From 630572a8f6731592871dfc874bef5832b74722fb Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:07:31 -0500 Subject: [PATCH 01/26] Create a10_health_monitor_create_https.yaml --- .../a10_health_monitor_create_https.yaml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 examples/single_task/health_monitor/a10_health_monitor_create_https.yaml diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml new file mode 100644 index 000000000..00bf193a0 --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml @@ -0,0 +1,24 @@ +- name: "Update HTTPS Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_https: + state: present + ansible_host: "{{ ansible_host }}" + ansible_port: "{{ ansible_port }}" + ansible_password: "{{ ansible_password }}" + ansible_username: "{{ ansible_username }}" + monitor_name: "{{ hc_method }}-{{ hc_port }}" + https: true + disable_sslv2hello: true + https_host: "{{ hc_host }}" + web_port: "{{ hc_port }}" + https_expect: "{{ expect }}" + https_response_code: "{{ expect_response_code }}" + https_url: "{{ specific_url }}" + url_path: "{{ url_path }}" + url_type: "{{ url_type }}" + cert: "{{ https_cert }}" + key: "{{ https_key }}" + sni: "{{ https_sni }}" From 10b1f8f082df956ecab97845a4fed26b1a14e073 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:08:59 -0500 Subject: [PATCH 02/26] Create a10_health_monitor_create_tcp_health_monitor.yaml --- ...0_health_monitor_create_tcp_health_monitor.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 examples/single_task/health_monitor/a10_health_monitor_create_tcp_health_monitor.yaml diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_tcp_health_monitor.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_tcp_health_monitor.yaml new file mode 100644 index 000000000..12632ba87 --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_tcp_health_monitor.yaml @@ -0,0 +1,14 @@ +- name: "Update TCP Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_tcp: + state: present + ansible_host: "{{ ansible_host }}" + ansible_port: "{{ ansible_port }}" + ansible_password: "{{ ansible_password }}" + ansible_username: "{{ ansible_username }}" + monitor_name: monitor_name + method_tcp: true + tcp_port: " {{ tcp_monitor_port }}" From 852d58c1ad418e50b08f9843fe0401e1cfc510e1 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:10:02 -0500 Subject: [PATCH 03/26] Update and rename a10_health_monitor_create_https.yaml to a10_health_monitor_create_https_health_monitor.yaml --- ...10_health_monitor_create_https_health_monitor.yaml} | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) rename examples/single_task/health_monitor/{a10_health_monitor_create_https.yaml => a10_health_monitor_create_https_health_monitor.yaml} (74%) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_https_health_monitor.yaml similarity index 74% rename from examples/single_task/health_monitor/a10_health_monitor_create_https.yaml rename to examples/single_task/health_monitor/a10_health_monitor_create_https_health_monitor.yaml index 00bf193a0..5547fe70d 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_https_health_monitor.yaml @@ -9,13 +9,13 @@ ansible_port: "{{ ansible_port }}" ansible_password: "{{ ansible_password }}" ansible_username: "{{ ansible_username }}" - monitor_name: "{{ hc_method }}-{{ hc_port }}" + monitor_name: monitor_name https: true disable_sslv2hello: true - https_host: "{{ hc_host }}" - web_port: "{{ hc_port }}" - https_expect: "{{ expect }}" - https_response_code: "{{ expect_response_code }}" + https_host: "{{ https_host }}" + web_port: "{{ https_port }}" + https_expect: "{{ https_expect }}" + https_response_code: "{{ htps_expect_response_code }}" https_url: "{{ specific_url }}" url_path: "{{ url_path }}" url_type: "{{ url_type }}" From e1ad2931acc1ffff7f240f68508de9b5c0c27e04 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:11:09 -0500 Subject: [PATCH 04/26] Create a10_health_monitor_create_udp.yaml --- .../a10_health_monitor_create_udp.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml new file mode 100644 index 000000000..d39b655d6 --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml @@ -0,0 +1,14 @@ +- name: "Update UDP Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_udp: + state: present + ansible_host: "{{ ansible_host }}" + ansible_port: "{{ ansible_port }}" + ansible_password: "{{ ansible_password }}" + ansible_username: "{{ ansible_username }}" + monitor_name: my_udp_monitor + udp: true + udp_port: " {{ udp_port }}" From 06b7c903cf1a5fbc3fe1051cc8bbc3708582cb42 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:11:48 -0500 Subject: [PATCH 05/26] Update and rename a10_health_monitor_create_https_health_monitor.yaml to a10_health_monitor_create_https.yaml --- ...health_monitor.yaml => a10_health_monitor_create_https.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename examples/single_task/health_monitor/{a10_health_monitor_create_https_health_monitor.yaml => a10_health_monitor_create_https.yaml} (95%) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_https_health_monitor.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml similarity index 95% rename from examples/single_task/health_monitor/a10_health_monitor_create_https_health_monitor.yaml rename to examples/single_task/health_monitor/a10_health_monitor_create_https.yaml index 5547fe70d..b2c411982 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_https_health_monitor.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml @@ -9,7 +9,7 @@ ansible_port: "{{ ansible_port }}" ansible_password: "{{ ansible_password }}" ansible_username: "{{ ansible_username }}" - monitor_name: monitor_name + monitor_name: my_https_monitor https: true disable_sslv2hello: true https_host: "{{ https_host }}" From c72f64f22d47bda25917dc6437dabf2d4c68c8fb Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:12:11 -0500 Subject: [PATCH 06/26] Update and rename a10_health_monitor_create_tcp_health_monitor.yaml to a10_health_monitor_create_tcp.yaml --- ...p_health_monitor.yaml => a10_health_monitor_create_tcp.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename examples/single_task/health_monitor/{a10_health_monitor_create_tcp_health_monitor.yaml => a10_health_monitor_create_tcp.yaml} (92%) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_tcp_health_monitor.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml similarity index 92% rename from examples/single_task/health_monitor/a10_health_monitor_create_tcp_health_monitor.yaml rename to examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml index 12632ba87..6e95f5634 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_tcp_health_monitor.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml @@ -9,6 +9,6 @@ ansible_port: "{{ ansible_port }}" ansible_password: "{{ ansible_password }}" ansible_username: "{{ ansible_username }}" - monitor_name: monitor_name + monitor_name: my_tcp_monitor method_tcp: true tcp_port: " {{ tcp_monitor_port }}" From 6662fa9273689133405d4cfda4e3671693e4b574 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:12:52 -0500 Subject: [PATCH 07/26] Create a10_health_monitor_create_ftp.yaml --- .../a10_health_monitor_create_ftp.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml new file mode 100644 index 000000000..db21e59ff --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml @@ -0,0 +1,14 @@ +- name: "Update FTP Health Check" + collections: + a10.acos_axapi + connection: local + hosts: "{{desired_inventory_group}}" + a10.acos_axapi.a10_health_monitor_method_ftp: + state: present + ansible_host: "{{ ansible_host }}" + ansible_port: "{{ ansible_port }}" + ansible_password: "{{ ansible_password }}" + ansible_username: "{{ ansible_username }}" + monitor_name: my_ftp_monitor + ftp: true + ftp_port: "{{ ftp_port }}" From eb1017e284d2e8d60f46b009e75fc7fa4f52fe19 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:13:27 -0500 Subject: [PATCH 08/26] Create a10_health_monitor_create_icp.yaml --- .../a10_health_monitor_create_icp.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 examples/single_task/health_monitor/a10_health_monitor_create_icp.yaml diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_icp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_icp.yaml new file mode 100644 index 000000000..2865dc5c6 --- /dev/null +++ b/examples/single_task/health_monitor/a10_health_monitor_create_icp.yaml @@ -0,0 +1,12 @@ +- name: "Update ICMP Health Check" + collections: + a10.acos_axapi + connection: local + a10.acos_axapi.a10_health_monitor_method_icmp: + state: present + ansible_host: "{{ ansible_host }}" + ansible_port: "{{ ansible_port }}" + ansible_password: "{{ ansible_password }}" + ansible_username: "{{ ansible_username }}" + monitor_name: my_ping_monitor + icmp: true From 6f2624eab0ab5b06d7554695c8b6f864cf811ce0 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:13:48 -0500 Subject: [PATCH 09/26] Update a10_health_monitor_create_ftp.yaml --- .../health_monitor/a10_health_monitor_create_ftp.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml index db21e59ff..e1989efe5 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_ftp.yaml @@ -5,10 +5,6 @@ hosts: "{{desired_inventory_group}}" a10.acos_axapi.a10_health_monitor_method_ftp: state: present - ansible_host: "{{ ansible_host }}" - ansible_port: "{{ ansible_port }}" - ansible_password: "{{ ansible_password }}" - ansible_username: "{{ ansible_username }}" monitor_name: my_ftp_monitor ftp: true ftp_port: "{{ ftp_port }}" From 723702275c0853c6e5e3f4ab71c71e80938cb44c Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:14:01 -0500 Subject: [PATCH 10/26] Update a10_health_monitor_create_https.yaml --- .../health_monitor/a10_health_monitor_create_https.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml index b2c411982..d4b8bd55e 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_https.yaml @@ -5,10 +5,6 @@ hosts: "{{desired_inventory_group}}" a10.acos_axapi.a10_health_monitor_method_https: state: present - ansible_host: "{{ ansible_host }}" - ansible_port: "{{ ansible_port }}" - ansible_password: "{{ ansible_password }}" - ansible_username: "{{ ansible_username }}" monitor_name: my_https_monitor https: true disable_sslv2hello: true From fe38fd3b4c15a756c3618bfc54b03bb0f9b8661d Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:14:22 -0500 Subject: [PATCH 11/26] Update and rename a10_health_monitor_create_icp.yaml to a10_health_monitor_create_icmp.yaml --- ...or_create_icp.yaml => a10_health_monitor_create_icmp.yaml} | 4 ---- 1 file changed, 4 deletions(-) rename examples/single_task/health_monitor/{a10_health_monitor_create_icp.yaml => a10_health_monitor_create_icmp.yaml} (54%) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_icp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml similarity index 54% rename from examples/single_task/health_monitor/a10_health_monitor_create_icp.yaml rename to examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml index 2865dc5c6..dc15a0410 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_icp.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml @@ -4,9 +4,5 @@ connection: local a10.acos_axapi.a10_health_monitor_method_icmp: state: present - ansible_host: "{{ ansible_host }}" - ansible_port: "{{ ansible_port }}" - ansible_password: "{{ ansible_password }}" - ansible_username: "{{ ansible_username }}" monitor_name: my_ping_monitor icmp: true From 67d28c383176770dbf877592f629188e24eebae2 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:14:33 -0500 Subject: [PATCH 12/26] Update a10_health_monitor_create_tcp.yaml --- .../health_monitor/a10_health_monitor_create_tcp.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml index 6e95f5634..899b190df 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_tcp.yaml @@ -5,10 +5,6 @@ hosts: "{{desired_inventory_group}}" a10.acos_axapi.a10_health_monitor_method_tcp: state: present - ansible_host: "{{ ansible_host }}" - ansible_port: "{{ ansible_port }}" - ansible_password: "{{ ansible_password }}" - ansible_username: "{{ ansible_username }}" monitor_name: my_tcp_monitor method_tcp: true tcp_port: " {{ tcp_monitor_port }}" From 2e85fb1f3e99c0cc207898818b3b70f6a5812b2a Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:14:43 -0500 Subject: [PATCH 13/26] Update a10_health_monitor_create_udp.yaml --- .../health_monitor/a10_health_monitor_create_udp.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml index d39b655d6..aa5a68e4c 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_udp.yaml @@ -5,10 +5,6 @@ hosts: "{{desired_inventory_group}}" a10.acos_axapi.a10_health_monitor_method_udp: state: present - ansible_host: "{{ ansible_host }}" - ansible_port: "{{ ansible_port }}" - ansible_password: "{{ ansible_password }}" - ansible_username: "{{ ansible_username }}" monitor_name: my_udp_monitor udp: true udp_port: " {{ udp_port }}" From e0ce060664cc2809b4928356ffae86f34132b2c2 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:42:27 -0500 Subject: [PATCH 14/26] Create aam_import_auth_saml_idp.yaml --- .../single_task/aam/aam_import_auth_saml_idp.yaml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 examples/single_task/aam/aam_import_auth_saml_idp.yaml diff --git a/examples/single_task/aam/aam_import_auth_saml_idp.yaml b/examples/single_task/aam/aam_import_auth_saml_idp.yaml new file mode 100644 index 000000000..3ed392b6b --- /dev/null +++ b/examples/single_task/aam/aam_import_auth_saml_idp.yaml @@ -0,0 +1,11 @@ +- name: "Create metadata" + connection: local + collections: + a10.acos_axapi + hosts: "{{desired_inventory_group}}" + a10_import_auth_saml_idp: + state: present + saml_idp_name: my_saml_idp_name + overwrite: true + use_mgmt_port: true + remote_file: "hxxps://metadata.location/path/to/data" From 1432bd4b928496de4442637b34cf2333453989ce Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:42:47 -0500 Subject: [PATCH 15/26] Update a10_health_monitor_create_icmp.yaml --- .../health_monitor/a10_health_monitor_create_icmp.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml b/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml index dc15a0410..0e52647f5 100644 --- a/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml +++ b/examples/single_task/health_monitor/a10_health_monitor_create_icmp.yaml @@ -2,6 +2,7 @@ collections: a10.acos_axapi connection: local + hosts: "{{desired_inventory_group}}" a10.acos_axapi.a10_health_monitor_method_icmp: state: present monitor_name: my_ping_monitor From 4c8d3c4fc4e5e0babb030d469938f567e477db14 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:44:06 -0500 Subject: [PATCH 16/26] Create aam_authentiation_saml_identity_provider.yaml --- .../aam/aam_authentiation_saml_identity_provider.yaml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 examples/single_task/aam/aam_authentiation_saml_identity_provider.yaml diff --git a/examples/single_task/aam/aam_authentiation_saml_identity_provider.yaml b/examples/single_task/aam/aam_authentiation_saml_identity_provider.yaml new file mode 100644 index 000000000..0da9b8e54 --- /dev/null +++ b/examples/single_task/aam/aam_authentiation_saml_identity_provider.yaml @@ -0,0 +1,11 @@ +- name: "Create AAM SAML IDP data" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authentication_saml_identity_provider: + state: present + name: my_saml_idp_name + metadata: metadata_name + reload_interval: 28800 + user_tag: idp_tag_name From fc670c9f7d6027c589c1de41b6846e3ce4507877 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:45:00 -0500 Subject: [PATCH 17/26] Update aam_import_auth_saml_idp.yaml --- examples/single_task/aam/aam_import_auth_saml_idp.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/examples/single_task/aam/aam_import_auth_saml_idp.yaml b/examples/single_task/aam/aam_import_auth_saml_idp.yaml index 3ed392b6b..6a70c90ae 100644 --- a/examples/single_task/aam/aam_import_auth_saml_idp.yaml +++ b/examples/single_task/aam/aam_import_auth_saml_idp.yaml @@ -9,3 +9,5 @@ overwrite: true use_mgmt_port: true remote_file: "hxxps://metadata.location/path/to/data" + +## Will fail if metadata is already assigned to an IdP and the IdP is in an Auth Tempalte/Policy From e387000445c64dd3b73c5f450a2c0d1fc6bf47a7 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:50:28 -0500 Subject: [PATCH 18/26] Create aam_authentication_saml_service_provider.yaml --- ..._authentication_saml_service_provider.yaml | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 examples/single_task/aam/aam_authentication_saml_service_provider.yaml diff --git a/examples/single_task/aam/aam_authentication_saml_service_provider.yaml b/examples/single_task/aam/aam_authentication_saml_service_provider.yaml new file mode 100644 index 000000000..1ed26a0a3 --- /dev/null +++ b/examples/single_task/aam/aam_authentication_saml_service_provider.yaml @@ -0,0 +1,40 @@ +- name: "Create AAM SAML SP data" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authentication_saml_service_provider: + state: present + name: my_server_name + entity_id: saml_url + certificate: saml_cerificate_name + service_url: saml_url + user_tag: saml_sp_tag + signature_algorithm: saml_signature_algorithm + require_assertion_signed: + require_assertion_signed_enable: true + assertion_consuming_service: + - assertion_index: 1 # Integer + assertion_location: /my_saml_assertion_location + assertion_binding: post # Valid options: artifact, paos or post + metadata_export_service: + md_export_location: /path/to/metadata + sign_xml: true + artifact_resolution_service: + - artifact_index: 0 # Integer + artifact_location: /path/to/artifact + artifact_binding: soap # or post + adfs_ws_federation: + ws_federation_enable: my_ws_federation + single_logout_service: + - SLO_location: /path/to/slo + SLO_binding: post # or soap + SP_initiated_single_logout_service: + - SP_SLO_location: /path/to/sp_initiated/slo + - asynchronous: true + saml_request_signed: + saml_request_signed_disable: false + soap_tls_certificate_validate: + soap_tls_certificate_validate_disable: false + bad_request_redirect_url: hxxps://redirect.location/path + acs_uri_bypass: true From da708bfebd45fadadcd8ab0cfbb8edae62aafa35 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:53:39 -0500 Subject: [PATCH 19/26] Create aam_authorization_policy_attribute.yaml --- .../aam_authorization_policy_attribute.yaml | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 examples/single_task/aam/aam_authorization_policy_attribute.yaml diff --git a/examples/single_task/aam/aam_authorization_policy_attribute.yaml b/examples/single_task/aam/aam_authorization_policy_attribute.yaml new file mode 100644 index 000000000..0530a7eec --- /dev/null +++ b/examples/single_task/aam/aam_authorization_policy_attribute.yaml @@ -0,0 +1,22 @@ +# This is example is for string value. Comment/Uncomment as required for other values (not tested) +- name: "Create AAM Authorization Policy Attributes" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authorization_policy_attribute: + state: present + policy_name: my_policy + attr_num: 1 # Integer + attr_type: true + attribute_name: my_string_attribute + string_type: true + attr_str: match # or sub-string + attr_str_val: my_string_value + # attr_int: + # attrib_int_val: + # attr_number: + # attrib_number_val: + # attr_ip: ' + # attrib_ipv4: +... From 929480c8251ec96fa2621e32a94cdc8f57884d0d Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:55:58 -0500 Subject: [PATCH 20/26] Create aam_aaa_policy.yaml --- examples/single_task/aam/aam_aaa_policy.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 examples/single_task/aam/aam_aaa_policy.yaml diff --git a/examples/single_task/aam/aam_aaa_policy.yaml b/examples/single_task/aam/aam_aaa_policy.yaml new file mode 100644 index 000000000..3349f02ed --- /dev/null +++ b/examples/single_task/aam/aam_aaa_policy.yaml @@ -0,0 +1,15 @@ +- name: "Create AAM AAA Policy" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_aaa_policy: + state: present + name: my_server + aaa_rule_list: + - index: 1 + - action: deny # or allow + - authentication_template: my_template_name + - authorize_policy: my_policy_name + - user_tag: my_aaa_rule_tag + user_tag: my_aaa_policy_tag From b82963b6be33288e590dfc51e1c11dfbc0d301ea Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 09:59:26 -0500 Subject: [PATCH 21/26] Create aam_authorization_policy.yaml --- examples/single_task/aam/aam_authorization_policy.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 examples/single_task/aam/aam_authorization_policy.yaml diff --git a/examples/single_task/aam/aam_authorization_policy.yaml b/examples/single_task/aam/aam_authorization_policy.yaml new file mode 100644 index 000000000..e8d187445 --- /dev/null +++ b/examples/single_task/aam/aam_authorization_policy.yaml @@ -0,0 +1,9 @@ +- name: "Create AAM Authorization Policy" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authorization_policy: + name: my_auth_policy_name + # attributes crated in aam_authorization_policy_attribute.yaml + user_tag: my_authorization_policy_tag From f4e14d27f87ac4027b527d31c517e674ca2e350b Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 10:03:10 -0500 Subject: [PATCH 22/26] Create aam_authentication_template_saml.yaml --- .../aam/aam_authentication_template_saml.yaml | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 examples/single_task/aam/aam_authentication_template_saml.yaml diff --git a/examples/single_task/aam/aam_authentication_template_saml.yaml b/examples/single_task/aam/aam_authentication_template_saml.yaml new file mode 100644 index 000000000..eda99079d --- /dev/null +++ b/examples/single_task/aam/aam_authentication_template_saml.yaml @@ -0,0 +1,45 @@ +# This example is specific to SAML +- name: "Create AAM Authentication Template" + connection: local + hosts: "{{desired_inventory_group}}" + collections: + a10.acos_axapi + a10.acos_axapi.a10_aam_authentication_template: + state: present + name: my_template_name + ntype: saml # Other options are standard or oauth + saml_sp: my_saml_sp_name + saml_idp: my_saml_idp_name + logout_idle_timeout: 300 + max_session_time: 28800 + relay: my_saml_relay_name # Must be already created or playbook will fail at this step + # auth_session_mode: # cookie-based/ip-based + # oauth_authorization_server: + # oauth_client: + # cookie_domain: + # cookie_domain_group: + # cookie_max_age: + # cookie_secure_enable: + # cookie_httponly_enable: + # cookie_samesite: + # max_session_time: + # local_logging: + # logon: + # logout_url: + # forward_logout_diable: + # jwt: + # server: + # service_group: + # account: + # captcha: + # accounting_server: + # accounting_service_group: + # redirect_hostname: + # modify_content_security_policy: + # log: #use-partition-level-config/enable/disable + # chain: + # - chain_server: + # - chain_server_priority: + # - chain_sg: + # - chain_sg_priority: +... From 1f3e4928d8fc1c3b012003cde393f22b38bef950 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 10:10:03 -0500 Subject: [PATCH 23/26] Update a10_slb_template_client_ssl.yaml Added Certificate list and ec_list --- .../template/a10_slb_template_client_ssl.yaml | 34 +++++++++++++++++-- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml index db67a60e7..1477aefc5 100644 --- a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml +++ b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml @@ -7,7 +7,17 @@ - name: Create a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: name: my_client-ssl + certificate_list: + - cert: "{{ cert_name }}" + key: "{{ key_name }}" + passphrase: '{{ passphrase }}' + chain_cert: '{{ chain_cert }}' + ec_list: + - ec: secp384r1 + - ec: secp256r1 ocspst_srvr_hours: 1 + diable_sslv3: 1 + template_cipher: my_cipher_template_name ocspst_srvr_timeout: 1 ocspst_sg_hours: 1 ocspst_sg_timeout: 1 @@ -31,9 +41,18 @@ tasks: - name: Update a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: - state: present name: my_client-ssl + certificate_list: + - cert: "{{ cert_name }}" + key: "{{ key_name }}" + passphrase: '{{ passphrase }}' + chain_cert: '{{ chain_cert }}' + ec_list: + - ec: secp384r1 + - ec: secp256r1 ocspst_srvr_hours: 1 + diable_sslv3: 1 + template_cipher: my_cipher_template_name ocspst_srvr_timeout: 1 ocspst_sg_hours: 1 ocspst_sg_timeout: 1 @@ -57,9 +76,18 @@ tasks: - name: Delete a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: - state: absent name: my_client-ssl + certificate_list: + - cert: "{{ cert_name }}" + key: "{{ key_name }}" + passphrase: '{{ passphrase }}' + chain_cert: '{{ chain_cert }}' + ec_list: + - ec: secp384r1 + - ec: secp256r1 ocspst_srvr_hours: 1 + diable_sslv3: 1 + template_cipher: my_cipher_template_name ocspst_srvr_timeout: 1 ocspst_sg_hours: 1 ocspst_sg_timeout: 1 @@ -75,4 +103,4 @@ forward_proxy_cert_cache_limit: 0 forward_proxy_cert_not_ready_action: bypass version: 30 - dgversion: 30 \ No newline at end of file + dgversion: 30 From 07ee4fccf35e0cf9ca13293ba4704ece9ff67cb4 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 15:35:01 -0500 Subject: [PATCH 24/26] Update aam_import_auth_saml_idp.yaml fixed typo --- examples/single_task/aam/aam_import_auth_saml_idp.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/single_task/aam/aam_import_auth_saml_idp.yaml b/examples/single_task/aam/aam_import_auth_saml_idp.yaml index 6a70c90ae..2a764aae9 100644 --- a/examples/single_task/aam/aam_import_auth_saml_idp.yaml +++ b/examples/single_task/aam/aam_import_auth_saml_idp.yaml @@ -10,4 +10,4 @@ use_mgmt_port: true remote_file: "hxxps://metadata.location/path/to/data" -## Will fail if metadata is already assigned to an IdP and the IdP is in an Auth Tempalte/Policy +## Will fail if metadata is already assigned to an IdP and the IdP is in an Auth Template/Policy From 1bd7080c13eb8c23ec267acd98ee95c6c04c82c9 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 15:37:18 -0500 Subject: [PATCH 25/26] Update a10_slb_template_client_ssl.yaml --- .../single_task/slb/template/a10_slb_template_client_ssl.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml index 1477aefc5..21026d01d 100644 --- a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml +++ b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml @@ -6,6 +6,7 @@ tasks: - name: Create a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: + state: present name: my_client-ssl certificate_list: - cert: "{{ cert_name }}" @@ -41,6 +42,7 @@ tasks: - name: Update a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: + state: present name: my_client-ssl certificate_list: - cert: "{{ cert_name }}" @@ -76,6 +78,7 @@ tasks: - name: Delete a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: + state: abset name: my_client-ssl certificate_list: - cert: "{{ cert_name }}" From 49013efd935093bbdf4abf4bc39d77920a60c4f6 Mon Sep 17 00:00:00 2001 From: Aaron <74794047+wrestleraaron@users.noreply.github.com> Date: Mon, 15 Jul 2024 15:37:29 -0500 Subject: [PATCH 26/26] Update a10_slb_template_client_ssl.yaml --- .../single_task/slb/template/a10_slb_template_client_ssl.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml index 21026d01d..18e9d7dbd 100644 --- a/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml +++ b/examples/single_task/slb/template/a10_slb_template_client_ssl.yaml @@ -78,7 +78,7 @@ tasks: - name: Delete a10.acos_axapi.a10_slb_template_client_ssl instance a10.acos_axapi.a10_slb_template_client_ssl: - state: abset + state: absent name: my_client-ssl certificate_list: - cert: "{{ cert_name }}"