community.network.ce_aaa_server – Manages AAA server global configuration on HUAWEI CloudEngine switches.

Note

This plugin is part of the community.network collection (version 2.1.1).

To install it use: ansible-galaxy collection install community.network.

To use it in a playbook, specify: community.network.ce_aaa_server.

Synopsis

  • Manages AAA server global configuration on HUAWEI CloudEngine switches.

Parameters

Parameter Choices/Defaults Comments
accounting_mode
string
    Choices:
  • invalid
  • hwtacacs
  • radius
  • none ←
Accounting Mode.
acct_scheme_name
string
Accounting scheme name. The value is a string of 1 to 32 characters.
authen_scheme_name
string
Name of an authentication scheme. The value is a string of 1 to 32 characters.
author_scheme_name
string
Name of an authorization scheme. The value is a string of 1 to 32 characters.
domain_name
string
Name of a domain. The value is a string of 1 to 64 characters.
first_authen_mode
string
    Choices:
  • invalid
  • local ←
  • hwtacacs
  • radius
  • none
Preferred authentication mode.
first_author_mode
string
    Choices:
  • invalid
  • local ←
  • hwtacacs
  • if-authenticated
  • none
Preferred authorization mode.
hwtacas_template
string
Name of a HWTACACS template. The value is a string of 1 to 32 case-insensitive characters.
local_user_group
string
Name of the user group where the user belongs. The user inherits all the rights of the user group. The value is a string of 1 to 32 characters.
radius_server_group
string
RADIUS server group's name. The value is a string of 1 to 32 case-insensitive characters.
state
string
    Choices:
  • absent
  • present ←
Specify desired state of the resource.

Notes

Note

  • This module requires the netconf system service be enabled on the remote device being managed.

  • Recommended connection is netconf.

  • This module also works with local connections for legacy playbooks.

Examples

- name: AAA server test
  hosts: cloudengine
  connection: local
  gather_facts: no
  vars:
    cli:
      host: "{{ inventory_hostname }}"
      port: "{{ ansible_ssh_port }}"
      username: "{{ username }}"
      password: "{{ password }}"
      transport: cli

  tasks:

  - name: "Radius authentication Server Basic settings"
    community.network.ce_aaa_server:
      state: present
      authen_scheme_name: test1
      first_authen_mode: radius
      radius_server_group: test2
      provider: "{{ cli }}"

  - name: "Undo radius authentication Server Basic settings"
    community.network.ce_aaa_server:
      state: absent
      authen_scheme_name: test1
      first_authen_mode: radius
      radius_server_group: test2
      provider: "{{ cli }}"

  - name: "Hwtacacs accounting Server Basic settings"
    community.network.ce_aaa_server:
      state: present
      acct_scheme_name: test1
      accounting_mode: hwtacacs
      hwtacas_template: test2
      provider: "{{ cli }}"

  - name: "Undo hwtacacs accounting Server Basic settings"
    community.network.ce_aaa_server:
      state: absent
      acct_scheme_name: test1
      accounting_mode: hwtacacs
      hwtacas_template: test2
      provider: "{{ cli }}"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
changed
boolean
always
check to see if a change was made on the device

Sample:
True
end_state
dictionary
always
k/v pairs of aaa params after module execution

Sample:
{'accounting scheme': [['hwtacacs', 'test1']], 'hwtacacs template': ['huawei', 'test2']}
existing
dictionary
always
k/v pairs of existing aaa server

Sample:
{'accounting scheme': [['hwtacacs'], ['default']], 'hwtacacs template': ['huawei']}
proposed
dictionary
always
k/v pairs of parameters passed into module

Sample:
{'accounting_mode': 'hwtacacs', 'acct_scheme_name': 'test1', 'hwtacas_template': 'test2', 'state': 'present'}
updates
list / elements=string
always
command sent to the device

Sample:
['accounting-scheme test1', 'accounting-mode hwtacacs', 'hwtacacs server template test2', 'hwtacacs enable']


Authors

  • wangdezhuang (@QijunPan)