cisco.asa.asa_og – (deprecated, removed after 2022-06-01) Manage object groups on a Cisco ASA

Note

This plugin is part of the cisco.asa collection (version 1.0.4).

To install it use: ansible-galaxy collection install cisco.asa.

To use it in a playbook, specify: cisco.asa.asa_og.

New in version 1.0.0: of cisco.asa

DEPRECATED
Synopsis
Parameters
Examples
Return Values
Status

DEPRECATED

Removed in: major release after 2022-06-01
Why: Newer and updated modules released with more functionality in Ansible 2.10
Alternative: asa_ogs

Synopsis

This module allows you to create and update object-group network/service on Cisco ASA device.

Note

This module has a corresponding action plugin.

Parameters

Parameter	Choices/Defaults	Comments
description string		The description for the object-group.
group_object list / elements=string		The group-object for network object-group.
group_type string / required	Choices: network-object service-object port-object	The object group type.
host_ip list / elements=string		The host IP address for object-group network.
ip_mask list / elements=string		The IP address and mask for network object-group.
name string / required		Name of the object group.
port_eq list / elements=string		The single port for port-object.
port_range list / elements=string		The port range for port-object.
protocol string	Choices: udp tcp tcp-udp	The protocol for object-group service with port-object.
service_cfg list / elements=string		The service-object configuration protocol, direction, range or port.
state string	Choices: present ← absent replace	Manage the state of the resource.

Examples

- name: configure network object-group
  cisco.asa.asa_og:
    name: ansible_test_0
    group_type: network-object
    state: present
    description: ansible_test object-group description
    host_ip:
    - 8.8.8.8
    - 8.8.4.4
    ip_mask:
    - 10.0.0.0 255.255.255.0
    - 192.168.0.0 255.255.0.0
    group_object:
    - awx_lon
    - awx_ams

- name: configure port-object object-group
  cisco.asa.asa_og:
    name: ansible_test_1
    group_type: port-object
    state: replace
    description: ansible_test object-group description
    protocol: tcp-udp
    port_eq:
    - 1025
    - kerberos
    port_range:
    - 1025 5201
    - 0 1024

- name: configure service-object object-group
  cisco.asa.asa_og:
    name: ansible_test_2
    group_type: service-object
    state: absent
    description: ansible_test object-group description
    service_cfg:
    - tcp destination eq 8080
    - tcp destination eq www

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
commands list / elements=string	always	command sent to the device Sample: ['object-group network ansible_test_0', 'description ansible_test object-group description', 'network-object host 8.8.8.8', 'network-object host 8.8.4.4', 'network-object 10.0.0.0 255.255.255.0', 'network-object 192.168.0.0 255.255.0.0', 'network-object 192.168.0.0 255.255.0.0', 'group-object awx_lon', 'group-object awx_ams']

Status

This module will be removed in a major release after 2022-06-01. [deprecated]
For more information see DEPRECATED.

Authors

Federico Olivieri (@Federico87)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/cisco/asa/asa_og_module.html