cisco.asa.asa_og – (deprecated, removed after 2022-06-01) Manage object groups on a Cisco ASA

Note

This plugin is part of the cisco.asa collection (version 2.1.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.asa.

To use it in a playbook, specify: cisco.asa.asa_og.

New in version 1.0.0: of cisco.asa

DEPRECATED

Removed in

major release after 2022-06-01

Why

Newer and updated modules released with more functionality in Ansible 2.10

Alternative

asa_ogs

Synopsis

  • This module allows you to create and update object-group network/service on Cisco ASA device.

Note

This module has a corresponding action plugin.

Parameters

Parameter Choices/Defaults Comments
description
string
The description for the object-group.
group_object
list / elements=string
The group-object for network object-group.
group_type
string / required
    Choices:
  • network-object
  • service-object
  • port-object
The object group type.
host_ip
list / elements=string
The host IP address for object-group network.
ip_mask
list / elements=string
The IP address and mask for network object-group.
name
string / required
Name of the object group.
port_eq
list / elements=string
The single port for port-object.
port_range
list / elements=string
The port range for port-object.
protocol
string
    Choices:
  • udp
  • tcp
  • tcp-udp
The protocol for object-group service with port-object.
service_cfg
list / elements=string
The service-object configuration protocol, direction, range or port.
state
string
    Choices:
  • present ←
  • absent
  • replace
Manage the state of the resource.

Examples

- name: configure network object-group
  cisco.asa.asa_og:
    name: ansible_test_0
    group_type: network-object
    state: present
    description: ansible_test object-group description
    host_ip:
    - 8.8.8.8
    - 8.8.4.4
    ip_mask:
    - 10.0.0.0 255.255.255.0
    - 192.168.0.0 255.255.0.0
    group_object:
    - awx_lon
    - awx_ams

- name: configure port-object object-group
  cisco.asa.asa_og:
    name: ansible_test_1
    group_type: port-object
    state: replace
    description: ansible_test object-group description
    protocol: tcp-udp
    port_eq:
    - 1025
    - kerberos
    port_range:
    - 1025 5201
    - 0 1024

- name: configure service-object object-group
  cisco.asa.asa_og:
    name: ansible_test_2
    group_type: service-object
    state: absent
    description: ansible_test object-group description
    service_cfg:
    - tcp destination eq 8080
    - tcp destination eq www

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
commands
list / elements=string
always
command sent to the device

Sample:
['object-group network ansible_test_0', 'description ansible_test object-group description', 'network-object host 8.8.8.8', 'network-object host 8.8.4.4', 'network-object 10.0.0.0 255.255.255.0', 'network-object 192.168.0.0 255.255.0.0', 'network-object 192.168.0.0 255.255.0.0', 'group-object awx_lon', 'group-object awx_ams']


Status

  • This module will be removed in a major release after 2022-06-01. [deprecated]

  • For more information see DEPRECATED.

Authors

  • Federico Olivieri (@Federico87)