community.network.ce_acl_interface – Manages applying ACLs to interfaces on HUAWEI CloudEngine switches.
Note
This plugin is part of the community.network collection (version 3.0.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.network
.
To use it in a playbook, specify: community.network.ce_acl_interface
.
Parameters
Parameter |
Comments |
---|---|
ACL number or name. For a numbered rule group, the value ranging from 2000 to 4999. For a named rule group, the value is a string of 1 to 32 case-sensitive characters starting with a letter, spaces not supported. |
|
Direction ACL to be applied in on the interface. Choices:
|
|
Interface name. Only support interface full name, such as “40GE2/0/1”. |
|
Determines whether the config should be present or not on the device. Choices:
|
Notes
Note
Recommended connection is
network_cli
.This module also works with
local
connections for legacy playbooks.
Examples
- name: CloudEngine acl interface test
hosts: cloudengine
connection: local
gather_facts: no
vars:
cli:
host: "{{ inventory_hostname }}"
port: "{{ ansible_ssh_port }}"
username: "{{ username }}"
password: "{{ password }}"
transport: cli
tasks:
- name: "Apply acl to interface"
community.network.ce_acl_interface:
state: present
acl_name: 2000
interface: 40GE1/0/1
direction: outbound
provider: "{{ cli }}"
- name: "Undo acl from interface"
community.network.ce_acl_interface:
state: absent
acl_name: 2000
interface: 40GE1/0/1
direction: outbound
provider: "{{ cli }}"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
check to see if a change was made on the device Returned: always Sample: true |
|
k/v pairs of aaa params after module execution Returned: always Sample: {“acl interface”: [“traffic-filter acl lb inbound”, “traffic-filter acl 2000 outbound”]} |
|
k/v pairs of existing aaa server Returned: always Sample: {“acl interface”: “traffic-filter acl lb inbound”} |
|
k/v pairs of parameters passed into module Returned: always Sample: {“acl_name”: “2000”, “direction”: “outbound”, “interface”: “40GE2/0/1”, “state”: “present”} |
|
command sent to the device Returned: always Sample: [“interface 40ge2/0/1”, “traffic-filter acl 2000 outbound”] |
Authors
wangdezhuang (@QijunPan)