings: + accountValidityDuration: 0 + accountValidityTimeUnits: string + allowGraceAccess: true + approvalEmailAddresses: string + approveDenyLinksTimeUnits: string + approveDenyLinksValidFor: 0 + assignGuestsToGuestType: string + aupDisplay: string + authenticateSponsorsUsingPortalList: true + autoLoginSelfWait: true + autoLoginTimePeriod: 0 + credentialNotificationUsingEmail: true + credentialNotificationUsingSms: true + enableGuestEmailBlacklist: true + enableGuestEmailWhitelist: true + fieldCompany: + include: true + require: true + fieldEmailAddr: + include: true + require: true + fieldFirstName: + include: true + require: true + fieldLastName: + include: true + require: true + fieldLocation: + include: true + require: true + fieldPersonBeingVisited: + include: true + require: true + fieldPhoneNo: + include: true + require: true + fieldReasonForVisit: + include: true + require: true + fieldSmsProvider: + include: true + require: true + fieldUserName: + include: true + require: true + graceAccessExpireInterval: 0 + graceAccessSendAccountExpiration: true + guestEmailBlacklistDomains: + - string + guestEmailWhitelistDomains: + - string + includeAup: true + postRegistrationRedirect: string + postRegistrationRedirectUrl: string + registrationCode: string + requireApproverToAuthenticate: true + requireAupAcceptance: true + requireGuestApproval: true + requireRegistrationCode: true + selectableLocations: + - string + selectableSmsProviders: + - string + sendApprovalRequestTo: string + sponsorPortalList: + - string + selfRegSuccessSettings: + allowGuestLoginFromSelfregSuccessPage: true + allowGuestSendSelfUsingEmail: true + allowGuestSendSelfUsingPrint: true + allowGuestSendSelfUsingSms: true + aupOnPage: true + includeAup: true + includeCompany: true + includeEmailAddr: true + includeFirstName: true + includeLastName: true + includeLocation: true + includePassword: true + includePersonBeingVisited: true + includePhoneNo: true + includeReasonForVisit: true + includeSmsProvider: true + includeUserName: true + requireAupAcceptance: true + requireAupScrolling: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.self_registered_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.self_registered_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + allowGuestToUseSocialAccounts: true + allowShowGuestForm: true + alternateGuestPortal: string + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + selfRegPageSettings: + accountValidityDuration: 0 + accountValidityTimeUnits: string + allowGraceAccess: true + approvalEmailAddresses: string + approveDenyLinksTimeUnits: string + approveDenyLinksValidFor: 0 + assignGuestsToGuestType: string + aupDisplay: string + authenticateSponsorsUsingPortalList: true + autoLoginSelfWait: true + autoLoginTimePeriod: 0 + credentialNotificationUsingEmail: true + credentialNotificationUsingSms: true + enableGuestEmailBlacklist: true + enableGuestEmailWhitelist: true + fieldCompany: + include: true + require: true + fieldEmailAddr: + include: true + require: true + fieldFirstName: + include: true + require: true + fieldLastName: + include: true + require: true + fieldLocation: + include: true + require: true + fieldPersonBeingVisited: + include: true + require: true + fieldPhoneNo: + include: true + require: true + fieldReasonForVisit: + include: true + require: true + fieldSmsProvider: + include: true + require: true + fieldUserName: + include: true + require: true + graceAccessExpireInterval: 0 + graceAccessSendAccountExpiration: true + guestEmailBlacklistDomains: + - string + guestEmailWhitelistDomains: + - string + includeAup: true + postRegistrationRedirect: string + postRegistrationRedirectUrl: string + registrationCode: string + requireApproverToAuthenticate: true + requireAupAcceptance: true + requireGuestApproval: true + requireRegistrationCode: true + selectableLocations: + - string + selectableSmsProviders: + - string + sendApprovalRequestTo: string + sponsorPortalList: + - string + selfRegSuccessSettings: + allowGuestLoginFromSelfregSuccessPage: true + allowGuestSendSelfUsingEmail: true + allowGuestSendSelfUsingPrint: true + allowGuestSendSelfUsingSms: true + aupOnPage: true + includeAup: true + includeCompany: true + includeEmailAddr: true + includeFirstName: true + includeLastName: true + includeLocation: true + includePassword: true + includePersonBeingVisited: true + includePhoneNo: true + includeReasonForVisit: true + includeSmsProvider: true + includeUserName: true + requireAupAcceptance: true + requireAupScrolling: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "alternateGuestPortal": "string", + "allowGuestToUseSocialAccounts": true, + "allowShowGuestForm": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "selfRegPageSettings": { + "assignGuestsToGuestType": "string", + "accountValidityDuration": 0, + "accountValidityTimeUnits": "string", + "requireRegistrationCode": true, + "registrationCode": "string", + "fieldUserName": { + "include": true, + "require": true + }, + "fieldFirstName": { + "include": true, + "require": true + }, + "fieldLastName": { + "include": true, + "require": true + }, + "fieldEmailAddr": { + "include": true, + "require": true + }, + "fieldPhoneNo": { + "include": true, + "require": true + }, + "fieldCompany": { + "include": true, + "require": true + }, + "fieldLocation": { + "include": true, + "require": true + }, + "selectableLocations": [ + "string" + ], + "fieldSmsProvider": { + "include": true, + "require": true + }, + "selectableSmsProviders": [ + "string" + ], + "fieldPersonBeingVisited": { + "include": true, + "require": true + }, + "fieldReasonForVisit": { + "include": true, + "require": true + }, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "enableGuestEmailWhitelist": true, + "guestEmailWhitelistDomains": [ + "string" + ], + "enableGuestEmailBlacklist": true, + "guestEmailBlacklistDomains": [ + "string" + ], + "requireGuestApproval": true, + "autoLoginSelfWait": true, + "autoLoginTimePeriod": 0, + "allowGraceAccess": true, + "graceAccessExpireInterval": 0, + "graceAccessSendAccountExpiration": true, + "sendApprovalRequestTo": "string", + "approvalEmailAddresses": "string", + "postRegistrationRedirect": "string", + "postRegistrationRedirectUrl": "string", + "credentialNotificationUsingEmail": true, + "credentialNotificationUsingSms": true, + "approveDenyLinksValidFor": 0, + "approveDenyLinksTimeUnits": "string", + "requireApproverToAuthenticate": true, + "authenticateSponsorsUsingPortalList": true, + "sponsorPortalList": [ + "string" + ] + }, + "selfRegSuccessSettings": { + "includeUserName": true, + "includePassword": true, + "includeFirstName": true, + "includeLastName": true, + "includeEmailAddr": true, + "includePhoneNo": true, + "includeCompany": true, + "includeLocation": true, + "includeSmsProvider": true, + "includePersonBeingVisited": true, + "includeReasonForVisit": true, + "allowGuestSendSelfUsingPrint": true, + "allowGuestSendSelfUsingEmail": true, + "allowGuestSendSelfUsingSms": true, + "includeAup": true, + "aupOnPage": true, + "requireAupAcceptance": true, + "requireAupScrolling": true, + "allowGuestLoginFromSelfregSuccessPage": true + }, + "aupSettings": { + "includeAup": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "requireScrolling": true, + "requireAupScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/self_registered_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal_info.py new file mode 100644 index 00000000..42d00979 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal_info.py @@ -0,0 +1,623 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: self_registered_portal_info +short_description: Information module for Self Registered Portal +description: +- Get all Self Registered Portal. +- Get Self Registered Portal by id. +- This API allows the client to get a self registered portal by ID. +- This API allows the client to get all the self registered portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SelfRegisteredPortal + description: Complete reference of the SelfRegisteredPortal API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!selfregportal +notes: + - SDK Method used are + self_registered_portal.SelfRegisteredPortal.get_self_registered_portal_by_id, + self_registered_portal.SelfRegisteredPortal.get_self_registered_portals_generator, + + - Paths used are + get /ers/config/selfregportal, + get /ers/config/selfregportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Self Registered Portal + cisco.ise.self_registered_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Self Registered Portal by id + cisco.ise.self_registered_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "alternateGuestPortal": "string", + "allowGuestToUseSocialAccounts": true, + "allowShowGuestForm": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "selfRegPageSettings": { + "assignGuestsToGuestType": "string", + "accountValidityDuration": 0, + "accountValidityTimeUnits": "string", + "requireRegistrationCode": true, + "registrationCode": "string", + "fieldUserName": { + "include": true, + "require": true + }, + "fieldFirstName": { + "include": true, + "require": true + }, + "fieldLastName": { + "include": true, + "require": true + }, + "fieldEmailAddr": { + "include": true, + "require": true + }, + "fieldPhoneNo": { + "include": true, + "require": true + }, + "fieldCompany": { + "include": true, + "require": true + }, + "fieldLocation": { + "include": true, + "require": true + }, + "selectableLocations": [ + "string" + ], + "fieldSmsProvider": { + "include": true, + "require": true + }, + "selectableSmsProviders": [ + "string" + ], + "fieldPersonBeingVisited": { + "include": true, + "require": true + }, + "fieldReasonForVisit": { + "include": true, + "require": true + }, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "enableGuestEmailWhitelist": true, + "guestEmailWhitelistDomains": [ + "string" + ], + "enableGuestEmailBlacklist": true, + "guestEmailBlacklistDomains": [ + "string" + ], + "requireGuestApproval": true, + "autoLoginSelfWait": true, + "autoLoginTimePeriod": 0, + "allowGraceAccess": true, + "graceAccessExpireInterval": 0, + "graceAccessSendAccountExpiration": true, + "sendApprovalRequestTo": "string", + "approvalEmailAddresses": "string", + "postRegistrationRedirect": "string", + "postRegistrationRedirectUrl": "string", + "credentialNotificationUsingEmail": true, + "credentialNotificationUsingSms": true, + "approveDenyLinksValidFor": 0, + "approveDenyLinksTimeUnits": "string", + "requireApproverToAuthenticate": true, + "authenticateSponsorsUsingPortalList": true, + "sponsorPortalList": [ + "string" + ] + }, + "selfRegSuccessSettings": { + "includeUserName": true, + "includePassword": true, + "includeFirstName": true, + "includeLastName": true, + "includeEmailAddr": true, + "includePhoneNo": true, + "includeCompany": true, + "includeLocation": true, + "includeSmsProvider": true, + "includePersonBeingVisited": true, + "includeReasonForVisit": true, + "allowGuestSendSelfUsingPrint": true, + "allowGuestSendSelfUsingEmail": true, + "allowGuestSendSelfUsingSms": true, + "includeAup": true, + "aupOnPage": true, + "requireAupAcceptance": true, + "requireAupScrolling": true, + "allowGuestLoginFromSelfregSuccessPage": true + }, + "aupSettings": { + "includeAup": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "requireScrolling": true, + "requireAupScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "alternateGuestPortal": "string", + "allowGuestToUseSocialAccounts": true, + "allowShowGuestForm": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "selfRegPageSettings": { + "assignGuestsToGuestType": "string", + "accountValidityDuration": 0, + "accountValidityTimeUnits": "string", + "requireRegistrationCode": true, + "registrationCode": "string", + "fieldUserName": { + "include": true, + "require": true + }, + "fieldFirstName": { + "include": true, + "require": true + }, + "fieldLastName": { + "include": true, + "require": true + }, + "fieldEmailAddr": { + "include": true, + "require": true + }, + "fieldPhoneNo": { + "include": true, + "require": true + }, + "fieldCompany": { + "include": true, + "require": true + }, + "fieldLocation": { + "include": true, + "require": true + }, + "selectableLocations": [ + "string" + ], + "fieldSmsProvider": { + "include": true, + "require": true + }, + "selectableSmsProviders": [ + "string" + ], + "fieldPersonBeingVisited": { + "include": true, + "require": true + }, + "fieldReasonForVisit": { + "include": true, + "require": true + }, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "enableGuestEmailWhitelist": true, + "guestEmailWhitelistDomains": [ + "string" + ], + "enableGuestEmailBlacklist": true, + "guestEmailBlacklistDomains": [ + "string" + ], + "requireGuestApproval": true, + "autoLoginSelfWait": true, + "autoLoginTimePeriod": 0, + "allowGraceAccess": true, + "graceAccessExpireInterval": 0, + "graceAccessSendAccountExpiration": true, + "sendApprovalRequestTo": "string", + "approvalEmailAddresses": "string", + "postRegistrationRedirect": "string", + "postRegistrationRedirectUrl": "string", + "credentialNotificationUsingEmail": true, + "credentialNotificationUsingSms": true, + "approveDenyLinksValidFor": 0, + "approveDenyLinksTimeUnits": "string", + "requireApproverToAuthenticate": true, + "authenticateSponsorsUsingPortalList": true, + "sponsorPortalList": [ + "string" + ] + }, + "selfRegSuccessSettings": { + "includeUserName": true, + "includePassword": true, + "includeFirstName": true, + "includeLastName": true, + "includeEmailAddr": true, + "includePhoneNo": true, + "includeCompany": true, + "includeLocation": true, + "includeSmsProvider": true, + "includePersonBeingVisited": true, + "includeReasonForVisit": true, + "allowGuestSendSelfUsingPrint": true, + "allowGuestSendSelfUsingEmail": true, + "allowGuestSendSelfUsingSms": true, + "includeAup": true, + "aupOnPage": true, + "requireAupAcceptance": true, + "requireAupScrolling": true, + "allowGuestLoginFromSelfregSuccessPage": true + }, + "aupSettings": { + "includeAup": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "requireScrolling": true, + "requireAupScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/selfsigned_certificate_generate.py b/ansible_collections/cisco/ise/plugins/modules/selfsigned_certificate_generate.py new file mode 100644 index 00000000..eecd7b54 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/selfsigned_certificate_generate.py @@ -0,0 +1,196 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: selfsigned_certificate_generate +short_description: Resource module for Selfsigned Certificate Generate +description: +- Manage operation create of the resource Selfsigned Certificate Generate. +- Generate Self-signed Certificate. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowExtendedValidity: + description: Allow generation of self-signed certificate with validity greater than + 398 days. + type: bool + allowPortalTagTransferForSameSubject: + description: Allow overwriting the portal tag from matching certificate of same + subject. + type: bool + allowReplacementOfCertificates: + description: Allow Replacement of certificates. + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag. + type: bool + allowRoleTransferForSameSubject: + description: Allow transfer of roles for certificate with matching subject. + type: bool + allowSanDnsBadName: + description: Allow usage of SAN DNS Bad name. + type: bool + allowSanDnsNonResolvable: + description: Allow use of non resolvable Common Name or SAN Values. + type: bool + allowWildCardCertificates: + description: Allow Wildcard Certificates. + type: bool + certificatePolicies: + description: Certificate Policies. + type: str + digestType: + description: Digest to sign with. + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + expirationTTL: + description: Certificate expiration value. + type: int + expirationTTLUnit: + description: Certificate expiration unit. + type: str + hostName: + description: Hostname of the Cisco ISE node in which self-signed certificate should + be generated. + type: str + keyLength: + description: Bit size of public key. + type: str + keyType: + description: Algorithm to use for certificate public key creation. + type: str + name: + description: Friendly name of the certificate. + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool + sanDNS: + description: Array of SAN (Subject Alternative Name) DNS entries. + elements: str + type: list + sanIP: + description: Array of SAN IP entries. + elements: str + type: list + sanURI: + description: Array of SAN URI entries. + elements: str + type: list + subjectCity: + description: Certificate city or locality (L). + type: str + subjectCommonName: + description: Certificate common name (CN). + type: str + subjectCountry: + description: Certificate country (C). + type: str + subjectOrg: + description: Certificate organization (O). + type: str + subjectOrgUnit: + description: Certificate organizational unit (OU). + type: str + subjectState: + description: Certificate state (ST). + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.generate_self_signed_certificate, + + - Paths used are + post /api/v1/certs/system-certificate/generate-selfsigned-certificate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.selfsigned_certificate_generate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + admin: true + allowExtendedValidity: true + allowPortalTagTransferForSameSubject: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + allowRoleTransferForSameSubject: true + allowSanDnsBadName: true + allowSanDnsNonResolvable: true + allowWildCardCertificates: true + certificatePolicies: string + digestType: string + eap: true + expirationTTL: 0 + expirationTTLUnit: string + hostName: string + keyLength: string + keyType: string + name: string + portal: true + portalGroupTag: string + pxgrid: true + radius: true + saml: true + sanDNS: + - string + sanIP: + - string + sanURI: + - string + subjectCity: string + subjectCommonName: string + subjectCountry: string + subjectOrg: string + subjectOrgUnit: string + subjectState: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/session_service_node_info.py b/ansible_collections/cisco/ise/plugins/modules/session_service_node_info.py new file mode 100644 index 00000000..59be20e3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/session_service_node_info.py @@ -0,0 +1,130 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: session_service_node_info +short_description: Information module for Session Service Node +description: +- Get all Session Service Node. +- Get Session Service Node by id. +- Get Session Service Node by name. +- This API allows the client to get a PSN node details by ID. +- This API allows the client to get a PSN node details by name. +- This API allows the client to get all the PSN node details. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PsnNodeDetailsWithRadiusService + description: Complete reference of the PsnNodeDetailsWithRadiusService API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sessionservicenode +notes: + - SDK Method used are + psn_node_details_with_radius_service.PsnNodeDetailsWithRadiusService.get_session_service_node_by_id, + psn_node_details_with_radius_service.PsnNodeDetailsWithRadiusService.get_session_service_node_by_name, + psn_node_details_with_radius_service.PsnNodeDetailsWithRadiusService.get_session_service_node_generator, + + - Paths used are + get /ers/config/sessionservicenode, + get /ers/config/sessionservicenode/name/{name}, + get /ers/config/sessionservicenode/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Session Service Node + cisco.ise.session_service_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Session Service Node by id + cisco.ise.session_service_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Session Service Node by name + cisco.ise.session_service_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ipAddress": "string", + "gateWay": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "ipAddress": "string", + "gateWay": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl.py new file mode 100644 index 00000000..ba6fd695 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl.py @@ -0,0 +1,150 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl +short_description: Resource module for SGACL +description: +- Manage operations create, update and delete of the resource SGACL. +- This API creates a security group ACL. +- This API deletes a security group ACL. +- This API allows the client to update a security group ACL. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + aclcontent: + description: SGACL's aclcontent. + type: str + description: + description: SGACL's description. + type: str + generationId: + description: SGACL's generationId. + type: str + id: + description: SGACL's id. + type: str + ipVersion: + description: Allowed values - IPV4, - IPV6, - IP_AGNOSTIC. + type: str + isReadOnly: + description: IsReadOnly flag. + type: bool + modelledContent: + description: Modelled content of contract. + type: dict + name: + description: SGACL's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.create_security_groups_acl, + security_groups_acls.SecurityGroupsAcls.delete_security_groups_acl_by_id, + security_groups_acls.SecurityGroupsAcls.update_security_groups_acl_by_id, + + - Paths used are + post /ers/config/sgacl, + delete /ers/config/sgacl/{id}, + put /ers/config/sgacl/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + aclcontent: string + description: string + generationId: string + id: string + ipVersion: string + isReadOnly: true + modelledContent: {} + name: string + +- name: Delete by id + cisco.ise.sg_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + aclcontent: string + description: string + generationId: string + ipVersion: string + isReadOnly: true + modelledContent: {} + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "generationId": "string", + "aclcontent": "string", + "isReadOnly": true, + "modelledContent": {}, + "ipVersion": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_monitor_status_info.py new file mode 100644 index 00000000..d23f90b5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl_bulk_monitor_status_info +short_description: Information module for SGACL Bulk Monitor Status +description: +- Get SGACL Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.monitor_bulk_status_security_groups_acl, + + - Paths used are + get /ers/config/sgacl/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SGACL Bulk Monitor Status by id + cisco.ise.sg_acl_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_request.py new file mode 100644 index 00000000..7ffae318 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl_bulk_request +short_description: Resource module for SGACL Bulk Request +description: +- Manage operation update of the resource SGACL Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SGACL Bulk Request's operationType. + type: str + resourceMediaType: + description: SGACL Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.bulk_request_for_security_groups_acl, + + - Paths used are + put /ers/config/sgacl/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_acl_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl_info.py new file mode 100644 index 00000000..3ea64a8b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl_info.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl_info +short_description: Information module for SGACL +description: +- Get all SGACL. +- Get SGACL by id. +- This API allows the client to get a security group ACL by ID. +- This API allows the client to get all the security group ACLs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.get_security_groups_acl_by_id, + security_groups_acls.SecurityGroupsAcls.get_security_groups_acl_generator, + + - Paths used are + get /ers/config/sgacl, + get /ers/config/sgacl/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SGACL + cisco.ise.sg_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SGACL by id + cisco.ise.sg_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "generationId": "string", + "aclcontent": "string", + "isReadOnly": true, + "modelledContent": {}, + "ipVersion": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "generationId": "string", + "aclcontent": "string", + "isReadOnly": true, + "modelledContent": {}, + "ipVersion": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping.py new file mode 100644 index 00000000..8bd08e3a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping +short_description: Resource module for SG Mapping +description: +- Manage operations create, update and delete of the resource SG Mapping. +- This API creates an IP to SGT mapping. +- This API deletes an IP to SGT mapping. +- This API allows the client to update an IP to SGT mapping by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + deployTo: + description: Mandatory unless mappingGroup is set or unless deployType=ALL. + type: str + deployType: + description: Allowed values - ALL, - ND, - NDG. + type: str + hostIp: + description: Mandatory if hostName is empty -- valid IP. + type: str + hostName: + description: Mandatory if hostIp is empty. + type: str + id: + description: SG Mapping's id. + type: str + mappingGroup: + description: Mapping Group Id. Mandatory unless sgt and deployTo and deployType + are set. + type: str + name: + description: SG Mapping's name. + type: str + sgt: + description: Mandatory unless mappingGroup is set. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.create_ip_to_sgt_mapping, + ip_to_sgt_mapping.IpToSgtMapping.delete_ip_to_sgt_mapping_by_id, + ip_to_sgt_mapping.IpToSgtMapping.update_ip_to_sgt_mapping_by_id, + + - Paths used are + post /ers/config/sgmapping, + delete /ers/config/sgmapping/{id}, + put /ers/config/sgmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + hostIp: string + hostName: string + id: string + mappingGroup: string + name: string + sgt: string + +- name: Delete by id + cisco.ise.sg_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + hostIp: string + hostName: string + mappingGroup: string + name: string + sgt: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "hostName": "string", + "hostIp": "string", + "mappingGroup": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_monitor_status_info.py new file mode 100644 index 00000000..6814106a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_bulk_monitor_status_info +short_description: Information module for SG Mapping Bulk Monitor Status +description: +- Get SG Mapping Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.monitor_bulk_status_ip_to_sgt_mapping, + + - Paths used are + get /ers/config/sgmapping/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SG Mapping Bulk Monitor Status by id + cisco.ise.sg_mapping_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_request.py new file mode 100644 index 00000000..aa8d7f73 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_bulk_request +short_description: Resource module for SG Mapping Bulk Request +description: +- Manage operation update of the resource SG Mapping Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SG Mapping Bulk Request's operationType. + type: str + resourceMediaType: + description: SG Mapping Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.bulk_request_for_ip_to_sgt_mapping, + + - Paths used are + put /ers/config/sgmapping/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy.py new file mode 100644 index 00000000..d40159d1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_deploy +short_description: Resource module for SG Mapping Deploy +description: +- Manage operation update of the resource SG Mapping Deploy. +- This API allows the client to deploy an IP to SGT mapping by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.deploy_ip_to_sgt_mapping_by_id, + + - Paths used are + put /ers/config/sgmapping/{id}/deploy, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_deploy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_all.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_all.py new file mode 100644 index 00000000..20686b4c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_all.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_deploy_all +short_description: Resource module for SG Mapping Deploy All +description: +- Manage operation update of the resource SG Mapping Deploy All. +- This API allows the client to deploy all the IP to SGT mappings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.deploy_all_ip_to_sgt_mapping, + + - Paths used are + put /ers/config/sgmapping/deployall, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_deploy_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_status_info.py new file mode 100644 index 00000000..605873b8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_status_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_deploy_status_info +short_description: Information module for SG Mapping Deploy Status +description: +- Get all SG Mapping Deploy Status. +- This API allows the client to get the IP to SGT mapping deployment status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.get_deploy_status_ip_to_sgt_mapping, + + - Paths used are + put /ers/config/sgmapping/deploy/status, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping Deploy Status + cisco.ise.sg_mapping_deploy_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group.py new file mode 100644 index 00000000..2f20a796 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group.py @@ -0,0 +1,131 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group +short_description: Resource module for SG Mapping Group +description: +- Manage operations create, update and delete of the resource SG Mapping Group. +- This API creates an IP to SGT mapping group. +- This API deletes an IP to SGT mapping group. +- This API allows the client to update an IP to SGT mapping group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + deployTo: + description: Mandatory unless mappingGroup is set or unless deployType=ALL. + type: str + deployType: + description: Allowed values - ALL, - ND, - NDG. + type: str + id: + description: Id path parameter. + type: str + name: + description: SG Mapping Group's name. + type: str + sgt: + description: Mandatory unless mappingGroup is set. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.create_ip_to_sgt_mapping_group, + ip_to_sgt_mapping_group.IpToSgtMappingGroup.delete_ip_to_sgt_mapping_group_by_id, + ip_to_sgt_mapping_group.IpToSgtMappingGroup.update_ip_to_sgt_mapping_group_by_id, + + - Paths used are + post /ers/config/sgmappinggroup, + delete /ers/config/sgmappinggroup/{id}, + put /ers/config/sgmappinggroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_mapping_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + id: string + name: string + sgt: string + +- name: Delete by id + cisco.ise.sg_mapping_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_mapping_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + name: string + sgt: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_monitor_status_info.py new file mode 100644 index 00000000..856788bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_bulk_monitor_status_info +short_description: Information module for SG Mapping Group Bulk Monitor Status +description: +- Get SG Mapping Group Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.monitor_bulk_status_ip_to_sgt_mapping_group, + + - Paths used are + get /ers/config/sgmappinggroup/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SG Mapping Group Bulk Monitor Status by id + cisco.ise.sg_mapping_group_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_request.py new file mode 100644 index 00000000..f8f97da7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_bulk_request +short_description: Resource module for SG Mapping Group Bulk Request +description: +- Manage operation update of the resource SG Mapping Group Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SG Mapping Group Bulk Request's operationType. + type: str + resourceMediaType: + description: SG Mapping Group Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.bulk_request_for_ip_to_sgt_mapping_group, + + - Paths used are + put /ers/config/sgmappinggroup/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_group_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy.py new file mode 100644 index 00000000..2b35f9ba --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_deploy +short_description: Resource module for SG Mapping Group Deploy +description: +- Manage operation update of the resource SG Mapping Group Deploy. +- This API allows the client to deploy an IP to SGT mapping group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.deploy_ip_to_sgt_mapping_group_by_id, + + - Paths used are + put /ers/config/sgmappinggroup/{id}/deploy, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_group_deploy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_all.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_all.py new file mode 100644 index 00000000..666c65d7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_all.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_deploy_all +short_description: Resource module for SG Mapping Group Deploy All +description: +- Manage operation update of the resource SG Mapping Group Deploy All. +- This API allows the client to deploy all the IP to SGT mapping groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.deploy_all_ip_to_sgt_mapping_group, + + - Paths used are + put /ers/config/sgmappinggroup/deployall, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_group_deploy_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_status_info.py new file mode 100644 index 00000000..3f3cf6ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_status_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_deploy_status_info +short_description: Information module for SG Mapping Group Deploy Status +description: +- Get all SG Mapping Group Deploy Status. +- This API allows the client to get the IP to SGT mapping group deployment. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.get_deploy_status_ip_to_sgt_mapping_group, + + - Paths used are + put /ers/config/sgmappinggroup/deploy/status, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping Group Deploy Status + cisco.ise.sg_mapping_group_deploy_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_info.py new file mode 100644 index 00000000..725b00d8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_info.py @@ -0,0 +1,149 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_info +short_description: Information module for SG Mapping Group +description: +- Get all SG Mapping Group. +- Get SG Mapping Group by id. +- This API allows the client to get all the IP to SGT mapping groups. +- This API allows the client to get an IP to SGT mapping group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.get_ip_to_sgt_mapping_group_by_id, + ip_to_sgt_mapping_group.IpToSgtMappingGroup.get_ip_to_sgt_mapping_group_generator, + + - Paths used are + get /ers/config/sgmappinggroup, + get /ers/config/sgmappinggroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping Group + cisco.ise.sg_mapping_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SG Mapping Group by id + cisco.ise.sg_mapping_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_info.py new file mode 100644 index 00000000..3ebb64ac --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_info.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_info +short_description: Information module for SG Mapping +description: +- Get all SG Mapping. +- Get SG Mapping by id. +- This API allows the client to get all the IP to SGT mappings. +- This API allows the client to get an IP to SGT mapping by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.get_ip_to_sgt_mapping_by_id, + ip_to_sgt_mapping.IpToSgtMapping.get_ip_to_sgt_mapping_generator, + + - Paths used are + get /ers/config/sgmapping, + get /ers/config/sgmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping + cisco.ise.sg_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SG Mapping by id + cisco.ise.sg_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "hostName": "string", + "hostIp": "string", + "mappingGroup": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "hostName": "string", + "hostIp": "string", + "mappingGroup": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan.py new file mode 100644 index 00000000..4fb8805f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan.py @@ -0,0 +1,209 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan +short_description: Resource module for SG To VN To VLAN +description: +- Manage operations create, update and delete of the resource SG To VN To VLAN. +- This API creates a security group to virtual network. +- This API deletes a security group ACL to virtual network. +- This API allows the client to update a security group to virtual network. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: SG To VN To VLAN's description. + type: str + id: + description: SG To VN To VLAN's id. + type: str + name: + description: SG To VN To VLAN's name. + type: str + sgtId: + description: SG To VN To VLAN's sgtId. + type: str + virtualnetworklist: + description: SG To VN To VLAN's virtualnetworklist. + elements: dict + suboptions: + defaultVirtualNetwork: + description: DefaultVirtualNetwork flag. + type: bool + description: + description: SG To VN To VLAN's description. + type: str + id: + description: SG To VN To VLAN's id. + type: str + name: + description: SG To VN To VLAN's name. + type: str + vlans: + description: SG To VN To VLAN's vlans. + elements: dict + suboptions: + data: + description: Data flag. + type: bool + defaultVLAN: + description: DefaultVLAN flag. + type: bool + description: + description: SG To VN To VLAN's description. + type: str + id: + description: SG To VN To VLAN's id. + type: str + maxValue: + description: SG To VN To VLAN's maxValue. + type: int + name: + description: SG To VN To VLAN's name. + type: str + type: list + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.create_security_groups_to_vn_to_vlan, + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.delete_security_groups_to_vn_to_vlan_by_id, + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.update_security_groups_to_vn_to_vlan_by_id, + + - Paths used are + post /ers/config/sgtvnvlan, + delete /ers/config/sgtvnvlan/{id}, + put /ers/config/sgtvnvlan/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_to_vn_to_vlan: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + sgtId: string + virtualnetworklist: + - defaultVirtualNetwork: true + description: string + id: string + name: string + vlans: + - data: true + defaultVlan: true + description: string + id: string + maxValue: 0 + name: string + +- name: Delete by id + cisco.ise.sg_to_vn_to_vlan: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_to_vn_to_vlan: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + sgtId: string + virtualnetworklist: + - defaultVirtualNetwork: true + description: string + id: string + name: string + vlans: + - data: true + defaultVlan: true + description: string + id: string + maxValue: 0 + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sgtId": "string", + "virtualnetworklist": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVirtualNetwork": true, + "vlans": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVlan": true, + "maxValue": 0, + "data": true + } + ] + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py new file mode 100644 index 00000000..b97da0a7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan_bulk_monitor_status_info +short_description: Information module for SG To VN To VLAN Bulk Monitor Status +description: +- Get SG To VN To VLAN Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.monitor_bulk_status_security_groups_to_vn_to_vlan, + + - Paths used are + get /ers/config/sgtvnvlan/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SG To VN To VLAN Bulk Monitor Status by id + cisco.ise.sg_to_vn_to_vlan_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_request.py new file mode 100644 index 00000000..958cf405 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan_bulk_request +short_description: Resource module for SG To VN To VLAN Bulk Request +description: +- Manage operation update of the resource SG To VN To VLAN Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SG To VN To VLAN Bulk Request's operationType. + type: str + resourceMediaType: + description: SG To VN To VLAN Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.bulk_request_for_security_groups_to_vn_to_vlan, + + - Paths used are + put /ers/config/sgtvnvlan/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_to_vn_to_vlan_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_info.py new file mode 100644 index 00000000..18394741 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_info.py @@ -0,0 +1,175 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan_info +short_description: Information module for SG To VN To VLAN +description: +- Get all SG To VN To VLAN. +- Get SG To VN To VLAN by id. +- This API allows the client to get a security group to virtual network by ID. +- This API allows the client to get all the security group ACL to virtual. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.get_security_groups_to_vn_to_vlan_by_id, + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.get_security_groups_to_vn_to_vlan_generator, + + - Paths used are + get /ers/config/sgtvnvlan, + get /ers/config/sgtvnvlan/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SG To VN To VLAN + cisco.ise.sg_to_vn_to_vlan_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + register: result + +- name: Get SG To VN To VLAN by id + cisco.ise.sg_to_vn_to_vlan_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sgtId": "string", + "virtualnetworklist": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVirtualNetwork": true, + "vlans": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVlan": true, + "maxValue": 0, + "data": true + } + ] + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "sgtId": "string", + "virtualnetworklist": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVirtualNetwork": true, + "vlans": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVlan": true, + "maxValue": 0, + "data": true + } + ] + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt.py b/ansible_collections/cisco/ise/plugins/modules/sgt.py new file mode 100644 index 00000000..c7d7e013 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt +short_description: Resource module for SGt +description: +- Manage operations create, update and delete of the resource SGt. +- This API creates a security group. +- This API deletes a security group. +- This API allows the client to update a security group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + defaultSGACLs: + description: SGt's defaultSGACLs. + elements: dict + type: list + description: + description: SGt's description. + type: str + generationId: + description: SGt's generationId. + type: str + id: + description: SGt's id. + type: str + isReadOnly: + description: IsReadOnly flag. + type: bool + name: + description: SGt's name. + type: str + required: true + propogateToApic: + description: PropogateToApic flag. + type: bool + value: + description: Value range 2 ot 65519 or -1 to auto-generate. + type: int + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.create_security_group, + security_groups.SecurityGroups.delete_security_group_by_id, + security_groups.SecurityGroups.update_security_group_by_id, + + - Paths used are + post /ers/config/sgt, + delete /ers/config/sgt/{id}, + put /ers/config/sgt/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sgt: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultSGACLs: + - {} + description: string + generationId: string + id: string + isReadOnly: true + name: string + propogateToApic: true + value: 0 + +- name: Delete by id + cisco.ise.sgt: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sgt: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultSGACLs: + - {} + description: string + generationId: string + isReadOnly: true + name: string + propogateToApic: true + value: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "value": 0, + "generationId": "string", + "isReadOnly": true, + "propogateToApic": true, + "defaultSGACLs": [ + {} + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_monitor_status_info.py new file mode 100644 index 00000000..f8776d48 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt_bulk_monitor_status_info +short_description: Information module for SGt Bulk Monitor Status +description: +- Get SGt Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.monitor_bulk_status_security_group, + + - Paths used are + get /ers/config/sgt/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SGt Bulk Monitor Status by id + cisco.ise.sgt_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_request.py new file mode 100644 index 00000000..c295c10b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt_bulk_request +short_description: Resource module for SGt Bulk Request +description: +- Manage operation update of the resource SGt Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SGt Bulk Request's operationType. + type: str + resourceMediaType: + description: SGt Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.bulk_request_for_security_group, + + - Paths used are + put /ers/config/sgt/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sgt_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt_info.py b/ansible_collections/cisco/ise/plugins/modules/sgt_info.py new file mode 100644 index 00000000..0e483e94 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt_info.py @@ -0,0 +1,161 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt_info +short_description: Information module for SGt +description: +- Get all SGt. +- Get SGt by id. +- This API allows the client to get a security group by ID. +- This API allows the client to get all the security groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.get_security_group_by_id, + security_groups.SecurityGroups.get_security_groups_generator, + + - Paths used are + get /ers/config/sgt, + get /ers/config/sgt/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SGt + cisco.ise.sgt_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SGt by id + cisco.ise.sgt_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "value": 0, + "generationId": "string", + "isReadOnly": true, + "propogateToApic": true, + "defaultSGACLs": [ + {} + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "value": 0, + "generationId": "string", + "isReadOnly": true, + "propogateToApic": true, + "defaultSGACLs": [ + {} + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sms_provider_info.py b/ansible_collections/cisco/ise/plugins/modules/sms_provider_info.py new file mode 100644 index 00000000..6b6beed7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sms_provider_info.py @@ -0,0 +1,127 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sms_provider_info +short_description: Information module for SMS Provider +description: +- Get all SMS Provider. +- This API allows the client to get all the SMS providers. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sms_provider.SmsProvider.get_sms_provider_generator, + + - Paths used are + get /ers/config/smsprovider, + +""" + +EXAMPLES = r""" +- name: Get all SMS Provider + cisco.ise.sms_provider_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_group.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_group.py new file mode 100644 index 00000000..e684f937 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_group.py @@ -0,0 +1,309 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_group +short_description: Resource module for Sponsor Group +description: +- Manage operations create, update and delete of the resource Sponsor Group. +- This API creates a sponsor group. +- This API deletes a sponsor group by ID. +- This API allows the client to update a sponsor group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + autoNotification: + description: AutoNotification flag. + type: bool + createPermissions: + description: Sponsor Group's createPermissions. + suboptions: + canCreateRandomAccounts: + description: CanCreateRandomAccounts flag. + type: bool + canImportMultipleAccounts: + description: CanImportMultipleAccounts flag. + type: bool + canSetFutureStartDate: + description: CanSetFutureStartDate flag. + type: bool + canSpecifyUsernamePrefix: + description: CanSpecifyUsernamePrefix flag. + type: bool + defaultUsernamePrefix: + description: Sponsor Group's defaultUsernamePrefix. + type: str + importBatchSizeLimit: + description: Sponsor Group's importBatchSizeLimit. + type: int + randomBatchSizeLimit: + description: Sponsor Group's randomBatchSizeLimit. + type: int + startDateFutureLimitDays: + description: Sponsor Group's startDateFutureLimitDays. + type: int + type: dict + description: + description: Sponsor Group's description. + type: str + guestTypes: + description: Sponsor Group's guestTypes. + elements: str + type: list + id: + description: Sponsor Group's id. + type: str + isDefaultGroup: + description: IsDefaultGroup flag. + type: bool + isEnabled: + description: IsEnabled flag. + type: bool + locations: + description: Sponsor Group's locations. + elements: str + type: list + managePermission: + description: Sponsor Group's managePermission. + type: str + memberGroups: + description: Sponsor Group's memberGroups. + elements: str + type: list + name: + description: Sponsor Group's name. + type: str + otherPermissions: + description: Sponsor Group's otherPermissions. + suboptions: + canAccessViaREST: + description: CanAccessViaREST flag. + type: bool + canApproveSelfregGuests: + description: CanApproveSelfregGuests flag. + type: bool + canDeleteGuestAccounts: + description: CanDeleteGuestAccounts flag. + type: bool + canExtendGuestAccounts: + description: CanExtendGuestAccounts flag. + type: bool + canReinstateSuspendedAccounts: + description: CanReinstateSuspendedAccounts flag. + type: bool + canResetGuestPasswords: + description: CanResetGuestPasswords flag. + type: bool + canSendSMSNotifications: + description: CanSendSMSNotifications flag. + type: bool + canSuspendGuestAccounts: + description: CanSuspendGuestAccounts flag. + type: bool + canUpdateGuestContactInfo: + description: CanUpdateGuestContactInfo flag. + type: bool + canViewGuestPasswords: + description: CanViewGuestPasswords flag. + type: bool + limitApprovalToSponsorsGuests: + description: LimitApprovalToSponsorsGuests flag. + type: bool + requireSuspensionReason: + description: RequireSuspensionReason flag. + type: bool + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_group.SponsorGroup.create_sponsor_group, + sponsor_group.SponsorGroup.delete_sponsor_group_by_id, + sponsor_group.SponsorGroup.update_sponsor_group_by_id, + + - Paths used are + post /ers/config/sponsorgroup, + delete /ers/config/sponsorgroup/{id}, + put /ers/config/sponsorgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sponsor_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + autoNotification: true + createPermissions: + canCreateRandomAccounts: true + canImportMultipleAccounts: true + canSetFutureStartDate: true + canSpecifyUsernamePrefix: true + defaultUsernamePrefix: string + importBatchSizeLimit: 0 + randomBatchSizeLimit: 0 + startDateFutureLimitDays: 0 + description: string + guestTypes: + - string + id: string + isDefaultGroup: true + isEnabled: true + locations: + - string + managePermission: string + memberGroups: + - string + name: string + otherPermissions: + canAccessViaRest: true + canApproveSelfregGuests: true + canDeleteGuestAccounts: true + canExtendGuestAccounts: true + canReinstateSuspendedAccounts: true + canResetGuestPasswords: true + canSendSmsNotifications: true + canSuspendGuestAccounts: true + canUpdateGuestContactInfo: true + canViewGuestPasswords: true + limitApprovalToSponsorsGuests: true + requireSuspensionReason: true + +- name: Delete by id + cisco.ise.sponsor_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sponsor_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + autoNotification: true + createPermissions: + canCreateRandomAccounts: true + canImportMultipleAccounts: true + canSetFutureStartDate: true + canSpecifyUsernamePrefix: true + defaultUsernamePrefix: string + importBatchSizeLimit: 0 + randomBatchSizeLimit: 0 + startDateFutureLimitDays: 0 + description: string + guestTypes: + - string + isDefaultGroup: true + isEnabled: true + locations: + - string + managePermission: string + memberGroups: + - string + name: string + otherPermissions: + canAccessViaRest: true + canApproveSelfregGuests: true + canDeleteGuestAccounts: true + canExtendGuestAccounts: true + canReinstateSuspendedAccounts: true + canResetGuestPasswords: true + canSendSmsNotifications: true + canSuspendGuestAccounts: true + canUpdateGuestContactInfo: true + canViewGuestPasswords: true + limitApprovalToSponsorsGuests: true + requireSuspensionReason: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isEnabled": true, + "isDefaultGroup": true, + "memberGroups": [ + "string" + ], + "guestTypes": [ + "string" + ], + "locations": [ + "string" + ], + "autoNotification": true, + "createPermissions": { + "canImportMultipleAccounts": true, + "importBatchSizeLimit": 0, + "canCreateRandomAccounts": true, + "randomBatchSizeLimit": 0, + "defaultUsernamePrefix": "string", + "canSpecifyUsernamePrefix": true, + "canSetFutureStartDate": true, + "startDateFutureLimitDays": 0 + }, + "managePermission": "string", + "otherPermissions": { + "canUpdateGuestContactInfo": true, + "canViewGuestPasswords": true, + "canSendSmsNotifications": true, + "canResetGuestPasswords": true, + "canExtendGuestAccounts": true, + "canDeleteGuestAccounts": true, + "canSuspendGuestAccounts": true, + "requireSuspensionReason": true, + "canReinstateSuspendedAccounts": true, + "canApproveSelfregGuests": true, + "limitApprovalToSponsorsGuests": true, + "canAccessViaRest": true + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_group_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_info.py new file mode 100644 index 00000000..b6892c6f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_info.py @@ -0,0 +1,217 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_group_info +short_description: Information module for Sponsor Group +description: +- Get all Sponsor Group. +- Get Sponsor Group by id. +- This API allows the client to get a sponsor group by ID. +- This API allows the client to get all the sponsor groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_group.SponsorGroup.get_sponsor_group_by_id, + sponsor_group.SponsorGroup.get_sponsor_group_generator, + + - Paths used are + get /ers/config/sponsorgroup, + get /ers/config/sponsorgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Sponsor Group + cisco.ise.sponsor_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Sponsor Group by id + cisco.ise.sponsor_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isEnabled": true, + "isDefaultGroup": true, + "memberGroups": [ + "string" + ], + "guestTypes": [ + "string" + ], + "locations": [ + "string" + ], + "autoNotification": true, + "createPermissions": { + "canImportMultipleAccounts": true, + "importBatchSizeLimit": 0, + "canCreateRandomAccounts": true, + "randomBatchSizeLimit": 0, + "defaultUsernamePrefix": "string", + "canSpecifyUsernamePrefix": true, + "canSetFutureStartDate": true, + "startDateFutureLimitDays": 0 + }, + "managePermission": "string", + "otherPermissions": { + "canUpdateGuestContactInfo": true, + "canViewGuestPasswords": true, + "canSendSmsNotifications": true, + "canResetGuestPasswords": true, + "canExtendGuestAccounts": true, + "canDeleteGuestAccounts": true, + "canSuspendGuestAccounts": true, + "requireSuspensionReason": true, + "canReinstateSuspendedAccounts": true, + "canApproveSelfregGuests": true, + "limitApprovalToSponsorsGuests": true, + "canAccessViaRest": true + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "isEnabled": true, + "isDefaultGroup": true, + "memberGroups": [ + "string" + ], + "guestTypes": [ + "string" + ], + "locations": [ + "string" + ], + "autoNotification": true, + "createPermissions": { + "canImportMultipleAccounts": true, + "importBatchSizeLimit": 0, + "canCreateRandomAccounts": true, + "randomBatchSizeLimit": 0, + "defaultUsernamePrefix": "string", + "canSpecifyUsernamePrefix": true, + "canSetFutureStartDate": true, + "startDateFutureLimitDays": 0 + }, + "managePermission": "string", + "otherPermissions": { + "canUpdateGuestContactInfo": true, + "canViewGuestPasswords": true, + "canSendSmsNotifications": true, + "canResetGuestPasswords": true, + "canExtendGuestAccounts": true, + "canDeleteGuestAccounts": true, + "canSuspendGuestAccounts": true, + "requireSuspensionReason": true, + "canReinstateSuspendedAccounts": true, + "canApproveSelfregGuests": true, + "limitApprovalToSponsorsGuests": true, + "canAccessViaRest": true + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_group_member_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_member_info.py new file mode 100644 index 00000000..c49c76f4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_member_info.py @@ -0,0 +1,127 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_group_member_info +short_description: Information module for Sponsor Group Member +description: +- Get all Sponsor Group Member. +- This API allows the client to get all the sponsor group members. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_group_member.SponsorGroupMember.get_sponsor_group_member_generator, + + - Paths used are + get /ers/config/sponsorgroupmember, + +""" + +EXAMPLES = r""" +- name: Get all Sponsor Group Member + cisco.ise.sponsor_group_member_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_portal.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal.py new file mode 100644 index 00000000..22b53b5f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal.py @@ -0,0 +1,609 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_portal +short_description: Resource module for Sponsor Portal +description: +- Manage operations create, update and delete of the resource Sponsor Portal. +- This API creates a sponsor portal. +- This API deletes a sponsor portal by ID. +- This API allows the client to update a sponsor portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Sponsor Portal's customizations. + suboptions: + globalCustomizations: + description: Sponsor Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Sponsor Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Sponsor Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Sponsor Portal's bannerTitle. + type: str + contactText: + description: Sponsor Portal's contactText. + type: str + desktopLogoImage: + description: Sponsor Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Sponsor Portal's footerElement. + type: str + mobileLogoImage: + description: Sponsor Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Sponsor Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Sponsor Portal's pageCustomizations. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: Sponsor Portal's key. + type: str + value: + description: Sponsor Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Sponsor Portal's portalTheme. + suboptions: + id: + description: Sponsor Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Sponsor Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Sponsor Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Sponsor Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Sponsor Portal's description. + type: str + id: + description: Sponsor Portal's id. + type: str + name: + description: Sponsor Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a portal. + suboptions: + aupSettings: + description: Sponsor Portal's aupSettings. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: IncludeAup flag. + type: bool + requireScrolling: + description: RequireScrolling flag. + type: bool + type: dict + loginPageSettings: + description: Portal Login Page settings groups follow. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + requireAupScrolling: + description: RequireAupScrolling flag. + type: bool + socialConfigs: + description: Sponsor Portal's socialConfigs. + elements: dict + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + authenticationMethod: + description: Unique Id of the identity source sequence. + type: str + availableSSIDs: + description: Names of the SSIDs available for assignment to guest users + by sponsors. + elements: str + type: list + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + fqdn: + description: The fully-qualified domain name (FQDN) that end-users will + use to access this portal. Used only in Sponsor portal. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + idleTimeout: + description: Sponsor Portal's idleTimeout. + type: int + type: dict + postAccessBannerSettings: + description: Sponsor Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Sponsor Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + sponsorChangePasswordSettings: + description: Sponsor Portal's sponsorChangePasswordSettings. + suboptions: + allowSponsorToChangePwd: + description: Allow sponsors to change their own passwords. + type: bool + type: dict + supportInfoSettings: + description: Sponsor Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_portal.SponsorPortal.create_sponsor_portal, + sponsor_portal.SponsorPortal.delete_sponsor_portal_by_id, + sponsor_portal.SponsorPortal.update_sponsor_portal_by_id, + + - Paths used are + post /ers/config/sponsorportal, + delete /ers/config/sponsorportal/{id}, + put /ers/config/sponsorportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sponsor_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireAupScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + authenticationMethod: string + availableSsids: + - string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + fqdn: string + httpsPort: 0 + idleTimeout: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + sponsorChangePasswordSettings: + allowSponsorToChangePwd: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.sponsor_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sponsor_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireAupScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + authenticationMethod: string + availableSsids: + - string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + fqdn: string + httpsPort: 0 + idleTimeout: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + sponsorChangePasswordSettings: + allowSponsorToChangePwd: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "fqdn": "string", + "authenticationMethod": "string", + "idleTimeout": 0, + "displayLang": "string", + "fallbackLanguage": "string", + "availableSsids": [ + "string" + ] + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireAupScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "includeAup": true, + "requireScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "sponsorChangePasswordSettings": { + "allowSponsorToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal_info.py new file mode 100644 index 00000000..8fafce1d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal_info.py @@ -0,0 +1,335 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_portal_info +short_description: Information module for Sponsor Portal +description: +- Get all Sponsor Portal. +- Get Sponsor Portal by id. +- This API allows the client to get a sponsor portal by ID. +- This API allows the client to get all the sponsor portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_portal.SponsorPortal.get_sponsor_portal_by_id, + sponsor_portal.SponsorPortal.get_sponsor_portal_generator, + + - Paths used are + get /ers/config/sponsorportal, + get /ers/config/sponsorportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Sponsor Portal + cisco.ise.sponsor_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Sponsor Portal by id + cisco.ise.sponsor_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "fqdn": "string", + "authenticationMethod": "string", + "idleTimeout": 0, + "displayLang": "string", + "fallbackLanguage": "string", + "availableSsids": [ + "string" + ] + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireAupScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "includeAup": true, + "requireScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "sponsorChangePasswordSettings": { + "allowSponsorToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "fqdn": "string", + "authenticationMethod": "string", + "idleTimeout": 0, + "displayLang": "string", + "fallbackLanguage": "string", + "availableSsids": [ + "string" + ] + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireAupScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "includeAup": true, + "requireScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "sponsorChangePasswordSettings": { + "allowSponsorToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal.py b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal.py new file mode 100644 index 00000000..85f38644 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal.py @@ -0,0 +1,804 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsored_guest_portal +short_description: Resource module for Sponsored Guest Portal +description: +- Manage operations create, update and delete of the resource Sponsored Guest Portal. +- This API creates a sponsored guest portal. +- This API deletes a sponsored guest portal by ID. +- This API allows the client to update a sponsored guest portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: Sponsored Guest Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Sponsored Guest Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Sponsored Guest Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Sponsored Guest Portal's bannerTitle. + type: str + contactText: + description: Sponsored Guest Portal's contactText. + type: str + desktopLogoImage: + description: Sponsored Guest Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Sponsored Guest Portal's footerElement. + type: str + mobileLogoImage: + description: Sponsored Guest Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Sponsored Guest Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: Sponsored Guest Portal's key. + type: str + value: + description: Sponsored Guest Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Sponsored Guest Portal's portalTheme. + suboptions: + id: + description: Sponsored Guest Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Sponsored Guest Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Sponsored Guest Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Sponsored Guest Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Sponsored Guest Portal's description. + type: str + id: + description: Sponsored Guest Portal's id. + type: str + name: + description: Sponsored Guest Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a portal. + suboptions: + aupSettings: + description: Sponsored Guest Portal's aupSettings. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: IncludeAup flag. + type: bool + requireAupScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + requireScrolling: + description: RequireScrolling flag. + type: bool + skipAupForEmployees: + description: Only valid if requireAupAcceptance = true. + type: bool + useDiffAupForEmployees: + description: Only valid if requireAupAcceptance = true. + type: bool + type: dict + authSuccessSettings: + description: Sponsored Guest Portal's authSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = URL. + type: str + successRedirect: + description: After an Authentication Success where should device be redirected. + Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - URL. + type: str + type: dict + byodSettings: + description: Sponsored Guest Portal's byodSettings. + suboptions: + byodRegistrationSettings: + description: Configuration of BYOD endpoint Registration step configuration. + suboptions: + endPointIdentityGroupId: + description: Identity group id for which endpoint belongs. + type: str + showDeviceID: + description: Display Device ID field during registration. + type: bool + type: dict + byodRegistrationSuccessSettings: + description: Sponsored Guest Portal's byodRegistrationSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = + URL. + type: str + successRedirect: + description: After an Authentication Success where should device be + redirected. Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - + URL. + type: str + type: dict + byodWelcomeSettings: + description: Sponsored Guest Portal's byodWelcomeSettings. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a + link. Only valid if includeAup = true. Allowed values - ONPAGE, - + ASLINK. + type: str + enableBYOD: + description: EnableBYOD flag. + type: bool + enableGuestAccess: + description: EnableGuestAccess flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireMDM: + description: RequireMDM flag. + type: bool + requireScrolling: + description: Require BYOD devices to scroll down to the bottom of the + AUP. Only valid if includeAup = true. + type: bool + type: dict + type: dict + guestChangePasswordSettings: + description: Sponsored Guest Portal's guestChangePasswordSettings. + suboptions: + allowChangePasswdAtFirstLogin: + description: Allow guest to change their own passwords. + type: bool + type: dict + guestDeviceRegistrationSettings: + description: Sponsored Guest Portal's guestDeviceRegistrationSettings. + suboptions: + allowGuestsToRegisterDevices: + description: Allow guests to register devices. + type: bool + autoRegisterGuestDevices: + description: Automatically register guest devices. + type: bool + type: dict + loginPageSettings: + description: Portal Login Page settings groups follow. + suboptions: + accessCode: + description: Access code that must be entered by the portal user (only valid + if requireAccessCode = true). + type: str + allowAlternateGuestPortal: + description: AllowAlternateGuestPortal flag. + type: bool + allowForgotPassword: + description: AllowForgotPassword flag. + type: bool + allowGuestToChangePassword: + description: Require the portal user to enter an access code. + type: bool + allowGuestToCreateAccounts: + description: AllowGuestToCreateAccounts flag. + type: bool + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAccessCode: + description: RequireAccessCode flag. + type: bool + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + socialConfigs: + description: Sponsored Guest Portal's socialConfigs. + elements: dict + suboptions: + socialMediaType: + description: Sponsored Guest Portal's socialMediaType. + type: str + socialMediaValue: + description: Sponsored Guest Portal's socialMediaValue. + type: str + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Sponsored Guest Portal's alwaysUsedLanguage. + type: str + assignedGuestTypeForEmployee: + description: Unique Id of a guest type. Employees using this portal as a + guest inherit login options from the guest type. + type: str + authenticationMethod: + description: Unique Id of the identity source sequence. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: Sponsored Guest Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Sponsored Guest Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + supportInfoSettings: + description: Sponsored Guest Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsored_guest_portal.SponsoredGuestPortal.create_sponsored_guest_portal, + sponsored_guest_portal.SponsoredGuestPortal.delete_sponsored_guest_portal_by_id, + sponsored_guest_portal.SponsoredGuestPortal.update_sponsored_guest_portal_by_id, + + - Paths used are + post /ers/config/sponsoredguestportal, + delete /ers/config/sponsoredguestportal/{id}, + put /ers/config/sponsoredguestportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sponsored_guest_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.sponsored_guest_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sponsored_guest_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "aupSettings": { + "includeAup": true, + "requireAupScrolling": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "displayFrequencyIntervalDays": 0, + "requireScrolling": true, + "displayFrequency": "string" + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal_info.py new file mode 100644 index 00000000..d4e2649a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal_info.py @@ -0,0 +1,405 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsored_guest_portal_info +short_description: Information module for Sponsored Guest Portal +description: +- Get all Sponsored Guest Portal. +- Get Sponsored Guest Portal by id. +- This API allows the client to get a sponsored guest portal by ID. +- This API allows the client to get all the sponsored guest portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsored_guest_portal.SponsoredGuestPortal.get_sponsored_guest_portal_by_id, + sponsored_guest_portal.SponsoredGuestPortal.get_sponsored_guest_portals_generator, + + - Paths used are + get /ers/config/sponsoredguestportal, + get /ers/config/sponsoredguestportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Sponsored Guest Portal + cisco.ise.sponsored_guest_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Sponsored Guest Portal by id + cisco.ise.sponsored_guest_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "aupSettings": { + "includeAup": true, + "requireAupScrolling": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "displayFrequencyIntervalDays": 0, + "requireScrolling": true, + "displayFrequency": "string" + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "aupSettings": { + "includeAup": true, + "requireAupScrolling": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "displayFrequencyIntervalDays": 0, + "requireScrolling": true, + "displayFrequency": "string" + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/support_bundle.py b/ansible_collections/cisco/ise/plugins/modules/support_bundle.py new file mode 100644 index 00000000..81aaf5bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/support_bundle.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: support_bundle +short_description: Resource module for Support Bundle +description: +- Manage operation create of the resource Support Bundle. +- This API allows the client to create a support bundle trigger configuration. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Support Bundle's description. + type: str + hostName: + description: This parameter is hostName only, xxxx of xxxx.yyy.zz. + type: str + name: + description: Resource Name. + type: str + supportBundleIncludeOptions: + description: Support Bundle's supportBundleIncludeOptions. + suboptions: + fromDate: + description: Date from where support bundle should include the logs. + type: str + includeConfigDB: + description: Set to include Config DB in Support Bundle. + type: bool + includeCoreFiles: + description: Set to include Core files in Support Bundle. + type: bool + includeDebugLogs: + description: Set to include Debug logs in Support Bundle. + type: bool + includeLocalLogs: + description: Set to include Local logs in Support Bundle. + type: bool + includeSystemLogs: + description: Set to include System logs in Support Bundle. + type: bool + mntLogs: + description: Set to include Monitoring and troublshooting logs in Support Bundle. + type: bool + policyXml: + description: Set to include Policy XML in Support Bundle. + type: bool + toDate: + description: Date upto where support bundle should include the logs. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SupportBundleTriggerConfiguration + description: Complete reference of the SupportBundleTriggerConfiguration API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!supportbundle +notes: + - SDK Method used are + support_bundle_trigger_configuration.SupportBundleTriggerConfiguration.create_support_bundle, + + - Paths used are + post /ers/config/supportbundle, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.support_bundle: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + description: string + hostName: string + name: string + supportBundleIncludeOptions: + fromDate: string + includeConfigDB: true + includeCoreFiles: true + includeDebugLogs: true + includeLocalLogs: true + includeSystemLogs: true + mntLogs: true + policyXml: true + toDate: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/support_bundle_download.py b/ansible_collections/cisco/ise/plugins/modules/support_bundle_download.py new file mode 100644 index 00000000..c6b8b463 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/support_bundle_download.py @@ -0,0 +1,69 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: support_bundle_download +short_description: Resource module for Support Bundle Download +description: +- Manage operation update of the resource Support Bundle Download. +- This API allows the client to upload a support bundle. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + dirPath: + description: Directory absolute path. Defaults to the current working directory. + type: str + fileName: + description: Support Bundle Download's fileName. + type: str + filename: + description: The filename used to save the download file. + type: str + saveFile: + description: Enable or disable automatic file creation of raw response. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + support_bundle_download.SupportBundleDownload.download_support_bundle, + + - Paths used are + put /ers/config/supportbundledownload, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.support_bundle_download: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dirPath: /tmp/downloads/ + fileName: string + filename: download_filename.extension + saveFile: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/support_bundle_status_info.py b/ansible_collections/cisco/ise/plugins/modules/support_bundle_status_info.py new file mode 100644 index 00000000..0cdb8aaf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/support_bundle_status_info.py @@ -0,0 +1,117 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: support_bundle_status_info +short_description: Information module for Support Bundle Status +description: +- Get all Support Bundle Status. +- Get Support Bundle Status by id. +- This API allows the client to get a support bundle status by ID. +- This API allows the client to get all the support bundle status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + support_bundle_status.SupportBundleStatus.get_support_bundle_status_by_id, + support_bundle_status.SupportBundleStatus.get_support_bundle_status_generator, + + - Paths used are + get /ers/config/supportbundlestatus, + get /ers/config/supportbundlestatus/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Support Bundle Status + cisco.ise.support_bundle_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Support Bundle Status by id + cisco.ise.support_bundle_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "fileName": "string", + "fileSize": 0, + "hostName": "string", + "message": "string", + "startTime": "string", + "status": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "fileName": "string", + "fileSize": 0, + "hostName": "string", + "message": "string", + "startTime": "string", + "status": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections.py new file mode 100644 index 00000000..544a65b8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections.py @@ -0,0 +1,152 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections +short_description: Resource module for SXP Connections +description: +- Manage operations create, update and delete of the resource SXP Connections. +- This API creates a SXP connection. +- This API deletes a SXP connection. +- This API allows the client to update a SXP connection. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: SXP Connections's description. + type: str + enabled: + description: Enabled flag. + type: bool + id: + description: SXP Connections's id. + type: str + ipAddress: + description: SXP Connections's ipAddress. + type: str + sxpMode: + description: SXP Connections's sxpMode. + type: str + sxpNode: + description: SXP Connections's sxpNode. + type: str + sxpPeer: + description: SXP Connections's sxpPeer. + type: str + sxpVersion: + description: SXP Connections's sxpVersion. + type: str + sxpVpn: + description: SXP Connections's sxpVpn. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.create_sxp_connections, + sxp_connections.SxpConnections.delete_sxp_connections_by_id, + sxp_connections.SxpConnections.update_sxp_connections_by_id, + + - Paths used are + post /ers/config/sxpconnections, + delete /ers/config/sxpconnections/{id}, + put /ers/config/sxpconnections/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sxp_connections: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + enabled: true + id: string + ipAddress: string + sxpMode: string + sxpNode: string + sxpPeer: string + sxpVersion: string + sxpVpn: string + +- name: Delete by id + cisco.ise.sxp_connections: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sxp_connections: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + enabled: true + ipAddress: string + sxpMode: string + sxpNode: string + sxpPeer: string + sxpVersion: string + sxpVpn: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "sxpPeer": "string", + "sxpVpn": "string", + "sxpNode": "string", + "ipAddress": "string", + "sxpMode": "string", + "sxpVersion": "string", + "enabled": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_monitor_status_info.py new file mode 100644 index 00000000..bfa5183c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections_bulk_monitor_status_info +short_description: Information module for SXP Connections Bulk Monitor Status +description: +- Get SXP Connections Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.monitor_bulk_status_sxp_connections, + + - Paths used are + get /ers/config/sxpconnections/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SXP Connections Bulk Monitor Status by id + cisco.ise.sxp_connections_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_request.py new file mode 100644 index 00000000..02ca9ce0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections_bulk_request +short_description: Resource module for SXP Connections Bulk Request +description: +- Manage operation update of the resource SXP Connections Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SXP Connections Bulk Request's operationType. + type: str + resourceMediaType: + description: SXP Connections Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.bulk_request_for_sxp_connections, + + - Paths used are + put /ers/config/sxpconnections/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sxp_connections_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_info.py new file mode 100644 index 00000000..08a50da5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_info.py @@ -0,0 +1,155 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections_info +short_description: Information module for SXP Connections +description: +- Get all SXP Connections. +- Get SXP Connections by id. +- This API allows the client to get a SXP connection by ID. +- This API allows the client to get all the SXP connections. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.get_sxp_connections_by_id, + sxp_connections.SxpConnections.get_sxp_connections_generator, + + - Paths used are + get /ers/config/sxpconnections, + get /ers/config/sxpconnections/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SXP Connections + cisco.ise.sxp_connections_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SXP Connections by id + cisco.ise.sxp_connections_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "sxpPeer": "string", + "sxpVpn": "string", + "sxpNode": "string", + "ipAddress": "string", + "sxpMode": "string", + "sxpVersion": "string", + "enabled": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "description": "string", + "sxpPeer": "string", + "sxpVpn": "string", + "sxpNode": "string", + "ipAddress": "string", + "sxpMode": "string", + "sxpVersion": "string", + "enabled": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings.py new file mode 100644 index 00000000..5eff2ab4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings.py @@ -0,0 +1,143 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings +short_description: Resource module for SXP Local Bindings +description: +- Manage operations create, update and delete of the resource SXP Local Bindings. +- This API creates a SXP local binding. +- This API deletes a SXP local binding. +- This API allows the client to update a SXP local binding. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + bindingName: + description: This field is depricated from Cisco ISE 3.0. + type: str + description: + description: SXP Local Bindings's description. + type: str + id: + description: SXP Local Bindings's id. + type: str + ipAddressOrHost: + description: IP address for static mapping (hostname is not supported). + type: str + sgt: + description: SGT name or ID. + type: str + sxpVpn: + description: List of SXP Domains, separated with comma. At least one of sxpVpn or + vns should be defined. + type: str + vns: + description: List of Virtual Networks, separated with comma. At least one of sxpVpn + or vns should be defined. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.create_sxp_local_bindings, + sxp_local_bindings.SxpLocalBindings.delete_sxp_local_bindings_by_id, + sxp_local_bindings.SxpLocalBindings.update_sxp_local_bindings_by_id, + + - Paths used are + post /ers/config/sxplocalbindings, + delete /ers/config/sxplocalbindings/{id}, + put /ers/config/sxplocalbindings/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sxp_local_bindings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + bindingName: string + description: string + id: string + ipAddressOrHost: string + sgt: string + sxpVpn: string + vns: string + +- name: Delete by id + cisco.ise.sxp_local_bindings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sxp_local_bindings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + bindingName: string + description: string + id: string + ipAddressOrHost: string + sgt: string + sxpVpn: string + vns: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "bindingName": "string", + "ipAddressOrHost": "string", + "sxpVpn": "string", + "sgt": "string", + "vns": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py new file mode 100644 index 00000000..3cb621af --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings_bulk_monitor_status_info +short_description: Information module for SXP Local Bindings Bulk Monitor Status +description: +- Get SXP Local Bindings Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.monitor_bulk_status_sxp_local_bindings, + + - Paths used are + get /ers/config/sxplocalbindings/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SXP Local Bindings Bulk Monitor Status by id + cisco.ise.sxp_local_bindings_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_request.py new file mode 100644 index 00000000..374def10 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings_bulk_request +short_description: Resource module for SXP Local Bindings Bulk Request +description: +- Manage operation update of the resource SXP Local Bindings Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SXP Local Bindings Bulk Request's operationType. + type: str + resourceMediaType: + description: SXP Local Bindings Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.bulk_request_for_sxp_local_bindings, + + - Paths used are + put /ers/config/sxplocalbindings/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sxp_local_bindings_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_info.py new file mode 100644 index 00000000..0c422a49 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_info.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings_info +short_description: Information module for SXP Local Bindings +description: +- Get all SXP Local Bindings. +- Get SXP Local Bindings by id. +- This API allows the client to get a SXP local binding by ID. +- This API allows the client to get all the SXP local bindings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.get_sxp_local_bindings_by_id, + sxp_local_bindings.SxpLocalBindings.get_sxp_local_bindings_generator, + + - Paths used are + get /ers/config/sxplocalbindings, + get /ers/config/sxplocalbindings/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SXP Local Bindings + cisco.ise.sxp_local_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SXP Local Bindings by id + cisco.ise.sxp_local_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "bindingName": "string", + "ipAddressOrHost": "string", + "sxpVpn": "string", + "sgt": "string", + "vns": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "description": "string", + "bindingName": "string", + "ipAddressOrHost": "string", + "sxpVpn": "string", + "sgt": "string", + "vns": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns.py new file mode 100644 index 00000000..0b7a88dc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns +short_description: Resource module for SXP VPNs +description: +- Manage operations create and delete of the resource SXP VPNs. +- This API creates a SXP VPN. +- This API deletes a SXP VPN. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str + sxpVpnName: + description: SXP VPNs's sxpVpnName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.create_sxp_vpn, + sxp_vpns.SxpVpns.delete_sxp_vpn_by_id, + + - Paths used are + post /ers/config/sxpvpns, + delete /ers/config/sxpvpns/{id}, + +""" + +EXAMPLES = r""" +- name: Delete by id + cisco.ise.sxp_vpns: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sxp_vpns: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + sxpVpnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "sxpVpnName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_monitor_status_info.py new file mode 100644 index 00000000..9ec5a6fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns_bulk_monitor_status_info +short_description: Information module for SXP VPNs Bulk Monitor Status +description: +- Get SXP VPNs Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.monitor_bulk_status_sxp_vpns, + + - Paths used are + get /ers/config/sxpvpns/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SXP VPNs Bulk Monitor Status by id + cisco.ise.sxp_vpns_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_request.py new file mode 100644 index 00000000..0c8e957c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns_bulk_request +short_description: Resource module for SXP VPNs Bulk Request +description: +- Manage operation update of the resource SXP VPNs Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SXP VPNs Bulk Request's operationType. + type: str + resourceMediaType: + description: SXP VPNs Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.bulk_request_for_sxp_vpns, + + - Paths used are + put /ers/config/sxpvpns/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sxp_vpns_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_info.py new file mode 100644 index 00000000..0b233c13 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns_info +short_description: Information module for SXP VPNs +description: +- Get all SXP VPNs. +- Get SXP VPNs by id. +- This API allows the client to get a SXP VPN by ID. +- This API allows the client to get all the SXP VPNs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.get_sxp_vpn_by_id, + sxp_vpns.SxpVpns.get_sxp_vpns_generator, + + - Paths used are + get /ers/config/sxpvpns, + get /ers/config/sxpvpns/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SXP VPNs + cisco.ise.sxp_vpns_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + sortasc: string + sortdsc: string + register: result + +- name: Get SXP VPNs by id + cisco.ise.sxp_vpns_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "sxpVpnName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "sxpVpnName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate.py new file mode 100644 index 00000000..6022b8d3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate.py @@ -0,0 +1,185 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate +short_description: Resource module for System Certificate +description: +- Manage operations update and delete of the resource System Certificate. +- This API deletes a System Certificate of a particular node based on given HostName and ID. +- Update a System Certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowPortalTagTransferForSameSubject: + description: Allow overwriting the portal tag from matching certificate of same + subject. + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag (required). + type: bool + allowRoleTransferForSameSubject: + description: Allow transfer of roles for certificate with matching subject. + type: bool + allowWildcardDelete: + description: If the given certificate to be deleted is a wildcard certificate, corresponding + certificate gets deleted on rest of the nodes in the deployment as well. + type: bool + description: + description: Description of System Certificate. + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + expirationTTLPeriod: + description: System Certificate's expirationTTLPeriod. + type: int + expirationTTLUnits: + description: System Certificate's expirationTTLUnits. + type: str + hostName: + description: HostName path parameter. Name of Host whose certificate needs to be + updated. + type: str + id: + description: Id path parameter. ID of the System Certificate to be updated. + type: str + ims: + description: Use certificate for the Cisco ISE Messaging Service. + type: bool + name: + description: Name of the certificate. + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + renewSelfSignedCertificate: + description: Renew Self-signed Certificate. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.delete_system_certificate_by_id, + certificates.Certificates.update_system_certificate, + + - Paths used are + delete /api/v1/certs/system-certificate/{hostName}/{id}, + put /api/v1/certs/system-certificate/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.system_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + admin: true + allowPortalTagTransferForSameSubject: true + allowReplacementOfPortalGroupTag: true + allowRoleTransferForSameSubject: true + description: string + eap: true + expirationTTLPeriod: 0 + expirationTTLUnits: string + hostName: string + id: string + ims: true + name: string + portal: true + portalGroupTag: string + pxgrid: true + radius: true + renewSelfSignedCertificate: true + saml: true + +- name: Delete by id + cisco.ise.system_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + allowWildcardDelete: true + hostName: string + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "expirationDate": "string", + "friendlyName": "string", + "groupTag": "string", + "id": "string", + "issuedBy": "string", + "issuedTo": "string", + "keySize": 0, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "portalsUsingTheTag": "string", + "selfSigned": true, + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "usedBy": "string", + "validFrom": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_create.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_create.py new file mode 100644 index 00000000..75831861 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_create.py @@ -0,0 +1,142 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_create +short_description: Resource module for System Certificate Create +description: +- Manage operation create of the resource System Certificate Create. +- This API allows the client to create a system certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + ersLocalCertStub: + description: Inputs for certificate creation. + suboptions: + allowWildcardCerts: + description: System Certificate Create's allowWildcardCerts. + type: str + certificatePolicies: + description: System Certificate Create's certificatePolicies. + type: str + certificateSanDns: + description: System Certificate Create's certificateSanDns. + type: str + certificateSanIp: + description: System Certificate Create's certificateSanIp. + type: str + certificateSanUri: + description: System Certificate Create's certificateSanUri. + type: str + digest: + description: System Certificate Create's digest. + type: str + ersSubjectStub: + description: Subject data of certificate. + suboptions: + commonName: + description: System Certificate Create's commonName. + type: str + countryName: + description: System Certificate Create's countryName. + type: str + localityName: + description: System Certificate Create's localityName. + type: str + organizationName: + description: System Certificate Create's organizationName. + type: str + organizationalUnitName: + description: System Certificate Create's organizationalUnitName. + type: str + stateOrProvinceName: + description: System Certificate Create's stateOrProvinceName. + type: str + type: dict + expirationTTL: + description: System Certificate Create's expirationTTL. + type: int + friendlyName: + description: System Certificate Create's friendlyName. + type: str + groupTagDD: + description: System Certificate Create's groupTagDD. + type: str + keyLength: + description: System Certificate Create's keyLength. + type: str + keyType: + description: System Certificate Create's keyType. + type: str + samlCertificate: + description: System Certificate Create's samlCertificate. + type: str + selectedExpirationTTLUnit: + description: System Certificate Create's selectedExpirationTTLUnit. + type: str + xgridCertificate: + description: System Certificate Create's xgridCertificate. + type: str + type: dict + nodeId: + description: NodeId of Cisco ISE application. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + system_certificate.SystemCertificate.create_system_certificate, + + - Paths used are + post /ers/config/systemcertificate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.system_certificate_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + ersLocalCertStub: + allowWildcardCerts: string + certificatePolicies: string + certificateSanDns: string + certificateSanIp: string + certificateSanUri: string + digest: string + ersSubjectStub: + commonName: string + countryName: string + localityName: string + organizationName: string + organizationalUnitName: string + stateOrProvinceName: string + expirationTTL: 0 + friendlyName: string + groupTagDD: string + keyLength: string + keyType: string + samlCertificate: string + selectedExpirationTTLUnit: string + xgridCertificate: string + nodeId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_export_info.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_export_info.py new file mode 100644 index 00000000..793eaea3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_export_info.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_export_info +short_description: Information module for System Certificate Export Info +description: +- Get System Certificate Export Info. +- Export System Certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + dirPath: + description: Directory absolute path. Defaults to the current working directory. + type: str + export: + description: System Certificate Export Info's export. + type: str + filename: + description: The filename used to save the download file. + type: str + id: + description: System Certificate Export Info's id. + type: str + password: + description: System Certificate Export Info's password. + type: str + saveFile: + description: Enable or disable automatic file creation of raw response. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.export_system_certificate, + + - Paths used are + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.system_certificate_export_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dirPath: /tmp/downloads/ + export: string + filename: download_filename.extension + id: string + password: string + saveFile: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: str + sample: > + "'string'" +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_import.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_import.py new file mode 100644 index 00000000..9cb9d330 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_import.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_import +short_description: Resource module for System Certificate Import +description: +- Manage operation create of the resource System Certificate Import. +- Import an X509 certificate as a system certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowExtendedValidity: + description: Allow import of certificates with validity greater than 398 days (required). + type: bool + allowOutOfDateCert: + description: Allow out of date certificates (required). + type: bool + allowPortalTagTransferForSameSubject: + description: Allow overwriting the portal tag from matching certificate of same + subject. + type: bool + allowReplacementOfCertificates: + description: Allow Replacement of certificates (required). + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag (required). + type: bool + allowRoleTransferForSameSubject: + description: Allow transfer of roles for certificate with matching subject. + type: bool + allowSHA1Certificates: + description: Allow SHA1 based certificates (required). + type: bool + allowWildCardCertificates: + description: Allow Wildcard certificates. + type: bool + data: + description: Certificate Content (required). + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + ims: + description: Use certificate for the Cisco ISE Messaging Service. + type: bool + name: + description: Name of the certificate. + type: str + password: + description: Certificate Password (required). + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + privateKeyData: + description: Private Key data (required). + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool + validateCertificateExtensions: + description: Validate certificate extensions. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.import_system_certificate, + + - Paths used are + post /api/v1/certs/system-certificate/import, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.system_certificate_import: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + admin: true + allowExtendedValidity: true + allowOutOfDateCert: true + allowPortalTagTransferForSameSubject: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + allowRoleTransferForSameSubject: true + allowSHA1Certificates: true + allowWildCardCertificates: true + data: string + eap: true + ims: true + name: string + password: string + portal: true + portalGroupTag: string + privateKeyData: string + pxgrid: true + radius: true + saml: true + validateCertificateExtensions: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_info.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_info.py new file mode 100644 index 00000000..9c05839c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_info.py @@ -0,0 +1,175 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_info +short_description: Information module for System Certificate +description: +- Get System Certificate by id. +- Get System Certificate by name. +- This API provides details of a System Certificate of a particular node based on given HostName and ID. +- This API supports Filtering, Sorting and Pagination. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostName: + description: + - HostName path parameter. Name of the host of which system certificates should be returned. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. ID of the system certificate. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.get_system_certificate_by_id, + certificates.Certificates.get_system_certificates, + + - Paths used are + get /api/v1/certs/system-certificate/{hostName}, + get /api/v1/certs/system-certificate/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Get System Certificate by id + cisco.ise.system_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostName: string + id: string + register: result + +- name: Get System Certificate by name + cisco.ise.system_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + hostName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "expirationDate": "string", + "friendlyName": "string", + "groupTag": "string", + "id": "string", + "issuedBy": "string", + "issuedTo": "string", + "keySize": 0, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "portalsUsingTheTag": "string", + "selfSigned": true, + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "usedBy": "string", + "validFrom": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "expirationDate": "string", + "friendlyName": "string", + "groupTag": "string", + "id": "string", + "issuedBy": "string", + "issuedTo": "string", + "keySize": 0, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "portalsUsingTheTag": "string", + "selfSigned": true, + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "usedBy": "string", + "validFrom": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_config_version_info.py b/ansible_collections/cisco/ise/plugins/modules/system_config_version_info.py new file mode 100644 index 00000000..cbff1e72 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_config_version_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_config_version_info +short_description: Information module for System Config Version +description: +- Get all System Config Version. +- This API allows the client to get Cisco ISE version and patch information. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for VersionAndPatch + description: Complete reference of the VersionAndPatch API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!iseversion +notes: + - SDK Method used are + version_and_patch.VersionAndPatch.get_ise_version_and_patch, + + - Paths used are + get /ers/config/op/systemconfig/iseversion, + +""" + +EXAMPLES = r""" +- name: Get all System Config Version + cisco.ise.system_config_version_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets.py new file mode 100644 index 00000000..461d03bd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_command_sets +short_description: Resource module for TACACS Command Sets +description: +- Manage operations create, update and delete of the resource TACACS Command Sets. +- This API creates TACACS command sets. +- This API deletes TACACS command sets. +- This API allows the client to update TACACS command sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: TACACS Command Sets's commands. + suboptions: + commandList: + description: TACACS Command Sets's commandList. + elements: dict + suboptions: + arguments: + description: TACACS Command Sets's arguments. + type: str + command: + description: TACACS Command Sets's command. + type: str + grant: + description: Allowed values PERMIT, DENY, DENY_ALWAYS. + type: str + type: list + type: dict + description: + description: TACACS Command Sets's description. + type: str + id: + description: TACACS Command Sets's id. + type: str + name: + description: TACACS Command Sets's name. + type: str + permitUnmatched: + description: PermitUnmatched flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_command_sets.TacacsCommandSets.create_tacacs_command_sets, + tacacs_command_sets.TacacsCommandSets.delete_tacacs_command_sets_by_id, + tacacs_command_sets.TacacsCommandSets.update_tacacs_command_sets_by_id, + + - Paths used are + post /ers/config/tacacscommandsets, + delete /ers/config/tacacscommandsets/{id}, + put /ers/config/tacacscommandsets/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_command_sets: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + commandList: + - arguments: string + command: string + grant: string + description: string + id: string + name: string + permitUnmatched: true + +- name: Delete by id + cisco.ise.tacacs_command_sets: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_command_sets: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + commandList: + - arguments: string + command: string + grant: string + description: string + name: string + permitUnmatched: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "permitUnmatched": true, + "commands": { + "commandList": [ + { + "grant": "string", + "command": "string", + "arguments": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets_info.py new file mode 100644 index 00000000..59398596 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets_info.py @@ -0,0 +1,142 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_command_sets_info +short_description: Information module for TACACS Command Sets +description: +- Get all TACACS Command Sets. +- Get TACACS Command Sets by id. +- Get TACACS Command Sets by name. +- This API allows the client to get TACACS command sets by ID. +- This API allows the client to get TACACS command sets by name. +- This API allows the client to get all the TACACS command sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_command_sets.TacacsCommandSets.get_tacacs_command_sets_by_id, + tacacs_command_sets.TacacsCommandSets.get_tacacs_command_sets_by_name, + tacacs_command_sets.TacacsCommandSets.get_tacacs_command_sets_generator, + + - Paths used are + get /ers/config/tacacscommandsets, + get /ers/config/tacacscommandsets/name/{name}, + get /ers/config/tacacscommandsets/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS Command Sets + cisco.ise.tacacs_command_sets_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS Command Sets by id + cisco.ise.tacacs_command_sets_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS Command Sets by name + cisco.ise.tacacs_command_sets_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "permitUnmatched": true, + "commands": { + "commandList": [ + { + "grant": "string", + "command": "string", + "arguments": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "permitUnmatched": true, + "commands": { + "commandList": [ + { + "grant": "string", + "command": "string", + "arguments": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers.py new file mode 100644 index 00000000..51d311bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers.py @@ -0,0 +1,146 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_external_servers +short_description: Resource module for TACACS External Servers +description: +- Manage operations create, update and delete of the resource TACACS External Servers. +- This API creates TACACS external servers. +- This API deletes TACACS external servers. +- This API allows the client to update TACACS external servers. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + connectionPort: + description: The port to connect the server. + type: int + description: + description: TACACS External Servers's description. + type: str + hostIP: + description: The server IPV4 address. + type: str + id: + description: TACACS External Servers's id. + type: str + name: + description: TACACS External Servers's name. + type: str + sharedSecret: + description: The server shared secret. + type: str + singleConnect: + description: Define the use of single connection. + type: bool + timeout: + description: The server timeout. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_external_servers.TacacsExternalServers.create_tacacs_external_servers, + tacacs_external_servers.TacacsExternalServers.delete_tacacs_external_servers_by_id, + tacacs_external_servers.TacacsExternalServers.update_tacacs_external_servers_by_id, + + - Paths used are + post /ers/config/tacacsexternalservers, + delete /ers/config/tacacsexternalservers/{id}, + put /ers/config/tacacsexternalservers/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_external_servers: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionPort: 0 + description: string + hostIP: string + id: string + name: string + sharedSecret: string + singleConnect: true + timeout: 0 + +- name: Delete by id + cisco.ise.tacacs_external_servers: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_external_servers: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionPort: 0 + description: string + hostIP: string + name: string + sharedSecret: string + singleConnect: true + timeout: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "connectionPort": 0, + "singleConnect": true, + "sharedSecret": "string", + "timeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers_info.py new file mode 100644 index 00000000..5759de01 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers_info.py @@ -0,0 +1,132 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_external_servers_info +short_description: Information module for TACACS External Servers +description: +- Get all TACACS External Servers. +- Get TACACS External Servers by id. +- Get TACACS External Servers by name. +- This API allows the client to get TACACS external servers by ID. +- This API allows the client to get TACACS external servers by name. +- This API allows the client to get all the TACACS external servers. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_external_servers.TacacsExternalServers.get_tacacs_external_servers_by_id, + tacacs_external_servers.TacacsExternalServers.get_tacacs_external_servers_by_name, + tacacs_external_servers.TacacsExternalServers.get_tacacs_external_servers_generator, + + - Paths used are + get /ers/config/tacacsexternalservers, + get /ers/config/tacacsexternalservers/name/{name}, + get /ers/config/tacacsexternalservers/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS External Servers + cisco.ise.tacacs_external_servers_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS External Servers by id + cisco.ise.tacacs_external_servers_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS External Servers by name + cisco.ise.tacacs_external_servers_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "connectionPort": 0, + "singleConnect": true, + "sharedSecret": "string", + "timeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "connectionPort": 0, + "singleConnect": true, + "sharedSecret": "string", + "timeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_profile.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile.py new file mode 100644 index 00000000..8cb53b9b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile.py @@ -0,0 +1,153 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_profile +short_description: Resource module for TACACS Profile +description: +- Manage operations create, update and delete of the resource TACACS Profile. +- This API creates a TACACS profile. +- This API deletes a TACACS profile. +- This API allows the client to update a TACACS profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: TACACS Profile's description. + type: str + id: + description: TACACS Profile's id. + type: str + name: + description: TACACS Profile's name. + type: str + sessionAttributes: + description: Holds list of session attributes. View type for GUI is Shell by default. + suboptions: + sessionAttributeList: + description: TACACS Profile's sessionAttributeList. + elements: dict + suboptions: + name: + description: TACACS Profile's name. + type: str + type: + description: Allowed values MANDATORY, OPTIONAL. + type: str + value: + description: TACACS Profile's value. + type: str + type: list + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_profile.TacacsProfile.create_tacacs_profile, + tacacs_profile.TacacsProfile.delete_tacacs_profile_by_id, + tacacs_profile.TacacsProfile.update_tacacs_profile_by_id, + + - Paths used are + post /ers/config/tacacsprofile, + delete /ers/config/tacacsprofile/{id}, + put /ers/config/tacacsprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + sessionAttributes: + sessionAttributeList: + - name: string + type: string + value: string + +- name: Delete by id + cisco.ise.tacacs_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + sessionAttributes: + sessionAttributeList: + - name: string + type: string + value: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sessionAttributes": { + "sessionAttributeList": [ + { + "type": "string", + "name": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile_info.py new file mode 100644 index 00000000..a64d0f25 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile_info.py @@ -0,0 +1,140 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_profile_info +short_description: Information module for TACACS Profile +description: +- Get all TACACS Profile. +- Get TACACS Profile by id. +- Get TACACS Profile by name. +- This API allows the client to get a TACACS profile by ID. +- This API allows the client to get a TACACS profile by name. +- This API allows the client to get all the TACACS profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_profile.TacacsProfile.get_tacacs_profile_by_id, + tacacs_profile.TacacsProfile.get_tacacs_profile_by_name, + tacacs_profile.TacacsProfile.get_tacacs_profile_generator, + + - Paths used are + get /ers/config/tacacsprofile, + get /ers/config/tacacsprofile/name/{name}, + get /ers/config/tacacsprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS Profile + cisco.ise.tacacs_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS Profile by id + cisco.ise.tacacs_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS Profile by name + cisco.ise.tacacs_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sessionAttributes": { + "sessionAttributeList": [ + { + "type": "string", + "name": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "sessionAttributes": { + "sessionAttributeList": [ + { + "type": "string", + "name": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence.py new file mode 100644 index 00000000..0f9669f0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_server_sequence +short_description: Resource module for TACACS Server Sequence +description: +- Manage operations create, update and delete of the resource TACACS Server Sequence. +- This API creates a TACACS server sequence. +- This API deletes a TACACS server sequence. +- This API allows the client to update a TACACS server sequence. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: TACACS Server Sequence's description. + type: str + id: + description: TACACS Server Sequence's id. + type: str + localAccounting: + description: LocalAccounting flag. + type: bool + name: + description: TACACS Server Sequence's name. + type: str + prefixDelimiter: + description: The delimiter that will be used for prefix strip. + type: str + prefixStrip: + description: Define if a delimiter will be used for prefix strip. + type: bool + remoteAccounting: + description: RemoteAccounting flag. + type: bool + serverList: + description: The names of TACACS external servers separated by commas. The order + of the names in the string is the order of servers that will be used during authentication. + type: str + suffixDelimiter: + description: The delimiter that will be used for suffix strip. + type: str + suffixStrip: + description: Define if a delimiter will be used for suffix strip. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_server_sequence.TacacsServerSequence.create_tacacs_server_sequence, + tacacs_server_sequence.TacacsServerSequence.delete_tacacs_server_sequence_by_id, + tacacs_server_sequence.TacacsServerSequence.update_tacacs_server_sequence_by_id, + + - Paths used are + post /ers/config/tacacsserversequence, + delete /ers/config/tacacsserversequence/{id}, + put /ers/config/tacacsserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + localAccounting: true + name: string + prefixDelimiter: string + prefixStrip: true + remoteAccounting: true + serverList: string + suffixDelimiter: string + suffixStrip: true + +- name: Delete by id + cisco.ise.tacacs_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + localAccounting: true + name: string + prefixDelimiter: string + prefixStrip: true + remoteAccounting: true + serverList: string + suffixDelimiter: string + suffixStrip: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "serverList": "string", + "localAccounting": true, + "remoteAccounting": true, + "prefixStrip": true, + "prefixDelimiter": "string", + "suffixStrip": true, + "suffixDelimiter": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence_info.py new file mode 100644 index 00000000..618b4c59 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence_info.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_server_sequence_info +short_description: Information module for TACACS Server Sequence +description: +- Get all TACACS Server Sequence. +- Get TACACS Server Sequence by id. +- Get TACACS Server Sequence by name. +- This API allows the client to get a TACACS server sequence by ID. +- This API allows the client to get a TACACS server sequence by name. +- This API allows the client to get all the TACACS server sequences. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_server_sequence.TacacsServerSequence.get_tacacs_server_sequence_by_id, + tacacs_server_sequence.TacacsServerSequence.get_tacacs_server_sequence_by_name, + tacacs_server_sequence.TacacsServerSequence.get_tacacs_server_sequence_generator, + + - Paths used are + get /ers/config/tacacsserversequence, + get /ers/config/tacacsserversequence/name/{name}, + get /ers/config/tacacsserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS Server Sequence + cisco.ise.tacacs_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS Server Sequence by id + cisco.ise.tacacs_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS Server Sequence by name + cisco.ise.tacacs_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "serverList": "string", + "localAccounting": true, + "remoteAccounting": true, + "prefixStrip": true, + "prefixDelimiter": "string", + "suffixStrip": true, + "suffixDelimiter": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "serverList": "string", + "localAccounting": true, + "remoteAccounting": true, + "prefixStrip": true, + "prefixDelimiter": "string", + "suffixStrip": true, + "suffixDelimiter": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tasks_info.py b/ansible_collections/cisco/ise/plugins/modules/tasks_info.py new file mode 100644 index 00000000..98dabd3d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tasks_info.py @@ -0,0 +1,79 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tasks_info +short_description: Information module for Tasks +description: +- Get all Tasks. +- Get Tasks by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + taskId: + description: + - TaskId path parameter. The id of the task executed before. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for tasks + description: Complete reference of the tasks API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!task-service-openapi +notes: + - SDK Method used are + tasks.Tasks.get_task_status, + tasks.Tasks.get_task_status_by_id, + + - Paths used are + get /api/v1/task, + get /api/v1/task/{taskId}, + +""" + +EXAMPLES = r""" +- name: Get all Tasks + cisco.ise.tasks_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Tasks by id + cisco.ise.tasks_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + taskId: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "detailStatus": [ + {} + ], + "executionStatus": "string", + "failCount": 0, + "id": "string", + "moduleType": "string", + "resourcesCount": 0, + "startTime": "string", + "successCount": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/telemetry_info.py b/ansible_collections/cisco/ise/plugins/modules/telemetry_info.py new file mode 100644 index 00000000..4393577a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/telemetry_info.py @@ -0,0 +1,139 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: telemetry_info +short_description: Information module for Telemetry Info +description: +- Get all Telemetry Info. +- Get Telemetry Info by id. +- This API allows the client to get all the telemetry information. +- This API allows the client to get telemetry information by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for TelemetryInformation + description: Complete reference of the TelemetryInformation API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!telemetryinfo +notes: + - SDK Method used are + telemetry_information.TelemetryInformation.get_telemetry_info_by_id, + telemetry_information.TelemetryInformation.get_telemetry_information_generator, + + - Paths used are + get /ers/config/telemetryinfo, + get /ers/config/telemetryinfo/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Telemetry Info + cisco.ise.telemetry_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + register: result + +- name: Get Telemetry Info by id + cisco.ise.telemetry_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "status": "string", + "deploymentId": "string", + "udiSN": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "status": "string", + "deploymentId": "string", + "udiSN": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/threat_vulnerabilities_clear.py b/ansible_collections/cisco/ise/plugins/modules/threat_vulnerabilities_clear.py new file mode 100644 index 00000000..853c23ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/threat_vulnerabilities_clear.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: threat_vulnerabilities_clear +short_description: Resource module for Threat Vulnerabilities Clear +description: +- Manage operation update of the resource Threat Vulnerabilities Clear. +- This API allows the client to delete the ThreatContext and Threat events that. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + macAddresses: + description: Threat Vulnerabilities Clear's macAddresses. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for ClearThreatsAndVulnerabilities + description: Complete reference of the ClearThreatsAndVulnerabilities API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!clearthreatsandvulneribilities +notes: + - SDK Method used are + clear_threats_and_vulnerabilities.ClearThreatsAndVulnerabilities.clear_threats_and_vulnerabilities, + + - Paths used are + put /ers/config/threat/clearThreatsAndVulneribilities, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.threat_vulnerabilities_clear: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + macAddresses: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings.py b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings.py new file mode 100644 index 00000000..1db63b6e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings.py @@ -0,0 +1,77 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: transport_gateway_settings +short_description: Resource module for Transport Gateway Settings +description: +- Manage operation update of the resource Transport Gateway Settings. +- Transport Gateway acts a proxy for the communication between the ISE servers in your network and the Telemetry servers in case of air-gapped network. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + enableTransportGateway: + description: Indicates whether transport gateway is enabled or not. + type: bool + url: + description: URL of transport gateway. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for telemetry + description: Complete reference of the telemetry API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + telemetry.Telemetry.update_transport_gateway, + + - Paths used are + put /api/v1/system-settings/telemetry/transport-gateway, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.transport_gateway_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + enableTransportGateway: true + url: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "enableTransportGateway": true, + "url": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "enableTransportGateway": true, + "url": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings_info.py new file mode 100644 index 00000000..a5f69c02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: transport_gateway_settings_info +short_description: Information module for Transport Gateway Settings +description: +- Get all Transport Gateway Settings. +- Transport Gateway acts a proxy for the communication between the ISE servers in your network and the Telemetry servers in case of air-gapped network. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for telemetry + description: Complete reference of the telemetry API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + telemetry.Telemetry.get_transport_gateway, + + - Paths used are + get /api/v1/system-settings/telemetry/transport-gateway, + +""" + +EXAMPLES = r""" +- name: Get all Transport Gateway Settings + cisco.ise.transport_gateway_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "enableTransportGateway": true, + "url": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py new file mode 100644 index 00000000..d93fd1de --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py @@ -0,0 +1,219 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate +short_description: Resource module for Trusted Certificate +description: +- Manage operations update and delete of the resource Trusted Certificate. +- This API deletes a Trust Certificate from Trusted Certificate Store based on a given ID. +- Update a trusted certificate present in Cisco ISE trust store. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + authenticateBeforeCRLReceived: + description: Switch to enable or disable CRL verification if CRL is not received. + type: bool + automaticCRLUpdate: + description: Switch to enable or disable automatic CRL update. + type: bool + automaticCRLUpdatePeriod: + description: Automatic CRL update period. + type: int + automaticCRLUpdateUnits: + description: Unit of time for automatic CRL update. + type: str + crlDistributionUrl: + description: CRL Distribution URL. + type: str + crlDownloadFailureRetries: + description: If CRL download fails, wait time before retry. + type: int + crlDownloadFailureRetriesUnits: + description: Unit of time before retry if CRL download fails. + type: str + description: + description: Description for trust certificate. + type: str + downloadCRL: + description: Switch to enable or disable download of CRL. + type: bool + enableOCSPValidation: + description: Switch to enable or disable OCSP Validation. + type: bool + enableServerIdentityCheck: + description: Switch to enable or disable verification if HTTPS or LDAP server certificate + name fits the configured server URL. + type: bool + id: + description: Id path parameter. ID of the trust certificate. + type: str + ignoreCRLExpiration: + description: Switch to enable or disable ignore CRL expiration. + type: bool + name: + description: Friendly name of the certificate. + type: str + nonAutomaticCRLUpdatePeriod: + description: Non automatic CRL update period. + type: int + nonAutomaticCRLUpdateUnits: + description: Unit of time of non automatic CRL update. + type: str + rejectIfNoStatusFromOCSP: + description: Switch to reject certificate if there is no status from OCSP. + type: bool + rejectIfUnreachableFromOCSP: + description: Switch to reject certificate if unreachable from OCSP. + type: bool + selectedOCSPService: + description: Name of selected OCSP Service. + type: str + status: + description: Trusted Certificate's status. + type: str + trustForCertificateBasedAdminAuth: + description: Trust for Certificate based Admin authentication. + type: bool + trustForCiscoServicesAuth: + description: Trust for authentication of Cisco Services. + type: bool + trustForClientAuth: + description: Trust for client authentication and Syslog. + type: bool + trustForIseAuth: + description: Trust for authentication within Cisco ISE. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.delete_trusted_certificate_by_id, + certificates.Certificates.update_trusted_certificate, + + - Paths used are + delete /api/v1/certs/trusted-certificate/{id}, + put /api/v1/certs/trusted-certificate/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.trusted_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + authenticateBeforeCRLReceived: true + automaticCRLUpdate: true + automaticCRLUpdatePeriod: 0 + automaticCRLUpdateUnits: string + crlDistributionUrl: string + crlDownloadFailureRetries: 0 + crlDownloadFailureRetriesUnits: string + description: string + downloadCRL: true + enableOCSPValidation: true + enableServerIdentityCheck: true + id: string + ignoreCRLExpiration: true + name: string + nonAutomaticCRLUpdatePeriod: 0 + nonAutomaticCRLUpdateUnits: string + rejectIfNoStatusFromOCSP: true + rejectIfUnreachableFromOCSP: true + selectedOCSPService: string + status: string + trustForCertificateBasedAdminAuth: true + trustForCiscoServicesAuth: true + trustForClientAuth: true + trustForIseAuth: true + +- name: Delete by id + cisco.ise.trusted_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "authenticateBeforeCRLReceived": "string", + "automaticCRLUpdate": "string", + "automaticCRLUpdatePeriod": "string", + "automaticCRLUpdateUnits": "string", + "crlDistributionUrl": "string", + "crlDownloadFailureRetries": "string", + "crlDownloadFailureRetriesUnits": "string", + "description": "string", + "downloadCRL": "string", + "enableOCSPValidation": "string", + "enableServerIdentityCheck": "string", + "expirationDate": "string", + "friendlyName": "string", + "id": "string", + "ignoreCRLExpiration": "string", + "internalCA": true, + "isReferredInPolicy": true, + "issuedBy": "string", + "issuedTo": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "nonAutomaticCRLUpdatePeriod": "string", + "nonAutomaticCRLUpdateUnits": "string", + "rejectIfNoStatusFromOCSP": "string", + "rejectIfUnreachableFromOCSP": "string", + "selectedOCSPService": "string", + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "status": "string", + "subject": "string", + "trustedFor": "string", + "validFrom": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_export_info.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_export_info.py new file mode 100644 index 00000000..7912ff87 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_export_info.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate_export_info +short_description: Information module for Trusted Certificate Export +description: +- Get Trusted Certificate Export by id. +- The response of this API carries a trusted certificate file mapped to the. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. ID of the Trusted Certificate to be exported. + type: str + dirPath: + description: + - Directory absolute path. Defaults to the current working directory. + type: str + saveFile: + description: + - Enable or disable automatic file creation of raw response. + type: bool + filename: + description: + - The filename used to save the download file. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.export_trusted_certificate, + + - Paths used are + get /api/v1/certs/trusted-certificate/export/{id}, + +""" + +EXAMPLES = r""" +- name: Get Trusted Certificate Export by id + cisco.ise.trusted_certificate_export_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_import.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_import.py new file mode 100644 index 00000000..795ddb27 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_import.py @@ -0,0 +1,103 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate_import +short_description: Resource module for Trusted Certificate Import +description: +- Manage operation create of the resource Trusted Certificate Import. +- Import an X509 certificate as a trust certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowBasicConstraintCAFalse: + description: Allow certificates with Basic Constraints CA Field as False (required). + type: bool + allowOutOfDateCert: + description: Allow out of date certificates (required). + type: bool + allowSHA1Certificates: + description: Allow SHA1 based certificates (required). + type: bool + data: + description: Certificate content (required). + type: str + description: + description: Description of the certificate. + type: str + name: + description: Name of the certificate. + type: str + trustForCertificateBasedAdminAuth: + description: Trust for Certificate based Admin authentication. + type: bool + trustForCiscoServicesAuth: + description: Trust for authentication of Cisco Services. + type: bool + trustForClientAuth: + description: Trust for client authentication and Syslog. + type: bool + trustForIseAuth: + description: Trust for authentication within Cisco ISE. + type: bool + validateCertificateExtensions: + description: Validate trust certificate extension. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.import_trust_certificate, + + - Paths used are + post /api/v1/certs/trusted-certificate/import, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trusted_certificate_import: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowBasicConstraintCAFalse: true + allowOutOfDateCert: true + allowSHA1Certificates: true + data: string + description: string + name: string + trustForCertificateBasedAdminAuth: true + trustForCiscoServicesAuth: true + trustForClientAuth: true + trustForIseAuth: true + validateCertificateExtensions: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_info.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_info.py new file mode 100644 index 00000000..fceb4f0c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_info.py @@ -0,0 +1,205 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate_info +short_description: Information module for Trusted Certificate +description: +- Get all Trusted Certificate. +- Get Trusted Certificate by id. +- This API can displays details of a Trust Certificate based on a given ID. +- This API supports Filtering, Sorting and Pagination. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. ID of the trust certificate. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.get_trusted_certificate_by_id, + certificates.Certificates.get_trusted_certificates_generator, + + - Paths used are + get /api/v1/certs/trusted-certificate, + get /api/v1/certs/trusted-certificate/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trusted Certificate + cisco.ise.trusted_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trusted Certificate by id + cisco.ise.trusted_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "authenticateBeforeCRLReceived": "string", + "automaticCRLUpdate": "string", + "automaticCRLUpdatePeriod": "string", + "automaticCRLUpdateUnits": "string", + "crlDistributionUrl": "string", + "crlDownloadFailureRetries": "string", + "crlDownloadFailureRetriesUnits": "string", + "description": "string", + "downloadCRL": "string", + "enableOCSPValidation": "string", + "enableServerIdentityCheck": "string", + "expirationDate": "string", + "friendlyName": "string", + "id": "string", + "ignoreCRLExpiration": "string", + "internalCA": true, + "isReferredInPolicy": true, + "issuedBy": "string", + "issuedTo": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "nonAutomaticCRLUpdatePeriod": "string", + "nonAutomaticCRLUpdateUnits": "string", + "rejectIfNoStatusFromOCSP": "string", + "rejectIfUnreachableFromOCSP": "string", + "selectedOCSPService": "string", + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "status": "string", + "subject": "string", + "trustedFor": "string", + "validFrom": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "authenticateBeforeCRLReceived": "string", + "automaticCRLUpdate": "string", + "automaticCRLUpdatePeriod": "string", + "automaticCRLUpdateUnits": "string", + "crlDistributionUrl": "string", + "crlDownloadFailureRetries": "string", + "crlDownloadFailureRetriesUnits": "string", + "description": "string", + "downloadCRL": "string", + "enableOCSPValidation": "string", + "enableServerIdentityCheck": "string", + "expirationDate": "string", + "friendlyName": "string", + "id": "string", + "ignoreCRLExpiration": "string", + "internalCA": true, + "isReferredInPolicy": true, + "issuedBy": "string", + "issuedTo": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "nonAutomaticCRLUpdatePeriod": "string", + "nonAutomaticCRLUpdateUnits": "string", + "rejectIfNoStatusFromOCSP": "string", + "rejectIfUnreachableFromOCSP": "string", + "selectedOCSPService": "string", + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "status": "string", + "subject": "string", + "trustedFor": "string", + "validFrom": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app.py new file mode 100644 index 00000000..d82685f2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app.py @@ -0,0 +1,130 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_nbar_app +short_description: Resource module for Trustsec NBAR App +description: +- Manage operations create, update and delete of the resource Trustsec NBAR App. +- Create NBAR application. +- Update NBAR Application. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Trustsec NBAR App's description. + type: str + id: + description: Trustsec NBAR App's id. + type: str + name: + description: Trustsec NBAR App's name. + type: str + networkIdentities: + description: Array of NIs. + elements: dict + suboptions: + ports: + description: Trustsec NBAR App's ports. + type: str + protocol: + description: Trustsec NBAR App's protocol. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for nbarApp + description: Complete reference of the nbarApp API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + nbar_app.NbarApp.create_nbar_app, + nbar_app.NbarApp.delete_nbar_app_by_id, + nbar_app.NbarApp.update_nbar_app_by_id, + + - Paths used are + post /api/v1/trustsec/sgacl/nbarapp, + delete /api/v1/trustsec/sgacl/nbarapp/{id}, + put /api/v1/trustsec/sgacl/nbarapp/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_nbar_app: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + networkIdentities: + - ports: string + protocol: string + +- name: Update by id + cisco.ise.trustsec_nbar_app: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + networkIdentities: + - ports: string + protocol: string + +- name: Delete by id + cisco.ise.trustsec_nbar_app: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "description": "string", + "id": "string", + "name": "string", + "networkIdentities": [ + { + "ports": "string", + "protocol": "string" + } + ] + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app_info.py new file mode 100644 index 00000000..9c2b732b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app_info.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_nbar_app_info +short_description: Information module for Trustsec NBAR App +description: +- Get all Trustsec NBAR App. +- Get Trustsec NBAR App by id. +- Get NBAR Application by id. +- Get all NBAR Applications. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for nbarApp + description: Complete reference of the nbarApp API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + nbar_app.NbarApp.get_nbar_app_by_id, + nbar_app.NbarApp.get_nbar_apps_generator, + + - Paths used are + get /api/v1/trustsec/sgacl/nbarapp, + get /api/v1/trustsec/sgacl/nbarapp/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec NBAR App + cisco.ise.trustsec_nbar_app_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec NBAR App by id + cisco.ise.trustsec_nbar_app_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "description": "string", + "id": "string", + "name": "string", + "networkIdentities": [ + { + "ports": "string", + "protocol": "string" + } + ] + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "description": "string", + "id": "string", + "name": "string", + "networkIdentities": [ + { + "ports": "string", + "protocol": "string" + } + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping.py new file mode 100644 index 00000000..b9c65804 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping.py @@ -0,0 +1,130 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping +short_description: Resource module for Trustsec SG VN Mapping +description: +- Manage operations create, update and delete of the resource Trustsec SG VN Mapping. +- Create Security Group and Virtual Network mapping. +- Delete Security Group and Virtual Network mapping. +- Update Security Group and Virtual Network mapping. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Identifier of the SG-VN mapping. + type: str + lastUpdate: + description: Timestamp for the last update of the SG-VN mapping. + type: str + sgName: + description: Name of the associated Security Group to be used for identity if id + is not provided. + type: str + sgtId: + description: Identifier of the associated Security Group which is required unless + its name is provided. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required unless + its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity if id + is not provided. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.create_sg_vn_mapping, + sg_vn_mapping.SgVnMapping.delete_sg_vn_mapping_by_id, + sg_vn_mapping.SgVnMapping.update_sg_vn_mapping_by_id, + + - Paths used are + post /api/v1/trustsec/sgvnmapping, + delete /api/v1/trustsec/sgvnmapping/{id}, + put /api/v1/trustsec/sgvnmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +- name: Update by id + cisco.ise.trustsec_sg_vn_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +- name: Delete by id + cisco.ise.trustsec_sg_vn_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "lastUpdate": "string", + "sgName": "string", + "sgtId": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_create.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_create.py new file mode 100644 index 00000000..2adb8f02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_create.py @@ -0,0 +1,87 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_bulk_create +short_description: Resource module for Trustsec SG VN Mapping Bulk Create +description: +- Manage operation create of the resource Trustsec SG VN Mapping Bulk Create. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec SG VN Mapping Bulk Create's payload. + elements: dict + suboptions: + id: + description: Identifier of the SG-VN mapping. + type: str + lastUpdate: + description: Timestamp for the last update of the SG-VN mapping. + type: str + sgName: + description: Name of the associated Security Group to be used for identity if + id is not provided. + type: str + sgtId: + description: Identifier of the associated Security Group which is required unless + its name is provided. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.bulk_create_sg_vn_mappings, + + - Paths used are + post /api/v1/trustsec/sgvnmapping/bulk/create, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping_bulk_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py new file mode 100644 index 00000000..b5d8b48d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_bulk_delete +short_description: Resource module for Trustsec SG VN Mapping Bulk Delete +description: +- Manage operation create of the resource Trustsec SG VN Mapping Bulk Delete. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec SG VN Mapping Bulk Delete's payload. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.bulk_delete_sg_vn_mappings, + + - Paths used are + post /api/v1/trustsec/sgvnmapping/bulk/delete, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping_bulk_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_update.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_update.py new file mode 100644 index 00000000..05b1a97e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_update.py @@ -0,0 +1,87 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_bulk_update +short_description: Resource module for Trustsec SG VN Mapping Bulk Update +description: +- Manage operation create of the resource Trustsec SG VN Mapping Bulk Update. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec SG VN Mapping Bulk Update's payload. + elements: dict + suboptions: + id: + description: Identifier of the SG-VN mapping. + type: str + lastUpdate: + description: Timestamp for the last update of the SG-VN mapping. + type: str + sgName: + description: Name of the associated Security Group to be used for identity if + id is not provided. + type: str + sgtId: + description: Identifier of the associated Security Group which is required unless + its name is provided. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.bulk_update_sg_vn_mappings, + + - Paths used are + post /api/v1/trustsec/sgvnmapping/bulk/update, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping_bulk_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_info.py new file mode 100644 index 00000000..3ac8cb0c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_info +short_description: Information module for Trustsec SG VN Mapping +description: +- Get all Trustsec SG VN Mapping. +- Get Trustsec SG VN Mapping by id. +- Get Security Group and Virtual Network mapping by id. +- Get all Security Group and Virtual Network mappings. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.get_sg_vn_mapping_by_id, + sg_vn_mapping.SgVnMapping.get_sg_vn_mappings_generator, + + - Paths used are + get /api/v1/trustsec/sgvnmapping, + get /api/v1/trustsec/sgvnmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec SG VN Mapping + cisco.ise.trustsec_sg_vn_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec SG VN Mapping by id + cisco.ise.trustsec_sg_vn_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "lastUpdate": "string", + "sgName": "string", + "sgtId": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "lastUpdate": "string", + "sgName": "string", + "sgtId": "string", + "vnId": "string", + "vnName": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn.py new file mode 100644 index 00000000..7bd274ee --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn.py @@ -0,0 +1,113 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn +short_description: Resource module for Trustsec VN +description: +- Manage operations create, update and delete of the resource Trustsec VN. +- Create Virtual Network. +- Update Virtual Network. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalAttributes: + description: JSON String of additional attributes for the Virtual Network. + type: str + id: + description: Identifier of the Virtual Network. + type: str + lastUpdate: + description: Timestamp for the last update of the Virtual Network. + type: str + name: + description: Name of the Virtual Network. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.create_virtual_network, + virtual_network.VirtualNetwork.delete_virtual_network_by_id, + virtual_network.VirtualNetwork.update_virtual_network_by_id, + + - Paths used are + post /api/v1/trustsec/virtualnetwork, + delete /api/v1/trustsec/virtualnetwork/{id}, + put /api/v1/trustsec/virtualnetwork/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + additionalAttributes: string + id: string + lastUpdate: string + name: string + +- name: Update by id + cisco.ise.trustsec_vn: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + additionalAttributes: string + id: string + lastUpdate: string + name: string + +- name: Delete by id + cisco.ise.trustsec_vn: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "additionalAttributes": "string", + "id": "string", + "lastUpdate": "string", + "name": "string" + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_create.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_create.py new file mode 100644 index 00000000..3893db42 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_create.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_bulk_create +short_description: Resource module for Trustsec VN Bulk Create +description: +- Manage operation create of the resource Trustsec VN Bulk Create. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN Bulk Create's payload. + elements: dict + suboptions: + additionalAttributes: + description: JSON String of additional attributes for the Virtual Network. + type: str + id: + description: Identifier of the Virtual Network. + type: str + lastUpdate: + description: Timestamp for the last update of the Virtual Network. + type: str + name: + description: Name of the Virtual Network. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.bulk_create_virtual_networks, + + - Paths used are + post /api/v1/trustsec/virtualnetwork/bulk/create, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_bulk_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - additionalAttributes: string + id: string + lastUpdate: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_delete.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_delete.py new file mode 100644 index 00000000..88fa0ce8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_delete.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_bulk_delete +short_description: Resource module for Trustsec VN Bulk Delete +description: +- Manage operation create of the resource Trustsec VN Bulk Delete. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN Bulk Delete's payload. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.bulk_delete_virtual_networks, + + - Paths used are + post /api/v1/trustsec/virtualnetwork/bulk/delete, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_bulk_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_update.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_update.py new file mode 100644 index 00000000..c823d303 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_update.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_bulk_update +short_description: Resource module for Trustsec VN Bulk Update +description: +- Manage operation create of the resource Trustsec VN Bulk Update. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN Bulk Update's payload. + elements: dict + suboptions: + additionalAttributes: + description: JSON String of additional attributes for the Virtual Network. + type: str + id: + description: Identifier of the Virtual Network. + type: str + lastUpdate: + description: Timestamp for the last update of the Virtual Network. + type: str + name: + description: Name of the Virtual Network. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.bulk_update_virtual_networks, + + - Paths used are + post /api/v1/trustsec/virtualnetwork/bulk/update, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_bulk_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - additionalAttributes: string + id: string + lastUpdate: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_info.py new file mode 100644 index 00000000..7c877bc3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_info +short_description: Information module for Trustsec VN +description: +- Get all Trustsec VN. +- Get Trustsec VN by id. +- Get Virtual Network by id. +- Get all Virtual Networks. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.get_virtual_network_by_id, + virtual_network.VirtualNetwork.get_virtual_networks_generator, + + - Paths used are + get /api/v1/trustsec/virtualnetwork, + get /api/v1/trustsec/virtualnetwork/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec VN + cisco.ise.trustsec_vn_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec VN by id + cisco.ise.trustsec_vn_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "additionalAttributes": "string", + "id": "string", + "lastUpdate": "string", + "name": "string" + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "additionalAttributes": "string", + "id": "string", + "lastUpdate": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping.py new file mode 100644 index 00000000..712c562b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping.py @@ -0,0 +1,139 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping +short_description: Resource module for Trustsec VN VLAN Mapping +description: +- Manage operations create, update and delete of the resource Trustsec VN VLAN Mapping. +- Create VN-Vlan Mapping. +- Update VN-Vlan Mapping. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Identifier of the VN-VLAN Mapping. + type: str + isData: + description: Flag which indicates whether the VLAN is data or voice type. + type: bool + isDefaultVLAN: + description: Flag which indicates if the VLAN is default. + type: bool + lastUpdate: + description: Timestamp for the last update of the VN-VLAN Mapping. + type: str + maxValue: + description: Max value. + type: int + name: + description: Name of the VLAN. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required unless + its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity if id + is not provided. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.create_vn_vlan_mapping, + vn_vlan_mapping.VnVlanMapping.delete_vn_vlan_mapping_by_id, + vn_vlan_mapping.VnVlanMapping.update_vn_vlan_mapping_by_id, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping, + delete /api/v1/trustsec/vnvlanmapping/{id}, + put /api/v1/trustsec/vnvlanmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +- name: Update by id + cisco.ise.trustsec_vn_vlan_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +- name: Delete by id + cisco.ise.trustsec_vn_vlan_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isData": true, + "isDefaultVlan": true, + "lastUpdate": "string", + "maxValue": 0, + "name": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py new file mode 100644 index 00000000..bbe8e598 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py @@ -0,0 +1,93 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_bulk_create +short_description: Resource module for Trustsec VN VLAN Mapping Bulk Create +description: +- Manage operation create of the resource Trustsec VN VLAN Mapping Bulk Create. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN VLAN Mapping Bulk Create's payload. + elements: dict + suboptions: + id: + description: Identifier of the VN-VLAN Mapping. + type: str + isData: + description: Flag which indicates whether the VLAN is data or voice type. + type: bool + isDefaultVLAN: + description: Flag which indicates if the VLAN is default. + type: bool + lastUpdate: + description: Timestamp for the last update of the VN-VLAN Mapping. + type: str + maxValue: + description: Max value. + type: int + name: + description: Name of the VLAN. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.bulk_create_vn_vlan_mappings, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping/bulk/create, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping_bulk_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py new file mode 100644 index 00000000..88a6c1e3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_bulk_delete +short_description: Resource module for Trustsec VN VLAN Mapping Bulk Delete +description: +- Manage operation create of the resource Trustsec VN VLAN Mapping Bulk Delete. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN VLAN Mapping Bulk Delete's payload. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.bulk_delete_vn_vlan_mappings, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping/bulk/delete, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping_bulk_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py new file mode 100644 index 00000000..e99b6f6d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py @@ -0,0 +1,93 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_bulk_update +short_description: Resource module for Trustsec VN VLAN Mapping Bulk Update +description: +- Manage operation create of the resource Trustsec VN VLAN Mapping Bulk Update. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN VLAN Mapping Bulk Update's payload. + elements: dict + suboptions: + id: + description: Identifier of the VN-VLAN Mapping. + type: str + isData: + description: Flag which indicates whether the VLAN is data or voice type. + type: bool + isDefaultVLAN: + description: Flag which indicates if the VLAN is default. + type: bool + lastUpdate: + description: Timestamp for the last update of the VN-VLAN Mapping. + type: str + maxValue: + description: Max value. + type: int + name: + description: Name of the VLAN. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.bulk_update_vn_vlan_mappings, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping/bulk/update, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping_bulk_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_info.py new file mode 100644 index 00000000..c6047e4e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_info.py @@ -0,0 +1,149 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_info +short_description: Information module for Trustsec VN VLAN Mapping +description: +- Get all Trustsec VN VLAN Mapping. +- Get Trustsec VN VLAN Mapping by id. +- Get VN-Vlan Mapping by id. +- Get all VN-Vlan Mappings. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.get_vn_vlan_mapping_by_id, + vn_vlan_mapping.VnVlanMapping.get_vn_vlan_mappings_generator, + + - Paths used are + get /api/v1/trustsec/vnvlanmapping, + get /api/v1/trustsec/vnvlanmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec VN VLAN Mapping + cisco.ise.trustsec_vn_vlan_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec VN VLAN Mapping by id + cisco.ise.trustsec_vn_vlan_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isData": true, + "isDefaultVlan": true, + "lastUpdate": "string", + "maxValue": 0, + "name": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isData": true, + "isDefaultVlan": true, + "lastUpdate": "string", + "maxValue": 0, + "name": "string", + "vnId": "string", + "vnName": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/plugin_utils/__init__.py b/ansible_collections/cisco/ise/plugins/plugin_utils/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/ansible_collections/cisco/ise/plugins/plugin_utils/exceptions.py b/ansible_collections/cisco/ise/plugins/plugin_utils/exceptions.py new file mode 100644 index 00000000..32df901b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/plugin_utils/exceptions.py @@ -0,0 +1,18 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +class AnsibleISEException(Exception): + """Base class for all Ansible ISE package exceptions.""" + pass + + +class InconsistentParameters(AnsibleISEException): + """Provided parameters are not consistent.""" + pass diff --git a/ansible_collections/cisco/ise/plugins/plugin_utils/ise.py b/ansible_collections/cisco/ise/plugins/plugin_utils/ise.py new file mode 100644 index 00000000..2a2dce92 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/plugin_utils/ise.py @@ -0,0 +1,259 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +try: + from ciscoisesdk import api, exceptions +except ImportError: + ISE_SDK_IS_INSTALLED = False +else: + ISE_SDK_IS_INSTALLED = True +from ansible.module_utils.basic import AnsibleModule, env_fallback + +try: + from ansible.errors import AnsibleActionFail +except ImportError: + ANSIBLE_ERRORS_INSTALLED = False +else: + ANSIBLE_ERRORS_INSTALLED = True +try: + import logging +except ImportError: + LOGGING_IN_STANDARD = False +else: + LOGGING_IN_STANDARD = True + + +def is_list_complex(x): + return isinstance(x[0], dict) or isinstance(x[0], list) + + +def has_diff_elem(ls1, ls2): + return any((elem not in ls1 for elem in ls2)) + + +def compare_list(list1, list2): + len_list1 = len(list1) + len_list2 = len(list2) + if len_list1 != len_list2: + return False + + if len_list1 == 0: + return True + + attempt_std_cmp = list1 == list2 + if attempt_std_cmp: + return True + + if not is_list_complex(list1) and not is_list_complex(list2): + return set(list1) == set(list2) + + # Compare normally if it exceeds expected size * 2 (len_list1==len_list2) + MAX_SIZE_CMP = 100 + # Fail fast if elem not in list, thanks to any and generators + if len_list1 > MAX_SIZE_CMP: + return attempt_std_cmp + else: + # not changes 'has diff elem' to list1 != list2 ':lists are not equal' + has_diff_1 = has_diff_elem(list1, list2) + has_diff_2 = has_diff_elem(list2, list1) + return not has_diff_1 or not has_diff_2 + + +def fn_comp_key(k, dict1, dict2): + return ise_compare_equality(dict1.get(k), dict2.get(k)) + + +def ise_compare_equality(current_value, requested_value): + if requested_value is None: + return True + if current_value is None: + return True + if isinstance(current_value, dict) and isinstance(requested_value, dict): + all_dict_params = list(current_value.keys()) + list(requested_value.keys()) + return not any((not fn_comp_key(param, current_value, requested_value) for param in all_dict_params)) + elif isinstance(current_value, list) and isinstance(requested_value, list): + return compare_list(current_value, requested_value) + else: + return current_value == requested_value + + +def fn_comp_key2(k, dict1, dict2): + return ise_compare_equality2(dict1.get(k), dict2.get(k)) + + +def ise_compare_equality2(current_value, requested_value, is_query_param=False): + if is_query_param: + return True + if requested_value is None and current_value is None: + return True + if requested_value is None: + return False + if current_value is None: + return False + if isinstance(current_value, dict) and isinstance(requested_value, dict): + all_dict_params = list(current_value.keys()) + list(requested_value.keys()) + return not any((not fn_comp_key2(param, current_value, requested_value) for param in all_dict_params)) + elif isinstance(current_value, list) and isinstance(requested_value, list): + return compare_list(current_value, requested_value) + else: + return current_value == requested_value + + +def get_dict_result(result, key, value): + if isinstance(result, list): + if len(result) == 1: + if isinstance(result[0], dict): + result = result[0] + if result.get(key) is not None and result.get(key) != value: + result = None + else: + result = None + else: + for item in result: + if isinstance(item, dict) and (item.get(key) is None or item.get(key) == value): + result = item + return result + result = None + elif not isinstance(result, dict): + result = None + elif result.get(key) is not None and result.get(key) != value: + result = None + return result + + +def ise_argument_spec(): + argument_spec = dict( + ise_hostname=dict(type="str", fallback=(env_fallback, ['ISE_HOSTNAME']), required=True), + ise_username=dict(type="str", fallback=(env_fallback, ['ISE_USERNAME']), required=True), + ise_password=dict(type="str", fallback=(env_fallback, ['ISE_PASSWORD']), required=True, no_log=True), + ise_verify=dict(type="bool", default=True, fallback=(env_fallback, ['ISE_VERIFY'])), + ise_version=dict(type="str", default="3.1_Patch_1", fallback=(env_fallback, ['ISE_VERSION'])), + ise_wait_on_rate_limit=dict(type="bool", default=True, fallback=(env_fallback, ['ISE_WAIT_ON_RATE_LIMIT'])), + ise_uses_api_gateway=dict(type="bool", default=True, fallback=(env_fallback, ['ISE_USES_API_GATEWAY'])), + ise_uses_csrf_token=dict(type="bool", default=False, fallback=(env_fallback, ['ISE_USES_CSRF_TOKEN'])), + ise_debug=dict(type="bool", default=False, fallback=(env_fallback, ['ISE_DEBUG'])), + ) + return argument_spec + + +def get_ise_url(hostname, port=None): + url_result = "https://{hostname}".format(hostname=hostname) + if port: + url_result = url_result + ":{port}".format(port=port) + return url_result + + +class ISESDK(object): + def __init__(self, params): + self.result = dict(changed=False, result="") + if ISE_SDK_IS_INSTALLED: + ise_uses_api_gateway = params.get("ise_uses_api_gateway") + ui_base_url = None + ers_base_url = None + mnt_base_url = None + px_grid_base_url = None + if not ise_uses_api_gateway: + ui_base_url = get_ise_url(params.get("ise_hostname"), port="443") + ers_base_url = get_ise_url(params.get("ise_hostname"), port="9060") + mnt_base_url = get_ise_url(params.get("ise_hostname"), port="443") + px_grid_base_url = get_ise_url(params.get("ise_hostname"), port="8910") + + self.api = api.IdentityServicesEngineAPI( + username=params.get("ise_username"), + password=params.get("ise_password"), + base_url=get_ise_url(params.get("ise_hostname"), port=None), + ui_base_url=ui_base_url, + ers_base_url=ers_base_url, + mnt_base_url=mnt_base_url, + px_grid_base_url=px_grid_base_url, + verify=params.get("ise_verify"), + version=params.get("ise_version"), + wait_on_rate_limit=params.get("ise_wait_on_rate_limit"), + uses_api_gateway=ise_uses_api_gateway, + uses_csrf_token=params.get("ise_uses_csrf_token"), + debug=params.get("ise_debug"), + ) + if params.get("ise_debug") and LOGGING_IN_STANDARD: + logging.getLogger('ciscoisesdk').addHandler(logging.StreamHandler()) + else: + self.fail_json(msg="Cisco ISE Python SDK is not installed. Execute 'pip install ciscoisesdk'") + + def changed(self): + self.result["changed"] = True + + def object_created(self): + self.changed() + self.result["result"] = "Object created" + + def object_updated(self): + self.changed() + self.result["result"] = "Object updated" + + def object_deleted(self): + self.changed() + self.result["result"] = "Object deleted" + + def object_already_absent(self): + self.result["result"] = "Object already absent" + + def object_already_present(self): + self.result["result"] = "Object already present" + + def object_present_and_different(self): + self.result["result"] = "Object already present, but it has different values to the requested" + + def object_modify_result(self, changed=None, result=None): + if result is not None: + self.result["result"] = result + if changed: + self.changed() + + def exec(self, family, function, params=None, handle_func_exception=True): + try: + family = getattr(self.api, family) + func = getattr(family, function) + except Exception as e: + self.fail_json( + msg=( + "An error occured when retrieving operation." + " The error was: {error}" + ).format(error=e) + ) + + try: + if params: + response = func(**params) + else: + response = func() + except exceptions.ciscoisesdkException as e: + if handle_func_exception: + self.fail_json( + msg=( + "An error occured when executing operation." + " The error was: {error}" + ).format(error=e) + ) + else: + raise e + return response + + def fail_json(self, msg, **kwargs): + self.result.update(**kwargs) + raise AnsibleActionFail(msg, kwargs) + + def exit_json(self): + return self.result + + +def main(): + pass + + +if __name__ == "__main__": + main() diff --git a/ansible_collections/cisco/ise/plugins/plugin_utils/personas_utils.py b/ansible_collections/cisco/ise/plugins/plugin_utils/personas_utils.py new file mode 100644 index 00000000..1f30a10c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/plugin_utils/personas_utils.py @@ -0,0 +1,195 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +try: + from ansible.errors import AnsibleActionFail +except ImportError: + ANSIBLE_ERRORS_INSTALLED = False +else: + ANSIBLE_ERRORS_INSTALLED = True +try: + import requests +except ImportError: + REQUESTS_INSTALLED = False +else: + REQUESTS_INSTALLED = True +import json +import zipfile +import io + + +class Node(object): + def __init__(self, node): + requests.packages.urllib3.disable_warnings() + self.name = node.get("name") + self.ip = node.get("ip") + self.fqdn = node.get("fqdn") + self.hostname = node.get("hostname") + self.username = node.get("username") + self.password = node.get("password") + self.roles = node.get("roles") + self.services = node.get("services") + + def __str__(self): + return "{name} <{ip}>".format(name=self.name, ip=self.ip) + + def __repr__(self): + return "{name} <{ip}>".format(name=self.name, ip=self.ip) + + def is_standalone(self): + headers = {'Content-Type': 'application/json'} + url = "https://{ip}/api/v1/deployment/node/{hostname}".format(ip=self.ip, hostname=self.hostname) + response = False + try: + response = requests.get(url=url, headers=headers, auth=(self.username, self.password), verify=False) + except Exception as e: + raise AnsibleActionFail("Couldn't connect, the node might be still initializing, try again in a few minutes. Error received: {e}".format(e=e)) + if not response: + raise AnsibleActionFail("Couldn't get a valid response from the API. Maybe the node is still initializing, try again in a few minutes.") + else: + response = json.loads(response.text).get("response") + if "Standalone" in response.get("roles"): + return True + return False + + def app_server_is_running(self): + url = "https://{ip}/ers/config/op/systemconfig/iseversion".format(ip=self.ip) + headers = {'Accept': 'application/json'} + try: + response = requests.get(url=url, headers=headers, auth=(self.username, self.password), verify=False) + # Application Server is down but API Gateway is up + if response.status_code == 502: + return False + # The Application Server is up + if response.status_code == 200: + return True + # Any other case return False + else: + return False + # Both Application Server and API Gateway are down + except Exception as e: + return False + + def return_id_of_certificate(self): + url = "https://{ip}/api/v1/certs/system-certificate/{hostname}".format(ip=self.ip, hostname=self.hostname) + headers = {'Content-Type': 'application/json', 'Accept': 'application/json'} + try: + response = requests.get(url=url, timeout=15, headers=headers, auth=(self.username, self.password), verify=False) + except requests.exceptions.ReadTimeout: + raise AnsibleActionFail("The request timed out. Please verify that the API is enabled on the node.") + except Exception as e: + raise AnsibleActionFail(e) + json_response = json.loads(response.text) + for item in json_response.get("response"): + if item.get("friendlyName") == "Default self-signed server certificate": + return item.get("id") + + def register_to_primary(self, primary): + headers = {'Content-Type': 'application/json'} + url = "https://{primary_ip}/api/v1/deployment/node".format(primary_ip=primary.ip) + data = json.dumps({ + "fqdn": self.fqdn, + "userName": self.username, + "password": self.password, + "allowCertImport": True, + "roles": self.roles, + "services": self.services + }) + try: + response = requests.post(url=url, timeout=300, auth=(primary.username, primary.password), headers=headers, data=data, verify=False) + except Exception as e: + raise AnsibleActionFail(e) + if not response: + raise AnsibleActionFail("Failed to receive a valid response from the API. The actual response was: {response}".format(response=response.text)) + + def get_roles_services(self): + headers = {'Content-Type': 'application/json'} + url = "https://{ip}/api/v1/deployment/node/{hostname}".format(ip=self.ip, hostname=self.hostname) + response = False + try: + response = requests.get(url=url, headers=headers, auth=(self.username, self.password), verify=False) + except Exception as e: + raise AnsibleActionFail("Couldn't connect, the node might be still initializing, try again in a few minutes. Error received: {e}".format(e=e)) + if not response: + raise AnsibleActionFail("Couldn't get a valid response from the API. Maybe the node is still initializing, try again in a few minutes.") + else: + response = json.loads(response.text).get("response") + return response + + def update_roles_services(self): + headers = {'Content-Type': 'application/json'} + url = "https://{ip}/api/v1/deployment/node/{hostname}".format(ip=self.ip, hostname=self.hostname) + data = json.dumps({ + "roles": self.roles, + "services": self.services + }) + try: + response = requests.put(url=url, timeout=300, auth=(self.username, self.password), headers=headers, data=data, verify=False) + except Exception as e: + raise AnsibleActionFail(e) + if not response: + raise AnsibleActionFail("Failed to receive a valid response from the API. The actual response was: {response}".format(response=response.text)) + + def import_certificate_into_primary(self, primary_node): + cert_id = self.return_id_of_certificate() + data = json.dumps({"id": cert_id, "export": "CERTIFICATE"}) + url = "https://{ip}/api/v1/certs/system-certificate/export".format(ip=self.ip) + headers = {'Content-Type': 'application/json', 'Accept': 'application/json'} + try: + response = requests.post(url=url, timeout=15, data=data, headers=headers, auth=(self.username, self.password), verify=False) + except Exception as e: + AnsibleActionFail(e) + + if not response.status_code == 200: + raise AnsibleActionFail("Received status code {status_code} when exporting certificate.".format(status_code=str(response.status_code))) + + zf = zipfile.ZipFile(io.BytesIO(response.content), 'r') + cert_data = zf.read("Defaultselfsignedservercerti.pem") + data = json.dumps({ + "allowBasicConstraintCAFalse": True, + "allowOutOfDateCert": False, + "allowSHA1Certificates": True, + "trustForCertificateBasedAdminAuth": True, + "trustForCiscoServicesAuth": True, + "trustForClientAuth": True, + "data": cert_data.decode("utf-8"), + "trustForIseAuth": True, + "name": self.name, + "validateCertificateExtensions": True + }) + url = "https://{primary_ip}/api/v1/certs/trusted-certificate/import".format(primary_ip=primary_node.ip) + headers = {'Content-Type': 'application/json', 'Accept': 'application/json'} + try: + response = requests.post(url=url, + timeout=15, + data=data, + headers=headers, + auth=(self.primary_node.username, self.primary_node.password), + verify=False + ) + return_message = json.loads(response.text)["response"]["message"] + except Exception as e: + AnsibleActionFail(e) + + if not response.status_code == 200: + if not (return_message == 'Trust certificate was added successfully' or + return_message == "Certificates are having same subject, same serial number and they are binary equal. Hence skipping the replace"): + raise AnsibleActionFail("Unexpected response from API. Received response was {message}".format(message=return_message)) + + def promote_to_primary(self): + headers = {'Content-Type': 'application/json'} + url = "https://{ip}/api/v1/deployment/primary".format(ip=self.ip) + try: + response = requests.post(url=url, headers=headers, auth=(self.username, self.password), verify=False, timeout=60) + if response.status_code == 200: + return True + else: + raise AnsibleActionFail("Could not update node to PRIMARY") + except Exception as e: + raise AnsibleActionFail(e) diff --git a/ansible_collections/cisco/ise/requirements.txt b/ansible_collections/cisco/ise/requirements.txt new file mode 100644 index 00000000..2fdf7846 --- /dev/null +++ b/ansible_collections/cisco/ise/requirements.txt @@ -0,0 +1,2 @@ +ciscoisesdk >= 2.0.8 +requests >= 2.25.1 diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/README.md b/ansible_collections/cisco/ise/roles/aws_deployment/README.md new file mode 100644 index 00000000..da2ee7b9 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/README.md @@ -0,0 +1,149 @@ +# AWS Deployment Guide +## Introduction + +It is possible to deploy the Cisco Identity Service Enginer (ISE) on AWS using the official Cisco ISE AMI. The following guide explains how to use the Ansible role created for such task. + +## Goal + +The goals of this guide are: + +1. Install the ansible role +2. Configure the role +3. Deploy to AWS + +## Pre-requisites + +It is recommended that you review the following guide before starting this one: + +- [ISE Ansible Getting started guide](./ansible-start-guide.md) + +## Role information + +Within the recently installed Ansible collection, comes an AWS deployment role which can be configured using variables. + +The role can be used like this: + +```yaml +--- +- name: ISE Deployment Playbook + hosts: localhost + connection: local + + roles: + - cisco.ise.aws_deployment +``` + +The role accomplishes the following tasks: + +1. Create an AWS Virtual Private Cloud (VPC) +2. Create an AWS subnet within the previously created VPC +3. Create an AWS Security Group (SG) on the VPC . +4. Create and store in the local filesystem an AWS key pair. +5. Deploy the selected ISE servers configuration. + +## Variables + +The role behavior can be changed using the following variables: + +- **ise_base_hostname**: Servers base hostname. Default: ISE +- **ise_username**: Servers default username. Default: admin +- **ise_password**: Servers default password. Default: C1sco12345 +- **ise_ntp_server**: NTP server. Default: 10.10.0.1 +- **ise_dns_server**: DNS Server. Default: 10.10.0.1 +- **ise_domain**: Domain name. Default: example.com +- **ise_timezone**: Timezones based on RFC. Default: Etc/UTC +- **aws_ise_ami**: Cisco ISE AWS AMI ID, for example, ami-0a8b4f863885c3372 +- **aws_vpc_name**: AWS VPC. Default: ISE VPC +- **aws_vpc_cidr**: AWS VPC CIDR. Default: 10.10.0.0/16 +- **aws_subnet_cidr**: AWS Subnet CIDR. Default: 10.10.1.0/24 +- **aws_region**: AWS deployment region. Default: us-west-2 +- **aws_public_access_cidr**: Network from where public access will be available. Default: 0.0.0.0/0 +- **aws_keypair_name**: AWS SSH Key Pair name. Default: ISE-Deployment +- **aws_instance_type**: AWS Instance type for ISE servers. Default: c5.4xlarge + +### Using variables in Ansible + +There are several ways of modifying the default variables. You can check the [Ansible documentation](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html) for more information. + +#### Command line + +From the command line, it can be done with the `-e EXTRA_VARS` or `--extra-vars EXTRA_VARS` flag: +```cli +ansible-playbook -i hosts playbooks/aws_deployment.yml -e "aws_ise_ami='ami-0a8b4f863885c3372'" +``` +```cli +ansible-playbook -i hosts playbooks/aws_deployment.yml --extra-vars "aws_ise_ami='ami-0a8b4f863885c3372'" +``` + +#### Variables file + +It is possible to use a variables file: + +```yaml +--- +- name: ISE Deployment Playbook + hosts: localhost + connection: local + vars_files: + - my_vars.yml + + roles: + - cisco.ise.aws_deployment +``` + +#### Playbook variables + +You can define the variables in the playbook: + +```yaml +--- +- name: ISE Deployment Playbook + hosts: localhost + connection: local + vars: + aws_ise_ami: ami-0a8b4f863885c3372 + + roles: + - cisco.ise.aws_deployment +``` + +## Role usage + +There are 4 possible deployment types supported by this role: + +1. Single +2. Small +3. Medium +4. Large + +### Single deployment + +Set the `ise_deployment_type` variable to `single`. This deployment type creates one ISE server. + +```cli +ansible-playbook -i hosts playbooks/aws_deployment.yml -e "ise_deployment_type=single" +``` + +### Small deployment + +Set the `ise_deployment_type` variable to `small`. This deployment type creates two ISE servers. + +```cli +ansible-playbook -i hosts playbooks/aws_deployment.yml -e "ise_deployment_type=small" +``` + +### Medium deployment + +Set the `ise_deployment_type` variable to `medium`. This deployment type creates two servers with the PAN and MNT roles and up to five servers with the PSN role. It takes the extra variable `ise_psn_instances` to specify how many PSN servers should be created . For example, this would be the command for a deployment with two PSN servers: + +```cli +ansible-playbook -i hosts playbooks/aws_deployment.yml -e "ise_deployment_type=medium ise_psn_instances=2" +``` + +### Large deployment + +Set the `ise_deployment_type` variable to `large`. This deployment type creates two servers with the PAN role, two servers with the MNT role and up to 50 servers with the PSN role. It takes the extra variable `ise_psn_instances` to specify how many PSN servers should be created . For example, this would be the command for a deployment with two PSN servers: + +```cli +ansible-playbook -i hosts playbooks/aws_deployment.yml -e "ise_deployment_type=large ise_psn_instances=2" +``` diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/defaults/main.yml b/ansible_collections/cisco/ise/roles/aws_deployment/defaults/main.yml new file mode 100644 index 00000000..bd99e538 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/defaults/main.yml @@ -0,0 +1,18 @@ +ise_personas: ["pan-1", "pan-2", "mnt-1", "mnt-2", "psn-1", "psn-2"] +ise_base_hostname: ISE +ise_username: admin +ise_password: P@sbg1234 +ise_ntp_server: 10.10.0.1 +ise_dns_server: 208.67.220.220 +ise_domain: sstcloud.com +ise_timezone: America/Costa_Rica + + +aws_ise_ami: ami-0a8b4f863885c3372 +aws_vpc_name: ISE VPC +aws_vpc_cidr: 10.10.0.0/16 +aws_subnet_cidr: 10.10.1.0/24 +aws_region: us-west-2 +aws_public_access_cidr: 0.0.0.0/0 +aws_keypair_name: ise_deployment +aws_instance_type: c5.4xlarge diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/aws.yml b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/aws.yml new file mode 100644 index 00000000..6452bd55 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/aws.yml @@ -0,0 +1,75 @@ + - name: Create ISE VPC + amazon.aws.ec2_vpc_net: + name: "{{ aws_vpc_name }}" + cidr_block: "{{ aws_vpc_cidr }}" + region: "{{ aws_region }}" + tags: + name: ISE VPC + register: vpc + + - name: Create subnet for ISE servers + amazon.aws.ec2_vpc_subnet: + state: present + vpc_id: "{{ vpc.vpc.id }}" + cidr: "{{ aws_subnet_cidr }}" + region: "{{ aws_region }}" + tags: + Name: ISE Subnet + register: subnet + + - name: ISE VPC SG Group + amazon.aws.ec2_group: + name: ISE Public Access + description: ISE Security Group + vpc_id: "{{ vpc.vpc.id }}" + region: "{{ aws_region }}" + rules: + - proto: tcp + from_port: 443 + to_port: 443 + cidr_ip: "{{ aws_public_access_cidr}}" + rule_desc: Allow HTTPS access + - proto: tcp + from_port: 0 + to_port: 65535 + cidr_ip: "{{ aws_public_access_cidr}}" + rule_desc: Allow everything TCP + - proto: udp + from_port: 0 + to_port: 65535 + cidr_ip: "{{ aws_public_access_cidr}}" + rule_desc: Allow everything UDP + - proto: icmp + from_port: -1 + to_port: -1 + cidr_ip: "{{ aws_public_access_cidr}}" + tags: + Name: ISE VPC SG Group + register: public_sg + + - name: ISE ec2 key pair + amazon.aws.ec2_key: + name: "{{ aws_keypair_name }}" + register: keypair + + - name: Show keypair + ansible.builtin.debug: + var: keypair + + - name: Copy keypair to local file + copy: + dest: "./{{ aws_keypair_name }}.id_rsa" + content: "{{ keypair.key.private_key }}" + when: keypair.key.private_key is defined + + - include_tasks: single_node.yml + when: ise_deployment_type == "single" + + - include_tasks: small_deployment.yml + when: ise_deployment_type == "small" + + - include_tasks: medium_deployment.yml + when: ise_deployment_type == "medium" + + - include_tasks: large_deployment.yml + when: ise_deployment_type == "large" \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/large_deployment.yml b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/large_deployment.yml new file mode 100644 index 00000000..816736cf --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/large_deployment.yml @@ -0,0 +1,53 @@ +- name: Provision ISE PAN Servers + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ ise_base_hostname }} PAN Server {{item}}" + Roles: + - PAN + user_data: "hostname={{ ise_base_hostname | lower }}-pan-server-{{ item }}\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" + with_sequence: count=2 + +- name: Provision ISE MNT Servers + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ ise_base_hostname }} MNT Server {{ item }}" + Roles: + - MNT + user_data: "hostname={{ ise_base_hostname | lower }}-mnt-server-{{ item }}\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" + with_sequence: count=2 + +- name: "Provision ISE {{ise_psn_instances}} Servers" + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ ise_base_hostname}} PSN Server {{ item }}" + Roles: + - PSN + user_data: "hostname={{ ise_base_hostname | lower }}-psn-server-{{ item }}\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" + with_sequence: count="{{ise_psn_instances}}" \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/medium_deployment.yml b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/medium_deployment.yml new file mode 100644 index 00000000..3ca74346 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/medium_deployment.yml @@ -0,0 +1,56 @@ +- name: Provision ISE PAN/MNT Servers + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ ise_base_hostname }} Server {{item}}" + Roles: + - PAN + - MNT + user_data: "hostname={{ ise_base_hostname | lower }}-pan-server-{{ item }}\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" + with_sequence: count=2 + +- name: "Provision ISE {{ise_psn_instances}} Servers" + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ ise_base_hostname}} PSN Server {{ item }}" + Roles: + - PSN + user_data: "hostname={{ ise_base_hostname | lower }}-psn-server-{{ item }}\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" + with_sequence: count="{{ise_psn_instances}}" + when: ise_psn_instances | int < 4 + +- name: "Provision ISE {{ise_psn_instances}} Servers - 4 instances maximum" + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ ise_base_hostname}} PSN Server {{ item }}" + Roles: + - PSN + user_data: "hostname={{ ise_base_hostname | lower }}-psn-server-{{ item }}\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" + with_sequence: count=4 + when: ise_psn_instances | int >= 4 \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/single_node.yml b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/single_node.yml new file mode 100644 index 00000000..b7d43cc2 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/single_node.yml @@ -0,0 +1,14 @@ +- name: Provision ISE Server + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ ise_base_hostname }} Server" + user_data: "hostname={{ ise_base_hostname | lower }}-server\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/small_deployment.yml b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/small_deployment.yml new file mode 100644 index 00000000..13f83497 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/aws/small_deployment.yml @@ -0,0 +1,19 @@ +- name: Deploying ISE Servers + amazon.aws.ec2: + key_name: "{{ aws_keypair_name }}" + instance_type: "{{ aws_instance_type }}" + image: "{{ aws_ise_ami }}" + wait: yes + group: "ISE Public Access" + count: 1 + vpc_subnet_id: "{{ subnet.subnet.id }}" + assign_public_ip: yes + region: "{{ aws_region }}" + instance_tags: + Name: "{{ise_base_hostname}} Server {{ item }}" + Roles: + - PAN + - MNT + - PSN + user_data: "hostname={{ ise_base_hostname | lower}}-server-{{ item }}\nprimarynameserver={{ ise_dns_server }}\ndnsdomain={{ ise_domain }}\nntpserver={{ ise_ntp_server }}\ntimezone={{ ise_timezone }}\nusername={{ ise_username }}\npassword={{ ise_password }}" + with_sequence: count=2 \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/aws_deployment/tasks/main.yml b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/main.yml new file mode 100644 index 00000000..dee59d94 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/aws_deployment/tasks/main.yml @@ -0,0 +1,3 @@ +- name: Execute AWS tasks + import_tasks: aws/aws.yml + when: cloud_provider|lower == 'aws' \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/.travis.yml b/ansible_collections/cisco/ise/roles/personas_deployment/.travis.yml new file mode 100644 index 00000000..36bbf620 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/README.md b/ansible_collections/cisco/ise/roles/personas_deployment/README.md new file mode 100644 index 00000000..8ba37805 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/README.md @@ -0,0 +1,149 @@ +# Personas Deployment Guide +## Introduction + +Once all ISE nodes have been deployed to AWS, we can use Ansible to build a multi-node ISE cluster with distinct ISE personas, such as Policy Administration nodes (PAN), Monitoring and Troubleshooting nodes (MNT), and Policy Services nodes (PSN). + +**Note**: This role assumes the nodes have already been deployed to the AWS platform using the AWS Deployment role included in this collection. However, the role can be easily modified to suit any other needs, such as an on-prem deployment. + +## Goal + +The goals of this guide are: + +1. Install the Ansible ISE collection +2. Configure the Personas Deployment role +3. Build a cluster and assign the correspondent personas to each node + +## Pre-requisites + +It is recommended that you review the following guides before starting this one: + +- [ISE Ansible Getting Started Guide](./ansible_start_guide.md) +- [AWS Deployment Guide](./personas_deployment.md) + + +## Role information + +The Personas Deployment Ansible role acomplishes the following tasks: + +1. Checks whether or not all the nodes are in standalone mode. If not, the playbook exits with an error message. +2. Exports into the primary node the certificates of all the other nodes +3. Assigns the Primary PAN persona to one of the nodes +4. Assigns the corresponding personas to the rest of the nodes + +## Deployment types +This role supports the following deployment types: + +1. **Small**: Two nodes fulfilling the following roles: + * **Node 1**: PPAN, MNT-ACTIVE and PSN + * **Node 2**: SPAN, MNT-STANDBY and PSN +2. **Medium**: Up to seven nodes fulfilling the following roles: + * **Node 1**: PPAN and MNT-ACTIVE + * **Node 2**: SPAN and MNT-STANDBY + * **Node 3 through Node 7**: PSN +3. **Large**: Up to 54 nodes fulfilling the following roles: + * **Node 1**: PPAN + * **Node 2**: SPAN + * **Node 3**: MNT-ACTIVE + * **Node 4**: MNT-STANDBY + * **Node 5 to Node 54**: PSN + +## Variables + +Depending on the deployment type, the variables that need to be set are different. It is assumed that all nodes share the same credentials, as this is the default behavior of the AWS Deployment role. There are no default values for IP addresses, so all IP address variables must be specified. + +### Variables common to all deployment types + +- **ise_deployment_type**: Could be `small`, `medium` or `large`. Default: `small` +- **ise_username**: Username for the nodes. Default: `admin` +- **ise_password**: Password for the nodes. Default: `C1sco12345` +- **ise_domain**: Domain name. Default: `example.com` +- **ise_base_hostname**: The base hostname for the nodes. Default: `ISE` +- **pan1_ip**: Public IP address for the Primary PAN node. +- **pan2_ip**: Public IP address for the Secondary PAN node. + +### Additional variables for medium or large deployments + +- **psn1_ip**: Public IP address for the first PSN node +- **psn2_ip**: Public IP address for the second PSN node +- **psn*N*_ip**: Public IP address for the Nth PSN node + +### Additional variables specific for large deployments + +- **mnt1_ip**: Public IP address for the Active Monitoring node +- **mnt2_ip**: Public IP address for the Standby Monitoring node + + +## Role usage + +Create a playbook that contains all the pertinent variables required by this role: + +```yaml +# playbooks/personas_deployment.yml +# Example for a small deployment +--- +- name: ISE Personas Deployment Playbook + hosts: localhost + connection: local + vars: + ise_deployment: small + ise_username: admin + ise_password: C1sco123 + ise_domain: example.com + pan1_ip: 1.1.1.1 + pan2_ip: 2.2.2.2 + + roles: + - cisco.ise.personas_deployment +``` + +Run the Ansible playbook: + +```cli +ansible-playbook -i hosts playbooks/personas_deployment.yml +``` + +### Sample playbooks for medium and large deployments + +```yaml +# playbooks/personas_deployment.yml +# Example for a medium deployment +--- +- name: ISE Personas Deployment Playbook + hosts: localhost + connection: local + vars: + ise_deployment: medium + ise_username: admin + ise_password: C1sco123 + ise_domain: example.com + pan1_ip: 1.1.1.1 + pan2_ip: 2.2.2.2 + psn1_ip: 3.3.3.3 + psn2_ip: 4.4.4.4 + + roles: + - cisco.ise.personas_deployment +``` + +```yaml +# playbooks/personas_deployment.yml +# Example for a large deployment +--- +- name: ISE Personas Deployment Playbook + hosts: localhost + connection: local + vars: + ise_deployment: large + ise_username: admin + ise_password: C1sco123 + ise_domain: example.com + pan1_ip: 1.1.1.1 + pan2_ip: 2.2.2.2 + psn1_ip: 3.3.3.3 + psn2_ip: 4.4.4.4 + mnt1_ip: 5.5.5.5 + mnt2_ip: 6.6.6.6 + + roles: + - cisco.ise.personas_deployment +``` \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/defaults/main.yml b/ansible_collections/cisco/ise/roles/personas_deployment/defaults/main.yml new file mode 100644 index 00000000..5f9d4a53 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/defaults/main.yml @@ -0,0 +1,20 @@ +# Variables common to all deployment types +ise_deployment_type: small +ise_base_hostname: ISE +ise_username: admin +ise_password: C1sco12345 +ise_domain: example.com +pan1_ip: +pan2_ip: +pan2_local_ip: + +# Additional variables for medium and large deployments + +mnt1_ip: +mnt2_ip: +psn1_ip: +psn2_ip: +mnt1_local_ip: +mnt2_local_ip: +psn1_local_ip: +psn2_local_ip: diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/handlers/main.yml b/ansible_collections/cisco/ise/roles/personas_deployment/handlers/main.yml new file mode 100644 index 00000000..7b8621bb --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for personas_deployment diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/meta/main.yml b/ansible_collections/cisco/ise/roles/personas_deployment/meta/main.yml new file mode 100644 index 00000000..c572acc9 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/tasks/large_deployment.yml b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/large_deployment.yml new file mode 100644 index 00000000..21b9ed62 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/large_deployment.yml @@ -0,0 +1,123 @@ +- name: Check if all nodes are in STANDALONE state + cisco.ise.personas_check_standalone: + ip: "{{ item.ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + hostname: "{{ item.hostname }}" + loop: + # ISE PAN Server 1 + - ip: "{{ pan1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-pan-server-1" + # ISE PAN Server 2 + - ip: "{{ pan2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-pan-server-2" + # ISE MNT Server 1 + - ip: "{{ mnt1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-mnt-server-1" + # ISE MNT Server 2 + - ip: "{{ mnt2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-mnt-server-2" + # ISE PSN Server 1 + - ip: "{{ psn1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-1" + # ISE PSN Server 2 + - ip: "{{ psn2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-2" + +- name: Export trusted certificates into primary node + cisco.ise.personas_export_certs: + primary_ip: "{{ pan1_ip }}" + primary_username: "{{ ise_username }}" + primary_password: "{{ ise_password }}" + name: "{{ item.name }}" + ip: "{{ item.ip }}" + hostname: "{{ item.hostname }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + loop: + - name: ISE PAN Server 2 + ip: "{{ pan2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-pan-server-2" + - name: ISE MNT Server 1 + ip: "{{ mnt1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-mnt-server-1" + - name: ISE MNT Server 2 + ip: "{{ mnt2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-mnt-server-2" + - name: ISE PSN Server 1 + ip: "{{ psn1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-1" + - name: ISE PSN Server 2 + ip: "{{ psn2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-2" + +- name: Promote primary node + cisco.ise.personas_promote_primary: + ip: "{{ pan1_ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + +- name: Register the nodes to the cluster except the standby MNT + cisco.ise.personas_register_node: + primary_ip: "{{ pan1_ip }}" + primary_username: "{{ ise_username }}" + primary_password: "{{ ise_password }}" + fqdn: "{{ item.fqdn }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + roles: "{{ item.roles }}" + services: "{{ item.services }}" + loop: + # ISE PAN Server 2 + - fqdn: "{{ ise_base_hostname | lower }}-pan-server-2.{{ ise_domain }}" + roles: + - SecondaryAdmin + services: [] + # ISE MNT Server 1 + - fqdn: "{{ ise_base_hostname | lower }}-mnt-server-1.{{ ise_domain }}" + roles: + - PrimaryMonitoring + services: [] + # ISE PSN Server 1 + - fqdn: "{{ ise_base_hostname | lower }}-psn-server-1.{{ ise_domain }}" + roles: [] + services: + - Session + - Profiler + # ISE PSN Server 2 + - fqdn: "{{ ise_base_hostname | lower }}-psn-server-2.{{ ise_domain }}" + roles: [] + services: + - Session + - Profiler + +- name: Delete the MNT role from the primary node + cisco.ise.personas_update_roles_services: + ip: "{{ pan1_ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + hostname: "{{ ise_base_hostname | lower }}-pan-server-1" + roles: + - PrimaryAdmin + services: [] + +- name: Wait for primary application server to come up again + pause: + minutes: 10 + +- name: Register node 'MNT Server 2' as SecondaryMonitoring + cisco.ise.personas_register_node: + primary_ip: "{{ pan1_ip }}" + primary_username: "{{ ise_username }}" + primary_password: "{{ ise_password }}" + fqdn: "{{ item.fqdn }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + roles: "{{ item.roles }}" + services: "{{ item.services }}" + loop: + # ISE MNT Server 2 + - fqdn: "{{ ise_base_hostname | lower }}-mnt-server-2.{{ ise_domain }}" + roles: + - SecondaryMonitoring + services: [] \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/tasks/main.yml b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/main.yml new file mode 100644 index 00000000..d9ba41d7 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/main.yml @@ -0,0 +1,8 @@ +- include_tasks: small_deployment.yml + when: ise_deployment_type == "small" + +- include_tasks: medium_deployment.yml + when: ise_deployment_type == "medium" + +- include_tasks: large_deployment.yml + when: ise_deployment_type == "large" \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/tasks/medium_deployment.yml b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/medium_deployment.yml new file mode 100644 index 00000000..0f7a094d --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/medium_deployment.yml @@ -0,0 +1,87 @@ +- name: Check if all nodes are in STANDALONE state + cisco.ise.personas_check_standalone: + ip: "{{ item.ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + hostname: "{{ item.hostname }}" + loop: + # ISE PAN Server 1 + # - ip: "{{ pan1_ip }}" + # hostname: "{{ ise_base_hostname | lower }}-pan-server-1" + # ISE PAN Server 2 + - ip: "{{ pan2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-pan-server-2" + # ISE PSN Server 1 + - ip: "{{ psn1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-1" + # ISE PSN Server 2 + - ip: "{{ psn2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-2" + +- name: Export trusted certificates into primary node + cisco.ise.personas_export_certs: + primary_ip: "{{ pan1_ip }}" + primary_username: "{{ ise_username }}" + primary_password: "{{ ise_password }}" + name: "{{ item.name }}" + ip: "{{ item.ip }}" + hostname: "{{ item.hostname }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + loop: + - name: ISE PAN Server 2 + ip: "{{ pan2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-pan-server-2" + - name: ISE PSN Server 1 + ip: "{{ psn1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-1" + - name: ISE PSN Server 2 + ip: "{{ psn2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-psn-server-2" + +- name: Promote primary node + cisco.ise.personas_promote_primary: + ip: "{{ pan1_ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + +- name: Register the nodes to the cluster + cisco.ise.personas_register_node: + primary_ip: "{{ pan1_ip }}" + primary_username: "{{ ise_username }}" + primary_password: "{{ ise_password }}" + fqdn: "{{ item.fqdn }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + roles: "{{ item.roles }}" + services: "{{ item.services }}" + loop: + # ISE PAN Server 2 + - fqdn: "{{ ise_base_hostname | lower }}-pan-server-2.{{ ise_domain }}" + roles: + - SecondaryAdmin + - SecondaryMonitoring + services: [] + # ISE PSN Server 1 + - fqdn: "{{ ise_base_hostname | lower }}-psn-server-1.{{ ise_domain }}" + roles: [] + services: + - Session + - Profiler + # ISE PSN Server 2 + - fqdn: "{{ ise_base_hostname | lower }}-psn-server-2.{{ ise_domain }}" + roles: [] + services: + - Session + - Profiler + +- name: Remove the Session and Profiler services from the primary node + cisco.ise.personas_update_roles_services: + ip: "{{ pan1_ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + hostname: "{{ ise_base_hostname | lower }}-pan-server-1" + roles: + - PrimaryAdmin + - PrimaryMonitoring + services: [] diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/tasks/small_deployment.yml b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/small_deployment.yml new file mode 100644 index 00000000..2bd34cde --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/tasks/small_deployment.yml @@ -0,0 +1,54 @@ +- name: Check if all nodes are in STANDALONE state + cisco.ise.personas_check_standalone: + ip: "{{ item.ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + hostname: "{{ item.hostname }}" + loop: + # ISE Server 1 + - ip: "{{ pan1_ip }}" + hostname: "{{ ise_base_hostname | lower }}-server-1" + # ISE Server 2 + - ip: "{{ pan2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-server-2" + +- name: Export trusted certificates into primary node + cisco.ise.personas_export_certs: + primary_ip: "{{ pan1_ip }}" + primary_username: "{{ ise_username }}" + primary_password: "{{ ise_password }}" + name: "{{ item.name }}" + ip: "{{ item.ip }}" + hostname: "{{ item.hostname }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + loop: + - name: ISE Server 2 + ip: "{{ pan2_ip }}" + hostname: "{{ ise_base_hostname | lower }}-server-2" + +- name: Promote primary node + cisco.ise.personas_promote_primary: + ip: "{{ pan1_ip }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + +- name: Register the secondary PAN to the cluster + cisco.ise.personas_register_node: + primary_ip: "{{ pan1_ip }}" + primary_username: "{{ ise_username }}" + primary_password: "{{ ise_password }}" + fqdn: "{{ item.fqdn }}" + username: "{{ ise_username }}" + password: "{{ ise_password }}" + roles: "{{ item.roles }}" + services: "{{ item.services }}" + loop: + # ISE Server 2 + - fqdn: "{{ ise_base_hostname | lower }}-server-2.{{ ise_domain }}" + roles: + - SecondaryAdmin + - SecondaryMonitoring + services: + - Session + - Profiler \ No newline at end of file diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/tests/inventory b/ansible_collections/cisco/ise/roles/personas_deployment/tests/inventory new file mode 100644 index 00000000..878877b0 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/tests/test.yml b/ansible_collections/cisco/ise/roles/personas_deployment/tests/test.yml new file mode 100644 index 00000000..d0504d76 --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - personas_deployment diff --git a/ansible_collections/cisco/ise/roles/personas_deployment/vars/main.yml b/ansible_collections/cisco/ise/roles/personas_deployment/vars/main.yml new file mode 100644 index 00000000..c7ab1dfd --- /dev/null +++ b/ansible_collections/cisco/ise/roles/personas_deployment/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for personas_deployment diff --git a/ansible_collections/cisco/ise/tests/sanity/ignore-2.10.txt b/ansible_collections/cisco/ise/tests/sanity/ignore-2.10.txt new file mode 100644 index 00000000..2482cbb3 --- /dev/null +++ b/ansible_collections/cisco/ise/tests/sanity/ignore-2.10.txt @@ -0,0 +1,768 @@ +plugins/plugin_utils/ise.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/plugin_utils/ise.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_test_connectivity.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_add_groups.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_groups_by_domain_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_is_user_member_of_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain_with_all_nodes.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain_with_all_nodes.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_trusted_domains_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_user_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/admin_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_apply.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_clear.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_cancel.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_last_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_restore.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/bind_signed_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/byod_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/byod_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_template_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_generate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_generate_intermediate_ca.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/deployment_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_command_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authentication_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authorization_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authorization_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_identity_stores_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_service_names_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clear_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_set_all_status.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_deregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_get_rejected_endpoints_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_register.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_release_rejected_endpoint.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/filter_policy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/filter_policy_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_location_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_email.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_sms.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_change_sponsor_password.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_deny.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_email.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reinstate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reset_password.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_sms.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_suspend.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_install.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_rollback.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/identity_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/identity_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/internal_user.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/internal_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/ise_root_ca_regenerate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_connection_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_eval_license_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_feature_to_tier_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_account_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_athentication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_authentication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_failure_reasons_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_list_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_auth_list_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_nas_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_username_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_delete_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_disconnect_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_posture_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_profiler_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_reauthentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_sessions_by_session_id_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authentication_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authorization_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authorization_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_identity_stores_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_reset_hitcounts.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_security_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_service_name_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_sync.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_primary_to_standalone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_promotion.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_replication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_secondary_to_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_interfaces_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_standalone_to_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_sync.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_install.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_rollback.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_check_standalone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_export_certs.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_promote_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_update_roles_services.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_register_node.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_theme.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_theme_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/profiler_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_settings_auto_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_settings_auto_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_access_secret.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_activate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_authorization.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_matrices_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_policies_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoint_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_os_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_failures_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_healths_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_performances_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_group_acls_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_lookup.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_register.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_reregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_unregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_for_recovery_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_sessions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_group_by_username_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/renew_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository_files_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/resource_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/selfsigned_certificate_generate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/session_service_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sms_provider_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_member_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_download.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_import.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_config_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tasks_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/telemetry_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/threat_vulnerabilities_clear.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_import.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_test_connectivity.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_add_groups.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_groups_by_domain_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_is_user_member_of_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain_with_all_nodes.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain_with_all_nodes.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_trusted_domains_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_user_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/admin_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_apply.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_clear.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_cancel.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_last_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_restore.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/bind_signed_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_template_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate_intermediate_ca.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/deployment_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_command_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authentication_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authorization_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authorization_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_identity_stores_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_service_names_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clear_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_set_all_status.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_deregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_get_rejected_endpoints_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_register.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_release_rejected_endpoint.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_location_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_email.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_sms.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_change_sponsor_password.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_deny.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_email.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reinstate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reset_password.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_sms.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_suspend.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_install.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_rollback.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/ise_root_ca_regenerate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_connection_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_eval_license_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_feature_to_tier_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_account_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_athentication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_authentication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_failure_reasons_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_list_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_auth_list_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_nas_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_username_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_delete_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_disconnect_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_posture_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_profiler_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_reauthentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_sessions_by_session_id_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authentication_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authorization_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authorization_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_identity_stores_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_reset_hitcounts.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_security_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_service_name_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_sync.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_primary_to_standalone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_promotion.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_replication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_secondary_to_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_interfaces_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_standalone_to_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_sync.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_install.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_rollback.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_check_standalone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_export_certs.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_promote_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_update_roles_services.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_register_node.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/profiler_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_settings_auto_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_settings_auto_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_access_secret.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_activate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_authorization.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_matrices_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_policies_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoint_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_os_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_failures_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_healths_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_performances_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_group_acls_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_lookup.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_register.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_reregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_unregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_for_recovery_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_sessions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_group_by_username_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/renew_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_files_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/resource_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/selfsigned_certificate_generate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/session_service_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sms_provider_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_member_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_download.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_import.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_config_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tasks_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/telemetry_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/threat_vulnerabilities_clear.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_import.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK \ No newline at end of file diff --git a/ansible_collections/cisco/ise/tests/sanity/ignore-2.11.txt b/ansible_collections/cisco/ise/tests/sanity/ignore-2.11.txt new file mode 100644 index 00000000..0b0a4e40 --- /dev/null +++ b/ansible_collections/cisco/ise/tests/sanity/ignore-2.11.txt @@ -0,0 +1,1152 @@ +plugins/plugin_utils/ise.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/plugin_utils/ise.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/plugin_utils/ise.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_test_connectivity.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_add_groups.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_groups_by_domain_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_is_user_member_of_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain_with_all_nodes.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain_with_all_nodes.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_trusted_domains_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_user_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/admin_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_apply.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_clear.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_cancel.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_last_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_restore.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/bind_signed_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/byod_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/byod_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_template_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_generate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_generate_intermediate_ca.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/deployment_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_command_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authentication_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authorization_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authorization_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_identity_stores_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_service_names_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clear_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_set_all_status.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_deregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_get_rejected_endpoints_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_register.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_release_rejected_endpoint.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/filter_policy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/filter_policy_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_location_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_email.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_sms.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_change_sponsor_password.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_deny.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_email.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reinstate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reset_password.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_sms.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_suspend.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_install.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_rollback.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/identity_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/identity_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/internal_user.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/internal_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/ise_root_ca_regenerate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_connection_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_eval_license_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_feature_to_tier_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_account_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_athentication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_authentication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_failure_reasons_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_list_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_auth_list_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_nas_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_username_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_delete_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_disconnect_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_posture_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_profiler_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_reauthentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_sessions_by_session_id_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authentication_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authorization_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authorization_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_identity_stores_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_reset_hitcounts.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_security_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_service_name_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_sync.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_primary_to_standalone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_promotion.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_replication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_secondary_to_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_interfaces_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_standalone_to_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_sync.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_install.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_rollback.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_check_standalone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_export_certs.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_promote_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_update_roles_services.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_register_node.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_theme.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_theme_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/profiler_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_settings_auto_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_settings_auto_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_access_secret.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_activate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_authorization.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_matrices_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_policies_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoint_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_os_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_failures_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_healths_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_performances_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_group_acls_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_lookup.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_register.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_reregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_unregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_for_recovery_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_sessions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_group_by_username_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/renew_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository_files_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/resource_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/selfsigned_certificate_generate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/session_service_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sms_provider_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_member_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_download.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_import.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_config_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tasks_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/telemetry_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/threat_vulnerabilities_clear.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_import.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_test_connectivity.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_add_groups.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_groups_by_domain_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_is_user_member_of_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain_with_all_nodes.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain_with_all_nodes.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_trusted_domains_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_user_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/admin_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_apply.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_clear.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_cancel.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_last_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_restore.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/bind_signed_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_template_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate_intermediate_ca.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/deployment_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_command_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authentication_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authorization_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authorization_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_identity_stores_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_service_names_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clear_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_set_all_status.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_deregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_get_rejected_endpoints_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_register.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_release_rejected_endpoint.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_location_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_email.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_sms.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_change_sponsor_password.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_deny.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_email.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reinstate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reset_password.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_sms.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_suspend.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_install.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_rollback.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/ise_root_ca_regenerate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_connection_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_eval_license_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_feature_to_tier_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_account_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_athentication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_authentication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_failure_reasons_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_list_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_auth_list_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_nas_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_username_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_delete_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_disconnect_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_posture_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_profiler_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_reauthentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_sessions_by_session_id_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authentication_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authorization_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authorization_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_identity_stores_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_reset_hitcounts.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_security_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_service_name_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_sync.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_primary_to_standalone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_promotion.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_replication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_secondary_to_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_interfaces_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_standalone_to_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_sync.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_install.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_rollback.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_check_standalone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_export_certs.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_promote_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_update_roles_services.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_register_node.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/profiler_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_settings_auto_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_settings_auto_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_access_secret.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_activate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_authorization.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_matrices_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_policies_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoint_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_os_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_failures_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_healths_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_performances_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_group_acls_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_lookup.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_register.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_reregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_unregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_for_recovery_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_sessions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_group_by_username_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/renew_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_files_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/resource_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/selfsigned_certificate_generate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/session_service_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sms_provider_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_member_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_download.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_import.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_config_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tasks_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/telemetry_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/threat_vulnerabilities_clear.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_import.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_bindings_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_test_connectivity.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_add_groups.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_groups_by_domain_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_is_user_member_of_group_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain_with_all_nodes.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain_with_all_nodes.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_trusted_domains_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_user_groups_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/admin_user_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_apply.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_clear.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_cancel.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_config.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_last_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_restore.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config_update.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/bind_signed_certificate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_template_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_delete.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_export_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate_intermediate_ca.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/deployment_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_command_set_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authentication_rule_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authorization_rule_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_policy_set_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authentication_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authorization_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_policy_set_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_identity_stores_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_profiles_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_service_names_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clear_all.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clone.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_set_all_status.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_certificate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_deregister.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_get_rejected_endpoints_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_register.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_release_rejected_endpoint.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_location_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_email.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_sms.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_approve.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_change_sponsor_password.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_deny.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_email.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reinstate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reset_password.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_sms.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_suspend.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_install.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_rollback.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/ise_root_ca_regenerate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_connection_type_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_eval_license_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_feature_to_tier_mapping_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_account_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_athentication_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_authentication_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_failure_reasons_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_count_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_list_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_auth_list_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_ip_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_mac_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_nas_ip_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_username_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_delete_all.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_disconnect_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_posture_count_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_profiler_count_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_reauthentication_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_sessions_by_session_id_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_version_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authentication_rule_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authorization_rule_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_policy_set_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authentication_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authorization_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_policy_set_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_identity_stores_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_reset_hitcounts.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_reset_hitcount.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_profiles_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_security_groups_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_service_name_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_sync.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_delete.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_primary_to_standalone.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_promotion.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_replication_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_secondary_to_primary.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_interfaces_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_standalone_to_primary.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_sync.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_update.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_install.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_rollback.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_check_standalone.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_export_certs.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_promote_primary.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_update_roles_services.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_register_node.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/profiler_profile_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_approve.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_delete.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_settings_auto_approve.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_approve.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_delete.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_settings_auto_approve.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_access_secret.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_activate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_authorization.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_bindings_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_matrices_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_policies_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoint_by_mac_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_os_type_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_type_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_failures_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_healths_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_performances_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_profiles_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_group_acls_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_groups_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_lookup.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_register.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_reregister.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_unregister.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_ip_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_mac_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_for_recovery_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_sessions_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_group_by_username_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_groups_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/renew_certificate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_files_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/resource_version_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/selfsigned_certificate_generate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/session_service_node_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_all.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_all.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sms_provider_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_member_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_download.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_monitor_status_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_request.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_export_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_import.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_config_version_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tasks_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/telemetry_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/threat_vulnerabilities_clear.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_export_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_import.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_delete.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_update.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_delete.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_update.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_create.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_update.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_info.py import-2.7 # Python 2.7 is not supported by the Cisco ISE SDK \ No newline at end of file diff --git a/ansible_collections/cisco/ise/tests/sanity/ignore-2.12.txt b/ansible_collections/cisco/ise/tests/sanity/ignore-2.12.txt new file mode 100644 index 00000000..e69de29b diff --git a/ansible_collections/cisco/ise/tests/sanity/ignore-2.9.txt b/ansible_collections/cisco/ise/tests/sanity/ignore-2.9.txt new file mode 100644 index 00000000..2482cbb3 --- /dev/null +++ b/ansible_collections/cisco/ise/tests/sanity/ignore-2.9.txt @@ -0,0 +1,768 @@ +plugins/plugin_utils/ise.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/plugin_utils/ise.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_test_connectivity.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_add_groups.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_groups_by_domain_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_is_user_member_of_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain_with_all_nodes.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain_with_all_nodes.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_trusted_domains_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/active_directory_user_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/admin_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_apply.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_clear.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_cancel.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_last_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_restore.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/bind_signed_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/byod_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/byod_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/certificate_template_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_generate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_generate_intermediate_ca.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/csr_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/deployment_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_command_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authentication_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authorization_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authorization_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_identity_stores_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_service_names_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clear_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_set_all_status.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_deregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_get_rejected_endpoints_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_register.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/endpoint_release_rejected_endpoint.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/filter_policy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/filter_policy_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_location_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_email.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_type_sms.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_change_sponsor_password.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_deny.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_email.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reinstate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reset_password.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_sms.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/guest_user_suspend.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_install.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_rollback.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/identity_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/identity_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/internal_user.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/internal_user_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/ise_root_ca_regenerate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_connection_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_eval_license_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_feature_to_tier_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_account_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_athentication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_authentication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_failure_reasons_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_list_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_auth_list_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_nas_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_username_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_delete_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_disconnect_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_posture_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_profiler_count_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_reauthentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_sessions_by_session_id_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/mnt_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authentication_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authorization_rule_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authentication_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authorization_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_identity_stores_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_reset_hitcounts.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_reset_hitcount.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_security_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_service_name_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/network_device_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_sync.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_primary_to_standalone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_promotion.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_replication_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_secondary_to_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_interfaces_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_standalone_to_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/node_sync.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_install.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/patch_rollback.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_check_standalone.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_export_certs.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_promote_primary.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_update_roles_services.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/personas_register_node.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_theme.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/portal_theme_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/profiler_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/px_grid_settings_auto_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_settings_auto_approve.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_access_secret.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_activate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_authorization.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_matrices_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_policies_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoint_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_os_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_type_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_failures_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_healths_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_performances_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_profiles_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_group_acls_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_lookup.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_register.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_reregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_unregister.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_ip_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_mac_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_for_recovery_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_sessions_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_group_by_username_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_groups_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/renew_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository_files_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/repository_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/resource_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/selfsigned_certificate_generate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/session_service_node_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_all.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sgt_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sms_provider_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_member_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_download.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_monitor_status_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_request.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_import.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/system_config_version_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/tasks_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/telemetry_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/threat_vulnerabilities_clear.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_export_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_import.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_create.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_update.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_info.py compile-2.6!skip # Python 2.6 is not supported by the Cisco ISE SDK +plugins/action/aci_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/aci_test_connectivity.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_add_groups.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_groups_by_domain_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_is_user_member_of_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_join_domain_with_all_nodes.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_leave_domain_with_all_nodes.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_trusted_domains_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/active_directory_user_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/admin_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/allowed_protocols_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_apply.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_clear.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_endpoint_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/anc_policy_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/authorization_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_cancel.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_last_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_restore.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/backup_schedule_config_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/bind_signed_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/byod_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/certificate_template_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_generate_intermediate_ca.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/csr_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/deployment_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authentication_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_authorization_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_command_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authentication_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_authorization_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_for_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_authorization_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_dictionary_attributes_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_global_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_identity_stores_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_local_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_network_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_policy_set_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_service_names_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/device_administration_time_date_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/downloadable_acl_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clear_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_clone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/egress_matrix_cell_set_all_status.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_deregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_get_rejected_endpoints_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_register.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/endpoint_release_rejected_endpoint.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/external_radius_server_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/filter_policy_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_location_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_smtp_notification_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_ssid_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_email.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_type_sms.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_change_sponsor_password.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_deny.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_email.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reinstate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_reset_password.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_sms.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/guest_user_suspend.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_install.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotpatch_rollback.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/hotspot_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/id_store_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/identity_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/internal_user_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/ise_root_ca_regenerate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_connection_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_eval_license_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_feature_to_tier_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_registration_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_smart_state_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/licensing_tier_state_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_account_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_athentication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_authentication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_failure_reasons_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_active_list_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_auth_list_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_nas_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_by_username_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_delete_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_disconnect_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_posture_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_profiler_count_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_session_reauthentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_sessions_by_session_id_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/mnt_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/my_device_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/native_supplicant_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authentication_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_authorization_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authentication_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_authorization_rule_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_for_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attribute_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authentication_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_authorization_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_attributes_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_dictionary_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_global_exception_rules_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_identity_stores_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_local_exception_rules_reset_hitcounts.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_network_condition_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_policy_set_reset_hitcount.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_security_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_service_name_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_access_time_date_conditions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/network_device_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_deployment_sync.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_group_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_primary_to_standalone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_promotion.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_replication_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_secondary_to_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_interfaces_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_profiler_probe_config_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_services_sxp_interfaces_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_standalone_to_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/node_sync.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pan_ha_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_install.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/patch_rollback.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_check_standalone.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_export_certs.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_promote_primary.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_update_roles_services.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/personas_register_node.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_global_setting_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/portal_theme_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/profiler_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/proxy_connection_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/px_grid_settings_auto_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_settings_auto_approve.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_access_secret.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_activate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_account_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_authorization.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_matrices_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_egress_policies_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoint_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_os_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_by_type_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_endpoints_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_failures_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_healths_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_performances_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_profiles_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_group_acls_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_security_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_lookup.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_register.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_reregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_service_unregister.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_ip_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_by_mac_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_session_for_recovery_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_sessions_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_group_by_username_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/pxgrid_user_groups_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/radius_server_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/renew_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_files_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/repository_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/resource_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/rest_id_store_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/self_registered_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/selfsigned_certificate_generate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/session_service_node_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_acl_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_deploy_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_all.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_deploy_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sg_to_vn_to_vlan_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sgt_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sms_provider_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_group_member_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsor_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sponsored_guest_portal_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_download.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/support_bundle_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_connections_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_local_bindings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_monitor_status_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_bulk_request.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/sxp_vpns_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_import.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_certificate_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/system_config_version_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_command_sets_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_external_servers_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_profile_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tacacs_server_sequence_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/tasks_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/telemetry_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/threat_vulnerabilities_clear.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/transport_gateway_settings_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_export_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_import.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trusted_certificate_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_nbar_app_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_sg_vn_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_create.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_delete.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_bulk_update.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK +plugins/action/trustsec_vn_vlan_mapping_info.py compile-2.7!skip # Python 2.7 is not supported by the Cisco ISE SDK \ No newline at end of file -- cgit v1.2.3