Try SpotterManage manual configuration type compliance requirements
| "added in version" 0.3.0 of cisco.nd"
Authors: Akini Ross (@akinross)
preview | supported by community
Install with ansible-galaxy collection install cisco.nd:==0.5.0
collections:
- name: cisco.nd
version: 0.5.0Manage manual configuration type compliance requirements on Cisco Nexus Dashboard Insights (NDI).
- name: Get all manual configuration type compliance requirements
cisco.nd.nd_compliance_requirement_config_manual:
insights_group: igName
state: query
register: query_results
- name: Get a specific manual configuration type compliance requirement
cisco.nd.nd_compliance_requirement_config_manual:
insights_group: igName
name: complianceRequirementName
state: query
register: query_results
- name: Create manual configuration type compliance requirement
cisco.nd.nd_compliance_requirement_config_manual:
insights_group: igName
name: complianceRequirementName
sites:
- siteName1
- siteName2
enabled: false
object:
type: epg
includes:
- type: vrf
attribute: DN
patterns:
- type: tenant
operator: begins_with
value: foo
- type: vrf
operator: contains
value: bar
- type: epg
attribute: DN
patterns:
- type: tenant
operator: contains
value: foo
- type: ap
operator: contains
value: bar
- type: epg
operator: contains
value: foobar
config_rules:
- attribute: name
operator: CONTAINS
value: foo
state: present
- name: Delete manual configuration type compliance requirement
cisco.nd.nd_compliance_requirement_config_manual:
insights_group: igName
name: complianceRequirementName
state: absent
host:
aliases:
- hostname
description:
- IP Address or hostname of the Nexus Dashboard (ND) host.
- If the value is not specified in the task, the value of environment variable C(ND_HOST)
will be used instead.
type: str
name:
description:
- The name of the compliance requirement.
type: str
port:
description:
- Port number to be used for the REST connection.
- The default value depends on parameter `use_ssl`.
- If the value is not specified in the task, the value of environment variable C(ND_PORT)
will be used instead.
type: int
sites:
description:
- The names of the sites.
elements: str
type: list
state:
choices:
- query
- absent
- present
default: query
description:
- Use C(present) or C(absent) for adding or removing.
- Use C(query) for listing an object or multiple objects.
type: str
object:
description:
- Container for all matching criteria attached to the object.
suboptions:
excludes:
description:
- Container for all matching criteria to exclude.
elements: dict
suboptions:
attribute:
choices:
- DN
default: DN
description:
- The attribute of the match.
- The GUI represent this as 'By'.
type: str
patterns:
description:
- Container for all patterns attached to the match.
elements: dict
required: true
suboptions:
operator:
choices:
- contains
- begins_with
- ends_with
- equal_to
- not_equal_to
- not_contains
- not_begins_with
- not_ends_with
description:
- The operator of the pattern.
required: true
type: str
type:
choices:
- tenant
- vrf
- bd
- epg
- ap
- l3out
- l3instp
- l2out
- l2instp
- filter
- subject
- contract
description:
- The type of the match.
required: true
type: str
value:
description:
- The value of the pattern to match on.
- NDO defaults to a wildcard string, displayed in UI as ANY-STRING, when
unset during creation.
type: str
type: list
type:
choices:
- tenant
- vrf
- bd
- epg
- ap
- l3out
- l3instp
- l2out
- l2instp
- filter
- subject
- contract
description:
- The object type of the match.
required: true
type: str
type: list
includes:
description:
- Container for all matching criteria to include.
elements: dict
required: true
suboptions:
attribute:
choices:
- DN
default: DN
description:
- The attribute of the match.
- The GUI represent this as 'By'.
type: str
patterns:
description:
- Container for all patterns attached to the match.
elements: dict
required: true
suboptions:
operator:
choices:
- contains
- begins_with
- ends_with
- equal_to
- not_equal_to
- not_contains
- not_begins_with
- not_ends_with
description:
- The operator of the pattern.
required: true
type: str
type:
choices:
- tenant
- vrf
- bd
- epg
- ap
- l3out
- l3instp
- l2out
- l2instp
- filter
- subject
- contract
description:
- The type of the match.
required: true
type: str
value:
description:
- The value of the pattern to match on.
- NDO defaults to a wildcard string, displayed in UI as ANY-STRING, when
unset during creation.
type: str
type: list
type:
choices:
- tenant
- vrf
- bd
- epg
- ap
- l3out
- l3instp
- l2out
- l2instp
- filter
- subject
- contract
description:
- The object type of the match.
required: true
type: str
type: list
type:
choices:
- tenant
- vrf
- bd
- epg
- contract
- subject
- filter
description:
- The object type of the object.
required: true
type: str
type: dict
enabled:
description:
- Enable the compliance requirement.
type: bool
timeout:
default: 30
description:
- The socket level timeout in seconds.
- If the value is not specified in the task, the value of environment variable C(ND_TIMEOUT)
will be used instead.
type: int
use_ssl:
description:
- If C(no), an HTTP connection will be used instead of the default HTTPS connection.
- If the value is not specified in the task, the value of environment variable C(ND_USE_SSL)
will be used instead.
type: bool
password:
description:
- The password to use for authentication.
- If the value is not specified in the task, the value of environment variables C(ND_PASSWORD)
or C(ANSIBLE_NET_PASSWORD) will be used instead.
type: str
username:
description:
- The username to use for authentication.
- If the value is not specified in the task, the value of environment variables C(ND_USERNAME)
or C(ANSIBLE_NET_USERNAME) will be used instead.
type: str
use_proxy:
description:
- If C(no), it will not use a proxy, even if one is defined in an environment variable
on the target hosts.
- If the value is not specified in the task, the value of environment variable C(ND_USE_PROXY)
will be used instead.
type: bool
description:
aliases:
- descr
description:
- The description of the compliance requirement.
type: str
config_rules:
description:
- List of compliance configuration rules.
elements: dict
suboptions:
attribute:
choices:
- name
- name_alias
- enforcement_preference
- enforcement_direction
- preferred_group
- bd_enforcement
- bd_type
- l2_unknown_unicast
- l3_unknown_unicast_flooding
- bd_multi_destination_flooding
- pim
- arp_flooding
- limit_ip_learning_to_subnet
- unicast_routing
- epg_association_count
- subnets
- preferred_group_member
- qos_class
description:
- Attribute of the compliance configuration rule.
required: true
type: str
operator:
choices:
- contains
- begins_with
- ends_with
- equal_to
- not_equal_to
- not_contains
- not_begins_with
- not_ends_with
- regex
- exact
- at_least
- at_most
- all
- none
- at_least_one
description:
- Operation of the compliance configuration rule.
required: true
type: str
value:
description:
- Value of the compliance configuration rule.
- WARNING be aware of case sensitivity !!
required: true
type: str
type: list
login_domain:
description:
- The login domain name to use for authentication.
- The default value is DefaultAuth.
- If the value is not specified in the task, the value of environment variable C(ND_LOGIN_DOMAIN)
will be used instead.
type: str
output_level:
choices:
- debug
- info
- normal
default: normal
description:
- Influence the output of this ND module.
- C(normal) means the standard output, incl. C(current) dict
- C(info) adds informational output, incl. C(previous), C(proposed) and C(sent) dicts
- C(debug) adds debugging output, incl. C(filter_string), C(method), C(response),
C(status) and C(url) information
- If the value is not specified in the task, the value of environment variable C(ND_OUTPUT_LEVEL)
will be used instead.
type: str
insights_group:
aliases:
- fab_name
- ig_name
description:
- The name of the insights group.
required: true
type: str
validate_certs:
description:
- If C(no), SSL certificates will not be validated.
- This should only set to C(no) when used on personally controlled sites using self-signed
certificates.
- If the value is not specified in the task, the value of environment variable C(ND_VALIDATE_CERTS)
will be used instead.
type: bool