graphiant.naas.graphiant_macsec_info module – Query MACsec monitoring status on Edge/Gateway devices

Note

This module is part of the graphiant.naas collection (version 26.5.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install graphiant.naas. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: graphiant.naas.graphiant_macsec_info.

New in graphiant.naas 26.5.0

Synopsis

  • Returns MACsec monitoring status per interface from GET /v2/monitoring/macsec/{device_id}/status.

  • Status values include MACSEC_STATUS_SECURE and MACSEC_STATUS_UNSECURE.

  • Read-only; never modifies device configuration.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 3.7

  • graphiant-sdk >= 26.5.0

Parameters

Parameter

Comments

access_token

string

Bearer token for API authentication (for example, from graphiant login, which opens a browser for sign-in (SSO or non-SSO) and retrieves the token).

If not passed as a module argument, the collection reads GRAPHIANT_ACCESS_TOKEN (set after graphiant login when you source ~/.graphiant/env.sh).

When a bearer token is present (module argument or environment), it takes precedence over username and password.

If no valid token is available, the module authenticates with username and password when both are supplied.

detailed_logs

boolean

Enable detailed logging in the task result message.

Choices:

  • false ← (default)

  • true

device

string / required

Portal device hostname for get_device_id.

host

aliases: base_url

string / required

Graphiant portal host URL for API connectivity.

Example: “https://api.graphiant.com

interface

string

Optional main interface name to filter results (e.g. LAG1, GigabitEthernet7/0/0).

password

string

Graphiant portal password for authentication.

Required for password-based login when no valid bearer token is available from access_token or GRAPHIANT_ACCESS_TOKEN.

username

string

Graphiant portal username for authentication.

Required for password-based login when no valid bearer token is available from access_token or GRAPHIANT_ACCESS_TOKEN.

Attributes

Attribute

Support

Description

check_mode

Support: full

Supports check mode (always read-only).

See Also

See also

graphiant.naas.graphiant_macsec

Configure interface MACsec settings.

Examples

- name: Get MACsec status for all interfaces on a device
  graphiant.naas.graphiant_macsec_info:
    device: "edge-1-sdktest"
    host: "{{ graphiant_host }}"
    username: "{{ graphiant_username }}"
    password: "{{ graphiant_password }}"
  register: macsec_status

- name: Display MACsec statuses
  ansible.builtin.debug:
    var: macsec_status.macsec_statuses

- name: Get MACsec status for one interface
  graphiant.naas.graphiant_macsec_info:
    device: "edge-1-sdktest"
    interface: LAG1
    host: "{{ graphiant_host }}"
    username: "{{ graphiant_username }}"
    password: "{{ graphiant_password }}"
  register: lag_macsec_status

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

device

string

Portal device hostname queried.

Returned: always

device_id

integer

Portal device ID.

Returned: always

macsec_statuses

list / elements=dictionary

List of MACsec status entries per interface.

Returned: always

interfaceName

string

Main interface name.

Returned: success

status

string

MACSEC_STATUS_SECURE or MACSEC_STATUS_UNSECURE.

Returned: success

msg

string

Human-readable result (includes detailed logs when enabled).

Returned: always

Authors

  • Graphiant Team (@graphiant)