asa_og – Manage object groups on a Cisco ASA

From Get docs
Ansible/docs/2.9/modules/asa og module


asa_og – Manage object groups on a Cisco ASA

New in version 2.8.


Synopsis

  • This module allows you to create and update object-group network/service on Cisco ASA device.

Parameters

Parameter Choices/Defaults Comments

description

-

The description for the object-group.

group_object

list

The group-object for network object-group.

group_type

- / required

  • network-object
  • service-object
  • port-object

The object group type.

host_ip

list

The host IP address for object-group network.

ip_mask

list

The IP address and mask for network object-group.

name

- / required

Name of the object group.

port_eq

-

The single port for port-object.

port_range

-

The port range for port-object.

protocol

-

  • udp
  • tcp
  • tcp-udp

The protocol for object-group service with port-object.

service_cfg

-

The service-object configuration protocol, direction, range or port.

state

-

  • present

  • absent
  • replace

Manage the state of the resource.



Examples

---
- name: configure network object-group
  asa_og:
    name: ansible_test_0
    group_type: network-object
    state: present
    description: ansible_test object-group description
    host_ip:
      - 8.8.8.8
      - 8.8.4.4
    ip_mask:
      - 10.0.0.0 255.255.255.0
      - 192.168.0.0 255.255.0.0
    group_object:
      - awx_lon
      - awx_ams

- name: configure port-object object-group
  asa_og:
    name: ansible_test_1
    group_type: port-object
    state: replace
    description: ansible_test object-group description
    protocol: tcp-udp
    port_eq:
      - 1025
      - kerberos
    port_range:
      - 1025 5201
      - 0 1024

- name: configure service-object object-group
  asa_og:
    name: ansible_test_2
    group_type: service-object
    state: absent
    description: ansible_test object-group description
    service_cfg:
      - tcp destination eq 8080
      - tcp destination eq www

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

commands

list

always

command sent to the device


Sample:

['object-group network ansible_test_0', 'description ansible_test object-group description', 'network-object host 8.8.8.8', 'network-object host 8.8.4.4', 'network-object 10.0.0.0 255.255.255.0', 'network-object 192.168.0.0 255.255.0.0', 'network-object 192.168.0.0 255.255.0.0', 'group-object awx_lon', 'group-object awx_ams']




Status

Authors

  • Federico Olivieri (@Federico87)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/asa_og_module.html