cisco / cisco.nd / 0.5.0 / module / nd_compliance_requirement_communication Manage communication type compliance requirements | "added in version" 0.3.0 of cisco.nd" Authors: Akini Ross (@akinross) preview | supported by communitycisco.nd.nd_compliance_requirement_communication (0.5.0) — module
Install with ansible-galaxy collection install cisco.nd:==0.5.0
collections: - name: cisco.nd version: 0.5.0
Manage communication type compliance requirements on Cisco Nexus Dashboard Insights (NDI).
- name: Get all communication type compliance requirements cisco.nd.nd_compliance_requirement_communication: insights_group: igName state: query register: query_results
- name: Get a specific communication type compliance requirement cisco.nd.nd_compliance_requirement_communication: insights_group: igName name: complianceRequirementName state: query register: query_results
- name: Create communication type compliance requirement cisco.nd.nd_compliance_requirement_communication: insights_group: igName name: complianceRequirementName sites: - siteName1 - siteName2 enabled: false type: may from_object: type: epg includes: - type: vrf attribute: DN patterns: - type: tenant operator: begins_with value: foo - type: vrf operator: contains value: bar - type: epg attribute: DN patterns: - type: tenant operator: contains value: foo - type: ap operator: contains value: bar - type: epg operator: contains value: foobar to_object: type: epg excludes: - type: epg patterns: - type: tenant operator: contains value: foo - type: ap operator: contains value: bar - type: epg operator: contains value: bar traffic_selector_rules: - ether_type: ip protocol: all - ether_type: arp - ether_type: ip protocol: tcp from_object: source: "1" destination: "2" tcp_flags: ["ack", "fin", "res", "syn" ] state: present
- name: Delete communication type compliance requirement cisco.nd.nd_compliance_requirement_communication: insights_group: igName name: complianceRequirementName state: absent
host: aliases: - hostname description: - IP Address or hostname of the Nexus Dashboard (ND) host. - If the value is not specified in the task, the value of environment variable C(ND_HOST) will be used instead. type: str name: description: - The name of the compliance requirement. type: str port: description: - Port number to be used for the REST connection. - The default value depends on parameter `use_ssl`. - If the value is not specified in the task, the value of environment variable C(ND_PORT) will be used instead. type: int type: choices: - must - must_not - may description: - The communication type of the compliance requirement. type: str sites: description: - The names of the sites. elements: str type: list state: choices: - query - absent - present default: query description: - Use C(present) or C(absent) for adding or removing. - Use C(query) for listing an object or multiple objects. type: str enabled: description: - Enable the compliance requirement. type: bool timeout: default: 30 description: - The socket level timeout in seconds. - If the value is not specified in the task, the value of environment variable C(ND_TIMEOUT) will be used instead. type: int use_ssl: description: - If C(no), an HTTP connection will be used instead of the default HTTPS connection. - If the value is not specified in the task, the value of environment variable C(ND_USE_SSL) will be used instead. type: bool password: description: - The password to use for authentication. - If the value is not specified in the task, the value of environment variables C(ND_PASSWORD) or C(ANSIBLE_NET_PASSWORD) will be used instead. type: str username: description: - The username to use for authentication. - If the value is not specified in the task, the value of environment variables C(ND_USERNAME) or C(ANSIBLE_NET_USERNAME) will be used instead. type: str to_object: description: - Container for all matching criteria attached to the object. suboptions: excludes: description: - Container for all matching criteria to exclude. elements: dict suboptions: attribute: choices: - DN default: DN description: - The attribute of the match. - The GUI represent this as 'By'. type: str patterns: description: - Container for all patterns attached to the match. elements: dict required: true suboptions: operator: choices: - contains - begins_with - ends_with - equal_to - not_equal_to - not_contains - not_begins_with - not_ends_with description: - The operator of the pattern. required: true type: str type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The type of the match. required: true type: str value: description: - The value of the pattern to match on. - NDO defaults to a wildcard string, displayed in UI as ANY-STRING, when unset during creation. type: str type: list type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The object type of the match. required: true type: str type: list includes: description: - Container for all matching criteria to include. elements: dict required: true suboptions: attribute: choices: - DN default: DN description: - The attribute of the match. - The GUI represent this as 'By'. type: str patterns: description: - Container for all patterns attached to the match. elements: dict required: true suboptions: operator: choices: - contains - begins_with - ends_with - equal_to - not_equal_to - not_contains - not_begins_with - not_ends_with description: - The operator of the pattern. required: true type: str type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The type of the match. required: true type: str value: description: - The value of the pattern to match on. - NDO defaults to a wildcard string, displayed in UI as ANY-STRING, when unset during creation. type: str type: list type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The object type of the match. required: true type: str type: list type: choices: - tenant - epg description: - The object type of the object. required: true type: str type: dict use_proxy: description: - If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts. - If the value is not specified in the task, the value of environment variable C(ND_USE_PROXY) will be used instead. type: bool description: aliases: - descr description: - The description of the compliance requirement. type: str from_object: description: - Container for all matching criteria attached to the object. suboptions: excludes: description: - Container for all matching criteria to exclude. elements: dict suboptions: attribute: choices: - DN default: DN description: - The attribute of the match. - The GUI represent this as 'By'. type: str patterns: description: - Container for all patterns attached to the match. elements: dict required: true suboptions: operator: choices: - contains - begins_with - ends_with - equal_to - not_equal_to - not_contains - not_begins_with - not_ends_with description: - The operator of the pattern. required: true type: str type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The type of the match. required: true type: str value: description: - The value of the pattern to match on. - NDO defaults to a wildcard string, displayed in UI as ANY-STRING, when unset during creation. type: str type: list type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The object type of the match. required: true type: str type: list includes: description: - Container for all matching criteria to include. elements: dict required: true suboptions: attribute: choices: - DN default: DN description: - The attribute of the match. - The GUI represent this as 'By'. type: str patterns: description: - Container for all patterns attached to the match. elements: dict required: true suboptions: operator: choices: - contains - begins_with - ends_with - equal_to - not_equal_to - not_contains - not_begins_with - not_ends_with description: - The operator of the pattern. required: true type: str type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The type of the match. required: true type: str value: description: - The value of the pattern to match on. - NDO defaults to a wildcard string, displayed in UI as ANY-STRING, when unset during creation. type: str type: list type: choices: - tenant - vrf - bd - epg - ap - l3out - l3instp - l2out - l2instp - filter - subject - contract description: - The object type of the match. required: true type: str type: list type: choices: - tenant - epg description: - The object type of the object. required: true type: str type: dict login_domain: description: - The login domain name to use for authentication. - The default value is DefaultAuth. - If the value is not specified in the task, the value of environment variable C(ND_LOGIN_DOMAIN) will be used instead. type: str output_level: choices: - debug - info - normal default: normal description: - Influence the output of this ND module. - C(normal) means the standard output, incl. C(current) dict - C(info) adds informational output, incl. C(previous), C(proposed) and C(sent) dicts - C(debug) adds debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information - If the value is not specified in the task, the value of environment variable C(ND_OUTPUT_LEVEL) will be used instead. type: str insights_group: aliases: - fab_name - ig_name description: - The name of the insights group. required: true type: str validate_certs: description: - If C(no), SSL certificates will not be validated. - This should only set to C(no) when used on personally controlled sites using self-signed certificates. - If the value is not specified in the task, the value of environment variable C(ND_VALIDATE_CERTS) will be used instead. type: bool traffic_selector_rules: description: - Apply rules to selected traffic. elements: dict suboptions: ether_type: choices: - arp - fcoe - ip - mac_security - mpls_unicast - trill description: - The type of the traffic selector. required: true type: str from_object: description: - Direction from the object. suboptions: destination: description: - The destination port or port range. type: str source: description: - The source port or port range. type: str tcp_flags: aliases: - tcp_flags_set choices: - ack - est - fin - res - syn description: - Confirm these flags are set. elements: str type: list tcp_flags_not_set: choices: - ack - est - fin - res - syn description: - Confirm these flags are not set. elements: str type: list type: dict protocol: choices: - all - egp - eigrp - icmp - icmpv6 - igmp - igp - l2tp - ospfigp - pim - tcp - udp description: - The type of the traffic protocol. - Only significant when 'ip' is selected. type: str reverse_port: default: false description: - The direction of the IP TCP/UDP rule. - Only significant when 'ip' is selected in combination with 'tcp' or 'udp'. - When set to true the from_object option is used for both directions. type: bool to_object: description: - Direction to the object. suboptions: destination: description: - The destination port or port range. type: str source: description: - The source port or port range. type: str tcp_flags: aliases: - tcp_flags_set choices: - ack - est - fin - res - syn description: - Confirm these flags are set. elements: str type: list tcp_flags_not_set: choices: - ack - est - fin - res - syn description: - Confirm these flags are not set. elements: str type: list type: dict type: list