dellemc.openmanage.ome_configuration_compliance_info module – Device compliance report for devices managed in OpenManage Enterprise

Note

This module is part of the dellemc.openmanage collection (version 5.4.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install dellemc.openmanage.

To use it in a playbook, specify: dellemc.openmanage.ome_configuration_compliance_info.

New in version 3.2.0: of dellemc.openmanage

Synopsis

  • This module allows the generation of a compliance report of a specific or all of devices in a configuration compliance baseline.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 3.8.6

Parameters

Parameter

Comments

baseline

string / required

The name of the created baseline.

A compliance report is generated even when the template is not associated with the baseline.

ca_path

path

added in 5.0.0 of dellemc.openmanage

The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for the validation.

device_id

integer

The ID of the target device which is associated with the baseline.

device_service_tag

string

The device service tag of the target device associated with the baseline.

device_service_tag is mutually exclusive with device_id.

hostname

string / required

OpenManage Enterprise IP address or hostname.

password

string / required

OpenManage Enterprise password.

port

integer

OpenManage Enterprise HTTPS port.

Default: 443

timeout

integer

added in 5.0.0 of dellemc.openmanage

The socket level timeout in seconds.

Default: 30

username

string / required

OpenManage Enterprise username.

validate_certs

boolean

added in 5.0.0 of dellemc.openmanage

If False, the SSL certificates will not be validated.

Configure False only on personally controlled sites where self-signed certificates are used.

Prior to collection version 5.0.0, the validate_certs is False by default.

Choices:

  • no

  • yes ← (default)

Notes

Note

  • Run this module from a system that has direct access to DellEMC OpenManage Enterprise.

  • This module supports check_mode.

Examples

---
- name: Retrieve the compliance report of all of the devices in the specified configuration compliance baseline.
  dellemc.openmanage.ome_configuration_compliance_info:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    baseline: baseline_name

- name: Retrieve the compliance report for a specific device associated with the baseline using the device ID.
  dellemc.openmanage.ome_configuration_compliance_info:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    baseline: baseline_name
    device_id: 10001

- name: Retrieve the compliance report for a specific device associated with the baseline using the device service tag.
  dellemc.openmanage.ome_configuration_compliance_info:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    baseline: baseline_name
    device_service_tag: 2HFGH3

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

compliance_info

dictionary

Returns the compliance report information.

Returned: success

Sample: [{“ComplianceAttributeGroups”: [{“Attributes”: [], “ComplianceReason”: “One or more attributes on the target device(s) does not match the compliance template.”, “ComplianceStatus”: 2, “ComplianceSubAttributeGroups”: [{“Attributes”: [{“AttributeId”: 75369, “ComplianceReason”: “Attribute has different value from template”, “ComplianceStatus”: 3, “CustomId”: 0, “Description”: null, “DisplayName”: “Workload Profile”, “ExpectedValue”: “HpcProfile”, “Value”: “NotAvailable”}], “ComplianceReason”: “One or more attributes on the target device(s) does not match the compliance template.”, “ComplianceStatus”: 2, “ComplianceSubAttributeGroups”: [], “DisplayName”: “System Profile Settings”, “GroupNameId”: 1}], “DisplayName”: “BIOS”, “GroupNameId”: 1}], “ComplianceStatus”: “NONCOMPLIANT”, “DeviceName”: “WIN-PLOV8MPIP40”, “DeviceType”: 1000, “Id”: 25011, “InventoryTime”: “2021-03-18 00:01:57.809771”, “Model”: “PowerEdge R7525”, “ServiceTag”: “JHMBX53”}]

error_info

dictionary

Details of the HTTP Error.

Returned: on HTTP error

Sample: {“error”: {“@Message.ExtendedInfo”: [{“Message”: “Unable to process the request because an error occurred.”, “MessageArgs”: [], “MessageId”: “GEN1234”, “RelatedProperties”: [], “Resolution”: “Retry the operation. If the issue persists, contact your system administrator.”, “Severity”: “Critical”}], “code”: “Base.1.0.GeneralError”, “message”: “A general error has occurred. See ExtendedInfo for more information.”}}

msg

string

Over all compliance report status.

Returned: on error

Sample: “Unable to complete the operation because the entered target baseline name \u0027baseline\u0027 is invalid.”

Authors

  • Felix Stephen A (@felixs88)