engine_action - Node-level actions on an NGFW Engine¶
Synopsis¶
Perform a node-level action on the NGFW Engine such as go_online, go_offline, generate initial_contact, or reboot.
Requirements (on host that executes module)¶
smc-python
Options¶
| parameter | required | default | choices | comments | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| actions |
no |
|
Action to perform on the NGFW Engine node. Some actions will optionally have additional arguments that can be provided. |
||||||||||||||||
| extra_args |
no |
Extra arguments to provide to the action constructor. Arguments documented only show action choices that have specific extra_args that are useful when calling the action. Constructor arguments are documented at http://smc-python.readthedocs.io/en/latest/pages/reference.html#module-smc.core.node |
|||||||||||||||||
| name |
yes |
Provide the name of the NGFW Engine for which to perform a node operation. |
|||||||||||||||||
| nodeid |
no | 1 |
Provide a nodeid for the NGFW Engine node for which to perform the action. For single NGFW Engines this is not required and will default to nodeid 1. For clusters, each node has a nodeid to represent which node to operate on. |
||||||||||||||||
| smc_address |
no |
FQDN with port of SMC. The default value is the environment variable |
|||||||||||||||||
| smc_alt_filepath |
no |
Provide an alternate path location to read the credentials from. File is expected to be stored in ~.smcrc. If provided, url and api_key settings are not required and will be ignored. |
|||||||||||||||||
| smc_api_key |
no |
API key for api client. The default value is the environment variable |
|||||||||||||||||
| smc_api_version |
no |
Optional API version to connect to. If none is provided, the latests LTS SMC API version will be used based on the Management Center version. Can be set though the environment variable |
|||||||||||||||||
| smc_domain |
no |
Optional domain to log in to. If no domain is provided, 'Shared Domain' is used. Can be set throuh the environment variable |
|||||||||||||||||
| smc_extra_args |
no |
Extra arguments to pass to login constructor. These are generally only used if specifically requested by support personnel.
| |||||||||||||||||
|
|||||||||||||||||||
| smc_logging |
no |
Optionally enable SMC API logging to a file
| |||||||||||||||||
|
|||||||||||||||||||
| smc_timeout |
no |
Optional timeout for connections to the SMC. Can be set through environment |
|||||||||||||||||
Examples¶
- name: Generate an initial contact configuration in base64 format
hosts: localhost
gather_facts: no
tasks:
- name: Firewall template
register: command_output
engine_action:
smc_logging:
level: 10
path: ansible-smc.log
name: myfw3
nodeid: 1
action: initial_contact
extra_args:
enable_ssh: true
as_base64: true
- debug: msg="{{ command_output.msg }}"
- name: Reboot node 1
hosts: localhost
gather_facts: no
tasks:
- name: Firewall template
engine_action:
name: myfw3
nodeid: 1
action: reboot
extra_args:
comment: reboot fw log entry
Return Values¶
Common return values are documented Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| msg |
message attribute will be empty except for initial contact
|
always | str | |
| state |
appliance status after performing the action
|
always | dict | {'status': 'Not Monitored', 'dyn_up': None, 'configuration_status': 'Declared', 'platform': 'N/A', 'state': 'NO_STATUS', 'installed_policy': None, 'version': 'unknown', 'name': 'myfw3 node 1'} |
Notes¶
Note
Login credential information is either obtained by providing them directly to the task/play, specifying an alt_filepath to read the credentials from to the play, or from environment variables (in that order). See http://smc-python.readthedocs.io/en/latest/pages/session.html for more information.
Status¶
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.