cisco.intersight.intersight_imc_access_policy module – IMC Access Policy configuration for Cisco Intersight

Note

This module is part of the cisco.intersight collection (version 2.19.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.intersight.

To use it in a playbook, specify: cisco.intersight.intersight_imc_access_policy.

Synopsis

  • IMC Access Policy configuration for Cisco Intersight.

  • Used to configure IP addresses and VLAN used for external connectivity to Cisco IMC.

  • For more information see Cisco Intersight.

Parameters

Parameter

Comments

api_bearer_token

string

Bearer token for OAuth2 authentication with the Intersight API.

When provided, api_key_id and api_private_key are not required and the cryptography Python library is not needed.

If not set, the value of the INTERSIGHT_API_BEARER_TOKEN environment variable is used.

api_key_id

string

Public API Key ID associated with the private key.

If not set, the value of the INTERSIGHT_API_KEY_ID environment variable is used.

Required if api_bearer_token is not provided.

api_private_key

path

Filename (absolute path) or string of PEM formatted private key data to be used for Intersight API authentication.

If a string is used, Ansible vault should be used to encrypt string data.

Ex. ansible-vault encrypt_string --vault-id tme@/Users/dsoper/Documents/vault_password_file ‘-----BEGIN EC PRIVATE KEY-----

<your private key data>

-----END EC PRIVATE KEY-----’

If not set, the value of the INTERSIGHT_API_PRIVATE_KEY environment variable is used.

Required if api_bearer_token is not provided.

api_uri

string

URI used to access the Intersight API.

If not set, the value of the INTERSIGHT_API_URI environment variable is used.

Default: "https://intersight.com/api/v1"

description

aliases: descr

string

The user-defined description of the IMC access policy.

Description can contain letters(a-z, A-Z), numbers(0-9), hyphen(-), period(.), colon(:), or an underscore(_).

ip_pool

any

IP Pool used to assign IP address and other required network settings.

Required when state=present.

May be provided as a string pool name in the same organization as the policy.

May also be provided as a dictionary with name and optional organization.

Dictionary field name is the name of the IP Pool used to assign IP address and other required network settings.

Dictionary field organization is the name of the Organization that owns the IP Pool.

Dictionary field organization defaults to the value of organization when omitted.

Set dictionary field organization when the IMC Access Policy should consume an IP Pool from a different Organization.

name

string / required

The name assigned to the IMC Access Policy.

The name must be between 1 and 64 alphanumeric characters, allowing special characters :-_.

organization

string

The name of the Organization this resource is assigned to.

Profiles and Policies that are created within a Custom Organization are applicable only to devices in the same Organization.

Default: "default"

out_of_band

boolean

If true, will enable Out-Of-Band configuration.

If false, will enable In-Band configuration.

Choices:

  • false ← (default)

  • true

state

string

If present, will verify the resource is present and will create if needed.

If absent, will verify the resource is absent and will delete if needed.

Choices:

  • "present" ← (default)

  • "absent"

tags

list / elements=dictionary

List of tags in Key:<user-defined key> Value:<user-defined value> format.

use_proxy

boolean

If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.

Choices:

  • false

  • true ← (default)

validate_certs

boolean

Boolean control for verifying the api_uri TLS certificate

Choices:

  • false

  • true ← (default)

vlan_id

integer

VLAN to be used for server access over Inband network.

Required if out_of_band is false.

Examples

- name: Configure IMC Access policy
  intersight_imc_access_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: sjc02-d23-access
    description: IMC access for SJC02 rack D23
    tags:
      - Site: D23
    vlan_id: 131
    ip_pool: sjc02-d23-ext-mgmt

- name: Configure IMC Access policy using dictionary form for ip_pool
  intersight_imc_access_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: sjc02-d23-access
    vlan_id: 131
    ip_pool:
      name: sjc02-d23-ext-mgmt

- name: Configure IMC Access policy with IP pool from another organization
  intersight_imc_access_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    organization: policy-org
    name: sjc02-d23-access
    vlan_id: 131
    ip_pool:
      name: shared-ext-mgmt
      organization: shared-org

- name: Delete IMC Access policy
  intersight_imc_access_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: sjc02-d23-access
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

api_response

dictionary

The API response output returned by the specified resource.

Returned: always

Sample: {"api_response": {"Name": "sjc02-d23-access", "ObjectType": "access.Policy", "Profiles": [{"Moid": "5e4ec7ae77696e2d30840cfc", "ObjectType": "server.Profile"}, {"Moid": "5e84d78777696e2d302ec195", "ObjectType": "server.Profile"}], "Tags": [{"Key": "Site", "Value": "SJC02"}]}}

Authors

  • David Soper (@dsoper2)