1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright (c) 2021, Cisco Systems
# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
DOCUMENTATION = r"""
---
module: sg_acl
short_description: Resource module for SGACL
description:
- Manage operations create, update and delete of the resource SGACL.
- This API creates a security group ACL.
- This API deletes a security group ACL.
- This API allows the client to update a security group ACL.
version_added: '1.0.0'
extends_documentation_fragment:
- cisco.ise.module
author: Rafael Campos (@racampos)
options:
aclcontent:
description: SGACL's aclcontent.
type: str
description:
description: SGACL's description.
type: str
generationId:
description: SGACL's generationId.
type: str
id:
description: SGACL's id.
type: str
ipVersion:
description: Allowed values - IPV4, - IPV6, - IP_AGNOSTIC.
type: str
isReadOnly:
description: IsReadOnly flag.
type: bool
modelledContent:
description: Modelled content of contract.
type: dict
name:
description: SGACL's name.
type: str
requirements:
- ciscoisesdk >= 2.2.1
- python >= 3.5
seealso:
- name: Cisco ISE documentation for SecurityGroupsACLs
description: Complete reference of the SecurityGroupsACLs API.
link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl
notes:
- SDK Method used are
security_groups_acls.SecurityGroupsAcls.create_security_groups_acl,
security_groups_acls.SecurityGroupsAcls.delete_security_groups_acl_by_id,
security_groups_acls.SecurityGroupsAcls.update_security_groups_acl_by_id,
- Paths used are
post /ers/config/sgacl,
delete /ers/config/sgacl/{id},
put /ers/config/sgacl/{id},
"""
EXAMPLES = r"""
- name: Update by id
cisco.ise.sg_acl:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
aclcontent: string
description: string
generationId: string
id: string
ipVersion: string
isReadOnly: true
modelledContent: {}
name: string
- name: Delete by id
cisco.ise.sg_acl:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: absent
id: string
- name: Create
cisco.ise.sg_acl:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
aclcontent: string
description: string
generationId: string
ipVersion: string
isReadOnly: true
modelledContent: {}
name: string
"""
RETURN = r"""
ise_response:
description: A dictionary or list with the response returned by the Cisco ISE Python SDK
returned: always
type: dict
sample: >
{
"id": "string",
"name": "string",
"description": "string",
"generationId": "string",
"aclcontent": "string",
"isReadOnly": true,
"modelledContent": {},
"ipVersion": "string",
"link": {
"rel": "string",
"href": "string",
"type": "string"
}
}
ise_update_response:
description: A dictionary or list with the response returned by the Cisco ISE Python SDK
returned: always
version_added: '1.1.0'
type: dict
sample: >
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "string",
"oldValue": "string",
"newValue": "string"
}
],
"field": "string",
"oldValue": "string",
"newValue": "string"
}
}
"""
|
