community.network.ce_aaa_server – Manages AAA server global configuration on HUAWEI CloudEngine switches.

Note

This plugin is part of the community.network collection (version 2.1.1).

To install it use: ansible-galaxy collection install community.network.

To use it in a playbook, specify: community.network.ce_aaa_server.

Synopsis

• Manages AAA server global configuration on HUAWEI CloudEngine switches.

Parameters

Parameter	Choices/Defaults	Comments
accounting_mode string	Choices: invalid hwtacacs radius none ←	Accounting Mode.
acct_scheme_name string		Accounting scheme name. The value is a string of 1 to 32 characters.
authen_scheme_name string		Name of an authentication scheme. The value is a string of 1 to 32 characters.
author_scheme_name string		Name of an authorization scheme. The value is a string of 1 to 32 characters.
domain_name string		Name of a domain. The value is a string of 1 to 64 characters.
first_authen_mode string	Choices: invalid local ← hwtacacs radius none	Preferred authentication mode.
first_author_mode string	Choices: invalid local ← hwtacacs if-authenticated none	Preferred authorization mode.
hwtacas_template string		Name of a HWTACACS template. The value is a string of 1 to 32 case-insensitive characters.
local_user_group string		Name of the user group where the user belongs. The user inherits all the rights of the user group. The value is a string of 1 to 32 characters.
radius_server_group string		RADIUS server group's name. The value is a string of 1 to 32 case-insensitive characters.
state string	Choices: absent present ←	Specify desired state of the resource.

Notes

Note

• This module requires the netconf system service be enabled on the remote device being managed.

• Recommended connection is netconf.

• This module also works with local connections for legacy playbooks.

Examples

- name: AAA server test
  hosts: cloudengine
  connection: local
  gather_facts: no
  vars:
    cli:
      host: "{{ inventory_hostname }}"
      port: "{{ ansible_ssh_port }}"
      username: "{{ username }}"
      password: "{{ password }}"
      transport: cli

  tasks:

  - name: "Radius authentication Server Basic settings"
    community.network.ce_aaa_server:
      state: present
      authen_scheme_name: test1
      first_authen_mode: radius
      radius_server_group: test2
      provider: "{{ cli }}"

  - name: "Undo radius authentication Server Basic settings"
    community.network.ce_aaa_server:
      state: absent
      authen_scheme_name: test1
      first_authen_mode: radius
      radius_server_group: test2
      provider: "{{ cli }}"

  - name: "Hwtacacs accounting Server Basic settings"
    community.network.ce_aaa_server:
      state: present
      acct_scheme_name: test1
      accounting_mode: hwtacacs
      hwtacas_template: test2
      provider: "{{ cli }}"

  - name: "Undo hwtacacs accounting Server Basic settings"
    community.network.ce_aaa_server:
      state: absent
      acct_scheme_name: test1
      accounting_mode: hwtacacs
      hwtacas_template: test2
      provider: "{{ cli }}"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
changed boolean	always	check to see if a change was made on the device Sample: True
end_state dictionary	always	k/v pairs of aaa params after module execution Sample: {'accounting scheme': [['hwtacacs', 'test1']], 'hwtacacs template': ['huawei', 'test2']}
existing dictionary	always	k/v pairs of existing aaa server Sample: {'accounting scheme': [['hwtacacs'], ['default']], 'hwtacacs template': ['huawei']}
proposed dictionary	always	k/v pairs of parameters passed into module Sample: {'accounting_mode': 'hwtacacs', 'acct_scheme_name': 'test1', 'hwtacas_template': 'test2', 'state': 'present'}
updates list / elements=string	always	command sent to the device Sample: ['accounting-scheme test1', 'accounting-mode hwtacacs', 'hwtacacs server template test2', 'hwtacacs enable']

Authors

• wangdezhuang (@QijunPan)