ce_aaa_server – Manages AAA server global configuration on HUAWEI CloudEngine switches¶
New in version 2.4.
Synopsis¶
Manages AAA server global configuration on HUAWEI CloudEngine switches.
Parameters¶
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
accounting_mode
string
|
|
Accounting Mode.
|
|
acct_scheme_name
string
|
Accounting scheme name. The value is a string of 1 to 32 characters.
|
|
|
authen_scheme_name
string
|
Name of an authentication scheme. The value is a string of 1 to 32 characters.
|
|
|
author_scheme_name
string
|
Name of an authorization scheme. The value is a string of 1 to 32 characters.
|
|
|
domain_name
string
|
Name of a domain. The value is a string of 1 to 64 characters.
|
|
|
first_authen_mode
string
|
|
Preferred authentication mode.
|
|
first_author_mode
string
|
|
Preferred authorization mode.
|
|
hwtacas_template
string
|
Name of a HWTACACS template. The value is a string of 1 to 32 case-insensitive characters.
|
|
|
local_user_group
string
|
Name of the user group where the user belongs. The user inherits all the rights of the user group. The value is a string of 1 to 32 characters.
|
|
|
radius_server_group
string
|
RADIUS server group's name. The value is a string of 1 to 32 case-insensitive characters.
|
|
|
state
string
|
|
Specify desired state of the resource.
|
Notes¶
Note
This module requires the netconf system service be enabled on the remote device being managed.
Recommended connection is
netconf.This module also works with
localconnections for legacy playbooks.
Examples¶
- name: AAA server test
hosts: cloudengine
connection: local
gather_facts: no
vars:
cli:
host: "{{ inventory_hostname }}"
port: "{{ ansible_ssh_port }}"
username: "{{ username }}"
password: "{{ password }}"
transport: cli
tasks:
- name: "Radius authentication Server Basic settings"
ce_aaa_server:
state: present
authen_scheme_name: test1
first_authen_mode: radius
radius_server_group: test2
provider: "{{ cli }}"
- name: "Undo radius authentication Server Basic settings"
ce_aaa_server:
state: absent
authen_scheme_name: test1
first_authen_mode: radius
radius_server_group: test2
provider: "{{ cli }}"
- name: "Hwtacacs accounting Server Basic settings"
ce_aaa_server:
state: present
acct_scheme_name: test1
accounting_mode: hwtacacs
hwtacas_template: test2
provider: "{{ cli }}"
- name: "Undo hwtacacs accounting Server Basic settings"
ce_aaa_server:
state: absent
acct_scheme_name: test1
accounting_mode: hwtacacs
hwtacas_template: test2
provider: "{{ cli }}"
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
|
changed
boolean
|
always |
check to see if a change was made on the device
Sample:
True
|
|
end_state
dictionary
|
always |
k/v pairs of aaa params after module execution
Sample:
{'accounting scheme': [['hwtacacs', 'test1']], 'hwtacacs template': ['huawei', 'test2']}
|
|
existing
dictionary
|
always |
k/v pairs of existing aaa server
Sample:
{'accounting scheme': [['hwtacacs'], ['default']], 'hwtacacs template': ['huawei']}
|
|
proposed
dictionary
|
always |
k/v pairs of parameters passed into module
Sample:
{'accounting_mode': 'hwtacacs', 'acct_scheme_name': 'test1', 'hwtacas_template': 'test2', 'state': 'present'}
|
|
updates
list
|
always |
command sent to the device
Sample:
['accounting-scheme test1', 'accounting-mode hwtacacs', 'hwtacacs server template test2', 'hwtacacs enable']
|
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]