cisco.asa.asa cliconf – Use asa cliconf to run command on Cisco ASA platform


This cliconf plugin is part of the cisco.asa collection (version 3.0.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.asa.

To use it in a playbook, specify: cisco.asa.asa.

New in version 1.0.0: of cisco.asa


  • This asa plugin provides low level abstraction apis for sending and receiving CLI commands from Cisco ASA network devices.





list / elements=string

added in 2.0.0 of cisco.asa

Specifies a list of commands that can make configuration changes to the target device.

When ansible_network_single_user_mode is enabled, if a command sent to the device is present in this list, the existing cache is invalidated.

Default: []


  • Variable: ansible_asa_config_commands


  • Ansible Security Team (@ansible-security)


Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.