def main():
"""Main entry point for module execution."""
argument_spec = dict(url_hostname=dict(type='str', required=True))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
connection = Connection(module._socket_path)
api = AEDAPIBase(connection)
with exception_context(module, Exception):
cur_cfg = get_general_settings(module, api)
new_cfg = update_config(module, api, cur_cfg)
results = {'changed': True}
changes = get_changes(cur_cfg, new_cfg)
if not changes:
results['changed'] = False
else:
if module._diff:
results['diff'] = {'prepared': json.dumps(changes)}
results['aed_general_settings'] = new_cfg
module.exit_json(**results)
def main():
argument_spec = dict(interface=dict(type='str', required=True),
state=dict(choices=['present', 'absent'],
default='present'),
remote_ips=dict(type='list'),
local_ip=dict(type='str'),
subnet_length=dict(type='int'))
argument_spec.update(aed_argument_spec)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_together=(('local_ip', 'remote_ips', 'subnet_length'), ),
)
api = AEDAPIBase(Connection(module._socket_path))
with exception_context(module, Exception):
cur_cfg = get_interface_config(module, api)
if module.params.get('state') == 'absent':
new_cfg = delete_config(module, api, cur_cfg)
else:
new_cfg = update_config(module, api, cur_cfg)
result = {'changed': False}
changes = get_changes(cur_cfg, new_cfg)
if changes:
result['changed'] = True
if module._diff:
result['diff'] = {'prepared': json.dumps(changes)}
result['aed_gre_tunnel_state'] = new_cfg
module.exit_json(**result)
def main():
""" main entry point for module execution
"""
argument_spec = dict(
snmp_version=dict(type='str', choices=['2', '3']),
snmp_community=dict(type='str', no_log=True),
snmp_username=dict(type='str'),
snmp_security_level=dict(
type='str', choices=['noAuthNoPriv', 'authNoPriv', 'authPriv']),
snmp_password=dict(type='str', no_log=True),
snmp_auth_proto=dict(type='str', choices=['md5', 'sha']),
snmp_privacy_password=dict(type='str', no_log=True),
snmp_privacy_protocol=dict(choices=['aes', 'des']),
secure=dict(type='bool'),
)
argument_spec.update(aed_argument_spec)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
with exception_context(module, Exception):
connection = Connection(module._socket_path)
api = AEDAPIBase(connection)
warnings = list()
check_args(module, warnings)
result = {'changed': False}
if warnings:
result['warnings'] = warnings
# Get what you want and have...
want = get_want(module, PARAM_MAP)
have = get_have(api)
result = {'changed': False}
changes = get_changes(have, want)
if changes:
if module._diff:
result['diff'] = {'prepared': json.dumps(changes)}
result['changed'] = True
if not module.check_mode:
parsed_changes = ans_to_rest(changes, PARAM_MAP)
resp_code, new_config = api.push_config(
command='snmp', body_params=parsed_changes)
if resp_code not in ResponseCodes.GOOD_RESP:
module.fail_json(
msg='APIError: response code:{}, '
'response:{}'.format(resp_code, new_config))
module.exit_json(**result)
def main():
"""
Entry point for module execution
"""
argument_spec = dict(
deployment_mode=dict(choices=['monitor', 'inline', 'l3']),
protection_active=dict(type='bool'),
protection_level=dict(choices=['low', 'medium', 'high'])
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True
)
with exception_context(module, Exception):
connection = Connection(module._socket_path)
api = AEDAPIBase(connection)
warnings = list()
check_args(module, warnings)
result = {'changed': False}
if warnings:
result['warnings'] = warnings
# Get what you want and have...
want = get_want(module, PARAM_MAP)
have = get_have(api)
result = {'changed': False}
# Determine if we need a change
changes = get_changes(have, want)
if changes:
if module._diff:
result['diff'] = {'prepared': json.dumps(changes)}
result['changed'] = True
parsed_changes = ans_to_rest(changes, PARAM_MAP)
if not module.check_mode:
resp_code, new_config = api.push_config(
command='summary',
body_params=parsed_changes
)
if resp_code not in ResponseCodes.GOOD_RESP:
module.fail_json(msg='APIError: response code:{}, '
'response:{}'.format(resp_code,
new_config))
result['deployment_state'] = get_have(api)
module.exit_json(**result)
def main():
""" main entry point for module execution
"""
argument_spec = dict(
syslog_server=dict(type='str'),
syslog_port=dict(type='str'),
syslog_protocol=dict(choices=['udp', 'tcp']),
syslog_format=dict(choices=['cef', 'leef', 'legacy']),
secure=dict(type='bool'),
)
argument_spec.update(aed_argument_spec)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
with exception_context(module, Exception):
connection = Connection(module._socket_path)
api = AEDAPIBase(connection)
warnings = list()
check_args(module, warnings)
result = {'changed': False}
if warnings:
result['warnings'] = warnings
# Get what you want and have...
want = get_want(module, PARAM_MAP)
have = get_have(api)
result = {'changed': False}
changes = get_changes(have, want)
if changes:
if module._diff:
result['diff'] = {'prepared': json.dumps(changes)}
result['changed'] = True
if not module.check_mode:
parsed_changes = ans_to_rest(changes, PARAM_MAP)
resp_code, new_config = api.push_config(
command='remote-syslog', body_params=parsed_changes)
if resp_code not in ResponseCodes.GOOD_RESP:
module.fail_json(
msg='APIError: response code:{}, '
'response:{}'.format(resp_code, new_config))
result['aed_remote_syslog_state'] = get_have(api)
module.exit_json(**result)
def main():
"""Module entry point"""
argument_spec = dict(server_id=dict(type='str'),
capability=dict(type='str'),
requested=dict(type='str'))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
api = AEDAPIBase(Connection(module._socket_path))
def wait_for_changes(api):
"""Wait before panicking, requests can take
some time to complete.
Args:
api (AEDApi): AEDApi instance for this connection
Return:
Error on time out, else true
"""
# The /license/ API endpoints make requests to the
# license server and the license server processes
# this request. The API provides endpoints to
# check the status of the request.
# To make sure the task was competed, we much check
# status of the request and timeout if it wasn't in
# a given time frame. This does not mean that the
# request will not be successful. It only prevents
# Ansible from waiting indefinitely.
def _sig_alarm(sig, tb):
raise AEDAPIError('Timed out waiting 90s for license server'
' to complete request. The request may or'
' may not have completed successfully.')
timeout = 90
signal.signal(signal.SIGALRM, _sig_alarm)
signal.alarm(timeout)
while True:
resp_code, response = api.get_config(command=BASE_URI +
'/progress/')
if resp_code in ResponseCodes.GOOD_RESP:
# Check if the request is completed
if response['status'].upper() in ['COMPLETED.']:
return
sleep(2)
# Catch exceptions within the context and return
# Ansible compliant error response.
with exception_context(module, Exception):
have = get_have(api, module)
result = {'changed': False}
diff = {}
if module.params.get('server_id', None):
want = get_want(module, SERVER_PARAM_MAP)
changes = get_changes(have, want)
parsed_changes = ans_to_rest(changes, SERVER_PARAM_MAP)
if changes:
if not module.check_mode:
if not have['server_id']:
# PUT request if no lic server is configured
resp_code, new_config = api.put_config(
command=BASE_URI + '/server/',
body_params=parsed_changes)
else:
# PATCH request if lic server is to be modified
resp_code, new_config = api.push_config(
command=BASE_URI + '/server/',
body_params=parsed_changes)
verify_response(resp_code, new_config)
wait_for_changes(api)
result['changed'] = True
diff.update(changes)
if module.params.get('capability', None):
want = get_want(module, CAPABILITIES_PARAM_MAP)
requested = module.params.get('requested', None)
parsed_changes = ans_to_rest(want, CAPABILITIES_PARAM_MAP)
parsed_changes.pop('capability')
capability = module.params.get('capability', None)
# Make changes only if the requested
# capability hasn't already been granted
if have['capabilities'][0]['granted'] != requested:
if not module.check_mode:
resp_code, new_config = api.put_config(
command=BASE_URI +
'/capabilities/{}/'.format(capability),
body_params=parsed_changes)
verify_response(resp_code, new_config)
wait_for_changes(api)
result['changed'] = True
diff.update(want)
if module._diff:
result['diff'] = {'prepared': json.dumps(diff)}
# In check mode, `aed_license_state` key will still show the unchanged state.
# Though, `what_changed` will show the expected changes.
result['aed_license_state'] = get_have(api, module)
module.exit_json(**result)
def main():
"""Program entry point"""
argument_spec = dict(name=dict(type='str'),
link_propagation_up_timeout=dict(type='int'),
link_propagation_down_timeout=dict(type='int'),
addr=dict(type='str'),
addr_present=dict(type='bool', default='True'))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
api = AEDAPIBase(Connection(module._socket_path))
result = {'changed': False}
with exception_context(module, Exception):
have = get_have(api, module)
want = get_want(module, PARAM_MAP)
changes = get_changes(have, want)
intf_name = module.params.get('name', None)
intf_addr = module.params.get('addr', None)
addr_present = module.params.get('addr_present')
if not addr_present:
changes['addr_present'] = False
# Run only if there are any changes and
# check mode is off.
if changes:
if not intf_name:
if module._diff:
result['diff'] = {'prepared': json.dumps(changes)}
parsed_changes = ans_to_rest(changes, LP_PARAM_MAP)
if not module.check_mode:
resp_code, new_config = api.push_config(
command='mitigation-interfaces',
body_params=parsed_changes)
if resp_code not in ResponseCodes.GOOD_RESP:
module.fail_json(
msg='APIError: Failed pushing config. '
'response code:{}, response:{}'.format(
resp_code, new_config))
result['changed'] = True
else:
parsed_changes = ans_to_rest(changes, INTF_PARAM_MAP)
if not addr_present:
# Check if the interface has the specified address
# and delete it. If not, don't create just for the
# sake of deleting it.
if have['addr']:
if not module.check_mode:
resp_code, new_config = api.delete_config(
command='mitigation-interfaces/{}/{}/'.format(
intf_name, intf_addr))
if resp_code not in ResponseCodes.GOOD_DEL_RESP:
module.fail_json(
msg='APIError: Failed deleting config. '
'response code: {}, response: {}'.format(
resp_code, new_config))
result['changed'] = True
result['delete_interface_address'] = {
intf_name: intf_addr
}
else:
result['no_delete'] = (
'This interface does not have an address set. '
'Not creating address to only delete it.')
else:
if module._diff:
result['diff'] = {'prepared': json.dumps(changes)}
if not module.check_mode:
resp_code, new_config = api.push_config(
command='mitigation-interfaces/{}/'.format(
intf_name),
body_params=parsed_changes)
if resp_code not in ResponseCodes.GOOD_RESP:
module.fail_json(
msg='APIError: Failed pushing config. '
'response code: {}, response: {}'.format(
resp_code, new_config))
result['changed'] = True
result['add_interface_address'] = {intf_name: intf_addr}
new_state = get_have(api, module)
result['aed_interface_state'] = new_state
module.exit_json(**result)