def main(): """ main entry point for module execution """ argument_spec = dict(banner=dict(required=True, choices=['login', 'motd']), text=dict(), state=dict(default='present', choices=['present', 'absent'])) argument_spec.update(ios_argument_spec) required_if = [('state', 'present', ('text', ))] module = AnsibleModule(argument_spec=argument_spec, required_if=required_if, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) result['commands'] = commands if commands: if not module.check_mode: response = load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ Main entry point for Ansible module execution """ argument_spec = dict(hostname=dict(), domain_name=dict(type='list'), domain_search=dict(type='list'), name_servers=dict(type='list'), lookup_source=dict(), lookup_enabled=dict(type='bool'), state=dict(choices=['present', 'absent'], default='present')) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) result = {'changed': False} warnings = list() check_args(module, warnings) result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands(want, have, module) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """main entry point for module execution """ argument_spec = dict( # { command: <str>, prompt: <str>, response: <str> } commands=dict(type='list', required=True), wait_for=dict(type='list', aliases=['waitfor']), match=dict(default='all', choices=['all', 'any']), retries=dict(default=10, type='int'), interval=dict(default=1, type='int')) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) result = {'changed': False} warnings = list() check_args(module, warnings) commands = parse_commands(module, warnings) result['warnings'] = warnings wait_for = module.params['wait_for'] or list() conditionals = [Conditional(c) for c in wait_for] retries = module.params['retries'] interval = module.params['interval'] match = module.params['match'] while retries > 0: responses = run_commands(module, commands) for item in list(conditionals): if item(responses): if match == 'any': conditionals = list() break conditionals.remove(item) if not conditionals: break time.sleep(interval) retries -= 1 if conditionals: failed_conditions = [item.raw for item in conditionals] msg = 'One or more conditional statements have not be satisfied' module.fail_json(msg=msg, failed_conditions=failed_conditions) result = { 'changed': False, 'stdout': responses, 'stdout_lines': list(to_lines(responses)) } module.exit_json(**result)
def main(): """ main entry point for module execution """ argument_spec = dict( vrfs=dict(type='list'), name=dict(), description=dict(), rd=dict(), interfaces=dict(type='list'), delay=dict(default=10, type='int'), purge=dict(type='bool', default=False), state=dict(default='present', choices=['present', 'absent']) ) argument_spec.update(ios_argument_spec) mutually_exclusive = [('name', 'vrfs')] module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, supports_check_mode=True) result = {'changed': False} warnings = list() check_args(module, warnings) result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands(update_objects(want, have), module) if module.params['purge']: want_vrfs = [x['name'] for x in want] have_vrfs = [x['name'] for x in have] for item in set(have_vrfs).difference(want_vrfs): cmd = 'no vrf definition %s' % item if cmd not in commands: commands.append(cmd) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True if result['changed']: time.sleep(module.params['delay']) check_declarative_intent_params(want, module) module.exit_json(**result)
def main(): """ main entry point for module execution """ argument_spec = dict( vrfs=dict(type='list'), name=dict(), description=dict(), rd=dict(), interfaces=dict(type='list'), delay=dict(default=10, type='int'), purge=dict(type='bool', default=False), state=dict(default='present', choices=['present', 'absent']) ) argument_spec.update(ios_argument_spec) mutually_exclusive = [('name', 'vrfs')] module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, supports_check_mode=True) result = {'changed': False} warnings = list() check_args(module, warnings) result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands(update_objects(want, have), module) if module.params['purge']: want_vrfs = [x['name'] for x in want] have_vrfs = [x['name'] for x in have] for item in set(have_vrfs).difference(want_vrfs): cmd = 'no vrf definition %s' % item if cmd not in commands: commands.append(cmd) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True if result['changed']: time.sleep(module.params['delay']) check_declarative_intent_params(want, module) module.exit_json(**result)
def main(): """ main entry point for module execution """ argument_spec = dict(aggregate=dict(type='list', aliases=['users', 'collection']), name=dict(), password=dict(no_log=True), nopassword=dict(type='bool'), update_password=dict(default='always', choices=['on_create', 'always']), privilege=dict(type='int'), view=dict(aliases=['role']), purge=dict(type='bool', default=False), state=dict(default='present', choices=['present', 'absent'])) argument_spec.update(ios_argument_spec) mutually_exclusive = [('name', 'aggregate')] module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands(update_objects(want, have), module) if module.params['purge']: want_users = [x['name'] for x in want] have_users = [x['name'] for x in have] for item in set(have_users).difference(want_users): if item != 'admin': commands.append(user_del_cmd(item)) result['commands'] = commands # the ios cli prevents this by rule so capture it and display # a nice failure message for cmd in commands: if 'no username admin' in cmd: module.fail_json(msg='cannot delete the `admin` account') if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ main entry point for module execution """ element_spec = dict( prefix=dict(type='str'), mask=dict(type='str'), next_hop=dict(type='str'), admin_distance=dict(default=1, type='int'), state=dict(default='present', choices=['present', 'absent']) ) aggregate_spec = deepcopy(element_spec) aggregate_spec['prefix'] = dict(required=True) # remove default in aggregate spec, to handle common arguments remove_default_spec(aggregate_spec) argument_spec = dict( aggregate=dict(type='list', elements='dict', options=aggregate_spec), ) argument_spec.update(element_spec) argument_spec.update(ios_argument_spec) required_one_of = [['aggregate', 'prefix']] required_together = [['prefix', 'mask', 'next_hop']] mutually_exclusive = [['aggregate', 'prefix']] module = AnsibleModule(argument_spec=argument_spec, required_one_of=required_one_of, required_together=required_together, mutually_exclusive=mutually_exclusive, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module, required_together=required_together) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ main entry point for module execution """ element_spec = dict( prefix=dict(type='str'), mask=dict(type='str'), next_hop=dict(type='str'), admin_distance=dict(default=1, type='int'), state=dict(default='present', choices=['present', 'absent']) ) aggregate_spec = deepcopy(element_spec) aggregate_spec['prefix'] = dict(required=True) # remove default in aggregate spec, to handle common arguments remove_default_spec(aggregate_spec) argument_spec = dict( aggregate=dict(type='list', elements='dict', options=aggregate_spec), ) argument_spec.update(element_spec) argument_spec.update(ios_argument_spec) required_one_of = [['aggregate', 'prefix']] required_together = [['prefix', 'mask', 'next_hop']] mutually_exclusive = [['aggregate', 'prefix']] module = AnsibleModule(argument_spec=argument_spec, required_one_of=required_one_of, required_together=required_together, mutually_exclusive=mutually_exclusive, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module, required_together=required_together) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ main entry point for module execution """ argument_spec = dict(name=dict(), description=dict(default=DEFAULT_DESCRIPTION), speed=dict(), mtu=dict(), duplex=dict(choices=['full', 'half', 'auto']), enabled=dict(default=True, type='bool'), tx_rate=dict(), rx_rate=dict(), delay=dict(default=10, type='int'), aggregate=dict(type='list'), state=dict( default='present', choices=['present', 'absent', 'up', 'down'])) argument_spec.update(ios_argument_spec) required_one_of = [['name', 'aggregate']] mutually_exclusive = [['name', 'aggregate']] module = AnsibleModule(argument_spec=argument_spec, required_one_of=required_one_of, mutually_exclusive=mutually_exclusive, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have)) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True failed_conditions = check_declarative_intent_params(module, want, result) if failed_conditions: msg = 'One or more conditional statements have not been satisfied' module.fail_json(msg=msg, failed_conditions=failed_conditions) module.exit_json(**result)
def main(): """ main entry point for module execution """ element_spec = dict( dest=dict(type='str', choices=['on', 'host', 'console', 'monitor', 'buffered']), name=dict(type='str'), size=dict(type='int'), facility=dict(type='str', default='local7'), level=dict(type='str', default='debugging'), state=dict(default='present', choices=['present', 'absent']), ) aggregate_spec = deepcopy(element_spec) # remove default in aggregate spec, to handle common arguments remove_default_spec(aggregate_spec) argument_spec = dict(aggregate=dict(type='list', elements='dict', options=aggregate_spec), ) argument_spec.update(element_spec) argument_spec.update(ios_argument_spec) required_if = [('dest', 'host', ['name'])] module = AnsibleModule(argument_spec=argument_spec, required_if=required_if, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module, required_if=required_if) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ main entry point for module execution """ element_spec = dict( dest=dict(type='str', choices=['on', 'host', 'console', 'monitor', 'buffered']), name=dict(type='str'), size=dict(type='int'), facility=dict(type='str', default='local7'), level=dict(type='str', default='debugging'), state=dict(default='present', choices=['present', 'absent']), ) aggregate_spec = deepcopy(element_spec) # remove default in aggregate spec, to handle common arguments remove_default_spec(aggregate_spec) argument_spec = dict( aggregate=dict(type='list', elements='dict', options=aggregate_spec), ) argument_spec.update(element_spec) argument_spec.update(ios_argument_spec) required_if = [('dest', 'host', ['name'])] module = AnsibleModule(argument_spec=argument_spec, required_if=required_if, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module, required_if=required_if) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ main entry point for module execution """ argument_spec = dict(count=dict(type="int"), dest=dict(type="str", required=True), source=dict(type="str"), state=dict(type="str", choices=["absent", "present"], default="present"), vrf=dict(type="str")) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec) count = module.params["count"] dest = module.params["dest"] source = module.params["source"] vrf = module.params["vrf"] warnings = list() check_args(module, warnings) results = {} if warnings: results["warnings"] = warnings results["commands"] = [build_ping(dest, count, source, vrf)] ping_results = run_commands(module, commands=results["commands"]) ping_results_list = ping_results[0].split("\n") success, rx, tx, rtt = parse_ping(ping_results_list[3]) loss = abs(100 - int(success)) results["packet_loss"] = str(loss) + "%" results["packets_rx"] = int(rx) results["packets_tx"] = int(tx) # Convert rtt values to int for k, v in rtt.items(): if rtt[k] is not None: rtt[k] = int(v) results["rtt"] = rtt validate_results(module, loss, results) module.exit_json(**results)
def main(): """ main entry point for module execution """ argument_spec = dict( count=dict(type="int"), dest=dict(type="str", required=True), source=dict(type="str"), state=dict(type="str", choices=["absent", "present"], default="present"), vrf=dict(type="str") ) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec) count = module.params["count"] dest = module.params["dest"] source = module.params["source"] vrf = module.params["vrf"] warnings = list() check_args(module, warnings) results = {} if warnings: results["warnings"] = warnings results["commands"] = [build_ping(dest, count, source, vrf)] ping_results = run_commands(module, commands=results["commands"]) ping_results_list = ping_results[0].split("\n") success, rx, tx, rtt = parse_ping(ping_results_list[3]) loss = abs(100 - int(success)) results["packet_loss"] = str(loss) + "%" results["packets_rx"] = int(rx) results["packets_tx"] = int(tx) # Convert rtt values to int for k, v in rtt.items(): if rtt[k] is not None: rtt[k] = int(v) results["rtt"] = rtt validate_results(module, loss, results) module.exit_json(**results)
def main(): """ main entry point for module execution """ argument_spec = dict( src=dict(), force=dict(default=False, type='bool'), include_defaults=dict(default=True, type='bool'), backup=dict(default=False, type='bool'), config=dict(), ) argument_spec.update(ios_argument_spec) mutually_exclusive = [('config', 'backup'), ('config', 'force')] module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, supports_check_mode=True) candidate = NetworkConfig(contents=module.params['src'], indent=1) result = {'changed': False} warnings = list() check_args(module, warnings) result['warnings'] = warnings if module.params['backup']: result['__backup__'] = get_config(module=module) if not module.params['force']: contents = get_current_config(module) configobj = NetworkConfig(contents=contents, indent=1) commands = candidate.difference(configobj) commands = dumps(commands, 'commands').split('\n') commands = [str(c).strip() for c in commands if c] else: commands = [c.strip() for c in str(candidate).split('\n')] if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True result['updates'] = commands result['commands'] = commands module.exit_json(**result)
def main(): """ main entry point for module execution """ argument_spec = dict(prefix=dict(type='str'), mask=dict(type='str'), next_hop=dict(type='str'), admin_distance=dict(default=1, type='int'), collection=dict(type='list'), purge=dict(type='bool'), state=dict(default='present', choices=['present', 'absent'])) argument_spec.update(ios_argument_spec) required_one_of = [['collection', 'prefix']] required_together = [['prefix', 'mask', 'next_hop']] mutually_exclusive = [['collection', 'prefix']] module = AnsibleModule(argument_spec=argument_spec, required_one_of=required_one_of, required_together=required_together, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ Main entry point for Ansible module execution """ argument_spec = dict( hostname=dict(), domain_name=dict(type='list'), domain_search=dict(type='list'), name_servers=dict(type='list'), lookup_source=dict(), lookup_enabled=dict(type='bool'), state=dict(choices=['present', 'absent'], default='present') ) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) result = {'changed': False} warnings = list() check_args(module, warnings) result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands(want, have, module) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ main entry point for module execution """ argument_spec = dict( banner=dict(required=True, choices=['login', 'motd']), text=dict(), state=dict(default='present', choices=['present', 'absent']) ) argument_spec.update(ios_argument_spec) required_if = [('state', 'present', ('text',))] module = AnsibleModule(argument_spec=argument_spec, required_if=required_if, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) result['commands'] = commands if commands: if not module.check_mode: response = load_config(module, commands) result['changed'] = True module.exit_json(**result)
def main(): """ main entry point for module execution """ neighbors_spec = dict( host=dict(), port=dict() ) element_spec = dict( name=dict(), description=dict(), speed=dict(), mtu=dict(), duplex=dict(choices=['full', 'half', 'auto']), enabled=dict(default=True, type='bool'), tx_rate=dict(), rx_rate=dict(), neighbors=dict(type='list', elements='dict', options=neighbors_spec), delay=dict(default=10, type='int'), state=dict(default='present', choices=['present', 'absent', 'up', 'down']) ) aggregate_spec = deepcopy(element_spec) aggregate_spec['name'] = dict(required=True) # remove default in aggregate spec, to handle common arguments remove_default_spec(aggregate_spec) argument_spec = dict( aggregate=dict(type='list', elements='dict', options=aggregate_spec), ) argument_spec.update(element_spec) argument_spec.update(ios_argument_spec) required_one_of = [['name', 'aggregate']] mutually_exclusive = [['name', 'aggregate']] module = AnsibleModule(argument_spec=argument_spec, required_one_of=required_one_of, mutually_exclusive=mutually_exclusive, supports_check_mode=True) warnings = list() check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have)) result['commands'] = commands if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True failed_conditions = check_declarative_intent_params(module, want, result) if failed_conditions: msg = 'One or more conditional statements have not been satisfied' module.fail_json(msg=msg, failed_conditions=failed_conditions) module.exit_json(**result)
def main(): """main entry point for module execution """ argument_spec = dict( gather_subset=dict(default=['!config'], type='list') ) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) gather_subset = module.params['gather_subset'] runable_subsets = set() exclude_subsets = set() for subset in gather_subset: if subset == 'all': runable_subsets.update(VALID_SUBSETS) continue if subset.startswith('!'): subset = subset[1:] if subset == 'all': exclude_subsets.update(VALID_SUBSETS) continue exclude = True else: exclude = False if subset not in VALID_SUBSETS: module.fail_json(msg='Bad subset') if exclude: exclude_subsets.add(subset) else: runable_subsets.add(subset) if not runable_subsets: runable_subsets.update(VALID_SUBSETS) runable_subsets.difference_update(exclude_subsets) runable_subsets.add('default') facts = dict() facts['gather_subset'] = list(runable_subsets) instances = list() for key in runable_subsets: instances.append(FACT_SUBSETS[key](module)) for inst in instances: inst.populate() facts.update(inst.facts) ansible_facts = dict() for key, value in iteritems(facts): key = 'ansible_net_%s' % key ansible_facts[key] = value warnings = list() check_args(module, warnings) module.exit_json(ansible_facts=ansible_facts, warnings=warnings)
def main(): """main entry point for module execution """ argument_spec = dict( commands=dict(type='list', required=True), wait_for=dict(type='list', aliases=['waitfor']), match=dict(default='all', choices=['all', 'any']), retries=dict(default=10, type='int'), interval=dict(default=1, type='int') ) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) result = {'changed': False} warnings = list() check_args(module, warnings) commands = parse_commands(module, warnings) result['warnings'] = warnings wait_for = module.params['wait_for'] or list() conditionals = [Conditional(c) for c in wait_for] retries = module.params['retries'] interval = module.params['interval'] match = module.params['match'] while retries > 0: responses = run_commands(module, commands) for item in list(conditionals): if item(responses): if match == 'any': conditionals = list() break conditionals.remove(item) if not conditionals: break time.sleep(interval) retries -= 1 if conditionals: failed_conditions = [item.raw for item in conditionals] msg = 'One or more conditional statements have not be satisfied' module.fail_json(msg=msg, failed_conditions=failed_conditions) result.update({ 'changed': False, 'stdout': responses, 'stdout_lines': list(to_lines(responses)) }) module.exit_json(**result)
def main(): """main entry point for module execution """ argument_spec = dict( gather_subset=dict(default=['!config'], type='list') ) argument_spec.update(ios_argument_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) gather_subset = module.params['gather_subset'] runable_subsets = set() exclude_subsets = set() for subset in gather_subset: if subset == 'all': runable_subsets.update(VALID_SUBSETS) continue if subset.startswith('!'): subset = subset[1:] if subset == 'all': exclude_subsets.update(VALID_SUBSETS) continue exclude = True else: exclude = False if subset not in VALID_SUBSETS: module.fail_json(msg='Bad subset') if exclude: exclude_subsets.add(subset) else: runable_subsets.add(subset) if not runable_subsets: runable_subsets.update(VALID_SUBSETS) runable_subsets.difference_update(exclude_subsets) runable_subsets.add('default') facts = dict() facts['gather_subset'] = list(runable_subsets) instances = list() for key in runable_subsets: instances.append(FACT_SUBSETS[key](module)) for inst in instances: inst.populate() facts.update(inst.facts) ansible_facts = dict() for key, value in iteritems(facts): key = 'ansible_net_%s' % key ansible_facts[key] = value warnings = list() check_args(module, warnings) module.exit_json(ansible_facts=ansible_facts, warnings=warnings)
def main(): """ main entry point for module execution """ element_spec = dict( name=dict(), configured_password=dict(no_log=True), nopassword=dict(type='bool'), update_password=dict(default='always', choices=['on_create', 'always']), privilege=dict(type='int'), view=dict(aliases=['role']), state=dict(default='present', choices=['present', 'absent']) ) aggregate_spec = deepcopy(element_spec) aggregate_spec['name'] = dict(required=True) # remove default in aggregate spec, to handle common arguments remove_default_spec(aggregate_spec) argument_spec = dict( aggregate=dict(type='list', elements='dict', options=aggregate_spec, aliases=['users', 'collection']), purge=dict(type='bool', default=False) ) argument_spec.update(element_spec) argument_spec.update(ios_argument_spec) mutually_exclusive = [('name', 'aggregate')] module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, supports_check_mode=True) warnings = list() if module.params['password'] and not module.params['configured_password']: warnings.append( 'The "password" argument is used to authenticate the current connection. ' + 'To set a user password use "configured_password" instead.' ) check_args(module, warnings) result = {'changed': False} if warnings: result['warnings'] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands(update_objects(want, have), module) if module.params['purge']: want_users = [x['name'] for x in want] have_users = [x['name'] for x in have] for item in set(have_users).difference(want_users): if item != 'admin': commands.append(user_del_cmd(item)) result['commands'] = commands # the ios cli prevents this by rule so capture it and display # a nice failure message for cmd in commands: if 'no username admin' in cmd: module.fail_json(msg='cannot delete the `admin` account') if commands: if not module.check_mode: load_config(module, commands) result['changed'] = True module.exit_json(**result)