cisco.dnac.device_credential_workflow_manager module – Resource module for Global Device Credentials and Assigning Credentials to sites.
Note
This module is part of the cisco.dnac collection (version 6.22.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install cisco.dnac.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cisco.dnac.device_credential_workflow_manager.
New in cisco.dnac 6.7.0
Synopsis
Manage operations on Global Device Credentials, Assigning Credentials to sites and Sync Credentials to site device.
API to create global device credentials.
API to update global device credentials.
API to delete global device credentials.
API to assign the device credential to the site.
API to sync the device credential to the site. Sync functionality is applicable for Catalyst Center version 2.3.7.6 and later.
Requirements
The below requirements are needed on the host that executes this module.
dnacentersdk >= 2.7.2
python >= 3.9
Parameters
Parameter |
Comments |
|---|---|
List of details of global device credentials and site names. |
|
Sync Device Credentials to Site devices. Applicable for Catalyst Center version 2.3.7.6 and later. |
|
CLI Credential. |
|
CLI Credential Description. |
|
CLI Credential Id. Use (Description, Username) or Id. |
|
CLI Credential Username. |
|
Site Name to apply credential. |
|
SNMPv2c Read Credential |
|
SNMPv2c Read Credential Description. |
|
SNMPv2c Read Credential Id. Use Description or Id. |
|
SNMPv2c Write Credential |
|
SNMPv2c Write Credential Description. |
|
SNMPv2c Write Credential Id. Use Description or Id. |
|
snmp_v3 Credential |
|
snmp_v3 Credential Description. |
|
snmp_v3 Credential Id. Use Description or Id. |
|
Assign Device Credentials to Site. |
|
CLI Credential. |
|
CLI Credential Description. |
|
CLI Credential Id. Use (Description, Username) or Id. |
|
CLI Credential Username. |
|
HTTP(S) Read Credential |
|
HTTP(S) Read Credential Description. |
|
HTTP(S) Read Credential Id. Use (Description, Username) or Id. |
|
HTTP(S) Read Credential Username. |
|
HTTP(S) Write Credential |
|
HTTP(S) Write Credential Description. |
|
HTTP(S) Write Credential Id. Use (Description, Username) or Id. |
|
HTTP(S) Write Credential Username. |
|
Site Name to assign credential. |
|
SNMPv2c Read Credential |
|
SNMPv2c Read Credential Description. |
|
SNMPv2c Read Credential Id. Use Description or Id. |
|
SNMPv2c Write Credential |
|
SNMPv2c Write Credential Description. |
|
SNMPv2c Write Credential Id. Use Description or Id. |
|
snmp_v3 Credential |
|
snmp_v3 Credential Description. |
|
snmp_v3 Credential Id. Use Description or Id. |
|
Manages global device credentials |
|
Global Credential V2’s cliCredential. |
|
Description. Required for creating the credential. |
|
cli_credential credential Enable Password. Password cannot contain spaces or angle brackets (< >) |
|
Credential Id. Use this for updating the device credential. |
|
Old Description. Use this for updating the description/Username. |
|
Old Username. Use this for updating the description/Username. |
|
cli_credential credential Password. Required for creating/updating the credential. Password cannot contain spaces or angle brackets (< >). |
|
cli_credential credential Username. Username cannot contain spaces or angle brackets (< >). |
|
Global Credential V2’s httpsRead. |
|
Credential Id. Use this for updating the device credential. |
|
Name. Required for creating the credential. |
|
Old Description. Use this for updating the description/Username. |
|
Old Username. Use this for updating the description/Username. |
|
https_read credential Password. Required for creating/updating the credential. Password cannot contain spaces or angle brackets (< >). |
|
Port. Default port is 443. |
|
https_read credential Username. Username cannot contain spaces or angle brackets (< >). |
|
Global Credential V2’s httpsWrite. |
|
Credential Id. Use this for updating the device credential. |
|
Name. Required for creating the credential. |
|
Old Description. Use this for updating the description/Username. |
|
Old Username. Use this for updating the description/Username. |
|
https_write credential Password. Required for creating/updating the credential. Password cannot contain spaces or angle brackets (< >). |
|
Port. Default port is 443. |
|
https_write credential Username. Username cannot contain spaces or angle brackets (< >). |
|
Global Credential V2’s snmpV2cRead. |
|
Description. Required for creating the credential. |
|
Credential Id. Use this for updating the device credential. |
|
Old Description. Use this for updating the description. |
|
snmp_v2c_read Read Community. Password cannot contain spaces or angle brackets (< >). |
|
Global Credential V2’s snmpV2cWrite. |
|
Description. Required for creating the credential. |
|
Credential Id. Use this for updating the device credential. |
|
Old Description. Use this for updating the description. |
|
snmp_v2c_write Write Community. Password cannot contain spaces or angle brackets (< >). |
|
Global Credential V2’s snmpV3. |
|
snmp_v3 Auth Password. Password must contain minimum 8 characters. Password cannot contain spaces or angle brackets (< >). |
|
Auth Type. [“SHA”, “MD5”]. |
|
snmp_v3 Description. Should be unique from other snmp_v3 credentials. |
|
Credential Id. Use this for updating the device credential. |
|
Old Description. Use this for updating the description. |
|
snmp_v3 Privacy Password. Password must contain minimum 8 characters. Password cannot contain spaces or angle brackets (< >). |
|
Privacy Type. [“AES128”, “AES192”, “AES256”]. |
|
Snmp Mode. [“AUTHPRIV”, “AUTHNOPRIV”, “NOAUTHNOPRIV”]. |
|
snmp_v3 credential Username. Username cannot contain spaces or angle brackets (< >). |
|
Set to True to verify the Cisco Catalyst Center after applying the playbook config. Choices:
|
|
Defines the timeout in seconds for API calls to retrieve task details. If the task details are not received within this period, the process will end, and a timeout notification will be logged. Default: |
|
Indicates whether debugging is enabled in the Cisco Catalyst Center SDK. Choices:
|
|
The hostname of the Cisco Catalyst Center. |
|
Flag to enable/disable playbook execution logging. When true and dnac_log_file_path is provided, - Create the log file at the execution location with the specified name. When true and dnac_log_file_path is not provided, - Create the log file at the execution location with the name ‘dnac.log’. When false, - Logging is disabled. If the log file doesn’t exist, - It is created in append or write mode based on the “dnac_log_append” flag. If the log file exists, - It is overwritten or appended based on the “dnac_log_append” flag. Choices:
|
|
Determines the mode of the file. Set to True for ‘append’ mode. Set to False for ‘write’ mode. Choices:
|
|
Governs logging. Logs are recorded if dnac_log is True. If path is not specified, - When ‘dnac_log_append’ is True, ‘dnac.log’ is generated in the current Ansible directory; logs are appended. - When ‘dnac_log_append’ is False, ‘dnac.log’ is generated; logs are overwritten. If path is specified, - When ‘dnac_log_append’ is True, the file opens in append mode. - When ‘dnac_log_append’ is False, the file opens in write (w) mode. - In shared file scenarios, without append mode, content is overwritten after each module execution. - For a shared log file, set append to False for the 1st module (to overwrite); for subsequent modules, set append to True. Default: |
|
Sets the threshold for log level. Messages with a level equal to or higher than this will be logged. Levels are listed in order of severity [CRITICAL, ERROR, WARNING, INFO, DEBUG]. CRITICAL indicates serious errors halting the program. Displays only CRITICAL messages. ERROR indicates problems preventing a function. Displays ERROR and CRITICAL messages. WARNING indicates potential future issues. Displays WARNING, ERROR, CRITICAL messages. INFO tracks normal operation. Displays INFO, WARNING, ERROR, CRITICAL messages. DEBUG provides detailed diagnostic info. Displays all log messages. Default: |
|
The password for authentication at the Cisco Catalyst Center. |
|
Specifies the port number associated with the Cisco Catalyst Center. Default: |
|
Specifies the interval in seconds between successive calls to the API to retrieve task details. Default: |
|
The username for authentication at the Cisco Catalyst Center. Default: |
|
Flag to enable or disable SSL certificate verification. Choices:
|
|
Specifies the version of the Cisco Catalyst Center that the SDK should use. Default: |
|
The state of Cisco Catalyst Center after module completion. Choices:
|
|
Flag for Cisco Catalyst Center SDK to enable the validation of request bodies against a JSON schema. Choices:
|
Notes
Note
SDK Method used are discovery.Discovery.create_global_credentials_v2, discovery.Discovery.delete_global_credential_v2, discovery.Discovery.update_global_credentials_v2, network_settings.NetworkSettings.assign_device_credential_to_site_v2, network_settings.NetworkSettings.get_device_credential_settings_for_a_site, network_settings.NetworkSettings.update_device_credential_settings_for_a_site, network_settings.NetworkSettings.sync_network_devices_credential, network_settings.NetworkSettings.get_network_devices_credentials_sync_status, site.Sites.get_site_assigned_network_devices, site.Sites.get_sites
Paths used are post /dna/intent/api/v2/global-credential, delete /dna/intent/api/v2/global-credential/{id}, put /dna/intent/api/v2/global-credential, post /dna/intent/api/v2/credential-to-site/{siteId}, get /dna/intent/api/v1/sites/${id}/deviceCredentials, post /dna/intent/api/v1/sites/deviceCredentials/apply, post /dna/intent/api/v1/sites/${id}/deviceCredentials, get /dna/intent/api/v1/sites/${id}/deviceCredentials/status, get /dna/intent/api/v1/networkDevices/assignedToSite, get /dna/intent/api/v1/sites,
Does not support
check_modeThe plugin runs on the control node and does not use any ansible connection plugins instead embedded connection manager from Cisco Catalyst Center SDK
The parameters starting with dnac_ are used by the Cisco Catalyst Center Python SDK to establish the connection
See Also
See also
- Cisco Catalyst Center documentation for Discovery CreateGlobalCredentialsV2
Complete reference of the CreateGlobalCredentialsV2 API.
- Cisco Catalyst Center documentation for Discovery DeleteGlobalCredentialV2
Complete reference of the DeleteGlobalCredentialV2 API.
- Cisco Catalyst Center documentation for Discovery UpdateGlobalCredentialsV2
Complete reference of the UpdateGlobalCredentialsV2 API.
- Cisco Catalyst Center documentation for Network Settings AssignDeviceCredentialToSiteV2
Complete reference of the AssignDeviceCredentialToSiteV2 API.
- Cisco Catalyst Center documentation for Network Settings updateDeviceCredentialSettingsForASite_
Complete reference of the updateDeviceCredentialSettingsForASite API.
- Cisco Catalyst Center documentation for Network Settings syncNetworkDevicesCredential
Complete reference of the syncNetworkDevicesCredential API.
Examples
---
- name: Create Credentials and assign it to a site.
cisco.dnac.device_credential_workflow_manager:
dnac_host: "{{ dnac_host }}"
dnac_port: "{{ dnac_port }}"
dnac_username: "{{ dnac_username }}"
dnac_password: "{{ dnac_password }}"
dnac_verify: "{{ dnac_verify }}"
dnac_debug: "{{ dnac_debug }}"
dnac_log: True
dnac_log_level: "{{ dnac_log_level }}"
state: merged
config_verify: True
config:
- global_credential_details:
cli_credential:
- description: CLI1
username: cli1
password: '12345'
enable_password: '12345'
snmp_v2c_read:
- description: SNMPv2c Read1
read_community: '123456'
snmp_v2c_write:
- description: SNMPv2c Write1
write_community: '123456'
snmp_v3:
- auth_password: '12345678'
auth_type: SHA
snmp_mode: AUTHPRIV
privacy_password: '12345678'
privacy_type: AES128
username: snmpV31
description: snmpV31
https_read:
- description: HTTP Read1
username: HTTP Read1
password: '12345'
port: 443
https_write:
- description: HTTP Write1
username: HTTP Write1
password: '12345'
port: 443
assign_credentials_to_site:
Sync: True
cli_credential:
description: CLI6
username: cli6
snmp_v2c_read:
description: SNMPv2c Read1
snmp_v2c_write:
description: SNMPv2c Write1
snmp_v3:
description: snmpV31
https_read:
description: HTTP Read1
username: HTTP_Read1
https_write:
description: HTTP Write1
username: HTTP_Write1
site_name:
- Global/USA
- name: Create Multiple Credentials.
cisco.dnac.device_credential_workflow_manager:
dnac_host: "{{ dnac_host }}"
dnac_port: "{{ dnac_port }}"
dnac_username: "{{ dnac_username }}"
dnac_password: "{{ dnac_password }}"
dnac_verify: "{{ dnac_verify }}"
dnac_debug: "{{ dnac_debug }}"
dnac_log: True
dnac_log_level: "{{ dnac_log_level }}"
state: merged
config_verify: True
config:
- global_credential_details:
cli_credential:
- description: CLI1
username: cli1
password: '12345'
enable_password: '12345'
- description: CLI2
username: cli2
password: '12345'
enable_password: '12345'
snmp_v2c_read:
- description: SNMPv2c Read1
read_community: '123456'
- description: SNMPv2c Read2
read_community: '123456'
snmp_v2c_write:
- description: SNMPv2c Write1
write_community: '123456'
- description: SNMPv2c Write2
write_community: '123456'
snmp_v3:
- auth_password: '12345678'
auth_type: SHA
snmp_mode: AUTHPRIV
privacy_password: '12345678'
privacy_type: AES128
username: snmpV31
description: snmpV31
- auth_password: '12345678'
auth_type: SHA
snmp_mode: AUTHPRIV
privacy_password: '12345678'
privacy_type: AES128
username: snmp
description: snmp
https_read:
- description: HTTP Read1
username: HTTP Read1
password: '12345'
port: 443
- description: HTTP Read2
username: HTTP Read2
password: '12345'
port: 443
https_write:
- description: HTTP Write1
username: HTTP Write1
password: '12345'
port: 443
- description: HTTP Write2
username: HTTP Write2
password: '12345'
port: 443
- name: Update global device credentials
cisco.dnac.device_credential_workflow_manager:
dnac_host: "{{ dnac_host }}"
dnac_port: "{{ dnac_port }}"
dnac_username: "{{ dnac_username }}"
dnac_password: "{{ dnac_password }}"
dnac_verify: "{{ dnac_verify }}"
dnac_debug: "{{ dnac_debug }}"
dnac_log: True
dnac_log_level: "{{ dnac_log_level }}"
state: merged
config_verify: True
config:
- global_credential_details:
cli_credential:
- description: CLI1
username: cli1
password: '12345'
enable_password: '12345'
snmp_v2c_read:
- description: SNMPv2c Read1
read_community: '123456'
snmp_v2c_write:
- description: SNMPv2c Write1
write_community: '123456'
snmp_v3:
- auth_password: '12345678'
auth_type: SHA
snmp_mode: AUTHPRIV
privacy_password: '12345678'
privacy_type: AES128
username: snmpV31
description: snmpV31
https_read:
- description: HTTP Read1
username: HTTP Read1
password: '12345'
port: 443
https_write:
- description: HTTP_Write1
username: HTTP_Write1
password: '12345'
port: 443
- name: Update multiple global device credentials
cisco.dnac.device_credential_workflow_manager:
dnac_host: "{{ dnac_host }}"
dnac_port: "{{ dnac_port }}"
dnac_username: "{{ dnac_username }}"
dnac_password: "{{ dnac_password }}"
dnac_verify: "{{ dnac_verify }}"
dnac_debug: "{{ dnac_debug }}"
dnac_log: True
dnac_log_level: "{{ dnac_log_level }}"
state: merged
config_verify: True
config:
- global_credential_details:
cli_credential:
- description: CLI1
username: cli1
password: '12345'
enable_password: '12345'
- description: CLI2
username: cli2
password: '12345'
enable_password: '12345'
snmp_v2c_read:
- description: SNMPv2c Read1
read_community: '123456'
- description: SNMPv2c Read2
read_community: '123458'
snmp_v2c_write:
- description: SNMPv2c write1
write_community: '123456'
- description: SNMPv2c Write1
write_community: '123466'
snmp_v3:
- auth_password: '12345678'
auth_type: SHA
snmp_mode: AUTHPRIV
privacy_password: '12345678'
privacy_type: AES128
username: snmpV31
description: snmpV31
- auth_password: '12345678'
auth_type: SHA
snmp_mode: AUTHPRIV
privacy_password: '12345644'
privacy_type: AES128
username: snmpV32
description: snmpV32
https_read:
- description: HTTP Read1
username: HTTP Read1
password: '12345'
port: 443
- description: HTTP Read2
username: HTTP Read2
password: '12345'
port: 443
https_write:
- description: HTTP_Write1
username: HTTP_Write1
password: '12345'
port: 443
- description: HTTP_Write2
username: HTTP_Write2
password: '12345'
port: 443
- name: Update global device credential name/description using old name and description.
cisco.dnac.device_credential_workflow_manager:
dnac_host: "{{ dnac_host }}"
dnac_port: "{{ dnac_port }}"
dnac_username: "{{ dnac_username }}"
dnac_password: "{{ dnac_password }}"
dnac_verify: "{{ dnac_verify }}"
dnac_debug: "{{ dnac_debug }}"
dnac_log: True
dnac_log_level: "{{ dnac_log_level }}"
state: merged
config_verify: True
config:
- global_credential_details:
cli_credential:
- description: CLI1
username: cli1
password: '12345'
enable_password: '12345'
old_description: CLI
old_username: cli
snmp_v2c_read:
- description: SNMPv2c Read1
read_community: '123456'
old_description: SNMPv2c Read
snmp_v2c_write:
- description: SNMPv2c write1
write_community: '123456'
old_description: SNMPv2c write
snmp_v3:
- auth_password: '12345678'
auth_type: SHA
snmp_mode: AUTHPRIV
privacy_password: '12345678'
privacy_type: AES128
username: snmpV31
description: snmpV31
old_description: snmp
https_read:
- description: HTTP Read1
username: HTTP Read1
password: '12345'
port: 443
old_description: HTTP Read
old_username: HTTP Read
https_write:
- description: HTTP_Write1
username: HTTP_Write1
password: '12345'
port: 443
old_description: HTTP_Write
old_username: HTTP_Write
- name: Assign Credentials to sites using old description and username.
cisco.dnac.device_credential_workflow_manager:
dnac_host: "{{ dnac_host }}"
dnac_port: "{{ dnac_port }}"
dnac_username: "{{ dnac_username }}"
dnac_password: "{{ dnac_password }}"
dnac_verify: "{{ dnac_verify }}"
dnac_debug: "{{ dnac_debug }}"
dnac_log: True
dnac_log_level: "{{ dnac_log_level }}"
state: merged
config_verify: True
config:
- assign_credentials_to_site:
cli_credential:
description: CLI6
username: cli6
snmp_v2c_read:
description: SNMPv2c Read1
snmp_v2c_write:
description: SNMPv2c Write1
snmp_v3:
description: snmpV31
https_read:
description: HTTP Read1
username: HTTP_Read1
https_write:
description: HTTP Write1
username: HTTP_Write1
site_name:
- Global/USA
- name: Sync global device credentials to a site.
cisco.dnac.device_credential_workflow_manager:
dnac_host: "{{ dnac_host }}"
dnac_port: "{{ dnac_port }}"
dnac_username: "{{ dnac_username }}"
dnac_password: "{{ dnac_password }}"
dnac_verify: "{{ dnac_verify }}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{ dnac_debug }}"
dnac_log_level: "{{ dnac_log_level }}"
dnac_log: True
state: merged
config_verify: True
config:
- apply_credentials_to_site:
cli_credential:
description: CLI5
username: cli5
snmp_v2c_read:
description: SNMPv2c Read2
snmp_v2c_write:
description: SNMPv2c Write1
snmp_v3:
description: snmp
site_name:
- Global/Vietnam/halong/Hanoi
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
A dictionary or list with the response returned by the Cisco Catalyst Center Python SDK Returned: always Sample: |
|
A dictionary or list with the response returned by the Cisco Catalyst Center Python SDK Returned: always Sample: |