cisco.dnac.sda_extranet_policies_workflow_manager module – SDA Extranet Policies Module provides functionality for managing SD-Access Extranet Policies in Cisco Catalyst Center.
Note
This module is part of the cisco.dnac collection (version 6.25.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install cisco.dnac
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cisco.dnac.sda_extranet_policies_workflow_manager
.
New in cisco.dnac 6.17.0
Synopsis
Manage SD-Access Extranet Policy operations such as create, update, or delete extranet policies in Cisco Catalyst Center.
API to create a new extranet policy.
API to update an existing or edit an existing extranet policy.
API for deletion of an existing extranet policy using the policy name.
Requirements
The below requirements are needed on the host that executes this module.
dnacentersdk == 2.7.0
python >= 3.9
Parameters
Parameter |
Comments |
---|---|
List of Extranet Policy Details for Creating, Updating, or Deleting Operations. |
|
Name of the SDA Extranet Policy. Used to create, update, or delete the policy. Required for all operations (create, update, delete). Cannot be modified once set. |
|
Specifies the Fabric Site(s) where this Extranet Policy will be applied. The Provider Virtual Network must already be added to a Fabric Site before applying the policy. Updating this field is allowed, but once an extranet policy is applied to a site, it cannot be removed. Fabric Site(s) connected to the same SD-Access Transit must have consistent Extranet Policies. Selecting a Fabric Site connected to an SD-Access Transit will automatically select all other Sites connected to that Transit. Example - [“Global/USA/San Jose/Building23”, “Global/India/Bangalore/Building18”] |
|
Specifies the Provider Virtual Network containing shared services resources that subscribers need to access. If a virtual network is already defined as a Provider, it cannot be assigned as a provider again. Ensure the default route is present in the Global Routing Table if INFRA_VN is defined as the Provider. For Subscriber Virtual Networks with multiple Providers having overlapping routes, traffic will be load-balanced across those Provider Virtual Networks. Required for creating or updating the policy. Updating this field is not allowed. |
|
Specifies a list of Subscriber Virtual Networks that require access to the Provider Virtual Network containing shared services resources. A Virtual Network previously defined as a Provider cannot be selected as a subscriber. Required for creating or updating the policy. Can be modified. Example - [“VN_2”, “VN_4”] |
|
Set to True to verify the Cisco Catalyst Center config after applying the playbook config. Choices:
|
|
Defines the timeout in seconds for API calls to retrieve task details. If the task details are not received within this period, the process will end, and a timeout notification will be logged. Default: |
|
Indicates whether debugging is enabled in the Cisco Catalyst Center SDK. Choices:
|
|
The hostname of the Cisco Catalyst Center. |
|
Flag to enable/disable playbook execution logging. When true and dnac_log_file_path is provided, - Create the log file at the execution location with the specified name. When true and dnac_log_file_path is not provided, - Create the log file at the execution location with the name ‘dnac.log’. When false, - Logging is disabled. If the log file doesn’t exist, - It is created in append or write mode based on the “dnac_log_append” flag. If the log file exists, - It is overwritten or appended based on the “dnac_log_append” flag. Choices:
|
|
Determines the mode of the file. Set to True for ‘append’ mode. Set to False for ‘write’ mode. Choices:
|
|
Governs logging. Logs are recorded if dnac_log is True. If path is not specified, - When ‘dnac_log_append’ is True, ‘dnac.log’ is generated in the current Ansible directory; logs are appended. - When ‘dnac_log_append’ is False, ‘dnac.log’ is generated; logs are overwritten. If path is specified, - When ‘dnac_log_append’ is True, the file opens in append mode. - When ‘dnac_log_append’ is False, the file opens in write (w) mode. - In shared file scenarios, without append mode, content is overwritten after each module execution. - For a shared log file, set append to False for the 1st module (to overwrite); for subsequent modules, set append to True. Default: |
|
Sets the threshold for log level. Messages with a level equal to or higher than this will be logged. Levels are listed in order of severity [CRITICAL, ERROR, WARNING, INFO, DEBUG]. CRITICAL indicates serious errors halting the program. Displays only CRITICAL messages. ERROR indicates problems preventing a function. Displays ERROR and CRITICAL messages. WARNING indicates potential future issues. Displays WARNING, ERROR, CRITICAL messages. INFO tracks normal operation. Displays INFO, WARNING, ERROR, CRITICAL messages. DEBUG provides detailed diagnostic info. Displays all log messages. Default: |
|
The password for authentication at the Cisco Catalyst Center. |
|
Specifies the port number associated with the Cisco Catalyst Center. Default: |
|
Specifies the interval in seconds between successive calls to the API to retrieve task details. Default: |
|
The username for authentication at the Cisco Catalyst Center. Default: |
|
Flag to enable or disable SSL certificate verification. Choices:
|
|
Specifies the version of the Cisco Catalyst Center that the SDK should use. Default: |
|
State of Cisco Catalyst Center after module completion. Choices:
|
|
Flag for Cisco Catalyst Center SDK to enable the validation of request bodies against a JSON schema. Choices:
|
Notes
Note
SDK Methods used are sites.Sites.get_site sda.SDA.get_fabric_sites sda.SDA.get_extranet_policies sda.SDA.add_extranet_policy sda.SDA.update_extranet_policy sda.SDA.delete_extranet_policy_by_id task.Task.get_task_by_id
Paths used are get /dna/intent/api/v1/site get /dna/intent/api/v1/sda/fabricSites get /dna/intent/api/v1/sda/extranetPolicies post /dna/intent/api/v1/sda/extranetPolicies put /dna/intent/api/v1/sda/extranetPolicies delete dna/intent/api/v1/sda/extranetPolicies/${id} get /dna/intent/api/v1/task/{taskId}
Does not support
check_mode
The plugin runs on the control node and does not use any ansible connection plugins instead embedded connection manager from Cisco Catalyst Center SDK
The parameters starting with dnac_ are used by the Cisco Catalyst Center Python SDK to establish the connection
Examples
- name: Create Extranet Policy
cisco.dnac.sda_extranet_policies_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log_level: "{{dnac_log_level}}"
dnac_log: true
state: merged
config:
- extranet_policy_name: "test_extranet_policy_1"
provider_virtual_network: "VN_1"
subscriber_virtual_networks: ["VN_2", "VN_3"]
- name: Create Extranet Policy with Fabric Site(s) specified
cisco.dnac.sda_extranet_policies_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log_level: "{{dnac_log_level}}"
dnac_log: true
state: merged
config:
- extranet_policy_name: "test_extranet_policy_1"
provider_virtual_network: "VN_1"
subscriber_virtual_networks: ["VN_2", "VN_3"]
fabric_sites: ["Global/Test_Extranet_Polcies/USA", "Global/Test_Extranet_Polcies/India"]
- name: Update existing Extranet Policy
cisco.dnac.sda_extranet_policies_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log_level: "{{dnac_log_level}}"
dnac_log: true
state: merged
config:
- extranet_policy_name: "test_extranet_policy_1"
provider_virtual_network: "VN_1"
subscriber_virtual_networks: ["VN_2", "VN_4"]
- name: Update existing Extranet Policy with Fabric Site(s) specified
cisco.dnac.sda_extranet_policies_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log_level: "{{dnac_log_level}}"
dnac_log: true
state: merged
config:
- extranet_policy_name: "test_extranet_policy_1"
fabric_sites: ["Global/Test_Extranet_Polcies/USA", "Global/Test_Extranet_Polcies/India"]
provider_virtual_network: "VN_1"
subscriber_virtual_networks: ["VN_2", "VN_4"]
- name: Delete Extranet Policy
cisco.dnac.sda_extranet_policies_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log_level: "{{dnac_log_level}}"
dnac_log: true
state: deleted
config:
- extranet_policy_name: "test_extranet_policy_1"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
A dictionary with the response returned by the Cisco Catalyst Center Python SDK Returned: always Sample: |
|
A dictionary with the response returned by the Cisco Catalyst Center Python SDK Returned: always Sample: |