community.network.ce_acl_interface – Manages applying ACLs to interfaces on HUAWEI CloudEngine switches.
Note
This plugin is part of the community.network collection (version 3.0.0).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.network.
To use it in a playbook, specify: community.network.ce_acl_interface.
Synopsis
- Manages applying ACLs to interfaces on HUAWEI CloudEngine switches.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| acl_name string / required | ACL number or name. For a numbered rule group, the value ranging from 2000 to 4999. For a named rule group, the value is a string of 1 to 32 case-sensitive characters starting with a letter, spaces not supported. | |
| direction string / required |
| Direction ACL to be applied in on the interface. |
| interface string / required | Interface name. Only support interface full name, such as "40GE2/0/1". | |
| state string |
| Determines whether the config should be present or not on the device. |
Notes
Note
- Recommended connection is
network_cli. - This module also works with
localconnections for legacy playbooks.
Examples
- name: CloudEngine acl interface test
hosts: cloudengine
connection: local
gather_facts: no
vars:
cli:
host: "{{ inventory_hostname }}"
port: "{{ ansible_ssh_port }}"
username: "{{ username }}"
password: "{{ password }}"
transport: cli
tasks:
- name: "Apply acl to interface"
community.network.ce_acl_interface:
state: present
acl_name: 2000
interface: 40GE1/0/1
direction: outbound
provider: "{{ cli }}"
- name: "Undo acl from interface"
community.network.ce_acl_interface:
state: absent
acl_name: 2000
interface: 40GE1/0/1
direction: outbound
provider: "{{ cli }}"
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| changed boolean | always | check to see if a change was made on the device Sample: True |
| end_state dictionary | always | k/v pairs of aaa params after module execution Sample: {'acl interface': ['traffic-filter acl lb inbound', 'traffic-filter acl 2000 outbound']} |
| existing dictionary | always | k/v pairs of existing aaa server Sample: {'acl interface': 'traffic-filter acl lb inbound'} |
| proposed dictionary | always | k/v pairs of parameters passed into module Sample: {'acl_name': '2000', 'direction': 'outbound', 'interface': '40GE2/0/1', 'state': 'present'} |
| updates list / elements=string | always | command sent to the device Sample: ['interface 40ge2/0/1', 'traffic-filter acl 2000 outbound'] |
Authors
- wangdezhuang (@QijunPan)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/network/ce_acl_interface_module.html