cisco.dnac.sda_fabric_authentication_profile module – Resource module for Sda Fabric Authentication Profile

Note

This module is part of the cisco.dnac collection (version 6.3.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.dnac.

To use it in a playbook, specify: cisco.dnac.sda_fabric_authentication_profile.

New in version 3.1.0: of cisco.dnac

Synopsis

  • Manage operations create, update and delete of the resource Sda Fabric Authentication Profile.

  • Deploy authentication template in SDA Fabric.

  • Add default authentication profile in SDA Fabric.

  • Update default authentication profile in SDA Fabric.

Note

This module has a corresponding action plugin.

Requirements

The below requirements are needed on the host that executes this module.

  • dnacentersdk >= 2.4.8

  • python >= 3.5

Parameters

Parameter

Comments

authenticateTemplateName

string

added in 4.0.0 of cisco.dnac

Authenticate Template Name. Allowed values are ‘No Authentication ‘, ‘Open Authentication’, ‘Closed Authentication’, ‘Low Impact’.

authenticationOrder

string

added in 4.0.0 of cisco.dnac

Authentication Order. Allowed values are ‘dot1x ‘, ‘mac’.

dnac_debug

boolean

Flag for Cisco DNA Center SDK to enable debugging.

Choices:

  • no ← (default)

  • yes

dnac_host

string / required

The Cisco DNA Center hostname.

dnac_password

string

The Cisco DNA Center password to authenticate.

dnac_port

integer

The Cisco DNA Center port.

Default: 443

dnac_username

aliases: user

string

The Cisco DNA Center username to authenticate.

Default: “admin”

dnac_verify

boolean

Flag to enable or disable SSL certificate verification.

Choices:

  • no

  • yes ← (default)

dnac_version

string

Informs the SDK which version of Cisco DNA Center to use.

Default: “2.2.3.3”

dot1xToMabFallbackTimeout

string

added in 4.0.0 of cisco.dnac

In a network that includes both devices that support and devices that do not support IEEE 802.1X, MAB can be deployed as a fallback, or complementary, mechanism to IEEE 802.1X. If the network does not have any IEEE 802.1X-capable devices, MAB can be deployed as a standalone authentication mechanism (e.g. 3-120).

numberOfHosts

string

added in 4.0.0 of cisco.dnac

Number of hosts specifies the number of data hosts that can be connected to a port. With Single selected, you can have only one data client on the port. With Unlimited selected, you can have multiple data clients and one voice client on the port.

siteNameHierarchy

string

Site Name Hierarchy should be a valid fabric site name hierarchy. E.g Global/USA/San Jose.

validate_response_schema

boolean

Flag for Cisco DNA Center SDK to enable the validation of request bodies against a JSON schema.

Choices:

  • no

  • yes ← (default)

wakeOnLan

boolean

added in 4.0.0 of cisco.dnac

The IEEE 802.1X Wake on LAN (WoL) Support feature allows dormant systems to be powered up when the switch receives a specific Ethernet frame. You can use this feature in cases when hosts on power save and needs to receive a magic packet to turn them on. This feature works on a per subnet basis and send the subnet broadcast to all hosts in the subnet.

Choices:

  • no

  • yes

Notes

Note

  • SDK Method used are sda.Sda.add_default_authentication_profile, sda.Sda.delete_default_authentication_profile, sda.Sda.update_default_authentication_profile,

  • Paths used are post /dna/intent/api/v1/business/sda/authentication-profile, delete /dna/intent/api/v1/business/sda/authentication-profile, put /dna/intent/api/v1/business/sda/authentication-profile,

  • Does not support check_mode

  • The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco DNAC SDK

  • The parameters starting with dnac_ are used by the Cisco DNAC Python SDK to establish the connection

Examples

- name: Create
  cisco.dnac.sda_fabric_authentication_profile:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    state: present
    authenticateTemplateName: string
    siteNameHierarchy: string

- name: Update all
  cisco.dnac.sda_fabric_authentication_profile:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    state: present
    authenticateTemplateName: string
    authenticationOrder: string
    dot1xToMabFallbackTimeout: string
    numberOfHosts: string
    siteNameHierarchy: string
    wakeOnLan: true

- name: Delete all
  cisco.dnac.sda_fabric_authentication_profile:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    state: absent
    siteNameHierarchy: string

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

dnac_response

dictionary

A dictionary or list with the response returned by the Cisco DNAC Python SDK

Returned: always

Sample: “{\n \”status\”: \”string\”,\n \”description\”: \”string\”,\n \”taskId\”: \”string\”,\n \”taskStatusUrl\”: \”string\”,\n \”executionStatusUrl\”: \”string\”,\n \”executionId\”: \”string\”\n}\n”

Authors

  • Rafael Campos (@racampos)