service_element - Create, modify or delete service elements¶
New in version 2.5.
Synopsis¶
- Each service type currently supported in this module is documented as a suboption. Each service element type will have a minimum number of arguments that are required to create the element if it does not exist. Service elements supported by this module have their create constructors documented at http://smc-python.readthedocs.io/en/latest/pages/reference.html#elements. This module uses a ‘update or create’ logic, therefore it is not possible to create the same element twice. If the element exists and the attributes provided are different, the element will be updated before returned. It also means this module can be run multiple times with only slight modifications to the playbook. This is useful when an error is seen with a duplicate name, etc and you must re-adjust the playbook and re-run. For groups, members must be referenced by type and name. Members can be services that are also being created by the same playbook. If running in check_mode,’ only fetches will be performed and the state attribute will indicate if an element is not found (i.e. would need to be created).
Requirements (on host that executes module)¶
- smc-python
Options¶
| parameter | required | default | choices | comments | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| elements |
yes |
A list of the elements to create, modify or remove
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ignore_err_if_not_found |
no | True |
When deleting elements, whether to ignore an error if the element is not found. This is only used when state=absent. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_address |
no |
FQDN with port of SMC. The default value is the environment variable |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_alt_filepath |
no |
Provide an alternate path location to read the credentials from. File is expected to be stored in ~.smcrc. If provided, url and api_key settings are not required and will be ignored. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_api_key |
no |
API key for api client. The default value is the environment variable |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_api_version |
no |
Optional API version to connect to. If none is provided, the latest SMC version API will be used based on the Management Center version. Can be set though the environment variable |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_domain |
no |
Optional domain to log in to. If no domain is provided, 'Shared Domain' is used. Can be set throuh the environment variable |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_extra_args |
no |
Extra arguments to pass to login constructor. These are generally only used if specifically requested by support personnel.
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_logging |
no |
Optionally enable SMC API logging to a file
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| smc_timeout |
no |
Optional timeout for connections to the SMC. Can be set through environment |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| state |
no | present |
|
Create or delete flag |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Examples¶
- name: Example service element creation
register: result
service_element:
smc_logging:
level: 10
path: ansible-smc.log
elements:
- tcp_service:
name: myservice
min_dst_port: 8080
max_dst_port: 8100
- tcp_service:
name: newservice80
min_dst_port: 80
- udp_service:
name: myudp
min_dst_port: 8090
max_dst_port: 8091
comment: created by dlepage
- udp_service:
name: udp2000
min_dst_port: 2000
- ip_service:
name: new service
protocol_number: 8
comment: custom EGP service
- ethernet_service:
name: 8021q frame
frame_type: eth2
value1: "0x8100"
- icmp_service:
name: custom icmp
icmp_type: 3
icmp_code: 7
comment: custom icmp services
- icmp_ipv6_service:
name: my v6 icmp
icmp_type: 139
comment: Neighbor Advertisement Message
- tcp_service_group:
name: mygroup
members:
tcp_service:
- newservice80
- service_group:
name: mysvcgrp
members:
tcp_service:
- newservice80
udp_service:
- myudp
- udp2000
icmp_service:
- custom icmp
- udp_service_group:
name: myudpservices
members:
udp_service:
- myudp
- udp2000
- icmp_service_group:
name: myicmp
members:
icmp_service:
- custom icmp
- icmp_service_group:
name: myemptygroup
members:
- ip_service_group:
name: myipservices
members:
ip_service:
- new service
- name: Delete all service elements
register: result
service_element:
smc_logging:
level: 10
path: ansible-smc.log
state: absent
elements:
- tcp_service_group:
- mygroup
- service_group:
- mysvcgrp
- udp_service_group:
- myudp2000
- icmp_service_group:
- myicmp
- ip_service_group:
- myipservices
- tcp_service:
- myservice
- udp_service:
- myudp
- ip_service:
- new service
- ethernet_service:
- 8021q frame
- icmp_service:
- custom icmp
- icmp_ipv6_service:
- my v6 icmp
Return Values¶
Common return values are documented Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| state |
Current state of service elements
|
always | list | [{'action': 'created', 'type': 'tcp_service', 'name': 'myservice'}, {'type': 'tcp_service', 'name': 'newservice80'}, {'action': 'created', 'type': 'udp_service', 'name': 'myudp'}, {'type': 'udp_service', 'name': 'udp2000'}] |