1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright (c) 2021, Cisco Systems
# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
DOCUMENTATION = r"""
---
module: sgt
short_description: Resource module for SGt
description:
- Manage operations create, update and delete of the resource SGt.
- This API creates a security group.
- This API deletes a security group.
- This API allows the client to update a security group.
version_added: '1.0.0'
extends_documentation_fragment:
- cisco.ise.module
author: Rafael Campos (@racampos)
options:
defaultSGACLs:
description: SGt's defaultSGACLs.
elements: dict
type: list
description:
description: SGt's description.
type: str
generationId:
description: SGt's generationId.
type: str
id:
description: SGt's id.
type: str
isReadOnly:
description: IsReadOnly flag.
type: bool
name:
description: SGt's name.
type: str
required: true
propogateToApic:
description: PropogateToApic flag.
type: bool
value:
description: Value range 2 ot 65519 or -1 to auto-generate.
type: int
required: true
requirements:
- ciscoisesdk >= 2.0.8
- python >= 3.5
seealso:
- name: Cisco ISE documentation for SecurityGroups
description: Complete reference of the SecurityGroups API.
link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt
notes:
- SDK Method used are
security_groups.SecurityGroups.create_security_group,
security_groups.SecurityGroups.delete_security_group_by_id,
security_groups.SecurityGroups.update_security_group_by_id,
- Paths used are
post /ers/config/sgt,
delete /ers/config/sgt/{id},
put /ers/config/sgt/{id},
"""
EXAMPLES = r"""
- name: Update by id
cisco.ise.sgt:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
defaultSGACLs:
- {}
description: string
generationId: string
id: string
isReadOnly: true
name: string
propogateToApic: true
value: 0
- name: Delete by id
cisco.ise.sgt:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: absent
id: string
- name: Create
cisco.ise.sgt:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
defaultSGACLs:
- {}
description: string
generationId: string
isReadOnly: true
name: string
propogateToApic: true
value: 0
"""
RETURN = r"""
ise_response:
description: A dictionary or list with the response returned by the Cisco ISE Python SDK
returned: always
type: dict
sample: >
{
"id": "string",
"name": "string",
"description": "string",
"value": 0,
"generationId": "string",
"isReadOnly": true,
"propogateToApic": true,
"defaultSGACLs": [
{}
],
"link": {
"rel": "string",
"href": "string",
"type": "string"
}
}
ise_update_response:
description: A dictionary or list with the response returned by the Cisco ISE Python SDK
returned: always
version_added: '1.1.0'
type: dict
sample: >
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "string",
"oldValue": "string",
"newValue": "string"
}
],
"field": "string",
"oldValue": "string",
"newValue": "string"
}
}
"""
|
