cisco.intersight.intersight_ipmi_over_lan_policy module – IPMI over LAN Policy configuration for Cisco Intersight

Note

This module is part of the cisco.intersight collection (version 2.3.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.intersight.

To use it in a playbook, specify: cisco.intersight.intersight_ipmi_over_lan_policy.

Synopsis

  • Manages IPMI over LAN Policy configuration on Cisco Intersight.

  • A policy to configure the IPMI over LAN settings on Cisco Intersight managed servers.

  • IPMI over LAN allows management of servers using the IPMI protocol over Ethernet networks.

  • For more information see Cisco Intersight.

Parameters

Parameter

Comments

api_key_id

string / required

Public API Key ID associated with the private key.

If not set, the value of the INTERSIGHT_API_KEY_ID environment variable is used.

api_private_key

path / required

Filename (absolute path) or string of PEM formatted private key data to be used for Intersight API authentication.

If a string is used, Ansible vault should be used to encrypt string data.

Ex. ansible-vault encrypt_string –vault-id tme@/Users/dsoper/Documents/vault_password_file ‘—–BEGIN EC PRIVATE KEY—–

<your private key data>

—–END EC PRIVATE KEY—–’

If not set, the value of the INTERSIGHT_API_PRIVATE_KEY environment variable is used.

api_uri

string

URI used to access the Intersight API.

If not set, the value of the INTERSIGHT_API_URI environment variable is used.

Default: "https://intersight.com/api/v1"

description

aliases: descr

string

The user-defined description for the IPMI over LAN Policy.

Description can contain letters(a-z, A-Z), numbers(0-9), hyphen(-), period(.), colon(:), or an underscore(_).

enabled

boolean

State of the IPMI Over LAN service on the endpoint.

Enable or disable IPMI over LAN functionality on the server.

Choices:

  • false

  • true ← (default)

encryption_key

string

The encryption key to use for IPMI communication.

It should have an even number of hexadecimal characters and not exceed 40 characters.

Use “00” to disable encryption key use.

This configuration is supported by all Standalone C-Series servers.

FI-attached C-Series servers with firmware at minimum of 4.2.3a support this configuration.

B/X-Series servers with firmware at minimum of 5.1.0.x support this configuration.

IPMI commands using this key should append zeroes to the key to achieve a length of 40 characters.

name

string / required

The name assigned to the IPMI over LAN Policy.

The name must be between 1 and 62 alphanumeric characters, allowing special characters :-_.

organization

string

The name of the Organization this resource is assigned to.

Profiles, Policies, and Pools that are created within a Custom Organization are applicable only to devices in the same Organization.

Default: "default"

privilege

string

The highest privilege level that can be assigned to an IPMI session on a server.

This configuration is supported by all Standalone C-Series servers.

FI-attached C-Series servers with firmware at minimum of 4.2.3a support this configuration.

B/X-Series servers with firmware at minimum of 5.1.0.x support this configuration.

Privilege level ‘user’ is not supported for B/X-Series servers.

Choices:

  • "admin" ← (default)

  • "user"

  • "read-only"

state

string

If present, will verify the resource is present and will create if needed.

If absent, will verify the resource is absent and will delete if needed.

Choices:

  • "present" ← (default)

  • "absent"

tags

list / elements=dictionary

List of tags in Key:<user-defined key> Value:<user-defined value> format.

use_proxy

boolean

If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.

Choices:

  • false

  • true ← (default)

validate_certs

boolean

Boolean control for verifying the api_uri TLS certificate

Choices:

  • false

  • true ← (default)

Examples

- name: Create IPMI over LAN Policy with encryption enabled
  cisco.intersight.intersight_ipmi_over_lan_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    organization: "default"
    name: "IPMI-Policy-Encrypted"
    description: "IPMI over LAN policy with encryption"
    enabled: true
    privilege: "admin"
    encryption_key: "AB2134AC"
    tags:
      - Key: "Site"
        Value: "DataCenter-A"
    state: present

- name: Create IPMI over LAN Policy with encryption disabled
  cisco.intersight.intersight_ipmi_over_lan_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    organization: "default"
    name: "IPMI-Policy-No-Encryption"
    description: "IPMI over LAN policy without encryption"
    enabled: true
    privilege: "operator"
    encryption_key: "00"
    state: present

- name: Create disabled IPMI over LAN Policy
  cisco.intersight.intersight_ipmi_over_lan_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "IPMI-Policy-Disabled"
    description: "Disabled IPMI over LAN policy"
    enabled: false
    state: present

- name: Delete IPMI over LAN Policy
  cisco.intersight.intersight_ipmi_over_lan_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "IPMI-Policy-Encrypted"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

api_response

dictionary

The API response output returned by the specified resource.

Returned: always

Sample: {"api_response": {"Enabled": true, "IsEncryptionKeySet": true, "Name": "IPMI-Policy-Encrypted", "ObjectType": "ipmioverlan.Policy", "Privilege": "admin", "Tags": [{"Key": "Site", "Value": "DataCenter-A"}]}}

Authors

  • Ron Gershburg (@rgershbu)