cisco.mso.mso_tenant_site – Manage tenants with cloud sites.
Note
This plugin is part of the cisco.mso collection (version 1.0.1).
To install it use: ansible-galaxy collection install cisco.mso.
To use it in a playbook, specify: cisco.mso.mso_tenant_site.
Synopsis
- Manage tenants with cloud sites on Cisco ACI Multi-Site.
Requirements
The below requirements are needed on the host that executes this module.
- Multi Site Orchestrator v2.1 or newer
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| aws_access_key
string
|
AWS account's access key id. This is required when aws_trusted is set to false.
|
|
| aws_account_org
boolean
|
|
AWS account for organization.
|
| aws_trusted
boolean
|
|
AWS account's access in trusted mode. Credentials are required, when set to false.
|
| azure_access_type
string
|
|
Managed mode for Azure.
Unmanaged mode for Azure.
Shared mode if the attribute is not specified.
|
| azure_active_directory_id
string
|
Azure account's active directory id.
This attribute is required when azure_access_type is in unmanaged mode.
|
|
| azure_active_directory_name
string
|
Azure account's active directory name. Example being 'CiscoINSBUAd' as active directory name.
This attribute is required when azure_access_type is in unmanaged mode.
|
|
| azure_application_id
string
|
Azure account's application id.
This attribute is required when azure_access_type is either in managed mode or unmanaged mode.
|
|
| azure_credential_name
string
|
Azure account's credential name.
This attribute is required when azure_access_type is in unmanaged mode.
|
|
| azure_subscription_id
string
|
Azure account's subscription id.
This attribute is required when azure_access_type is either in managed mode or unmanaged mode.
|
|
| cloud_account
string
|
Required for cloud site.
Account id of AWS in the form '000000000000'.
Account id of Azure in the form 'uni/tn-(tenant_name)/act-[(subscription_id)]-azure_vendor-azure'.
Example values inside account id of Azure '(tenant_name)=tenant_test and (subscription_id)=10'.
|
|
| host
string / required
|
IP Address or hostname of the ACI Multi Site Orchestrator host.
If the value is not specified in the task, the value of environment variable
MSO_HOST will be used instead.
aliases: hostname |
|
| login_domain
string
|
The login domain name to use for authentication.
The default value is Local.
If the value is not specified in the task, the value of environment variable MSO_LOGIN_DOMAIN will be used instead.
|
|
| output_level
string
|
|
Influence the output of this ACI module.
normal means the standard output, incl. current dict
info adds informational output, incl. previous, proposed and sent dicts
debug adds debugging output, incl. filter_string, method, response, status and url information
If the value is not specified in the task, the value of environment variable MSO_OUTPUT_LEVEL will be used instead.
|
| password
string / required
|
The password to use for authentication.
If the value is not specified in the task, the value of environment variables MSO_PASSWORD or ANSIBLE_NET_PASSWORD will be used instead.
|
|
| port
integer
|
Port number to be used for the REST connection.
The default value depends on parameter `use_ssl`.
If the value is not specified in the task, the value of environment variable MSO_PORT will be used instead.
|
|
| secret_key
string
|
secret key of AWS for untrusted account. Required when aws_trusted is set to false.
secret key of Azure account for unmanaged identity. Required in unmanaged mode of Azure account.
|
|
| security_domains
list / elements=string
|
Default:
[]
|
List of security domains for cloud sites.
|
| site
string
|
The name of the site.
This can either be cloud site or non-cloud site.
aliases: name |
|
| state
string
|
|
Use
present or absent for adding or removing.
Use query for listing an object or multiple objects.
|
| tenant
string / required
|
The name of the tenant.
|
|
| timeout
integer
|
Default:
30
|
The socket level timeout in seconds.
If the value is not specified in the task, the value of environment variable MSO_TIMEOUT will be used instead.
|
| use_proxy
boolean
|
|
If
no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
If the value is not specified in the task, the value of environment variable MSO_USE_PROXY will be used instead.
|
| use_ssl
boolean
|
|
If
no, an HTTP connection will be used instead of the default HTTPS connection.
If the value is not specified in the task, the value of environment variable MSO_USE_SSL will be used instead.
|
| username
string
|
Default:
"admin"
|
The username to use for authentication.
If the value is not specified in the task, the value of environment variables MSO_USERNAME or ANSIBLE_NET_USERNAME will be used instead.
|
| validate_certs
boolean
|
|
If
no, SSL certificates will not be validated.
This should only set to
no when used on personally controlled sites using self-signed certificates.
If the value is not specified in the task, the value of environment variable MSO_VALIDATE_CERTS will be used instead.
|
Notes
Note
- Please read the Cisco ACI Guide for more detailed information on how to manage your ACI infrastructure using Ansible.
- This module was written to support ACI Multi Site Orchestrator v2.1 or newer. Some or all functionality may not work on earlier versions.
Examples
- name: Associate a non-cloud site with a tenant
cisco.mso.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
site: site_name
state: present
delegate_to: localhost
- name: Associate AWS site with a tenant, with aws_trusted set to true
cisco.mso.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
site: site_name
cloud_account: '000000000000'
aws_trusted: true
state: present
delegate_to: localhost
- name: Associate AWS site with a tenant, with aws_trusted set to false
cisco.mso.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
site: AWS
cloud_account: '000000000000'
aws_trusted: false
aws_access_key: '1'
secret_key: '0'
aws_account_org: false
state: present
delegate_to: localhost
- name: Associate Azure site in managed mode
mso.cisco.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
site: site_name
cloud_account: uni/tn-ansible_test/act-[9]-azure_vendor-azure
azure_access_type: managed
azure_subscription_id: '9'
azure_application_id: '100'
state: present
delegate_to: localhost
- name: Associate Azure site in unmanaged mode
mso.cisco.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
site: site_name
cloud_account: uni/tn-ansible_test/act-[9]-azure_vendor-azure
azure_access_type: unmanaged
azure_subscription_id: '9'
azure_application_id: '100'
azure_credential_name: cApicApp
secret_key: iins
azure_active_directory_id: '32'
azure_active_directory_name: CiscoINSBUAd
state: present
delegate_to: localhost
- name: Dissociate a site
cisco.mso.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
site: site_name
state: absent
delegate_to: localhost
- name: Query a site
cisco.mso.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
site: site_name
state: query
delegate_to: localhost
- name: Query all sites of a tenant
cisco.mso.mso_tenant_site:
host: mso_host
username: admin
password: SomeSecretPassword
tenant: tenant_name
state: query
delegate_to: localhost
register: query_result
Authors
- Shreyas Srish (@shrsr)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/cisco/mso/mso_tenant_site_module.html