community.network.ce_acl_interface – Manages applying ACLs to interfaces on HUAWEI CloudEngine switches.
Note
This plugin is part of the community.network collection (version 3.0.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.network
.
To use it in a playbook, specify: community.network.ce_acl_interface
.
Synopsis
- Manages applying ACLs to interfaces on HUAWEI CloudEngine switches.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
acl_name string / required | ACL number or name. For a numbered rule group, the value ranging from 2000 to 4999. For a named rule group, the value is a string of 1 to 32 case-sensitive characters starting with a letter, spaces not supported. | |
direction string / required |
| Direction ACL to be applied in on the interface. |
interface string / required | Interface name. Only support interface full name, such as "40GE2/0/1". | |
state string |
| Determines whether the config should be present or not on the device. |
Notes
Note
- Recommended connection is
network_cli
. - This module also works with
local
connections for legacy playbooks.
Examples
- name: CloudEngine acl interface test hosts: cloudengine connection: local gather_facts: no vars: cli: host: "{{ inventory_hostname }}" port: "{{ ansible_ssh_port }}" username: "{{ username }}" password: "{{ password }}" transport: cli tasks: - name: "Apply acl to interface" community.network.ce_acl_interface: state: present acl_name: 2000 interface: 40GE1/0/1 direction: outbound provider: "{{ cli }}" - name: "Undo acl from interface" community.network.ce_acl_interface: state: absent acl_name: 2000 interface: 40GE1/0/1 direction: outbound provider: "{{ cli }}"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
changed boolean | always | check to see if a change was made on the device Sample: True |
end_state dictionary | always | k/v pairs of aaa params after module execution Sample: {'acl interface': ['traffic-filter acl lb inbound', 'traffic-filter acl 2000 outbound']} |
existing dictionary | always | k/v pairs of existing aaa server Sample: {'acl interface': 'traffic-filter acl lb inbound'} |
proposed dictionary | always | k/v pairs of parameters passed into module Sample: {'acl_name': '2000', 'direction': 'outbound', 'interface': '40GE2/0/1', 'state': 'present'} |
updates list / elements=string | always | command sent to the device Sample: ['interface 40ge2/0/1', 'traffic-filter acl 2000 outbound'] |
Authors
- wangdezhuang (@QijunPan)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/network/ce_acl_interface_module.html