diff --git a/examples/single_task/aam/aam_aaa_policy.yaml b/examples/single_task/aam/aam_aaa_policy.yaml new file mode 100644 index 000000000..3349f02ed --- /dev/null +++ b/examples/single_task/aam/aam_aaa_policy.yaml @@ -0,0 +1,15 @@ +- name: "Create AAM AAA Policy" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_aaa_policy: + state: present + name: my_server + aaa_rule_list: + - index: 1 + - action: deny # or allow + - authentication_template: my_template_name + - authorize_policy: my_policy_name + - user_tag: my_aaa_rule_tag + user_tag: my_aaa_policy_tag diff --git a/examples/single_task/aam/aam_authentiation_saml_identity_provider.yaml b/examples/single_task/aam/aam_authentiation_saml_identity_provider.yaml new file mode 100644 index 000000000..0da9b8e54 --- /dev/null +++ b/examples/single_task/aam/aam_authentiation_saml_identity_provider.yaml @@ -0,0 +1,11 @@ +- name: "Create AAM SAML IDP data" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authentication_saml_identity_provider: + state: present + name: my_saml_idp_name + metadata: metadata_name + reload_interval: 28800 + user_tag: idp_tag_name diff --git a/examples/single_task/aam/aam_authentication_saml_service_provider.yaml b/examples/single_task/aam/aam_authentication_saml_service_provider.yaml new file mode 100644 index 000000000..1ed26a0a3 --- /dev/null +++ b/examples/single_task/aam/aam_authentication_saml_service_provider.yaml @@ -0,0 +1,40 @@ +- name: "Create AAM SAML SP data" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authentication_saml_service_provider: + state: present + name: my_server_name + entity_id: saml_url + certificate: saml_cerificate_name + service_url: saml_url + user_tag: saml_sp_tag + signature_algorithm: saml_signature_algorithm + require_assertion_signed: + require_assertion_signed_enable: true + assertion_consuming_service: + - assertion_index: 1 # Integer + assertion_location: /my_saml_assertion_location + assertion_binding: post # Valid options: artifact, paos or post + metadata_export_service: + md_export_location: /path/to/metadata + sign_xml: true + artifact_resolution_service: + - artifact_index: 0 # Integer + artifact_location: /path/to/artifact + artifact_binding: soap # or post + adfs_ws_federation: + ws_federation_enable: my_ws_federation + single_logout_service: + - SLO_location: /path/to/slo + SLO_binding: post # or soap + SP_initiated_single_logout_service: + - SP_SLO_location: /path/to/sp_initiated/slo + - asynchronous: true + saml_request_signed: + saml_request_signed_disable: false + soap_tls_certificate_validate: + soap_tls_certificate_validate_disable: false + bad_request_redirect_url: hxxps://redirect.location/path + acs_uri_bypass: true diff --git a/examples/single_task/aam/aam_authentication_template_saml.yaml b/examples/single_task/aam/aam_authentication_template_saml.yaml new file mode 100644 index 000000000..eda99079d --- /dev/null +++ b/examples/single_task/aam/aam_authentication_template_saml.yaml @@ -0,0 +1,45 @@ +# This example is specific to SAML +- name: "Create AAM Authentication Template" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authentication_template: + state: present + name: my_template_name + ntype: saml # Other options are standard or oauth + saml_sp: my_saml_sp_name + saml_idp: my_saml_idp_name + logout_idle_timeout: 300 + max_session_time: 28800 + relay: my_saml_relay_name # Must be already created or playbook will fail at this step + # auth_session_mode: # cookie-based/ip-based + # oauth_authorization_server: + # oauth_client: + # cookie_domain: + # cookie_domain_group: + # cookie_max_age: + # cookie_secure_enable: + # cookie_httponly_enable: + # cookie_samesite: + # max_session_time: + # local_logging: + # logon: + # logout_url: + # forward_logout_diable: + # jwt: + # server: + # service_group: + # account: + # captcha: + # accounting_server: + # accounting_service_group: + # redirect_hostname: + # modify_content_security_policy: + # log: #use-partition-level-config/enable/disable + # chain: + # - chain_server: + # - chain_server_priority: + # - chain_sg: + # - chain_sg_priority: +... diff --git a/examples/single_task/aam/aam_authorization_policy.yaml b/examples/single_task/aam/aam_authorization_policy.yaml new file mode 100644 index 000000000..e8d187445 --- /dev/null +++ b/examples/single_task/aam/aam_authorization_policy.yaml @@ -0,0 +1,9 @@ +- name: "Create AAM Authorization Policy" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authorization_policy: + name: my_auth_policy_name + # attributes crated in aam_authorization_policy_attribute.yaml + user_tag: my_authorization_policy_tag diff --git a/examples/single_task/aam/aam_authorization_policy_attribute.yaml b/examples/single_task/aam/aam_authorization_policy_attribute.yaml new file mode 100644 index 000000000..0530a7eec --- /dev/null +++ b/examples/single_task/aam/aam_authorization_policy_attribute.yaml @@ -0,0 +1,22 @@ +# This is example is for string value. Comment/Uncomment as required for other values (not tested) +- name: "Create AAM Authorization Policy Attributes" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authorization_policy_attribute: + state: present + policy_name: my_policy + attr_num: 1 # Integer + attr_type: true + attribute_name: my_string_attribute + string_type: true + attr_str: match # or sub-string + attr_str_val: my_string_value + # attr_int: + # attrib_int_val: + # attr_number: + # attrib_number_val: + # attr_ip: ' + # attrib_ipv4: +... diff --git a/examples/single_task/aam/aam_import_auth_saml_idp.yaml b/examples/single_task/aam/aam_import_auth_saml_idp.yaml new file mode 100644 index 000000000..2a764aae9 --- /dev/null +++ b/examples/single_task/aam/aam_import_auth_saml_idp.yaml @@ -0,0 +1,13 @@ +- name: "Create metadata" + connection: local + collections: + a10.acos_axapi + hosts: "{{desired_inventory_group}}" + a10_import_auth_saml_idp: + state: present + saml_idp_name: my_saml_idp_name + overwrite: true + use_mgmt_port: true + remote_file: "hxxps://metadata.location/path/to/data" + +## Will fail if metadata is already assigned to an IdP and the IdP is in an Auth Template/Policy diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml new file mode 100644 index 000000000..e1989efe5 --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml @@ -0,0 +1,10 @@ +- name: "Update FTP Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_ftp: + state: present + monitor_name: my_ftp_monitor + ftp: true + ftp_port: "{{ ftp_port }}" diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml new file mode 100644 index 000000000..d4b8bd55e --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml @@ -0,0 +1,20 @@ +- name: "Update HTTPS Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_https: + state: present + monitor_name: my_https_monitor + https: true + disable_sslv2hello: true + https_host: "{{ https_host }}" + web_port: "{{ https_port }}" + https_expect: "{{ https_expect }}" + https_response_code: "{{ htps_expect_response_code }}" + https_url: "{{ specific_url }}" + url_path: "{{ url_path }}" + url_type: "{{ url_type }}" + cert: "{{ https_cert }}" + key: "{{ https_key }}" + sni: "{{ https_sni }}" diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml new file mode 100644 index 000000000..0e52647f5 --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml @@ -0,0 +1,9 @@ +- name: "Update ICMP Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_icmp: + state: present + monitor_name: my_ping_monitor + icmp: true diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml new file mode 100644 index 000000000..899b190df --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml @@ -0,0 +1,10 @@ +- name: "Update TCP Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_tcp: + state: present + monitor_name: my_tcp_monitor + method_tcp: true + tcp_port: " {{ tcp_monitor_port }}" diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml new file mode 100644 index 000000000..aa5a68e4c --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml @@ -0,0 +1,10 @@ +- name: "Update UDP Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_udp: + state: present + monitor_name: my_udp_monitor + udp: true + udp_port: " {{ udp_port }}" diff --git a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml index db67a60e7..18e9d7dbd 100644 --- a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml +++ b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml @@ -6,8 +6,19 @@ tasks: - name: Create a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: + state: present name: my_client-ssl + certificate_list: + - cert: "{{ cert_name }}" + key: "{{ key_name }}" + passphrase: '{{ passphrase }}' + chain_cert: '{{ chain_cert }}' + ec_list: + - ec: secp384r1 + - ec: secp256r1 ocspst_srvr_hours: 1 + diable_sslv3: 1 + template_cipher: my_cipher_template_name ocspst_srvr_timeout: 1 ocspst_sg_hours: 1 ocspst_sg_timeout: 1 @@ -33,7 +44,17 @@ a10.acos_axapi.a10_slb_template_client_ssl: state: present name: my_client-ssl + certificate_list: + - cert: "{{ cert_name }}" + key: "{{ key_name }}" + passphrase: '{{ passphrase }}' + chain_cert: '{{ chain_cert }}' + ec_list: + - ec: secp384r1 + - ec: secp256r1 ocspst_srvr_hours: 1 + diable_sslv3: 1 + template_cipher: my_cipher_template_name ocspst_srvr_timeout: 1 ocspst_sg_hours: 1 ocspst_sg_timeout: 1 @@ -59,7 +80,17 @@ a10.acos_axapi.a10_slb_template_client_ssl: state: absent name: my_client-ssl + certificate_list: + - cert: "{{ cert_name }}" + key: "{{ key_name }}" + passphrase: '{{ passphrase }}' + chain_cert: '{{ chain_cert }}' + ec_list: + - ec: secp384r1 + - ec: secp256r1 ocspst_srvr_hours: 1 + diable_sslv3: 1 + template_cipher: my_cipher_template_name ocspst_srvr_timeout: 1 ocspst_sg_hours: 1 ocspst_sg_timeout: 1 @@ -75,4 +106,4 @@ forward_proxy_cert_cache_limit: 0 forward_proxy_cert_not_ready_action: bypass version: 30 - dgversion: 30 \ No newline at end of file + dgversion: 30