Documentation

aci_contract_subject - Manage initial Contract Subjects on Cisco ACI fabrics (vz:Subj)

New in version 2.4.

Synopsis

Options

parameter required default choices comments
consumer_match
 no at_least_one
  • all
  • at_least_one
  • at_most_one
  • none
The match criteria across consumers.
The APIC defaults new Contract Subjects to at_least_one.
contract
 no
The name of the Contract.

aliases: contract_name
description
 no
Description for the contract subject.
dscp
 no unspecified
  • AF11
  • AF12
  • AF13
  • AF21
  • AF22
  • AF23
  • AF31
  • AF32
  • AF33
  • AF41
  • AF42
  • AF43
  • CS0
  • CS1
  • CS2
  • CS3
  • CS4
  • CS5
  • CS6
  • CS7
  • EF
  • VA
  • unspecified
The target DSCP.
The APIC defaults new Contract Subjects to unspecified.

aliases: target
hostname
 yes
IP Address or hostname of APIC resolvable by Ansible control host.

aliases: host
password
 yes
The password to use for authentication.
priority
 no unspecified
  • level1
  • level2
  • level3
  • unspecified
The QoS class.
The APIC defaults new Contract Subjects to unspecified.
provider_match
 no at_least_one
  • all
  • at_least_one
  • at_most_one
  • none
The match criteria across providers.
The APIC defaults new Contract Subjects to at_least_one.
reverse_filter
 no True
  • True
  • False
Determines if the APIC should reverse the src and dst ports to allow the return traffic back, since ACI is stateless filter.
The APIC defaults new Contract Subjects to yes.
state
 no present
  • absent
  • present
  • query
Use present or absent for adding or removing.
Use query for listing an object or multiple objects.
subject
 no
The contract subject name.

aliases: contract_subject, name, subject_name
tenant
 no
The name of the tenant.

aliases: tenant_name
timeout
 no 30
The socket level timeout in seconds.
use_proxy
 no yes
  • yes
  • no
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
use_ssl
 no yes
  • yes
  • no
If no, an HTTP connection will be used instead of the default HTTPS connection.
username
 yes admin
The username to use for authentication.

aliases: user
validate_certs
 no yes
  • yes
  • no
If no, SSL certificates will not be validated.
This should only set to no used on personally controlled sites using self-signed certificates.

Examples

- name: Add a new contract subject
  aci_contract_subject:
    hostname: apic
    username: admin
    password: SomeSecretPassword
    tenant: production
    contract: web_to_db
    subject: default
    description: test
    reverse_filter: yes
    priority: level1
    dscp: unspecified
    state: present

- name: Remove a contract subject
  aci_contract_subject:
    hostname: apic
    username: admin
    password: SomeSecretPassword
    tenant: production
    contract: web_to_db
    subject: default
    state: absent

- name: Query a contract subject
  aci_contract_subject:
    hostname: apic
    username: admin
    password: SomeSecretPassword
    tenant: production
    contract: web_to_db
    subject: default
    state: query

- name: Query all contract subjects
  aci_contract_subject:
    hostname: apic
    username: admin
    password: SomeSecretPassword
    state: query

Notes

Note

  • The tenant and contract used must exist before using this module in your playbook.
  • The aci_tenant and aci_contract modules can be used for this.
  • By default, if an environment variable <protocol>_proxy is set on the target host, requests will be sent through that proxy. This behaviour can be overridden by setting a variable for this task (see setting the environment), or by using the use_proxy option.
  • HTTP redirects can redirect from HTTP to HTTPS so you should be sure that your proxy environment for both protocols is correct.

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.