.. Document meta :orphan: .. |antsibull-internal-nbsp| unicode:: 0xA0 :trim: .. role:: ansible-attribute-support-label .. role:: ansible-attribute-support-property .. role:: ansible-attribute-support-full .. role:: ansible-attribute-support-partial .. role:: ansible-attribute-support-none .. role:: ansible-attribute-support-na .. role:: ansible-option-type .. role:: ansible-option-elements .. role:: ansible-option-required .. role:: ansible-option-versionadded .. role:: ansible-option-aliases .. role:: ansible-option-choices .. role:: ansible-option-choices-default-mark .. role:: ansible-option-default-bold .. role:: ansible-option-configuration .. role:: ansible-option-returned-bold .. role:: ansible-option-sample-bold .. Anchors .. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module: .. Anchors: short name for ansible.builtin .. Anchors: aliases .. Title cisco.dnac.authentication_policy_servers_v1 module -- Resource module for Authentication Policy Servers V1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. Collection note .. note:: This module is part of the `cisco.dnac collection `_ (version 6.30.2). To install it, use: :code:`ansible-galaxy collection install cisco.dnac`. You need further requirements to be able to use this module, see :ref:`Requirements ` for details. To use it in a playbook, specify: :code:`cisco.dnac.authentication_policy_servers_v1`. .. version_added .. rst-class:: ansible-version-added New in cisco.dnac 3.1.0 .. contents:: :local: :depth: 1 .. Deprecated Synopsis -------- .. Description - Manage operations create, update and delete of the resource Authentication Policy Servers V1. - API to add AAA/ISE server access configuration. Protocol can be configured as either RADIUS OR TACACS OR RADIUS\_TACACS. If configuring Cisco ISE server, after configuration, use 'Cisco ISE Server Integration Status' Intent API to check the integration status. Based on integration status, if require use 'Accept Cisco ISE Server Certificate for Cisco ISE Server Integration' Intent API to accept the Cisco ISE certificate for Cisco ISE server integration, then use again 'Cisco ISE Server Integration Status' Intent API to check the integration status. - API to delete AAA/ISE server access configuration. - API to edit AAA/ISE server access configuration. After edit, use 'Cisco ISE Server Integration Status' Intent API to check the integration status. .. note:: This module has a corresponding :ref:`action plugin `. .. Aliases .. Requirements .. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module_requirements: Requirements ------------ The below requirements are needed on the host that executes this module. - dnacentersdk \>= 2.4.9 - python \>= 3.5 .. Options Parameters ---------- .. rst-class:: ansible-option-table .. list-table:: :width: 100% :widths: auto :header-rows: 1 * - Parameter - Comments * - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-accountingport: .. rst-class:: ansible-option-title **accountingPort** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html
- .. raw:: html
Accounting port of RADIUS server. It is required for RADIUS server. The range is from 1 to 65535. E.g. 1813. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-authenticationport: .. rst-class:: ansible-option-title **authenticationPort** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html
- .. raw:: html
Authentication port of RADIUS server. It is required for RADIUS server. The range is from 1 to 65535. E.g. 1812. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos: .. rst-class:: ansible-option-title **ciscoIseDtos** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html
- .. raw:: html
Authentication Policy Servers's ciscoIseDtos. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos/description: .. rst-class:: ansible-option-title **description** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Description about the Cisco ISE server. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos/fqdn: .. rst-class:: ansible-option-title **fqdn** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Fully-qualified domain name of the Cisco ISE server. E.g. Xi-62.my.com. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos/ipaddress: .. rst-class:: ansible-option-title **ipAddress** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
IP Address of the Cisco ISE Server. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos/password: .. rst-class:: ansible-option-title **password** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Password of the Cisco ISE server. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos/sshkey: .. rst-class:: ansible-option-title **sshkey** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
SSH key of the Cisco ISE server. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos/subscribername: .. rst-class:: ansible-option-title **subscriberName** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Subscriber name of the Cisco ISE server. E.g. Pxgrid\_client\_1662589467. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ciscoisedtos/username: .. rst-class:: ansible-option-title **userName** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
User name of the Cisco ISE server. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-dnac_debug: .. rst-class:: ansible-option-title **dnac_debug** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html
- .. raw:: html
Flag for Cisco DNA Center SDK to enable debugging. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry-default:`false` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`true` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-dnac_host: .. rst-class:: ansible-option-title **dnac_host** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` / :ansible-option-required:`required` .. raw:: html
- .. raw:: html
The Cisco DNA Center hostname. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-dnac_password: .. rst-class:: ansible-option-title **dnac_password** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
The Cisco DNA Center password to authenticate. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-dnac_port: .. rst-class:: ansible-option-title **dnac_port** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html
- .. raw:: html
The Cisco DNA Center port. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`443` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-dnac_username: .. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-user: .. rst-class:: ansible-option-title **dnac_username** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-aliases:`aliases: user` .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
The Cisco DNA Center username to authenticate. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`"admin"` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-dnac_verify: .. rst-class:: ansible-option-title **dnac_verify** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html
- .. raw:: html
Flag to enable or disable SSL certificate verification. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-dnac_version: .. rst-class:: ansible-option-title **dnac_version** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Informs the SDK which version of Cisco DNA Center to use. .. rst-class:: ansible-option-line :ansible-option-default-bold:`Default:` :ansible-option-default:`"2.3.7.6"` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-encryptionkey: .. rst-class:: ansible-option-title **encryptionKey** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Encryption key used to encrypt shared secret. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-encryptionscheme: .. rst-class:: ansible-option-title **encryptionScheme** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Type of encryption scheme for additional security. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-externalciscoiseipaddrdtos: .. rst-class:: ansible-option-title **externalCiscoIseIpAddrDtos** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html
- .. raw:: html
Authentication Policy Servers's externalCiscoIseIpAddrDtos. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-externalciscoiseipaddrdtos/externalciscoiseipaddresses: .. rst-class:: ansible-option-title **externalCiscoIseIpAddresses** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html
- .. raw:: html
Authentication Policy Servers's externalCiscoIseIpAddresses. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-externalciscoiseipaddrdtos/externalciscoiseipaddresses/externalipaddress: .. rst-class:: ansible-option-title **externalIpAddress** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
External IP Address. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-externalciscoiseipaddrdtos/type: .. rst-class:: ansible-option-title **type** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Type. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-id: .. rst-class:: ansible-option-title **id** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Id path parameter. Authentication and Policy Server Identifier. Use 'Get Authentication and Policy Servers' intent API to find the identifier. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-ipaddress: .. rst-class:: ansible-option-title **ipAddress** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
IP address of authentication and policy server. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-isiseenabled: .. rst-class:: ansible-option-title **isIseEnabled** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html
- .. raw:: html
Value true for Cisco ISE Server. Default value is false. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-messagekey: .. rst-class:: ansible-option-title **messageKey** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Message key used to encrypt shared secret. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-port: .. rst-class:: ansible-option-title **port** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html
- .. raw:: html
Port of TACACS server. It is required for TACACS server. The range is from 1 to 65535. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-protocol: .. rst-class:: ansible-option-title **protocol** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Type of protocol for authentication and policy server. If already saved with RADIUS, can update to RADIUS\_TACACS. If already saved with TACACS, can update to RADIUS\_TACACS. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-pxgridenabled: .. rst-class:: ansible-option-title **pxgridEnabled** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html
- .. raw:: html
Value true for enable, false for disable. Default value is true. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-retries: .. rst-class:: ansible-option-title **retries** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Number of communication retries between devices and authentication and policy server. The range is from 1 to 3. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-role: .. rst-class:: ansible-option-title **role** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Role of authentication and policy server. E.g. Primary, secondary. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-sharedsecret: .. rst-class:: ansible-option-title **sharedSecret** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Shared secret between devices and authentication and policy server. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-timeoutseconds: .. rst-class:: ansible-option-title **timeoutSeconds** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html
- .. raw:: html
Number of seconds before timing out between devices and authentication and policy server. The range is from 2 to 20. .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-usednaccertforpxgrid: .. rst-class:: ansible-option-title **useDnacCertForPxgrid** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html
- .. raw:: html
Value true to use Catalyst Center certificate for Pxgrid. Default value is false. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html
* - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__parameter-validate_response_schema: .. rst-class:: ansible-option-title **validate_response_schema** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html
- .. raw:: html
Flag for Cisco DNA Center SDK to enable the validation of request bodies against a JSON schema. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)` .. raw:: html
.. Attributes .. Notes Notes ----- .. note:: - SDK Method used are system\_settings.SystemSettings.add\_authentication\_and\_policy\_server\_access\_configuration\_v1, system\_settings.SystemSettings.delete\_authentication\_and\_policy\_server\_access\_configuration\_v1, system\_settings.SystemSettings.edit\_authentication\_and\_policy\_server\_access\_configuration\_v1, - Paths used are post /dna/intent/api/v1/authentication-policy-servers, delete /dna/intent/api/v1/authentication-policy-servers/{id}, put /dna/intent/api/v1/authentication-policy-servers/{id}, - Does not support \ :literal:`check\_mode`\ - The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco DNAC SDK - The parameters starting with dnac\_ are used by the Cisco DNAC Python SDK to establish the connection .. Seealso See Also -------- .. seealso:: `Cisco DNA Center documentation for System Settings AddAuthenticationAndPolicyServerAccessConfigurationV1 `_ Complete reference of the AddAuthenticationAndPolicyServerAccessConfigurationV1 API. `Cisco DNA Center documentation for System Settings DeleteAuthenticationAndPolicyServerAccessConfigurationV1 `_ Complete reference of the DeleteAuthenticationAndPolicyServerAccessConfigurationV1 API. `Cisco DNA Center documentation for System Settings EditAuthenticationAndPolicyServerAccessConfigurationV1 `_ Complete reference of the EditAuthenticationAndPolicyServerAccessConfigurationV1 API. .. Examples Examples -------- .. code-block:: yaml+jinja - name: Create cisco.dnac.authentication_policy_servers_v1: dnac_host: "{{dnac_host}}" dnac_username: "{{dnac_username}}" dnac_password: "{{dnac_password}}" dnac_verify: "{{dnac_verify}}" dnac_port: "{{dnac_port}}" dnac_version: "{{dnac_version}}" dnac_debug: "{{dnac_debug}}" state: present accountingPort: 0 authenticationPort: 0 ciscoIseDtos: - description: string fqdn: string ipAddress: string password: string sshkey: string subscriberName: string userName: string encryptionKey: string encryptionScheme: string externalCiscoIseIpAddrDtos: - externalCiscoIseIpAddresses: - externalIpAddress: string type: string ipAddress: string isIseEnabled: true messageKey: string port: 0 protocol: string pxgridEnabled: true retries: string role: string sharedSecret: string timeoutSeconds: string useDnacCertForPxgrid: true - name: Delete by id cisco.dnac.authentication_policy_servers_v1: dnac_host: "{{dnac_host}}" dnac_username: "{{dnac_username}}" dnac_password: "{{dnac_password}}" dnac_verify: "{{dnac_verify}}" dnac_port: "{{dnac_port}}" dnac_version: "{{dnac_version}}" dnac_debug: "{{dnac_debug}}" state: absent id: string - name: Update by id cisco.dnac.authentication_policy_servers_v1: dnac_host: "{{dnac_host}}" dnac_username: "{{dnac_username}}" dnac_password: "{{dnac_password}}" dnac_verify: "{{dnac_verify}}" dnac_port: "{{dnac_port}}" dnac_version: "{{dnac_version}}" dnac_debug: "{{dnac_debug}}" state: present accountingPort: 0 authenticationPort: 0 ciscoIseDtos: - fqdn: string password: string sshkey: string userName: string externalCiscoIseIpAddrDtos: - externalCiscoIseIpAddresses: - externalIpAddress: string type: string id: string port: 0 protocol: string pxgridEnabled: true retries: string timeoutSeconds: string useDnacCertForPxgrid: true .. Facts .. Return values Return Values ------------- Common return values are documented :ref:`here `, the following are the fields unique to this module: .. rst-class:: ansible-option-table .. list-table:: :width: 100% :widths: auto :header-rows: 1 * - Key - Description * - .. raw:: html
.. _ansible_collections.cisco.dnac.authentication_policy_servers_v1_module__return-dnac_response: .. rst-class:: ansible-option-title **dnac_response** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html
- .. raw:: html
A dictionary or list with the response returned by the Cisco DNAC Python SDK .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` always .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`{"response": {"taskId": "string", "url": "string"}, "version": "string"}` .. raw:: html
.. Status (Presently only deprecated) .. Authors Authors ~~~~~~~ - Rafael Campos (@racampos) .. Extra links Collection links ~~~~~~~~~~~~~~~~ .. raw:: html

Issue Tracker Repository (Sources)

.. Parsing errors