cisco.dnac.compliance_policys_rules module -- Resource module for Compliance Policys Rules

Note

This module is part of the cisco.dnac collection (version 6.46.0).

To install it, use: ansible-galaxy collection install cisco.dnac. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.dnac.compliance_policys_rules.

New in cisco.dnac 6.46.0

Synopsis

• Manage operations create, update and delete of the resource Compliance Policys Rules.

• This API operation creates a new rule within the specified compliance policy.

• Deletes the rule within the specified compliance policy.

• Updates the details of an existing rule within the specified compliance policy.

Note

This module has a corresponding action plugin.

Requirements

The below requirements are needed on the host that executes this module.

• dnacentersdk >= 2.11.0

• python >= 3.12

Parameters

Parameter	Comments
description string	A comprehensive description of the rule. This should provide detailed information about what the rule does, its scope, and any other pertinent details that explain its function and purpose.
deviceTypes list / elements=dictionary	Compliance Policys Rules's deviceTypes.
deviceFamily string	The device family.
deviceModel string	The device model. When a device model is specified, `deviceSeries` is required.
deviceSeries string	The device series.
dnac_debug boolean	Flag for Cisco DNA Center SDK to enable debugging. Choices: :ansible-option-choices-entry-default:`false` ← (default) :ansible-option-choices-entry:`true`
dnac_host string / required	The Cisco DNA Center hostname.
dnac_password string	The Cisco DNA Center password to authenticate.
dnac_port integer	The Cisco DNA Center port. Default: :ansible-option-default:`443`
dnac_username aliases: user string	The Cisco DNA Center username to authenticate. Default: :ansible-option-default:`"admin"`
dnac_verify boolean	Flag to enable or disable SSL certificate verification. Choices: :ansible-option-choices-entry:`false` :ansible-option-choices-entry-default:`true` ← (default)
dnac_version string	Informs the SDK which version of Cisco DNA Center to use. Default: :ansible-option-default:`"3.1.6.0"`
id string	Id path parameter. The `id` of the rule within the compliance policy.
impact string	This describes the potential impact when the conditions of this rule are violated.
name string	This is the name of the rule. It should be a concise and descriptive title that clearly identifies the rule's purpose or function. The name must be unique within the specified policy.
policyId string	PolicyId path parameter. The `id` of the compliance policy.
softwareType string	Specifies the software type applicable to the rule. For detailed enum descriptions, refer to the `Features` tab.
suggestedFix string	Suggestions on how to fix the issues detected by this rule.
validate_response_schema boolean	Flag for Cisco DNA Center SDK to enable the validation of request bodies against a JSON schema. Choices: :ansible-option-choices-entry:`false` :ansible-option-choices-entry-default:`true` ← (default)

Notes

Note

• SDK Method used are compliance.Compliance.create_a_new_rule, compliance.Compliance.delete_a_specific_rule, compliance.Compliance.update_an_existing_rule,

• Paths used are post /dna/intent/api/v1/compliancePolicys/{policyId}/rules, delete /dna/intent/api/v1/compliancePolicys/{policyId}/rules/{id}, put /dna/intent/api/v1/compliancePolicys/{policyId}/rules/{id},

• Does not support check_mode

• The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco DNAC SDK

• The parameters starting with dnac_ are used by the Cisco DNAC Python SDK to establish the connection

See Also

See also

Cisco DNA Center documentation for Compliance CreateANewRule

Complete reference of the CreateANewRule API.

Cisco DNA Center documentation for Compliance DeleteASpecificRule

Complete reference of the DeleteASpecificRule API.

Cisco DNA Center documentation for Compliance UpdateAnExistingRule

Complete reference of the UpdateAnExistingRule API.

Examples

---
- name: Create
  cisco.dnac.compliance_policys_rules:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    state: present
    description: string
    deviceTypes:
      - deviceFamily: string
        deviceModel: string
        deviceSeries: string
    impact: string
    name: string
    policyId: string
    softwareType: string
    suggestedFix: string
- name: Delete by id
  cisco.dnac.compliance_policys_rules:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    state: absent
    id: string
    policyId: string
- name: Update by id
  cisco.dnac.compliance_policys_rules:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    state: present
    description: string
    deviceTypes:
      - deviceFamily: string
        deviceModel: string
        deviceSeries: string
    id: string
    impact: string
    name: string
    policyId: string
    softwareType: string
    suggestedFix: string

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
dnac_response dictionary	A dictionary or list with the response returned by the Cisco DNAC Python SDK Returned: always Sample: :ansible-rv-sample-value:`{"response": {"taskId": "string", "url": "string"}, "version": "string"}`

Authors

• Rafael Campos (@racampos)

Collection links

Issue Tracker Repository (Sources)