Try SpotterManages AAA server host configuration on HUAWEI CloudEngine switches.
Authors: wangdezhuang (@QijunPan)
preview | supported by community
Install with ansible-galaxy collection install community.general:==0.1.1
collections:
- name: community.general
version: 0.1.1Manages AAA server host configuration on HUAWEI CloudEngine switches.
- name: AAA server host test
hosts: cloudengine
connection: local
gather_facts: no
vars:
cli:
host: "{{ inventory_hostname }}"
port: "{{ ansible_ssh_port }}"
username: "{{ username }}"
password: "{{ password }}"
transport: cli
tasks:
- name: "Config local user when use local scheme"
ce_aaa_server_host:
state: present
local_user_name: user1
local_password: 123456
provider: "{{ cli }}"
- name: "Undo local user when use local scheme"
ce_aaa_server_host:
state: absent
local_user_name: user1
local_password: 123456
provider: "{{ cli }}"
- name: "Config radius server ip"
ce_aaa_server_host:
state: present
radius_group_name: group1
radius_server_type: Authentication
radius_server_ip: 10.1.10.1
radius_server_port: 2000
radius_server_mode: Primary-server
radius_vpn_name: _public_
provider: "{{ cli }}"
- name: "Undo radius server ip"
ce_aaa_server_host:
state: absent
radius_group_name: group1
radius_server_type: Authentication
radius_server_ip: 10.1.10.1
radius_server_port: 2000
radius_server_mode: Primary-server
radius_vpn_name: _public_
provider: "{{ cli }}"
- name: "Config hwtacacs server ip"
ce_aaa_server_host:
state: present
hwtacacs_template: template
hwtacacs_server_ip: 10.10.10.10
hwtacacs_server_type: Authorization
hwtacacs_vpn_name: _public_
provider: "{{ cli }}"
- name: "Undo hwtacacs server ip"
ce_aaa_server_host:
state: absent
hwtacacs_template: template
hwtacacs_server_ip: 10.10.10.10
hwtacacs_server_type: Authorization
hwtacacs_vpn_name: _public_
provider: "{{ cli }}"
state:
choices:
- present
- absent
default: present
description:
- Specify desired state of the resource.
local_ftp_dir:
description:
- FTP user directory. The value is a string of 1 to 255 characters.
local_password:
description:
- Login password of a user. The password can contain letters, numbers, and special
characters. The value is a string of 1 to 255 characters.
local_user_name:
description:
- Name of a local user. The value is a string of 1 to 253 characters.
radius_vpn_name:
description:
- Set VPN instance. The value is a string of 1 to 31 case-sensitive characters.
local_user_group:
description:
- Name of the user group where the user belongs. The user inherits all the rights
of the user group. The value is a string of 1 to 32 characters.
local_user_level:
description:
- Login level of a local user. The value is an integer ranging from 0 to 15.
radius_server_ip:
description:
- IPv4 address of configured server. The value is a string of 0 to 255 characters,
in dotted decimal notation.
hwtacacs_template:
description:
- Name of a HWTACACS template. The value is a string of 1 to 32 case-insensitive characters.
hwtacacs_vpn_name:
description:
- VPN instance name.
radius_group_name:
description:
- RADIUS server group's name. The value is a string of 1 to 32 case-insensitive characters.
hwtacacs_server_ip:
description:
- Server IPv4 address. Must be a valid unicast IP address. The value is a string of
0 to 255 characters, in dotted decimal notation.
local_service_type:
description:
- The type of local user login through, such as ftp ssh snmp telnet.
radius_server_ipv6:
description:
- IPv6 address of configured server. The total length is 128 bits.
radius_server_mode:
choices:
- Secondary-server
- Primary-server
description:
- Configured primary or secondary server for a particular server.
radius_server_name:
description:
- Hostname of configured server. The value is a string of 0 to 255 case-sensitive
characters.
radius_server_port:
description:
- Configured server port for a particular server. The value is an integer ranging
from 1 to 65535.
radius_server_type:
choices:
- Authentication
- Accounting
description:
- Type of Radius Server.
hwtacacs_server_ipv6:
description:
- Server IPv6 address. Must be a valid unicast IP address. The total length is 128
bits.
hwtacacs_server_type:
choices:
- Authentication
- Authorization
- Accounting
- Common
description:
- Hwtacacs server type.
hwtacacs_is_public_net:
default: 'no'
description:
- Set the public-net.
type: bool
hwtacacs_server_host_name:
description:
- Hwtacacs server host name.
hwtacacs_is_secondary_server:
default: 'no'
description:
- Whether the server is secondary.
type: bool
changed:
description: check to see if a change was made on the device
returned: always
sample: true
type: bool
end_state:
description: k/v pairs of aaa params after module execution
returned: always
sample:
radius server ipv4:
- - 10.1.10.1
- Authentication
- '2000'
- Primary-server
- _public_
type: dict
existing:
description: k/v pairs of existing aaa server host
returned: always
sample:
radius server ipv4: []
type: dict
proposed:
description: k/v pairs of parameters passed into module
returned: always
sample:
hwtacacs_is_public_net: 'false'
hwtacacs_is_secondary_server: 'false'
hwtacacs_server_ip: 10.135.182.157
hwtacacs_server_type: Authorization
hwtacacs_template: wdz
hwtacacs_vpn_name: _public_
local_password: '******'
state: present
type: dict
updates:
description: command sent to the device
returned: always
sample:
- hwtacacs server template test
- hwtacacs server authorization 10.135.182.157 vpn-instance test_vpn public-net
type: list