coffee Atom Custom Snippets
snippets.cson
# Your snippets
#
# Atom snippets allow you to enter a simple prefix in the editor and hit tab to
# expand the prefix into a larger code block with templated values.
#
# You can create a new snippet in this file by typing "snip" and then hitting
# tab.
#
# An example CoffeeScript snippet to expand log to console.log:
#
# '.source.coffee':
# 'Console log':
# 'prefix': 'log'
# 'body': 'console.log $1'
#
# Each scope (e.g. '.source.coffee' above) can only be declared once.
#
# This file uses CoffeeScript Object Notation (CSON).
# If you are unfamiliar with CSON, you can read more about it in the
# Atom Flight Manual:
# http://flight-manual.atom.io/using-atom/sections/basic-customization/#_cson
'.source.js':
'Console log':
'prefix': 'log'
'body': """
console.log(``)
"""
'Document ready':
'prefix': 'ready'
'body': """
$(function() {
console.log('ready')
})
"""
'On click event':
'prefix': 'oc'
'body': """
$('.class-name').click(function(e){
e.preventDefault()
})
"""
'Dynamic click event':
'prefix': 'doc'
'body': """
$('body').on('click', '.class-name', function(e) {
e.preventDefault()
})
"""
'Ajax':
'prefix': 'ajax'
'body': """
$.ajax({
url: '/',
type: 'POST',
data: {
field: value
},
success: function(data) {
console.log(data)
},
error: function (request, status, error) {
console.log('code: '+request.status+' error: '+error)
}
})
"""
'Get JSON':
'prefix': 'getjson'
'body': """
$.getJSON("data.json", function(json) {
console.log(json)
})
"""
'Fs readFile':
'prefix': 'fsread'
'body': """
fs.readFile('./public/data.json', (err, data) => {
if (err) throw err
let json = JSON.parse(data)
console.log(json)
})
"""
'Fs writeFile':
'prefix': 'fsWrite'
'body': """
fs.writeFile('./data.json', data, (err) => {
if (err) throw err
console.log('saved!')
})
"""
'Fs listFiles':
'prefix': 'fslist'
'body': """
const directoryPath = path.join(__dirname, 'public')
fs.readdir(directoryPath, function (err, files) {
if (err) throw err
files.forEach(function (file) {
console.log(file)
})
})
"""
'Random number':
'prefix': 'rand'
'body': """
Math.floor(Math.random() * 6) //random number from 0 to 5
"""
'Filter by a key value':
'prefix': 'filter'
'body': """
let item = array.find(function (obj) {return obj.key === "value"})
"""
'Mongoose new entry':
'prefix': 'mongoNew'
'body': """
let record = new Record()
record.name = "value"
record.save(err => {
if (err)
res.json({status: 'error', err: err})
else
res.json({status: 'success', record: record})
})
"""
'Mongoose findById':
'prefix': 'mongoFindById'
'body': """
Model.findById(id, function (err, record) {
})
"""
'.source.pug':
'Datetime helper':
'prefix': 'date'
'body': """
- let month = record.date.getMonth() + 1
td= month.toString().padStart(2, '0') + "/" + record.date.getDate().toString().padStart(2, '0') + "/" + record.date.getFullYear()
"""
coffee forIn
forIn.js
Object.defineProperty(Object.prototype, "forIn", {
value: function(fn, self) {
self = self || this;
return Object.keys(this).forEach(function(key, index) {
var value;
value = this[key];
return fn.call(self, value, key, index);
}, this);
}
});
forIn.coffee
Object.defineProperty Object.prototype, "forIn",
value: (fn, self) ->
self = self || this
Object.keys(this).forEach (key, index) ->
value = this[key]
fn.call(self, value, key, index)
, this
coffee 用于Atom编辑器的Netsuite Snippets
atom_netsuite_snippets.cson
'.source.js':
'Netsuite Suitelet 2.0':
'prefix': 'nsSuitelet'
'body': """
/**
*@NApiVersion 2.x
*@NScriptType Suitelet
*/
define(
[
],
function () {
// /**
// * @param {SuiteletContext.onRequest} context
// */
// function onRequest(context) {
//
// }
return {
// onRequest: onRequest
};
});
""",
'Netsuite MapReduceScript 2.0':
'prefix': 'nsMapRed'
'body': """
/**
*@NApiVersion 2.x
*@NScriptType MapReduceScript
*/
define(
[
],
function () {
// function getInputData() {
//
// }
// function map(context) {
//
// }
// function reduce(context) {
//
// }
// function summarize(summary) {
//
// }
return {
// getInputData: getInputData,
// map: map,
// reduce: reduce,
// summarize: summarize
};
});
""",
'Netsuite ClientScript 2.0':
'prefix': 'nsClientSc'
'body': """
/**
*@NApiVersion 2.x
*@NScriptType ClientScript
*/
define(
[
],
function () {
// /**
// * @param {ClientScriptContext.fieldChanged} context
// */
// function fieldChanged(context) {
//
// }
// /**
// * @param {ClientScriptContext.lineInit} context
// */
// function lineInit(context) {
//
// }
// /**
// * @param {ClientScriptContext.pageInit} context
// */
// function pageInit(context) {
//
// }
// /**
// * @param {ClientScriptContext.postSourcing} context
// */
// function postSourcing(context) {
//
// }
// /**
// * @param {ClientScriptContext.saveRecord} context
// */
// function saveRecord(context) {
//
// }
// /**
// * @param {ClientScriptContext.sublistChanged} context
// */
// function sublistChanged(context) {
//
// }
// /**
// * @param {ClientScriptContext.validateDelete} context
// */
// function validateDelete(context) {
// return true;
// }
// /**
// * @param {ClientScriptContext.validateField} context
// */
// function validateField(context) {
// return true;
// }
// /**
// * @param {ClientScriptContext.validateInsert} context
// */
// function validateInsert(context) {
// return true;
// }
// /**
// * @param {ClientScriptContext.validateLine} context
// */
// function validateLine(context) {
// return true;
// }
return {
// fieldChanged: fieldChanged,
// lineInit: lineInit,
// pageInit: pageInit,
// postSourcing: postSourcing,
// saveRecord: saveRecord,
// sublistChanged: sublistChanged,
// validateDelete: validateDelete,
// validateField: validateField,
// validateInsert: validateInsert,
// validateLine: validateLine
};
});
""",
'Netsuite Restlet 2.0':
'prefix': 'nsRestlet'
'body': """
/**
*@NApiVersion 2.x
*@NScriptType restlet
*/
define(
[
],
function () {
return {
// delete: function () {
// },
// get: function () {
// },
// post: function () {
// },
// put: function () {
// }
};
});
""",
'Netsuite User Event 2.0':
'prefix': 'nsUserEvent'
'body': """
/**
*@NApiVersion 2.x
*@NScriptType UserEventScript
*/
define(
[
],
function () {
// /**
// * @param {UserEventContext.beforeLoad} context
// */
// function beforeLoad(context) {
//
// }
// /**
// * @param {UserEventContext.beforeSubmit} context
// */
// function beforeSubmit(context) {
//
// }
// /**
// * @param {UserEventContext.afterSubmit} context
// */
// function afterSubmit(context) {
//
// }
return {
// beforeLoad: beforeLoad,
// beforeSubmit: beforeSubmit,
// afterSubmit: afterSubmit
};
});
""",
'Netsuite Search Create':
'prefix': 'nsSearch-create'
'body': """
search.create({
type: search.Type,
filters: [],
columns: []
});
"""coffee 原子配置
原子配置
init.coffee
# Your init script
#
# Atom will evaluate this file each time a new window is opened. It is run
# after packages are loaded/activated and after the previous editor state
# has been restored.
#
# An example hack to log to the console when each text editor is saved.
#
# atom.workspace.observeTextEditors (editor) ->
# editor.onDidSave ->
# console.log "Saved! #{editor.getPath()}"
atom.commands.add 'atom-text-editor', 'exit-insert-mode-if-preceded-by-j': (e) ->
editor = @getModel()
pos = editor.getCursorBufferPosition()
range = [pos.traverse([0,-1]), pos]
lastChar = editor.getTextInBufferRange(range)
if lastChar != "j"
e.abortKeyBinding()
else
editor.backspace()
atom.commands.dispatch(e.currentTarget, 'vim-mode:activate-normal-mode')
atom.commands.add 'body', 'open-project-in-system': (e) ->
require('child_process').exec "open .", cwd: atom.project.getPaths()[0]
atom.commands.add 'body', 'open-file-with-texshop': (e) ->
editor = atom.workspace.getActivePaneItem()
file = editor?.buffer?.file
filepath = file?.path
require('child_process').exec "open -a TexShop " + filepath, cwd: atom.project.getPaths()[0]
toolbar.cson
# This file is used by Flex Tool Bar to create buttons on your Tool Bar.
# For more information how to use this package and create your own buttons,
# read the documentation on https://atom.io/packages/flex-tool-bar
[
# Douglas
{
type: "button"
icon: "book"
callback: "douglas:toggle"
tooltip: "Open ghq projects"
}
{
type: "spacer"
}
# github
{
type: "button"
icon: "mark-github"
callback: "open-on-github:file"
tooltip: "Open on GitHub File"
}
# Finder
{
type: "button"
icon: "file-directory"
callback: "open-project-in-system"
tooltip: "Open project root"
}
# Terminal
{
type: "button"
icon: "terminal"
callback: "open-terminal-here:open-root"
tooltip: "Open Terminal on Root"
}
# Terminal
{
type: "button"
icon: "file"
callback: "open-file-with-texshop"
tooltip: "Open File with TexShop"
}
# Git Add
{
type: "button"
icon: "diff-added"
callback: "git-plus:add"
tooltip: "git add this file"
}
# atom-beautifyパッケージの実行
{
type: "button"
icon: "code"
callback: "atom-beautify:beautify-editor"
tooltip: "テキストの整形"
iconset: "fa"
mode: "atom-text-editor"
}
# markdown-previewのトグル(Markdownファイルでのみ表示)
{
type: "button"
icon: "markdown"
callback: "markdown-preview:toggle"
tooltip: "Markdown Preview"
hide: "!Markdown"
}
# 設定
{
type: "button"
icon: "gear"
callback: "flex-tool-bar:edit-config-file"
tooltip: "Edit Tool Bar"
}
]
coffee 后缀
后缀
main.cf
# /etc/postfix/main.cf
####
myhostname = mail.tyio.net
mydomain = tyio.net
myorigin = $mydomain
mydestination = $mydomain
#inet_interfaces = all
#mynetworks_style = class
relay_domains = $mydomain
inet_protocols = ipv4
coffee Atom配置
config.cson
"*":
core:
telemetryConsent: "no"
uriHandlerRegistration: "always"
editor:
fontSize: 12
invisibles: {}
scrollPastEnd: true
showIndentGuide: true
showInvisibles: true
softWrapAtPreferredLineLength: true
tabLength: 4
"exception-reporting":
userId: "e9c5f66c-fc72-46f3-9f90-a542b8521a60"
welcome:
showOnStartup: false
coffee Atom片段
snippets.cson
# Your snippets
#
# Atom snippets allow you to enter a simple prefix in the editor and hit tab to
# expand the prefix into a larger code block with templated values.
#
# You can create a new snippet in this file by typing "snip" and then hitting
# tab.
#
# An example CoffeeScript snippet to expand log to console.log:
#
# '.source.coffee':
# 'Console log':
# 'prefix': 'log'
# 'body': 'console.log $1'
#
# Each scope (e.g. '.source.coffee' above) can only be declared once.
#
# This file uses CoffeeScript Object Notation (CSON).
# If you are unfamiliar with CSON, you can read more about it in the
# Atom Flight Manual:
# http://flight-manual.atom.io/using-atom/sections/basic-customization/#_cson
# SCSS
# Media queries
'.source.scss':
'Media Query':
'prefix': 'media'
'body': '
@media (${1:size}) {
\n
\n ${2:propiedades}
\n
\n}'
'Media Mobile':
'prefix': 'media mobile'
'body': '
@media ($mobile) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Desktop':
'prefix': 'media desktop'
'body': '
@media ($desktop) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Tablet':
'prefix': 'media tablet'
'body': '
@media ($tablet) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Phone':
'prefix': 'media phone'
'body': '
@media ($phone) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Phone Small':
'prefix': 'media phone small'
'body': '
@media ($phoneSmall) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Desktop Large':
'prefix': 'media desktop large'
'body': '
@media ($desktopLarge) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Desktop Medium':
'prefix': 'media desktop medium'
'body': '
@media ($desktopMedium) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Only Tablet':
'prefix': 'media tablet only'
'body': '
@media ($onlyTablet) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Only Desktop Medium':
'prefix': 'media desktop medium only'
'body': '
@media ($onlyDesktopMedium) {
\n
\n ${1:propiedades}
\n
\n}'
'Media Only From Tablet':
'prefix': 'media tablet only from'
'body': '
@media ($fromTablet) {
\n
\n ${1:propiedades}
\n
\n}'
'Interpolación':
'prefix': 'interpolación'
'body': '#{$${1:variable}}'
'Selector de atributos Término':
'prefix': 'attribute term'
'body': '
[${1:atributo}*="${2:término}"] {
\n
\t ${3:propiedades}
\n}'
'Selector de atributos':
'prefix': 'attribute'
'body': '
[${1:atributo}="${2:término}"] {
\n
\t ${3:propiedades}
\n}'
'Padding model':
'prefix': 'padding model'
'body': '
padding: {
\n top: ${1:value};
\n right: ${2:value};
\n bottom: ${3:value};
\n left: ${4:value};
\n}'
'Margin model':
'prefix': 'margin model'
'body': '
margin: {
\n top: ${1:value};
\n right: ${2:value};
\n bottom: ${3:value};
\n left: ${4:value};
\n}'
'Box model':
'prefix': 'boxmodel'
'body': '$boxModel'
'Animation - Cubic bezier':
'prefix': 'cubicbezier'
'body': '$cubicBezier'
'Animation - Linear':
'prefix': 'linear'
'body': '$linear'
# SCSS Directivas de control
'Control directive @for':
'prefix': 'for'
'body': '@for $${1:variable} from ${2:value} through ${3:value} {
\n ${4:statement}
\n}'
'Control directive @each':
'prefix': 'each'
'body': '@each $${1:variable} in $${2:variable} {
\n ${3:statement}
\n}'
'Control directive @each key value':
'prefix': 'each key value'
'body': '@each $${1:variable}, $${2:variable} in $${3:variable} {
\n ${4:statement}
\n}'
'Control directive @if comparison':
'prefix': 'if is equal'
'body': '@if ${1:declaración} == ${2:comparación} {
\n ${3:statement}
\n}'
## UI
# 'UI button':
# 'prefix': 'ui button'
# 'body': '.ui-button {
# \n ${1:statement}
# \n}'
# 'UI button shorthand':
# 'prefix': 'ui button shorthand'
# 'body': '.ui-btn {
# \n ${1:statement}
# \n}'
# 'UI button ghost':
# 'prefix': 'ui button ghost'
# 'body': '.ui-button-ghost {
# \n ${1:statement}
# \n}'
# 'UI button ghost shorthand':
# 'prefix': 'ui button ghost shorthand'
# 'body': '.ui-btn-ghost {
# \n ${1:statement}
# \n}'
# WORDPRESS
'.source.php':
'WP Query':
'prefix': 'query'
'body': '
\n $args = array(
\n \'post_type\' => \'${1:post type}\',
\n );
\n
\n $wp_query = new WP_Query( $args );
\n
\n?>
\n
\n<?php if( $wp_query->have_posts ) : while( $wp_query->have_posts ) : $wp_query->the_post; ?>
\n
\n <?php ${2:the_title()}; ?>
\n
\n<?php endwhile; echo \'Aún no se han publicado entradas\'; endif; ?>'
'WP Query Counter':
'prefix': 'query counter'
'body': '
\n $args = array(
\n \'post_type\' => \'${1:post type}\',
\n );
\n
\n $wp_query = new WP_Query( $args );
\n
\n?>
\n
\n<?php if( $wp_query->have_posts ) : $counter; while( $wp_query->have_posts ) : $counter++; $wp_query->the_post; ?>
\n
\n <?php ${2:the_title()}; ?>
\n
\n<?php endwhile; echo \'Aún no se han publicado entradas\'; endif; ?>'
'WP Loop':
'prefix': 'loop'
'body': 'if( have_posts ) : while( have_posts ) : the_post; ?>
\n
\n <?php ${2:the_title()}; ?>
\n
\n<?php endwhile; echo \'Aún no se han publicado nada\'; endif; ?>'
'ACF rows':
'prefix': 'acf rows'
'body': 'if( have_rows( \'${1:field}\' ) ) : while( have_rows( \'${1:field}\' ) ) : the_row; ?>
\n
\n <?php the_sub_title( \'${2:sub_field}\' ) ?>
\n
\n<?php endwhile; endif; ?>'
'ACF field':
'prefix': 'acf field'
'body': 'the_field( \'${1:field}\' ); ?>'
'ACF sub field':
'prefix': 'acf sub field'
'body': 'the_sub_field( \'${1:sub_field}\' ); ?>'
# HTML
# WK framework
'.text.html':
'WK section':
'prefix': 'wk section'
'body': '
\n<section id="${1:id}" class="wk-section">
\n <div class="wk-section-wrap">
\n
\n ${2:statement}
\n
\n </div>
\n</section>'
'WK wrap':
'prefix': 'wk wrap'
'body': '
\n<div class="wk-wrap-${1:size 900 to 1900 px}">
\n <section id="${2:id}" class="wk-section">
\n <div class="wk-section-wrap">
\n
\n ${3:statement}
\n
\n </div>
\n </section>
\n</div>'
'WK cols 2 Columnas':
'prefix': 'wk cols'
'body': '<div class="wk-cols">
\n
\n <div class="wk-col">
\n ${1:contenido}
\n </div>
\n
\n <div class="wk-col">
\n
\n </div>
\n
\n</div>
\n'
'WK cols 2 Columnas declaradas':
'prefix': 'wk cols 2 state'
'body': '<div class="wk-cols">
\n
\n <div class="wk-col-2">
\n ${1:contenido}
\n </div>
\n
\n <div class="wk-col-2">
\n
\n </div>
\n
\n</div>
\n'
'WK cols 3 Columnas':
'prefix': 'wk cols 3'
'body': '<div class="wk-cols">
\n
\n <div class="wk-col">
\n ${1:contenido}
\n </div>
\n
\n <div class="wk-col">
\n
\n </div>
\n
\n <div class="wk-col">
\n
\n </div>
\n
\n</div>
\n'
'WK cols 3 Columnas declaradas':
'prefix': 'wk cols 3 state'
'body': '<div class="wk-cols">
\n
\n <div class="wk-col-3">
\n ${1:contenido}
\n </div>
\n
\n <div class="wk-col-3">
\n
\n </div>
\n
\n <div class="wk-col-3">
\n
\n </div>
\n
\n</div>
\n'
'Slick slider':
'prefix': 'slick slider'
'body': '
\n<div class="${1:slider}">
\n <div class="${2:slide}">
\n
\n ${3:statement}
\n
\n </div>
\n</div>'
coffee WYSIWYG编辑器
个人创建的WYSIWYG编辑器(JS文件)
wizzy.coffee
load_wizzy = ->
# Needed for Bootstrap Modal --------------------------------------------
$('[data-toggle="tooltip"]').tooltip()
$('[data-toggle="popover"]').popover()
#------------------------------------------------------------------------
# jQuery File Upload ----------------------------------------------------
$("#new_content_image").fileupload
dataType: "script"
add: (e, data) ->
types = /(\.|\/)(gif|jpe?g|png)$/i
file = data.files[0]
if types.test(file.type) || types.test(file.name)
data.context = $(tmpl("template-upload", file))
$("#progressbarloader").append(data.context)
data.submit()
else
alert("#{file.name} is not gif, jpeg, or png image file")
progress: (e, data) ->
if data.context
progress = parseInt(data.loaded / data.total * 100, 10)
data.context.find('.bar').css('width', progress + '%')
if progress == 100
data.context.find('span').html("Complete!")
# WYSIWYG CODE-----------------------------------------------------------
$oDoc = $("#textBox")
if $oDoc.length > 0
lastClicked = undefined
idsCount = undefined
sDefTxt = $($oDoc).innerHTML
ajaxGetSlides = (id) ->
$.ajax
url: "/summit_preview/content_pages/get_slides/?id=" + id
type: "GET"
success: (result) ->
s = generateSlideshowHTML(result)
$(lastClicked).append(s)
error: (jqXHR, exception) ->
console.log(exception)
generateSlideshowHTML = (slides) ->
id = slides[0]['slideshow_id']
div_id = "carousel-" + id
one = "<div id=" + div_id + " class='carousel slide' data-ride='carousel'" + ">
<ol class='carousel-indicators'>"
$.each slides, (index, value) ->
if index == 0
active = "class='active'"
else
active = ""
one += "<li data-target='#" + div_id + "' data-slide-to=" + index + " " + active + '></li>'
one += "</ol><div class='carousel-inner' role='listbox'>"
$.each slides, (index, value) ->
if index == 0
active = "active"
else
active = ""
one += "<div class='item " + active + "'>"
one += "<img class='d-block w-100 desktop-view' src=" + value.image.url + " alt=" + value.description + ">"
one += "<img class='d-block w-100 mobile-view' src=" + value.image_mobile.url + " alt=" + value.description + ">"
one += "</div>"
one += "</div>"
one += "<a class='left carousel-control' href='#" + div_id + "' role='button' data-slide='prev'>
<span class='glyphicon glyphicon-chevron-left' aria-hidden='true'></span>
<span class='sr-only'>Previous</span>
</a>
<a class='right carousel-control' href='#" + div_id + "' role='button' data-slide='next'>
<span class='glyphicon glyphicon-chevron-right' aria-hidden='true'></span>
<span class='sr-only'>Next</span>
</a>
</div>"
formatDoc = (sCmd, sValue) ->
# Needed to handle creating headers differently
# They need to be inserted into a div before being inserted in the DOM
# BS column floats shift the headers
is_header = ["h1", "h2", "h3", "h4", "h5", "h6"].includes(sValue)
if is_header
div = document.createElement('div')
div.classList.add("col-xs-12")
div.append(window.getSelection().toString())
if lastClicked
lastClicked.textContent = ""
lastClicked.append(div)
document.execCommand(sCmd, false, sValue)
# Last Div Bug Solution
if is_header && lastClicked.nextSibling == null
div = $("<div>", class: "col-xs-12", html: "<br>")
$(div).insertAfter(lastClicked)
$($oDoc).focus()
formatClassLister = (classArray) ->
if !classArray.includes("")
s = "<ol>"
for c in classArray
if c.match(/col-[sxm]{2}-[\d]{1,2}/)
s += "<li>" + c + "<span class='close'>x</span></li>"
s += "</ol>"
else
s = "<p>No Classes</p>"
#--------------------------------------------------------------------------------
# On page load put back the slideshow content
$("#textBox").ready () ->
$("[data-slideshow-id]").each () ->
id = $(this).data("slideshow-id")
$.ajax
url: "/summit_preview/content_pages/get_slides/?id=" + id
type: "GET"
success: (result) ->
id = result[0].slideshow_id
s = generateSlideshowHTML(result)
$("[data-slideshow-id=" + id + "]").append(s)
error: (jqXHR, exception) ->
# console.log(exception)
$(".submit-wizzy input").on 'click', () ->
# Remove all the slideshow code, leave a parent container with ss id behind
$carousels = $(".carousel")
if $carousels.length > 0
$carousels.each () ->
this.parentElement.removeChild(this)
#--------------------------------------------------------------------------------
$('.carousel').carousel()
$('#textBox').on 'click', 'div', ->
lastClicked = this
elemClassList = this.classList.value.split(" ")
htmlString = formatClassLister(elemClassList)
$("#wizzy-info").html(htmlString)
# Removing a class
$("#wizzy-info").on 'click', 'span.close', ->
if lastClicked.classList.length == 1
alert("Add a new class in order to remove this class")
else
classPattern = /col-[sxm]{2}-[\d]{1,2}/
parsedClass = classPattern.exec(this.parentElement.innerText)[0]
if $(lastClicked).hasClass(parsedClass)
$(lastClicked).removeClass(parsedClass)
updatedClassList = lastClicked.classList.value.split(" ")
htmlString = formatClassLister(updatedClassList)
$("#wizzy-info").html(htmlString)
$("[name='compForm']").submit () ->
$("input[name='content_page[page_content]']:hidden").val(document.getElementById("textBox").innerHTML)
if $("input[name='content_page[page_content]']:hidden").val() == "<br>" or $("input[name='content_page[page_content]']:hidden").val() == ""
$("#textBox").html("<div class='col-xs-12'><br></div>")
else
$("#textBox").html($("input[name='content_page[page_content]']:hidden").val())
# ADDING column classes
$("select").change () ->
wizzyClass = this[this.selectedIndex].value
if wizzyClass.includes "col-"
if lastClicked.classList.length < 3
$(lastClicked).addClass(wizzyClass)
clasList = lastClicked.classList.value.split(" ")
htmlString = formatClassLister(clasList)
$("#wizzy-info").html(htmlString)
formatDoc(this.name, wizzyClass)
$(this)[0].selectedIndex = 0
else
alert("Exceeded maximum column classes:(3)")
else
formatDoc(this.name, wizzyClass)
$(this)[0].selectedIndex = 0
$("img.intLink").click () ->
formatDoc(this.getAttribute("data-function"))
$("img.intLink.hplink").click () ->
sLnk = prompt 'Write the URL here','http:\/\/'
if sLnk && sLnk != '' && sLnk != 'http://'
formatDoc('createlink', sLnk)
# Adding image file upload from local computer storage
$("#wizzy-file").change () ->
editor = document.getElementById("textBox")
file = document.querySelector('input[type=file]').files[0]
reader = new FileReader
dataURI = undefined
reader.addEventListener 'load', (->
dataURI = reader.result
img = document.createElement('img')
img.src = dataURI
if lastClicked
lastClicked.appendChild img
), false
if file
reader.readAsDataURL file
#-----------------------------------------------------------------------
# Image Gallery: Add select class to a clicked item
$("#s3-images").on 'click', 'div', () ->
$(this).toggleClass("selected")
# This modal is linked to the s3 image selector
# After leaving the modal, append the clicked item to the content
$("#flipFlop button.btn").on 'click', () ->
$("div.selected").each (index, value) ->
if lastClicked
img = document.createElement('img')
img.src = this.firstElementChild.src.replace("thumb_", "")
img.className += 'img-responsive center-block'
lastClicked.appendChild img
$(this).removeClass("selected")
$("#flipFlop").on 'hidden.bs.modal', () ->
$("div.selected").each () ->
$(this).removeClass("selected")
#-----------------------------------------------------------------------
# MUST SELECT A DIV BEFORE INSERTING AN IMAGE OR SLIDESHOW
$("#insertSS, #insertImage").on 'click', (ev) ->
if !lastClicked
alert("Please select a div in the editor to insert media!")
ev.stopPropagation()
$("#slideshow-list").on 'click', 'div', () ->
$(this).toggleClass("selected")
if $("#slideshow-list div.selected").length > 1
alert("Only 1 slideshow can be uploaded at one time!")
$(this).removeClass("selected")
if $("[data-slideshow-id=" + $(this.firstElementChild).attr("id") + "]").length > 0
alert("You cannot upload this slideshow again")
$(this).removeClass("selected")
# This modal is linked to the upload SLIDESHOW selector
# After leaving the modal, append the clicked item to the content
$("#slideshowFlop button.btn").on 'click', () ->
if lastClicked
item = $("div.selected")
id = item.attr("id")
lastClicked.classList.add("slideshow-container")
lastClicked.setAttribute('data-slideshow-id', id)
name = item.text().trim()
lastClicked.setAttribute('data-name', name)
ajaxGetSlides(id)
if lastClicked.nextSibling == null
# Last Div Bug Solution
div = $("<div>", class: "col-xs-12", html: "<br>")
$(div).insertAfter(lastClicked)
$("div.selected").removeClass("selected")
$("#slideshowFlop").on 'hidden.bs.modal', () ->
if $("div.selected")
$("div.selected").removeClass("selected")
#------------------------------------------------------------------------
# Removing a slideshow (manually on the editor is very sloppy)
$('#removeslideshowFlop').on 'show.bs.modal', () ->
string = ""
slideshows = $(".slideshow-container")
if slideshows.length > 0
$.each slideshows, (index, value) ->
ssName = $(this).data("name")
ssId = $(this).data("slideshow-id")
string += "<div class='col-xs-12' name='" + ssName + "' data-ss-id=" + ssId + "><h4>" + ssName + "</h4></div>"
$("#removable-slideshow-list").html(string)
$("#removable-slideshow-list").on 'click', 'div', () ->
$(this).toggleClass('selected')
# After leaving the modal, remove the clicked item to the content
$("#removeslideshowFlop button.btn").on 'click', () ->
removables = $("#removable-slideshow-list div.selected")
if removables.length > 0
$.each removables, () ->
removedSSId = $(this).data("ss-id")
child = $("div#carousel-" + removedSSId)
# Remove the slideshow and its parent container from the page
parentDiv = child.parent()
child.remove()
parentDiv.remove()
# Finally, remove the option for deleting the slideshow
this.remove()
# --------------------------------------------------------------------------------------------------------------------------
# Removing a slideshow (manually on the editor is very sloppy)
success_cb = (slideshows, ids) ->
string = ""
$.each slideshows, () ->
if !ids.includes(this.id)
id = this.id
name = this.name
string += "<div id='" + id + "' class='col-xs-12'>" + "<h4>" + name + "</h4></div>"
$("#slideshow-list").empty()
$("#slideshow-list").append(string)
# console.log("callback invoked")
getAjaxSS = (slideshows_array) ->
$.ajax
url: "/summit_preview/content_pages/get_slideshows"
type: "GET"
success: (result) ->
success_cb(result, slideshows_array)
error: (jqXHR, exception) ->
# console.log(exception)
$('#slideshowFlop').on 'show.bs.modal', () ->
usedArray = []
$used = $(".slideshow-container")
if $used.length > 0
$used.each () ->
usedArray.push($(this).data("slideshow-id"))
# If a slideshow was uploaded ONLY then will the ajax call be executed
# Limits the ajax calls for uneccesary requests
if idsCount != usedArray.length
idsCount = usedArray.length
getAjaxSS(usedArray)
$(load_wizzy)
$(document).on('page:load', load_wizzy)coffee 一个简单的函数,用{{mustache}}标记解析字符串,并将其点符号字符串替换为给定的对象路径。
一个简单的函数,用{{mustache}}标记解析字符串,并将其点符号字符串替换为给定的对象路径。
parseMustache.js
function parseMustache(str, obj) {
return str.replace(/{{\s*([\w\.]+)\s*}}/g, function(tag, match) {
var nodes = match.split("."),
current = obj,
length = nodes.length,
i = 0;
while (i < length) {
try {
current = current[nodes[i]];
} catch (e) {
return "";
}
i++;
}
return current;
});
}
var data = {
user: {
name: "Lucas Motta",
bands: ["Interpol", "The National", "Foo Fighters"]
}
};
var template = "Hello {{user.name}}. Your second favourite band is {{user.bands.1}}.";
var result = parseMustache(template, data);
parseMustache.coffee
parseMustache = (str, obj) ->
str.replace /{{\s*([\w\.]+)\s*}}/g, (tag, match) ->
nodes = match.split(".")
current = obj
for node in nodes
try
current = current[node]
catch
return ""
current
data = user:
name: "Lucas Motta"
bands: [
"Interpol"
"The National"
"Foo Fighters"
]
template = "Hello {{user.name}}. Your second favourite band is {{user.bands.1}}."
result = parseMustache(template, data)
alert(result)coffee atom ansible snippets
atom ansible snippets
snippets.cson
'.source.ansible':
'a10_server':
'prefix': "a10_server_snippet"
'description': "Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' server object."
'body': """
a10_server:
username: ${1:null} # required. An account with administrator privileges.
host: ${2:null} # required. Hostname or IP of the A10 Networks device.
password: ${3:null} # required. Password for the C(username) account.
server_name: ${4:undefined} # required. The SLB (Server Load Balancer) server name.
force: ${5:false} # not required. If C(yes) do not get a cached copy.
write_config: ${6|yes,no|} # not required. choices: yes;no. If C(yes), any changes will cause a write of the running configuration to non-volatile memory. This will save I(all) configuration changes, including those that may have been made manually or through other modules, so care should be taken when specifying C(yes).
server_ports: ${7:null} # not required. A list of ports to create for the server. Each list item should be a dictionary which specifies the C(port:) and C(protocol:), but can also optionally specify the C(status:). See the examples below for details. This parameter is required when C(state) is C(present).
force_basic_auth: ${8:false} # not required. Credentials specified with I(url_username) and I(url_password) should be passed in HTTP Header.
http_agent: ${9:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
url_username: ${10:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without I(url_password) for sites that allow empty passwords
client_key: ${11:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
url_password: ${12:undefined} # not required. The password for use in HTTP basic authentication.,If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
use_proxy: ${13:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url: ${14:undefined} # not required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
partition: ${15:null} # not required. set active-partition
server_status: ${16|enabled,disabled|} # not required. choices: enabled;disabled. The SLB virtual server status.
state: ${17|present,absent|} # not required. choices: present;absent. This is to specify the operation to create, update or remove SLB server.
server_ip: ${18:null} # not required. The SLB server IPv4 address.
validate_certs: ${19|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates.
client_cert: ${20:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
"""
'a10_server_axapi3':
'prefix': "a10_server_axapi3_snippet"
'description': "Manage A10 Networks AX/SoftAX/Thunder/vThunder devices"
'body': """
a10_server_axapi3:
username: ${1:null} # required. An account with administrator privileges.
host: ${2:null} # required. Hostname or IP of the A10 Networks device.
password: ${3:null} # required. Password for the C(username) account.
server_name: ${4:undefined} # required. The SLB (Server Load Balancer) server name.
server_ip: ${5:undefined} # required. The SLB (Server Load Balancer) server IPv4 address.
force: ${6:false} # not required. If C(yes) do not get a cached copy.
write_config: ${7|yes,no|} # not required. choices: yes;no. If C(yes), any changes will cause a write of the running configuration to non-volatile memory. This will save I(all) configuration changes, including those that may have been made manually or through other modules, so care should be taken when specifying C(yes).
server_ports: ${8:null} # not required. A list of ports to create for the server. Each list item should be a dictionary which specifies the C(port:) and C(protocol:).
force_basic_auth: ${9:false} # not required. Credentials specified with I(url_username) and I(url_password) should be passed in HTTP Header.
http_agent: ${10:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
url_username: ${11:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without I(url_password) for sites that allow empty passwords
operation: ${12|create,update,remove|} # not required. choices: create;update;remove. Create, Update or Remove SLB server. For create and update operation, we use the IP address and server name specified in the POST message. For delete operation, we use the server name in the request URI.
client_key: ${13:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
url_password: ${14:undefined} # not required. The password for use in HTTP basic authentication.,If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
use_proxy: ${15:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url: ${16:undefined} # not required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
server_status: ${17|enable,disable|} # not required. choices: enable;disable. The SLB (Server Load Balancer) virtual server status.
validate_certs: ${18|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates.
client_cert: ${19:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
"""
'a10_service_group':
'prefix': "a10_service_group_snippet"
'description': "Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' service groups."
'body': """
a10_service_group:
username: ${1:null} # required. An account with administrator privileges.
password: ${2:null} # required. Password for the C(username) account.
service_group: ${3:null} # required. The SLB (Server Load Balancing) service-group name
host: ${4:null} # required. Hostname or IP of the A10 Networks device.
force: ${5:false} # not required. If C(yes) do not get a cached copy.
url_username: ${6:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without I(url_password) for sites that allow empty passwords
force_basic_auth: ${7:false} # not required. Credentials specified with I(url_username) and I(url_password) should be passed in HTTP Header.
servers: ${8:null} # not required. A list of servers to add to the service group. Each list item should be a dictionary which specifies the C(server:) and C(port:), but can also optionally specify the C(status:). See the examples below for details.
http_agent: ${9:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
service_group_protocol: ${10|tcp,udp|} # not required. choices: tcp;udp. The SLB service-group protocol of TCP or UDP.
client_key: ${11:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
url_password: ${12:undefined} # not required. The password for use in HTTP basic authentication.,If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
use_proxy: ${13:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url: ${14:undefined} # not required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
partition: ${15:null} # not required. set active-partition
state: ${16|present,absent|} # not required. choices: present;absent. If the specified service group should exists.
write_config: ${17|yes,no|} # not required. choices: yes;no. If C(yes), any changes will cause a write of the running configuration to non-volatile memory. This will save I(all) configuration changes, including those that may have been made manually or through other modules, so care should be taken when specifying C(yes).
service_group_method: ${18|round-robin,weighted-rr,least-connection,weighted-least-connection,service-least-connection,service-weighted-least-connection,fastest-response,least-request,round-robin-strict,src-ip-only-hash,src-ip-hash|} # not required. choices: round-robin;weighted-rr;least-connection;weighted-least-connection;service-least-connection;service-weighted-least-connection;fastest-response;least-request;round-robin-strict;src-ip-only-hash;src-ip-hash. The SLB service-group load balancing method, such as round-robin or weighted-rr.
validate_certs: ${19|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates.
client_cert: ${20:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
"""
'a10_virtual_server':
'prefix': "a10_virtual_server_snippet"
'description': "Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' virtual servers."
'body': """
a10_virtual_server:
username: ${1:null} # required. An account with administrator privileges.
host: ${2:null} # required. Hostname or IP of the A10 Networks device.
virtual_server: ${3:null} # required. The SLB (Server Load Balancing) virtual server name.
password: ${4:null} # required. Password for the C(username) account.
force: ${5:false} # not required. If C(yes) do not get a cached copy.
url_username: ${6:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without I(url_password) for sites that allow empty passwords
force_basic_auth: ${7:false} # not required. Credentials specified with I(url_username) and I(url_password) should be passed in HTTP Header.
virtual_server_ports: ${8:undefined} # not required. A list of ports to create for the virtual server. Each list item should be a dictionary which specifies the C(port:) and C(type:), but can also optionally specify the C(service_group:) as well as the C(status:). See the examples below for details. This parameter is required when C(state) is C(present).
http_agent: ${9:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
client_key: ${10:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
url_password: ${11:undefined} # not required. The password for use in HTTP basic authentication.,If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
use_proxy: ${12:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url: ${13:undefined} # not required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
partition: ${14:null} # not required. set active-partition
state: ${15|present,absent|} # not required. choices: present;absent. If the specified virtual server should exist.
virtual_server_status: ${16|enabled,disabled|} # not required. choices: enabled;disabled. The SLB virtual server status, such as enabled or disabled.
write_config: ${17|yes,no|} # not required. choices: yes;no. If C(yes), any changes will cause a write of the running configuration to non-volatile memory. This will save I(all) configuration changes, including those that may have been made manually or through other modules, so care should be taken when specifying C(yes).
virtual_server_ip: ${18:null} # not required. The SLB virtual server IPv4 address.
validate_certs: ${19|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates.
client_cert: ${20:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
"""
'accelerate':
'prefix': "accelerate_snippet"
'description': "Enable accelerated mode on remote node"
'body': """
accelerate:
timeout: ${1:300} # not required. The number of seconds the socket will wait for data. If none is received when the timeout value is reached, the connection will be closed.
minutes: ${2:30} # not required. The I(accelerate) listener daemon is started on nodes and will stay around for this number of minutes before turning itself off.
port: ${3:5099} # not required. TCP port for the socket connection
multi_key: ${4:false} # not required. When enabled, the daemon will open a local socket file which can be used by future daemon executions to upload a new key to the already running daemon, so that multiple users can connect using different keys. This access still requires an ssh connection as the uid for which the daemon is currently running.
ipv6: ${5:false} # not required. The listener daemon on the remote host will bind to the ipv6 localhost socket if this parameter is set to true.
"""
'aci_aaa_user':
'prefix': "aci_aaa_user_snippet"
'description': "Manage AAA users (aaa:User)"
'body': """
aci_aaa_user:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
last_name: ${4:undefined} # not required. The last name of the locally-authenticated user.
use_ssl: ${5:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
aaa_password: ${6:undefined} # not required. The password of the locally-authenticated user.
first_name: ${7:undefined} # not required. The first name of the locally-authenticated user.
use_proxy: ${8:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
port: ${9:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
email: ${11:undefined} # not required. The email address of the locally-authenticated user.
private_key: ${12:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
aaa_user: ${13:undefined} # not required. The name of the locally-authenticated user user to add.
description: ${14:undefined} # not required. Description for the AAA user.
certificate_name: ${15:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
expires: ${16:undefined} # not required. Whether to enable an expiration date for the locally-authenticated user account.
phone: ${17:undefined} # not required. The phone number of the locally-authenticated user.
aaa_password_lifetime: ${18:undefined} # not required. The lifetime of the locally-authenticated user password.
enabled: ${19:undefined} # not required. The status of the locally-authenticated user account.
output_level: ${20|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
aaa_password_update_required: ${21:undefined} # not required. Whether this account needs password update.
clear_password_history: ${22:undefined} # not required. Whether to clear the password history of a locally-authenticated user.
expiration: ${23:undefined} # not required. The expiration date of the locally-authenticated user account.
timeout: ${24:30} # not required. The socket level timeout in seconds.
validate_certs: ${25:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_aaa_user_certificate':
'prefix': "aci_aaa_user_certificate_snippet"
'description': "Manage AAA user certificates (aaa:UserCert)"
'body': """
aci_aaa_user_certificate:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
aaa_user: ${5:undefined} # not required. The name of the user to add a certificate to.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate: ${7:undefined} # not required. The PEM format public key extracted from the X.509 certificate.
certificate_name: ${8:C(private_key) basename} # not required. The name of the user certificate entry in ACI.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
aaa_user_type: ${11|user,appuser|} # not required. choices: user;appuser. Whether this is a normal user or an appuser.
timeout: ${12:30} # not required. The socket level timeout in seconds.
use_ssl: ${13:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${15:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
"""
'aci_access_port_to_interface_policy_leaf_profile':
'prefix': "aci_access_port_to_interface_policy_leaf_profile_snippet"
'description': "Manage Fabric interface policy leaf profile interface selectors (infra:HPortS, infra:RsAccBaseGrp, infra:PortBlk)"
'body': """
aci_access_port_to_interface_policy_leaf_profile:
username: ${1:admin} # required. The username to use for authentication.
from: ${2:undefined} # required. The beggining (from range) of the port range block for the leaf access port block.
access_port_selector: ${3:undefined} # required. The name of the Fabric access policy leaf interface profile access port selector.
leaf_port_blk: ${4:undefined} # required. The name of the Fabric access policy leaf interface profile access port block.
host: ${5:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
to: ${6:undefined} # required. The end (to range) of the port range block for the leaf access port block.
password: ${7:undefined} # required. The password to use for authentication.
leaf_interface_profile: ${8:undefined} # required. The name of the Fabric access policy leaf interface profile.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
private_key: ${10:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${11:undefined} # not required. The description to assign to the C(access_port_selector)
validate_certs: ${12:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
certificate_name: ${13:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
policy_group: ${14:undefined} # not required. The name of the fabric access policy group to be associated with the leaf interface profile interface selector.
leaf_port_blk_description: ${15:undefined} # not required. The description to assign to the C(leaf_port_blk)
state: ${16|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${17:30} # not required. The socket level timeout in seconds.
use_ssl: ${18:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${19:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${20:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_aep':
'prefix': "aci_aep_snippet"
'description': "Manage attachable Access Entity Profile (AEP) objects (infra:AttEntityP, infra:ProvAcc)"
'body': """
aci_aep:
username: ${1:admin} # required. The username to use for authentication.
aep: ${2:undefined} # required. The name of the Attachable Access Entity Profile.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${4:undefined} # required. The password to use for authentication.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${6:undefined} # not required. Description for the AEP.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
infra_vlan: ${8:no} # not required. Enable infrastructure VLAN.,The hypervisor functions of the AEP.,C(no) will disable the infrastructure vlan if it is enabled.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_aep_to_domain':
'prefix': "aci_aep_to_domain_snippet"
'description': "Bind AEPs to Physical or Virtual Domains (infra:RsDomP)"
'body': """
aci_aep_to_domain:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
aep: ${4:undefined} # not required. The name of the Attachable Access Entity Profile.
domain: ${5:undefined} # not required. Name of the physical or virtual domain being associated with the AEP.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
private_key: ${8:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
domain_type: ${9|fc,l2dom,l3dom,phys,vmm|} # not required. choices: fc;l2dom;l3dom;phys;vmm. Determines if the Domain is physical (phys) or virtual (vmm).
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
output_level: ${11|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
timeout: ${12:30} # not required. The socket level timeout in seconds.
use_ssl: ${13:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
vm_provider: ${14|cloudfoundry,kubernetes,microsoft,openshift,openstack,redhat,vmware|} # not required. choices: cloudfoundry;kubernetes;microsoft;openshift;openstack;redhat;vmware. The VM platform for VMM Domains.,Support for Kubernetes was added in ACI v3.0.,Support for CloudFoundry, OpenShift and Red Hat was added in ACI v3.1.
validate_certs: ${15:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${16:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
"""
'aci_ap':
'prefix': "aci_ap_snippet"
'description': "Manage top level Application Profile (AP) objects (fv:Ap)"
'body': """
aci_ap:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
ap: ${3:undefined} # required. The name of the application network profile.
password: ${4:undefined} # required. The password to use for authentication.
tenant: ${5:undefined} # required. The name of an existing tenant.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${7:undefined} # not required. Description for the AP.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_bd':
'prefix': "aci_bd_snippet"
'description': "Manage Bridge Domains (BD) objects (fv:BD)"
'body': """
aci_bd:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
bd: ${4:undefined} # not required. The name of the Bridge Domain.
arp_flooding: ${5:no} # not required. Determines if the Bridge Domain should flood ARP traffic.,The APIC defaults new Bridge Domains to C(no).
igmp_snoop_policy: ${6:undefined} # not required. The name of the IGMP Snooping Policy the Bridge Domain should use when overriding the default IGMP Snooping Policy.
endpoint_retention_action: ${7|inherit,resolve|} # not required. choices: inherit;resolve. Determines if the Bridge Domain should inherit or resolve the End Point Retention Policy.,The APIC defaults new Bridge Domain to End Point Retention Policies to C(resolve).
description: ${8:undefined} # not required. Description for the Bridge Domain.
certificate_name: ${9:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
l3_unknown_multicast: ${10|flood,opt-flood|} # not required. choices: flood;opt-flood. Determines the forwarding method to use for unknown multicast destinations.,The APCI defaults new Bridge Domains to C(flood).
enable_routing: ${11:yes} # not required. Determines if IP forwarding should be allowed.,The APIC defaults new Bridge Domains to C(yes).
private_key: ${12:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
vrf: ${13:undefined} # not required. The name of the VRF.
bd_type: ${14|ethernet,fc|} # not required. choices: ethernet;fc. The type of traffic on the Bridge Domain.,The APIC defaults new Bridge Domains to C(ethernet).
use_ssl: ${15:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
ip_learning: ${16:undefined} # not required. Determines if the Bridge Domain should learn End Point IPs.,The APIC defaults new Bridge Domains to C(yes).
port: ${17:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${18:undefined} # not required. The name of the Tenant.
l2_unknown_unicast: ${19|proxy,flood|} # not required. choices: proxy;flood. Determines what forwarding method to use for unknown l2 destinations.,The APIC defaults new Bridge domains to C(proxy).
endpoint_retention_policy: ${20:undefined} # not required. The name of the End Point Retention Policy the Bridge Domain should use when overriding the default End Point Retention Policy.
use_proxy: ${21:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
multi_dest: ${22|bd-flood,drop,encap-flood|} # not required. choices: bd-flood;drop;encap-flood. Determines the forwarding method for L2 multicast, broadcast, and link layer traffic.,The APIC defaults new Bridge Domains to C(bd-flood).
endpoint_clear: ${23:no} # not required. Clears all End Points in all Leaves when C(yes).,The APIC defaults new Bridge Domains to C(no).,The value is not reset to disabled once End Points have been cleared; that requires a second task.
output_level: ${24|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${25|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
ipv6_nd_policy: ${26:undefined} # not required. The name of the IPv6 Neighbor Discovery Policy the Bridge Domain should use when overridding the default IPV6 ND Policy.
timeout: ${27:30} # not required. The socket level timeout in seconds.
mac_address: ${28:00:22:BD:F8:19:FF} # not required. The MAC Address to assign to the C(bd) instead of using the default.
endpoint_move_detect: ${29|default,garp|} # not required. choices: default;garp. Determines if GARP should be enabled to detect when End Points move.,The APIC defaults new Bridge Domains to C(garp).
enable_multicast: ${30:no} # not required. Determines if PIM is enabled,The APIC defaults new Bridge Domains to C(no).
validate_certs: ${31:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
limit_ip_learn: ${32:yes} # not required. Determines if the BD should limit IP learning to only subnets owned by the Bridge Domain.,The APIC defaults new Bridge Domains to C(yes).
"""
'aci_bd_subnet':
'prefix': "aci_bd_subnet_snippet"
'description': "Manage Subnets (fv:Subnet)"
'body': """
aci_bd_subnet:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
use_ssl: ${4:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
gateway: ${5:undefined} # not required. The IPv4 or IPv6 gateway address for the Subnet.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
port: ${7:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
state: ${8|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
subnet_name: ${9:undefined} # not required. The name of the Subnet.
scope: ${10|private,public,shared,private,shared,public,shared|} # not required. choices: private;public;shared;private,shared;public,shared. Determines the scope of the Subnet.,The C(private) option only allows communication with hosts in the same VRF.,The C(public) option allows the Subnet to be advertised outside of the ACI Fabric, and allows communication with hosts in other VRFs.,The shared option limits communication to hosts in either the same VRF or the shared VRF.,The value is a list of options, C(private) and C(public) are mutually exclusive, but both can be used with C(shared).,The APIC defaults new Subnets to C(private).
bd: ${11:undefined} # not required. The name of the Bridge Domain.
private_key: ${12:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${13:undefined} # not required. The description for the Subnet.
certificate_name: ${14:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
nd_prefix_policy: ${15:undefined} # not required. The IPv6 Neighbor Discovery Prefix Policy to associate with the Subnet.
enable_vip: ${16:no} # not required. Determines if the Subnet should be treated as a VIP; used when the BD is extended to multiple sites.,The APIC defaults new Subnets to C(no).
preferred: ${17:no} # not required. Determines if the Subnet is preferred over all available Subnets. Only one Subnet per Address Family (IPv4/IPv6). can be preferred in the Bridge Domain.,The APIC defaults new Subnets to C(no).
route_profile_l3_out: ${18:undefined} # not required. The L3 Out that contains the assocated Route Profile.
tenant: ${19:undefined} # not required. The name of the Tenant.
mask: ${20|Any 0 to 32 for IPv4 Addresses,0-128 for IPv6 Addresses|} # not required. choices: Any 0 to 32 for IPv4 Addresses;0-128 for IPv6 Addresses. The subnet mask for the Subnet.,This is the number assocated with CIDR notation.
subnet_control: ${21|nd_ra,no_gw,querier_ip,unspecified|} # not required. choices: nd_ra;no_gw;querier_ip;unspecified. Determines the Subnet's Control State.,The C(querier_ip) option is used to treat the gateway_ip as an IGMP querier source IP.,The C(nd_ra) option is used to treate the gateway_ip address as a Neighbor Discovery Router Advertisement Prefix.,The C(no_gw) option is used to remove default gateway functionality from the gateway address.,The APIC defaults new Subnets to C(nd_ra).
output_level: ${22|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
route_profile: ${23:undefined} # not required. The Route Profile to the associate with the Subnet.
timeout: ${24:30} # not required. The socket level timeout in seconds.
validate_certs: ${25:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_bd_to_l3out':
'prefix': "aci_bd_to_l3out_snippet"
'description': "Bind Bridge Domain to L3 Out (fv:RsBDToOut)"
'body': """
aci_bd_to_l3out:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
bd: ${4:undefined} # not required. The name of the Bridge Domain.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
l3out: ${8:undefined} # not required. The name of the l3out to associate with th Bridge Domain.
state: ${9|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
output_level: ${10|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${15:undefined} # not required. The name of the Tenant.
"""
'aci_config_rollback':
'prefix': "aci_config_rollback_snippet"
'description': "Provides rollback and rollback preview functionality (config:ImportP)"
'body': """
aci_config_rollback:
username: ${1:admin} # required. The username to use for authentication.
export_policy: ${2:undefined} # required. The export policy that the C(snapshot) is associated to.
password: ${3:undefined} # required. The password to use for authentication.
snapshot: ${4:undefined} # required. The name of the snapshot to rollback to, or the base snapshot to use for comparison.,The C(aci_snapshot) module can be used to query the list of available snapshots.
host: ${5:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
import_mode: ${7|atomic,best-effort|} # not required. choices: atomic;best-effort. Determines how the import should be handled by the APIC.,The APIC defaults new Import Policies to C(atomic).
description: ${8:undefined} # not required. The description for the Import Policy.
fail_on_decrypt: ${9:yes} # not required. Determines if the APIC should fail the rollback if unable to decrypt secured data.,The APIC defaults new Import Policies to C(yes).
compare_export_policy: ${10:undefined} # not required. The export policy that the C(compare_snapshot) is associated to.
private_key: ${11:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
output_level: ${12|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${14|preview,rollback|} # not required. choices: preview;rollback. Use C(preview) for previewing the diff between two snapshots.,Use C(rollback) for reverting the configuration to a previous snapshot.
timeout: ${15:30} # not required. The socket level timeout in seconds.
certificate_name: ${16:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
import_type: ${17|merge,replace|} # not required. choices: merge;replace. Determines how the current and snapshot configuration should be compared for replacement.,The APIC defaults new Import Policies to C(replace).
use_ssl: ${18:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
compare_snapshot: ${19:undefined} # not required. The name of the snapshot to compare with C(snapshot).
port: ${20:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
import_policy: ${21:undefined} # not required. The name of the Import Policy to use for config rollback.
"""
'aci_config_snapshot':
'prefix': "aci_config_snapshot_snippet"
'description': "Manage Config Snapshots (config:Snapshot, config:ExportP)"
'body': """
aci_config_snapshot:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
include_secure: ${4:yes} # not required. Determines if secure information should be included in the backup.,The APIC defaults new Export Policies to C(yes).
description: ${5:undefined} # not required. The description for the Config Export Policy.
format: ${6|json,xml|} # not required. choices: json;xml. Sets the config backup to be formatted in JSON or XML.,The APIC defaults new Export Policies to C(json)
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
private_key: ${8:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
max_count: ${9|range between 1 and 10|} # not required. choices: range between 1 and 10. Determines how many snapshots can exist for the Export Policy before the APIC starts to rollover.,The APIC defaults new Export Policies to C(3).
use_ssl: ${10:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${11:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
export_policy: ${12:undefined} # not required. The name of the Export Policy to use for Config Snapshots.
use_proxy: ${13:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
output_level: ${14|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${15|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
snapshot: ${16:undefined} # not required. The name of the snapshot to delete.
timeout: ${17:30} # not required. The socket level timeout in seconds.
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_contract':
'prefix': "aci_contract_snippet"
'description': "Manage contract resources (vz:BrCP)"
'body': """
aci_contract:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
tenant: ${4:undefined} # required. The name of the tenant.
contract: ${5:undefined} # required. The name of the contract.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${7:undefined} # not required. Description for the contract.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
dscp: ${9|AF11,AF12,AF13,AF21,AF22,AF23,AF31,AF32,AF33,AF41,AF42,AF43,CS0,CS1,CS2,CS3,CS4,CS5,CS6,CS7,EF,VA,unspecified|} # not required. choices: AF11;AF12;AF13;AF21;AF22;AF23;AF31;AF32;AF33;AF41;AF42;AF43;CS0;CS1;CS2;CS3;CS4;CS5;CS6;CS7;EF;VA;unspecified. The target Differentiated Service (DSCP) value.
use_ssl: ${10:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${11:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
output_level: ${12|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
use_proxy: ${13:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
priority: ${14|level1,level2,level3,unspecified|} # not required. choices: level1;level2;level3;unspecified. The desired QoS class to be used.
state: ${15|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${16:30} # not required. The socket level timeout in seconds.
scope: ${17|application-profile,context,global,tenant|} # not required. choices: application-profile;context;global;tenant. The scope of a service contract.
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_contract_subject':
'prefix': "aci_contract_subject_snippet"
'description': "Manage initial Contract Subjects (vz:Subj)"
'body': """
aci_contract_subject:
username: ${1:admin} # required. The username to use for authentication.
password: ${2:undefined} # required. The password to use for authentication.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
use_proxy: ${4:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${6:undefined} # not required. Description for the contract subject.
consumer_match: ${7|all,at_least_one,at_most_one,none|} # not required. choices: all;at_least_one;at_most_one;none. The match criteria across consumers.,The APIC defaults new Contract Subjects to C(at_least_one).
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
dscp: ${10|AF11,AF12,AF13,AF21,AF22,AF23,AF31,AF32,AF33,AF41,AF42,AF43,CS0,CS1,CS2,CS3,CS4,CS5,CS6,CS7,EF,VA,unspecified|} # not required. choices: AF11;AF12;AF13;AF21;AF22;AF23;AF31;AF32;AF33;AF41;AF42;AF43;CS0;CS1;CS2;CS3;CS4;CS5;CS6;CS7;EF;VA;unspecified. The target DSCP.,The APIC defaults new Contract Subjects to C(unspecified).
priority: ${11|level1,level2,level3,unspecified|} # not required. choices: level1;level2;level3;unspecified. The QoS class.,The APIC defaults new Contract Subjects to C(unspecified).
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
contract: ${13:undefined} # not required. The name of the Contract.
timeout: ${14:30} # not required. The socket level timeout in seconds.
use_ssl: ${15:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
reverse_filter: ${16:yes} # not required. Determines if the APIC should reverse the src and dst ports to allow the return traffic back, since ACI is stateless filter.,The APIC defaults new Contract Subjects to C(yes).
provider_match: ${17|all,at_least_one,at_most_one,none|} # not required. choices: all;at_least_one;at_most_one;none. The match criteria across providers.,The APIC defaults new Contract Subjects to C(at_least_one).
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${19:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${20:undefined} # not required. The name of the tenant.
subject: ${21:undefined} # not required. The contract subject name.
"""
'aci_contract_subject_to_filter':
'prefix': "aci_contract_subject_to_filter_snippet"
'description': "Bind Contract Subjects to Filters (vz:RsSubjFiltAtt)"
'body': """
aci_contract_subject_to_filter:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
tenant: ${4:undefined} # required. The name of the tenant.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
use_ssl: ${7:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${8:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${9:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
output_level: ${10|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
log: ${11|log,none|} # not required. choices: log;none. Determines if the binding should be set to log.,The APIC defaults new Subject to Filter bindings to C(none).
contract: ${12:undefined} # not required. The name of the contract.
filter: ${13:undefined} # not required. The name of the Filter to bind to the Subject.
state: ${14|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${15:30} # not required. The socket level timeout in seconds.
subject: ${16:undefined} # not required. The name of the Contract Subject.
validate_certs: ${17:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_domain':
'prefix': "aci_domain_snippet"
'description': "Manage physical, virtual, bridged, routed or FC domain profiles (phys:DomP, vmm:DomP, l2ext:DomP, l3ext:DomP, fc:DomP)"
'body': """
aci_domain:
username: ${1:admin} # required. The username to use for authentication.
password: ${2:undefined} # required. The password to use for authentication.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
output_level: ${4|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
domain: ${5:undefined} # not required. Name of the physical, virtual, bridged routed or FC domain profile.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
private_key: ${8:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
dscp: ${9|AF11,AF12,AF13,AF21,AF22,AF23,AF31,AF32,AF33,AF41,AF42,AF43,CS0,CS1,CS2,CS3,CS4,CS5,CS6,CS7,EF,VA,unspecified|} # not required. choices: AF11;AF12;AF13;AF21;AF22;AF23;AF31;AF32;AF33;AF41;AF42;AF43;CS0;CS1;CS2;CS3;CS4;CS5;CS6;CS7;EF;VA;unspecified. The target Differentiated Service (DSCP) value.
port: ${10:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
domain_type: ${11|fc,l2dom,l3dom,phys,vmm|} # not required. choices: fc;l2dom;l3dom;phys;vmm. The type of domain profile.,C(fc): The FC domain profile is a policy pertaining to single FC Management domain,C(l2dom): The external bridged domain profile is a policy for managing L2 bridged infrastructure bridged outside the fabric.,C(l3dom): The external routed domain profile is a policy for managing L3 routed infrastructure outside the fabric.,C(phys): The physical domain profile stores the physical resources and encap resources that should be used for EPGs associated with this domain.,C(vmm): The VMM domain profile is a policy for grouping VM controllers with similar networking policy requirements.
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${13:30} # not required. The socket level timeout in seconds.
encap_mode: ${14|unknown,vlan,vxlan|} # not required. choices: unknown;vlan;vxlan. The layer 2 encapsulation protocol to use with the virtual switch.
vswitch: ${15|avs,default,dvs,unknown|} # not required. choices: avs;default;dvs;unknown. The virtual switch to use for vmm domains.
multicast_address: ${16:undefined} # not required. The muticast IP address to use for the virtual switch.
use_ssl: ${17:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
vm_provider: ${19|cloudfoundry,kubernetes,microsoft,openshift,openstack,redhat,vmware|} # not required. choices: cloudfoundry;kubernetes;microsoft;openshift;openstack;redhat;vmware. The VM platform for VMM Domains.,Support for Kubernetes was added in ACI v3.0.,Support for CloudFoundry, OpenShift and Red Hat was added in ACI v3.1.
"""
'aci_domain_to_vlan_pool':
'prefix': "aci_domain_to_vlan_pool_snippet"
'description': "Bind Domain to VLAN Pools (infra:RsVlanNs)"
'body': """
aci_domain_to_vlan_pool:
username: ${1:admin} # required. The username to use for authentication.
pool_allocation_mode: ${2|dynamic,static|} # required. choices: dynamic;static. The method used for allocating VLANs to resources.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${4:undefined} # required. The password to use for authentication.
domain: ${5:undefined} # not required. Name of the domain being associated with the VLAN Pool.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
private_key: ${7:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
domain_type: ${8|fc,l2dom,l3dom,phys,vmm|} # not required. choices: fc;l2dom;l3dom;phys;vmm. Determines if the Domain is physical (phys) or virtual (vmm).
use_ssl: ${9:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
vm_provider: ${10|cloudfoundry,kubernetes,microsoft,openshift,openstack,redhat,vmware|} # not required. choices: cloudfoundry;kubernetes;microsoft;openshift;openstack;redhat;vmware. The VM platform for VMM Domains.,Support for Kubernetes was added in ACI v3.0.,Support for CloudFoundry, OpenShift and Red Hat was added in ACI v3.1.
port: ${11:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
pool: ${12:undefined} # not required. The name of the pool.
use_proxy: ${13:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
output_level: ${14|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${15|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${16:30} # not required. The socket level timeout in seconds.
validate_certs: ${17:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_encap_pool':
'prefix': "aci_encap_pool_snippet"
'description': "Manage encap pools (fvns:VlanInstP, fvns:VxlanInstP, fvns:VsanInstP)"
'body': """
aci_encap_pool:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
pool_type: ${3|vlan,vxlan,vsan|} # required. choices: vlan;vxlan;vsan. The encap type of C(pool).
password: ${4:undefined} # required. The password to use for authentication.
output_level: ${5|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
pool_allocation_mode: ${7|dynamic,static|} # not required. choices: dynamic;static. The method used for allocating encaps to resources.,Only vlan and vsan support allocation modes.
description: ${8:undefined} # not required. Description for the C(pool).
certificate_name: ${9:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
pool: ${15:undefined} # not required. The name of the pool.
use_proxy: ${16:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_encap_pool_range':
'prefix': "aci_encap_pool_range_snippet"
'description': "Manage encap ranges assigned to pools (fvns:EncapBlk, fvns:VsanEncapBlk)"
'body': """
aci_encap_pool_range:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
pool_type: ${3|vlan,vxlan,vsan|} # required. choices: vlan;vxlan;vsan. The encap type of C(pool).
password: ${4:undefined} # required. The password to use for authentication.
range_end: ${5:undefined} # not required. The end of encap range.
range_start: ${6:undefined} # not required. The start of the encap range.
private_key: ${7:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
pool_allocation_mode: ${8|dynamic,static|} # not required. choices: dynamic;static. The method used for allocating encaps to resources.,Only vlan and vsan support allocation modes.
description: ${9:undefined} # not required. Description for the pool range.
certificate_name: ${10:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
validate_certs: ${11:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
output_level: ${13|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
timeout: ${14:30} # not required. The socket level timeout in seconds.
use_ssl: ${15:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
allocation_mode: ${16|dynamic,inherit,static|} # not required. choices: dynamic;inherit;static. The method used for allocating encaps to resources.,Only vlan and vsan support allocation modes.
use_proxy: ${17:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
port: ${18:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
pool: ${19:undefined} # not required. The name of the pool that the range should be assigned to.
range_name: ${20:undefined} # not required. The name to give to the encap range.
"""
'aci_epg':
'prefix': "aci_epg_snippet"
'description': "Manage End Point Groups (EPG) objects (fv:AEPg)"
'body': """
aci_epg:
bd: ${1:undefined} # required. Name of the bridge domain being associated with the EPG.
username: ${2:admin} # required. The username to use for authentication.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
ap: ${4:undefined} # required. Name of an existing application network profile, that will contain the EPGs.
epg: ${5:undefined} # required. Name of the end point group.
password: ${6:undefined} # required. The password to use for authentication.
private_key: ${7:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${8:undefined} # not required. Description for the EPG.
certificate_name: ${9:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
fwd_control: ${10|none,proxy-arp|} # not required. choices: none;proxy-arp. The forwarding control used by the EPG.,The APIC defaults new EPGs to C(none).
port: ${11:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
priority: ${12|level1,level2,level3,unspecified|} # not required. choices: level1;level2;level3;unspecified. QoS class.
state: ${13|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
preferred_group: ${14:no} # not required. Whether ot not the EPG is part of the Preferred Group and can communicate without contracts.,This is very convenient for migration scenarios, or when ACI is used for network automation but not for policy.
output_level: ${15|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
timeout: ${16:30} # not required. The socket level timeout in seconds.
use_ssl: ${17:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
intra_epg_isolation: ${19|enforced,unenforced|} # not required. choices: enforced;unenforced. Intra EPG Isolation.
tenant: ${20:undefined} # not required. Name of an existing tenant.
use_proxy: ${21:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_epg_monitoring_policy':
'prefix': "aci_epg_monitoring_policy_snippet"
'description': "Manage monitoring policies (mon:EPGPol)"
'body': """
aci_epg_monitoring_policy:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
monitoring_policy: ${3:undefined} # required. The name of the monitoring policy.
password: ${4:undefined} # required. The password to use for authentication.
tenant: ${5:undefined} # required. The name of the tenant.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${7:undefined} # not required. Description for the monitoring policy.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_epg_to_contract':
'prefix': "aci_epg_to_contract_snippet"
'description': "Bind EPGs to Contracts (fv:RsCons, fv:RsProv)"
'body': """
aci_epg_to_contract:
username: ${1:admin} # required. The username to use for authentication.
password: ${2:undefined} # required. The password to use for authentication.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
contract_type: ${4|consumer,proivder|} # required. choices: consumer;proivder. Determines if the EPG should Provide or Consume the Contract.
output_level: ${5|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_proxy: ${7:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
contract: ${9:undefined} # not required. The name of the contract.
priority: ${10|level1,level2,level3,unspecified|} # not required. choices: level1;level2;level3;unspecified. QoS class.,The APIC defaults new EPG to Contract bindings to C(unspecified).
ap: ${11:undefined} # not required. Name of an existing application network profile, that will contain the EPGs.
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${13:30} # not required. The socket level timeout in seconds.
use_ssl: ${14:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
epg: ${15:undefined} # not required. The name of the end point group.
provider_match: ${16|all,at_least_one,at_most_one,none|} # not required. choices: all;at_least_one;at_most_one;none. The matching algorithm for Provided Contracts.,The APIC defaults new EPG to Provided Contracts to C(at_least_one).
validate_certs: ${17:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${18:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${19:undefined} # not required. Name of an existing tenant.
"""
'aci_epg_to_domain':
'prefix': "aci_epg_to_domain_snippet"
'description': "Bind EPGs to Domains (fv:RsDomAtt)"
'body': """
aci_epg_to_domain:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
domain: ${4:undefined} # not required. Name of the physical or virtual domain being associated with the EPG.
allow_useg: ${5|encap,useg|} # not required. choices: encap;useg. Allows micro-segmentation.,The APIC defaults new EPG to Domain bindings to use C(encap).
ap: ${6:undefined} # not required. Name of an existing application network profile, that will contain the EPGs.
use_ssl: ${7:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
vm_provider: ${8|cloudfoundry,kubernetes,microsoft,openshift,openstack,redhat,vmware|} # not required. choices: cloudfoundry;kubernetes;microsoft;openshift;openstack;redhat;vmware. The VM platform for VMM Domains.,Support for Kubernetes was added in ACI v3.0.,Support for CloudFoundry, OpenShift and Red Hat was added in ACI v3.1.
port: ${9:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${10:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
primary_encap: ${11|range from 1 to 4096|} # not required. choices: range from 1 to 4096. Determines the primary VLAN ID when using useg.
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
encap: ${13|range from 1 to 4096|} # not required. choices: range from 1 to 4096. The VLAN encapsulation for the EPG when binding a VMM Domain with static encap_mode.,This acts as the secondary encap when using useg.
private_key: ${14:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
certificate_name: ${15:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
domain_type: ${16|phys,vmm|} # not required. choices: phys;vmm. Determines if the Domain is physical (phys) or virtual (vmm).
encap_mode: ${17|auto,vlan,vxlan|} # not required. choices: auto;vlan;vxlan. The ecapsulataion method to be used.,The APIC defaults new EPG to Domain bindings to C(auto).
netflow: ${18:no} # not required. Determines if netflow should be enabled.,The APIC defaults new EPG to Domain binings to C(no).
resolution_immediacy: ${19|immediate,lazy,pre-provision|} # not required. choices: immediate;lazy;pre-provision. Determines when the policies should be resolved and available.,The APIC defaults new EPG to Domain bindings to C(lazy).
tenant: ${20:undefined} # not required. Name of an existing tenant.
deploy_immediacy: ${21|immediate,lazy|} # not required. choices: immediate;lazy. Determines when the policy is pushed to hardware Policy CAM.,The APIC defaults new EPG to Domain bindings to C(lazy).
output_level: ${22|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
timeout: ${23:30} # not required. The socket level timeout in seconds.
epg: ${24:undefined} # not required. Name of the end point group.
validate_certs: ${25:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_fabric_node':
'prefix': "aci_fabric_node_snippet"
'description': "Manage Fabric Node Members (fabric:NodeIdentP)"
'body': """
aci_fabric_node:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${5:undefined} # not required. Description for the new Fabric Node Member.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
node_id: ${7:undefined} # not required. Node ID Number for the new Fabric Node Member.
use_ssl: ${8:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
serial: ${9:undefined} # not required. Serial Number for the new Fabric Node Member.
pod_id: ${10:undefined} # not required. The pod id of the new Fabric Node Member.
use_proxy: ${11:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
switch: ${12:undefined} # not required. Switch Name for the new Fabric Node Member.
port: ${13:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
output_level: ${14|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${15|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
role: ${16|leaf,spine,unspecified|} # not required. choices: leaf;spine;unspecified. Role for the new Fabric Node Member.
timeout: ${17:30} # not required. The socket level timeout in seconds.
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_filter':
'prefix': "aci_filter_snippet"
'description': "Manages top level filter objects (vz:Filter)"
'body': """
aci_filter:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
filter: ${3:undefined} # required. The name of the filter.
password: ${4:undefined} # required. The password to use for authentication.
tenant: ${5:undefined} # required. The name of the tenant.
output_level: ${6|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
private_key: ${7:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${8:undefined} # not required. Description for the filter.
certificate_name: ${9:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_filter_entry':
'prefix': "aci_filter_entry_snippet"
'description': "Manage filter entries (vz:Entry)"
'body': """
aci_filter_entry:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
dst_port_end: ${4|Valid TCP/UDP Port Ranges|} # not required. choices: Valid TCP/UDP Port Ranges. Used to set the destination end port when ip_protocol is tcp or udp.,The APIC defaults new Filter Entries to C(unspecified).
ether_type: ${5|arp,fcoe,ip,mac_security,mpls_ucast,trill,unspecified|} # not required. choices: arp;fcoe;ip;mac_security;mpls_ucast;trill;unspecified. The Ethernet type.,The APIC defaults new Filter Entries to C(unspecified).
arp_flag: ${6|arp_reply,arp_request,unspecified|} # not required. choices: arp_reply;arp_request;unspecified. The arp flag to use when the ether_type is arp.,The APIC defaults new Filter Entries to C(unspecified).
private_key: ${7:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_ssl: ${8:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${9:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
ip_protocol: ${10|eigrp,egp,icmp,icmpv6,igmp,igp,l2tp,ospfigp,pim,tcp,udp,unspecified|} # not required. choices: eigrp;egp;icmp;icmpv6;igmp;igp;l2tp;ospfigp;pim;tcp;udp;unspecified. The IP Protocol type when ether_type is ip.,The APIC defaults new Filter Entries to C(unspecified).
output_level: ${11|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
use_proxy: ${12:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
icmp_msg_type: ${13|dst_unreachable,echo,echo_reply,src_quench,time_exceeded,unspecified|} # not required. choices: dst_unreachable;echo;echo_reply;src_quench;time_exceeded;unspecified. ICMPv4 message type; used when ip_protocol is icmp.,The APIC defaults new Filter Entries to C(unspecified).
state: ${14|absent,present,query|} # not required. choices: absent;present;query. present, absent, query
dst_port_start: ${15|Valid TCP/UDP Port Ranges|} # not required. choices: Valid TCP/UDP Port Ranges. Used to set the destination start port when ip_protocol is tcp or udp.,The APIC defaults new Filter Entries to C(unspecified).
description: ${16:undefined} # not required. Description for the Filter Entry.
icmp6_msg_type: ${17|dst_unreachable,echo_request,echo_reply,neighbor_advertisement,neighbor_solicitation,redirect,time_exceeded,unspecified|} # not required. choices: dst_unreachable;echo_request;echo_reply;neighbor_advertisement;neighbor_solicitation;redirect;time_exceeded;unspecified. ICMPv6 message type; used when ip_protocol is icmpv6.,The APIC defaults new Filter Entries to C(unspecified).
certificate_name: ${18:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
stateful: ${19:undefined} # not required. Determines the statefulness of the filter entry.
tenant: ${20:undefined} # not required. The name of the tenant.
filter: ${21:undefined} # not required. The name of Filter that the entry should belong to.
dst_port: ${22|Valid TCP/UDP Port Ranges|} # not required. choices: Valid TCP/UDP Port Ranges. Used to set both destination start and end ports to the same value when ip_protocol is tcp or udp.,The APIC defaults new Filter Entries to C(unspecified).
timeout: ${23:30} # not required. The socket level timeout in seconds.
entry: ${24:undefined} # not required. Then name of the Filter Entry.
validate_certs: ${25:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_firmware_source':
'prefix': "aci_firmware_source_snippet"
'description': "Manage firmware image sources (firmware:OSource)"
'body': """
aci_firmware_source:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
source: ${4:undefined} # required. The identifying name for the outside source of images, such as an HTTP or SCP server.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
timeout: ${6:30} # not required. The socket level timeout in seconds.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
use_ssl: ${8:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${9:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
url_password: ${10:undefined} # not required. The Firmware password or key string.
url_protocol: ${11|http,local,scp,usbkey|} # not required. choices: http;local;scp;usbkey. The Firmware download protocol.
use_proxy: ${12:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url: ${13:undefined} # not required. The firmware URL for the image(s) on the source.
output_level: ${14|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${15|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
url_username: ${16:undefined} # not required. The username for the source.
polling_interval: ${17:undefined} # not required. Polling interval in minutes.
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_interface_policy_fc':
'prefix': "aci_interface_policy_fc_snippet"
'description': "Manage Fibre Channel interface policies (fc:IfPol)"
'body': """
aci_interface_policy_fc:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
fc_policy: ${3:undefined} # required. The name of the Fiber Channel interface policy.
password: ${4:undefined} # required. The password to use for authentication.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${6:undefined} # not required. The description of the Fiber Channel interface policy.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${8|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
validate_certs: ${9:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port_mode: ${13|f,np|} # not required. choices: f;np. Port Mode
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_interface_policy_l2':
'prefix': "aci_interface_policy_l2_snippet"
'description': "Manage Layer 2 interface policies (l2:IfPol)"
'body': """
aci_interface_policy_l2:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
l2_policy: ${4:undefined} # required. The name of the Layer 2 interface policy.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${6:undefined} # not required. The description of the Layer 2 interface policy.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
vepa: ${8|disabled,enabled|} # not required. choices: disabled;enabled. Determines if Virtual Ethernet Port Aggregator is disabled or enabled.
use_ssl: ${9:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
vlan_scope: ${10|global,portlocal|} # not required. choices: global;portlocal. The scope of the VLAN.
port: ${11:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${12:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
output_level: ${13|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${14|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
qinq: ${15|core,disabled,edge|} # not required. choices: core;disabled;edge. Determines if QinQ is disabled or if the port should be considered a core or edge port.
timeout: ${16:30} # not required. The socket level timeout in seconds.
validate_certs: ${17:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_interface_policy_leaf_policy_group':
'prefix': "aci_interface_policy_leaf_policy_group_snippet"
'description': "Manage fabric interface policy leaf policy groups (infra:AccBndlGrp, infra:AccPortGrp)"
'body': """
aci_interface_policy_leaf_policy_group:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
stp_interface_policy: ${5:undefined} # not required. Choice of stp_interface_policy to be used as part of the leaf policy group to be created.
description: ${6:undefined} # not required. Description for the leaf policy group to be created.
egress_data_plane_policing_policy: ${7:undefined} # not required. Choice of egress_data_plane_policing_policy to be used as part of the leaf policy group to be created.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
cdp_policy: ${9:undefined} # not required. Choice of cdp_policy to be used as part of the leaf policy group to be created.
storm_control_interface_policy: ${10:undefined} # not required. Choice of storm_control_interface_policy to be used as part of the leaf policy group to be created.
port_channel_policy: ${11:undefined} # not required. Choice of port_channel_policy to be used as part of the leaf policy group to be created.
mcp_policy: ${12:undefined} # not required. Choice of mcp_policy to be used as part of the leaf policy group to be created.
lag_type: ${13|leaf,link,node|} # not required. choices: leaf;link;node. Selector for the type of leaf policy group we want to create.,C(leaf) for Leaf Access Port Policy Group,C(link) for Port Channel (PC),C(node) for Virtual Port Channel (VPC)
use_ssl: ${14:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
monitoring_policy: ${15:undefined} # not required. Choice of monitoring_policy to be used as part of the leaf policy group to be created.
port: ${16:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
aep: ${17:undefined} # not required. Choice of attached_entity_profile (AEP) to be used as part of the leaf policy group to be created.
use_proxy: ${18:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
priority_flow_control_policy: ${19:undefined} # not required. Choice of priority_flow_control_policy to be used as part of the leaf policy group to be created.
fibre_channel_interface_policy: ${20:undefined} # not required. Choice of fibre_channel_interface_policy to be used as part of the leaf policy group to be created.
l2_interface_policy: ${21:undefined} # not required. Choice of l2_interface_policy to be used as part of the leaf policy group to be created.
policy_group: ${22:undefined} # not required. Name of the leaf policy group to be added/deleted.
port_security_policy: ${23:undefined} # not required. Choice of port_security_policy to be used as part of the leaf policy group to be created.
output_level: ${24|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
link_level_policy: ${25:undefined} # not required. Choice of link_level_policy to be used as part of the leaf policy group to be created.
state: ${26|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
ingress_data_plane_policing_policy: ${27:undefined} # not required. Choice of ingress_data_plane_policing_policy to be used as part of the leaf policy group to be created.
timeout: ${28:30} # not required. The socket level timeout in seconds.
slow_drain_policy: ${29:undefined} # not required. Choice of slow_drain_policy to be used as part of the leaf policy group to be created.
validate_certs: ${30:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
lldp_policy: ${31:undefined} # not required. Choice of lldp_policy to be used as part of the leaf policy group to be created.
"""
'aci_interface_policy_leaf_profile':
'prefix': "aci_interface_policy_leaf_profile_snippet"
'description': "Manage fabric interface policy leaf profiles (infra:AccPortP)"
'body': """
aci_interface_policy_leaf_profile:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
leaf_interface_profile: ${4:undefined} # required. The name of the Fabric access policy leaf interface profile.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${8|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
validate_certs: ${9:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${13:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
description: ${14:undefined} # not required. Description for the Fabric access policy leaf interface profile.
"""
'aci_interface_policy_lldp':
'prefix': "aci_interface_policy_lldp_snippet"
'description': "Manage LLDP interface policies (lldp:IfPol)"
'body': """
aci_interface_policy_lldp:
username: ${1:admin} # required. The username to use for authentication.
receive_state: ${2|disabled,enabled|} # required. choices: disabled;enabled. Enable or disable Receive state.
lldp_policy: ${3:undefined} # required. The LLDP interface policy name.
host: ${4:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${5:undefined} # required. The password to use for authentication.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${7:undefined} # not required. The description for the LLDP interface policy name.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
transmit_state: ${11|disabled,enabled|} # not required. choices: disabled;enabled. Enable or Disable Transmit state.
timeout: ${12:30} # not required. The socket level timeout in seconds.
use_ssl: ${13:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${15:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${16:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_interface_policy_mcp':
'prefix': "aci_interface_policy_mcp_snippet"
'description': "Manage MCP interface policies (mcp:IfPol)"
'body': """
aci_interface_policy_mcp:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
mcp: ${4:undefined} # required. The name of the MCP interface.
use_proxy: ${5:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${7:undefined} # not required. The description for the MCP interface.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
admin_state: ${11|disable,enable|} # not required. choices: disable;enable. Enable or disable admin state.
timeout: ${12:30} # not required. The socket level timeout in seconds.
use_ssl: ${13:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${15:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
"""
'aci_interface_policy_port_channel':
'prefix': "aci_interface_policy_port_channel_snippet"
'description': "Manage port channel interface policies (lacp:LagPol)"
'body': """
aci_interface_policy_port_channel:
port_channel: ${1:undefined} # required. Name of the port channel.
username: ${2:admin} # required. The username to use for authentication.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${4:undefined} # required. The password to use for authentication.
min_links: ${5|Ranges from 1 to 16|} # not required. choices: Ranges from 1 to 16. Minimum links (range 1-16).,The APIC defaults new Port Channel Policies to C(1).
use_ssl: ${6:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
fast_select: ${7:yes} # not required. Determines if Fast Select is enabled for Hot Standby Ports.,This makes up the LACP Policy Control Policy; if one setting is defined, then all other Control Properties left undefined or set to false will not exist after the task is ran.,The APIC defaults new LACP Policies to C(yes).
port: ${8:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${9:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
load_defer: ${10:no} # not required. Determines if Load Defer is enabled.,This makes up the LACP Policy Control Policy; if one setting is defined, then all other Control Properties left undefined or set to false will not exist after the task is ran.,The APIC defaults new LACP Policies to C(no).
state: ${11|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
private_key: ${12:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${13:undefined} # not required. The description for the port channel.
certificate_name: ${14:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
graceful_convergence: ${15:yes} # not required. Determines if Graceful Convergence is enabled.,This makes up the LACP Policy Control Policy; if one setting is defined, then all other Control Properties left undefined or set to false will not exist after the task is ran.,The APIC defaults new LACP Policies to C(yes).
symmetric_hash: ${16:no} # not required. Determines if Symmetric Hashing is enabled.,This makes up the LACP Policy Control Policy; if one setting is defined, then all other Control Properties left undefined or set to false will not exist after the task is ran.,The APIC defaults new LACP Policies to C(no).
suspend_individual: ${17:yes} # not required. Determines if Suspend Individual is enabled.,This makes up the LACP Policy Control Policy; if one setting is defined, then all other Control Properties left undefined or set to false will not exist after the task is ran.,The APIC defaults new LACP Policies to C(yes).
output_level: ${18|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
mode: ${19|active,mac-pin,mac-pin-nicload,off,passive|} # not required. choices: active;mac-pin;mac-pin-nicload;off;passive. Port channel interface policy mode.,Determines the LACP method to use for forming port-channels.,The APIC defaults new Port Channel Polices to C(off).
timeout: ${20:30} # not required. The socket level timeout in seconds.
validate_certs: ${21:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
max_links: ${22|Ranges from 1 to 16|} # not required. choices: Ranges from 1 to 16. Maximum links (range 1-16).,The APIC defaults new Port Channel Policies to C(16).
"""
'aci_interface_policy_port_security':
'prefix': "aci_interface_policy_port_security_snippet"
'description': "Manage port security (l2:PortSecurityPol)"
'body': """
aci_interface_policy_port_security:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
port_security: ${3:undefined} # required. The name of the port security.
password: ${4:undefined} # required. The password to use for authentication.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
max_end_points: ${6:undefined} # not required. Maximum number of end points (range 0-12000).,The APIC defaults new port-security policies to C(0).
description: ${7:undefined} # not required. The description for the contract.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_interface_selector_to_switch_policy_leaf_profile':
'prefix': "aci_interface_selector_to_switch_policy_leaf_profile_snippet"
'description': "Bind interface selector profiles to switch policy leaf profiles (infra:RsAccPortP)"
'body': """
aci_interface_selector_to_switch_policy_leaf_profile:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_proxy: ${5:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
leaf_profile: ${7:undefined} # not required. Name of the Leaf Profile to which we add a Selector.
output_level: ${8|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${9|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${10:30} # not required. The socket level timeout in seconds.
use_ssl: ${11:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
interface_selector: ${12:undefined} # not required. Name of Interface Profile Selector to be added and associated with the Leaf Profile.
validate_certs: ${13:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
"""
'aci_l3out_route_tag_policy':
'prefix': "aci_l3out_route_tag_policy_snippet"
'description': "Manage route tag policies (l3ext:RouteTagPol)"
'body': """
aci_l3out_route_tag_policy:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
rtp: ${3:undefined} # required. The name of the route tag policy.
password: ${4:undefined} # required. The password to use for authentication.
tenant: ${5:undefined} # required. The name of the tenant.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${7:undefined} # not required. The description for the route tag policy.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
tag: ${11:4294967295} # not required. The value of the route tag (range 0-4294967295).
timeout: ${12:30} # not required. The socket level timeout in seconds.
use_ssl: ${13:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${15:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${16:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_rest':
'prefix': "aci_rest_snippet"
'description': "Direct access to the Cisco APIC REST API"
'body': """
aci_rest:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
path: ${3:undefined} # required. URI being used to execute API calls.,Must end in C(.xml) or C(.json).
password: ${4:undefined} # required. The password to use for authentication.
src: ${5:undefined} # not required. Name of the absolute path of the filname that includes the body of the http request being sent to the ACI fabric.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_proxy: ${7:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
port: ${9:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
content: ${10:undefined} # not required. When used instead of C(src), sets the payload of the API request directly.,This may be convenient to template simple requests, for anything complex use the M(template) module.
output_level: ${11|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
timeout: ${12:30} # not required. The socket level timeout in seconds.
use_ssl: ${13:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
method: ${15|delete,get,post|} # not required. choices: delete;get;post. The HTTP method of the request.,Using C(delete) is typically used for deleting objects.,Using C(get) is typically used for querying objects.,Using C(post) is typically used for modifying objects.
"""
'aci_static_binding_to_epg':
'prefix': "aci_static_binding_to_epg_snippet"
'description': "Bind static paths to EPGs (fv:RsPathAtt)"
'body': """
aci_static_binding_to_epg:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
interface_type: ${4|fex,port_channel,switch_port,vpc|} # not required. choices: fex;port_channel;switch_port;vpc. The type of interface for the static EPG deployement.,The APIC defaults the C(interface_type) to C(switch_port).
ap: ${5:undefined} # not required. Name of an existing application network profile, that will contain the EPGs.
leafs: ${6:undefined} # not required. The switch ID(s) that the C(interface) belongs to.,When C(interface_type) is C(switch_port), C(port_channel), or C(fex), then C(leafs) is a string of the leaf ID.,When C(interface_type) is C(vpc), then C(leafs) is a list with both leaf IDs.,The C(leafs) value is usually something like '101' or '101-102' depending on C(connection_type).
use_ssl: ${7:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
pod_id: ${8:undefined} # not required. The pod number part of the tDn.,C(pod_id) is usually an integer below 10.
interface_mode: ${9|802.1p,access,native,regular,tagged,trunk,untagged|} # not required. choices: 802.1p;access;native;regular;tagged;trunk;untagged. Determines how layer 2 tags will be read from and added to frames.,Values C(802.1p) and C(native) are identical.,Values C(access) and C(untagged) are identical.,Values C(regular), C(tagged) and C(trunk) are identical.,The APIC defaults the mode to C(trunk).
use_proxy: ${10:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
port: ${11:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
private_key: ${13:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
certificate_name: ${14:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
primary_encap_id: ${15|Valid encap IDs for specified encap,currently 1 to 4096|} # not required. choices: Valid encap IDs for specified encap;currently 1 to 4096. Determines the primary encapsulation ID associating the C(epg) with the interface path when using micro-segmentation.
interface: ${16:undefined} # not required. The C(interface) string value part of the tDn.,Usually a policy group like \"test-IntPolGrp\" or an interface of the following format \"1/7\" depending on C(interface_type).
encap_id: ${17|Valid encap IDs for specified encap,currently 1 to 4096|} # not required. choices: Valid encap IDs for specified encap;currently 1 to 4096. The encapsulation ID associating the C(epg) with the interface path.,This acts as the secondary C(encap_id) when using micro-segmentation.
tenant: ${18:undefined} # not required. Name of an existing tenant.
deploy_immediacy: ${19|immediate,lazy|} # not required. choices: immediate;lazy. The Deployement Immediacy of Static EPG on PC, VPC or Interface.,The APIC defaults the Deployement Immediacy to C(lazy).
output_level: ${20|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
timeout: ${21:30} # not required. The socket level timeout in seconds.
epg: ${22:undefined} # not required. The name of the end point group.
validate_certs: ${23:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
extpaths: ${24:undefined} # not required. The C(extpaths) integer value part of the tDn.,C(extpaths) is only used if C(interface_type) is C(fex).,Usually something like '1011'.
"""
'aci_switch_leaf_selector':
'prefix': "aci_switch_leaf_selector_snippet"
'description': "Bind leaf selectors to switch policy leaf profiles (infra:LeafS, infra:NodeBlk, infra:RsAccNodePGrep)"
'body': """
aci_switch_leaf_selector:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
use_proxy: ${4:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
from: ${6:undefined} # not required. Start of Node Block Range
description: ${7:undefined} # not required. The description to assign to the C(leaf)
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
leaf_profile: ${9:undefined} # not required. Name of the Leaf Profile to which we add a Selector.
output_level: ${10|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
to: ${11:undefined} # not required. Start of Node Block Range
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
leaf_node_blk_description: ${13:undefined} # not required. The description to assign to the C(leaf_node_blk)
timeout: ${14:30} # not required. The socket level timeout in seconds.
use_ssl: ${15:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
leaf: ${16:undefined} # not required. Name of Leaf Selector.
validate_certs: ${17:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${18:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
leaf_node_blk: ${19:undefined} # not required. Name of Node Block range to be added to Leaf Selector of given Leaf Profile
policy_group: ${20:undefined} # not required. Name of the Policy Group to be added to Leaf Selector of given Leaf Profile
"""
'aci_switch_policy_leaf_profile':
'prefix': "aci_switch_policy_leaf_profile_snippet"
'description': "Manage switch policy leaf profiles (infra:NodeP)"
'body': """
aci_switch_policy_leaf_profile:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_proxy: ${5:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
leaf_profile: ${7:undefined} # not required. The name of the Leaf Profile.
output_level: ${8|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${9|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${10:30} # not required. The socket level timeout in seconds.
use_ssl: ${11:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${12:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${13:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
description: ${14:undefined} # not required. Description for the Leaf Profile.
"""
'aci_switch_policy_vpc_protection_group':
'prefix': "aci_switch_policy_vpc_protection_group_snippet"
'description': "Manage switch policy explicit vPC protection groups (fabric:ExplicitGEp, fabric:NodePEp)."
'body': """
aci_switch_policy_vpc_protection_group:
username: ${1:admin} # required. The username to use for authentication.
switch_2_id: ${2:undefined} # required. The ID of the Second Leaf Switch for the Explicit vPC Protection Group.
switch_1_id: ${3:undefined} # required. The ID of the first Leaf Switch for the Explicit vPC Protection Group.
host: ${4:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
protection_group: ${5:undefined} # required. The name of the Explicit vPC Protection Group.
password: ${6:undefined} # required. The password to use for authentication.
protection_group_id: ${7:undefined} # required. The Explicit vPC Protection Group ID.
private_key: ${8:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
certificate_name: ${9:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
vpc_domain_policy: ${10:undefined} # not required. The vPC domain policy to be associated with the Explicit vPC Protection Group.
use_ssl: ${11:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${12:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${13:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
output_level: ${15|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${16|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${17:30} # not required. The socket level timeout in seconds.
"""
'aci_taboo_contract':
'prefix': "aci_taboo_contract_snippet"
'description': "Manage taboo contracts (vz:BrCP)"
'body': """
aci_taboo_contract:
username: ${1:admin} # required. The username to use for authentication.
taboo_contract: ${2:undefined} # required. The name of the Taboo Contract.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${4:undefined} # required. The password to use for authentication.
tenant: ${5:undefined} # required. The name of the tenant.
description: ${6:undefined} # not required. The description for the Taboo Contract.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
private_key: ${8:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
scope: ${13|application-profile,context,global,tenant|} # not required. choices: application-profile;context;global;tenant. The scope of a service contract.,The APIC defaults new Taboo Contracts to C(context).
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${15:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${16:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_tenant':
'prefix': "aci_tenant_snippet"
'description': "Manage tenants (fv:Tenant)"
'body': """
aci_tenant:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
tenant: ${4:undefined} # required. The name of the tenant.
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${8|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${9|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${10:30} # not required. The socket level timeout in seconds.
use_ssl: ${11:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${12:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${13:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
description: ${14:undefined} # not required. Description for the tenant.
"""
'aci_tenant_action_rule_profile':
'prefix': "aci_tenant_action_rule_profile_snippet"
'description': "Manage action rule profiles (rtctrl:AttrP)"
'body': """
aci_tenant_action_rule_profile:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
output_level: ${4|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
private_key: ${5:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${6:undefined} # not required. The description for the action rule profile.
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
action_rule: ${8:undefined} # not required. The name of the action rule profile.
state: ${9|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${10:30} # not required. The socket level timeout in seconds.
use_ssl: ${11:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${12:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${13:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${14:undefined} # not required. The name of the tenant.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_tenant_ep_retention_policy':
'prefix': "aci_tenant_ep_retention_policy_snippet"
'description': "Manage End Point (EP) retention protocol policies (fv:EpRetPol)"
'body': """
aci_tenant_ep_retention_policy:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${5:undefined} # not required. Description for the End point rentention policy.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
hold_interval: ${7:300} # not required. Hold Interval (range 5secs - 65535secs).
epr_policy: ${8:undefined} # not required. The name of the end point retention policy.
bounce_trigger: ${9:coop} # not required. Determines if the bounce entries are installed by RARP Flood or COOP Protocol.,The APIC defaults new End Point Retention Policies to C(coop).
output_level: ${10|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
validate_certs: ${11:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${13:30} # not required. The socket level timeout in seconds.
local_ep_interval: ${14:900} # not required. Local end point Aging Interval (range 120secs - 65535secs).,0 is used for infinite.
bounce_age: ${15:630} # not required. Bounce Entry Aging Interval (range 150secs - 65535secs),0 is used for infinite.
move_frequency: ${16:256} # not required. Move frequency per second (range 0secs - 65535secs).,0 is used for none.
use_ssl: ${17:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
remote_ep_interval: ${18:300} # not required. Remote end point Aging Interval (range 120secs - 65535secs).,O is used for infinite.
port: ${19:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${20:undefined} # not required. The name of an existing tenant.
use_proxy: ${21:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_tenant_span_dst_group':
'prefix': "aci_tenant_span_dst_group_snippet"
'description': "Manage SPAN destination groups (span:DestGrp)"
'body': """
aci_tenant_span_dst_group:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
dst_group: ${4:undefined} # required. The name of the SPAN destination group.
tenant: ${5:undefined} # required. The name of the tenant.
private_key: ${6:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${7:undefined} # not required. The description of the SPAN destination group.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${9|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
validate_certs: ${10:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${11|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${12:30} # not required. The socket level timeout in seconds.
use_ssl: ${13:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_tenant_span_src_group':
'prefix': "aci_tenant_span_src_group_snippet"
'description': "Manage SPAN source groups (span:SrcGrp)"
'body': """
aci_tenant_span_src_group:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${5:undefined} # not required. The description for Span source group.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
admin_state: ${7|enabled,disabled|} # not required. choices: enabled;disabled. Enable or disable the span sources.
use_ssl: ${8:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
dst_group: ${9:undefined} # not required. The Span destination group to associate with the source group.
port: ${10:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${11:undefined} # not required. The name of the Tenant.
use_proxy: ${12:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
src_group: ${13:undefined} # not required. The name of the Span source group.
output_level: ${14|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${15|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${16:30} # not required. The socket level timeout in seconds.
validate_certs: ${17:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'aci_tenant_span_src_group_to_dst_group':
'prefix': "aci_tenant_span_src_group_to_dst_group_snippet"
'description': "Bind SPAN source groups to destination groups (span:SpanLbl)"
'body': """
aci_tenant_span_src_group_to_dst_group:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${5:undefined} # not required. The description for Span source group to destination group binding.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
src_group: ${7:undefined} # not required. The name of the Span source group.
output_level: ${8|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
validate_certs: ${9:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${10|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${11:30} # not required. The socket level timeout in seconds.
use_ssl: ${12:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
dst_group: ${13:undefined} # not required. The Span destination group to associate with the source group.
port: ${14:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${15:undefined} # not required. The name of the Tenant.
use_proxy: ${16:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_vlan_pool':
'prefix': "aci_vlan_pool_snippet"
'description': "Manage VLAN pools (fvns:VlanInstP)"
'body': """
aci_vlan_pool:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
pool_allocation_mode: ${5|dynamic,static|} # not required. choices: dynamic;static. The method used for allocating VLANs to resources.
description: ${6:undefined} # not required. Description for the C(pool).
certificate_name: ${7:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
output_level: ${8|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${9|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${10:30} # not required. The socket level timeout in seconds.
use_ssl: ${11:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
validate_certs: ${12:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${13:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
pool: ${14:undefined} # not required. The name of the pool.
use_proxy: ${15:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_vlan_pool_encap_block':
'prefix': "aci_vlan_pool_encap_block_snippet"
'description': "Manage encap blocks assigned to VLAN pools (fvns:EncapBlk)"
'body': """
aci_vlan_pool_encap_block:
username: ${1:admin} # required. The username to use for authentication.
password: ${2:undefined} # required. The password to use for authentication.
host: ${3:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
pool_allocation_mode: ${5|dynamic,static|} # not required. choices: dynamic;static. The method used for allocating encaps to resources.
block_end: ${6:undefined} # not required. The end of encap block.
description: ${7:undefined} # not required. Description for the pool encap block.
certificate_name: ${8:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
block_start: ${9:undefined} # not required. The start of the encap block.
output_level: ${10|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
block_name: ${11:undefined} # not required. The name to give to the encap block.
state: ${12|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${13:30} # not required. The socket level timeout in seconds.
use_ssl: ${14:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
allocation_mode: ${15|dynamic,inherit,static|} # not required. choices: dynamic;inherit;static. The method used for allocating encaps to resources.
validate_certs: ${16:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${17:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
pool: ${18:undefined} # not required. The name of the pool that the encap block should be assigned to.
use_proxy: ${19:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'aci_vrf':
'prefix': "aci_vrf_snippet"
'description': "Manage contexts or VRFs (fv:Ctx)"
'body': """
aci_vrf:
username: ${1:admin} # required. The username to use for authentication.
host: ${2:undefined} # required. IP Address or hostname of APIC resolvable by Ansible control host.
password: ${3:undefined} # required. The password to use for authentication.
private_key: ${4:undefined} # not required. PEM formatted file that contains your private key to be used for signature-based authentication.,The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
description: ${5:undefined} # not required. The description for the VRF.
certificate_name: ${6:C(private_key) basename} # not required. The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.,It defaults to the C(private_key) basename, without extension.
vrf: ${7:undefined} # not required. The name of the VRF.
use_ssl: ${8:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${9:443 (for https) and 80 (for http)} # not required. Port number to be used for REST connection.
tenant: ${10:undefined} # not required. The name of the Tenant the VRF should belong to.
use_proxy: ${11:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
policy_control_preference: ${12|enforced,unenforced|} # not required. choices: enforced;unenforced. Determines if the Fabric should enforce Contrac Policies.
policy_control_direction: ${13|egress,ingress|} # not required. choices: egress;ingress. Determines if the policy should be enforced by the fabric on ingress or egress.
output_level: ${14|debug,info,normal|} # not required. choices: debug;info;normal. Influence the output of this ACI module.,C(normal) means the standard output, incl. C(current) dict,C(info) means informational output, incl. C(previous), C(proposed) and C(sent) dicts,C(debug) means debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information
state: ${15|absent,present,query|} # not required. choices: absent;present;query. Use C(present) or C(absent) for adding or removing.,Use C(query) for listing an object or multiple objects.
timeout: ${16:30} # not required. The socket level timeout in seconds.
validate_certs: ${17:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'acl':
'prefix': "acl_snippet"
'description': "Sets and retrieves file ACL information."
'body': """
acl:
path: ${1:undefined} # required. The full path of the file or object.
recursive: ${2:no} # not required. Recursively sets the specified ACL (added in Ansible 2.0). Incompatible with C(state=query).
default: ${3:no} # not required. if the target is a directory, setting this to yes will make it the default acl for entities created inside the directory. It causes an error if path is a file.
entity: ${4:undefined} # not required. actual user or group that the ACL applies to when matching entity types user or group are selected.
state: ${5|absent,present,query|} # not required. choices: absent;present;query. defines whether the ACL should be present or not. The C(query) state gets the current acl without changing it, for use in 'register' operations.
follow: ${6:yes} # not required. whether to follow symlinks on the path if a symlink is encountered.
etype: ${7|group,mask,other,user|} # not required. choices: group;mask;other;user. the entity type of the ACL to apply, see setfacl documentation for more info.
entry: ${8:undefined} # not required. DEPRECATED. The acl to set or remove. This must always be quoted in the form of '<etype>:<qualifier>:<perms>'. The qualifier may be empty for some types, but the type and perms are always required. '-' can be used as placeholder when you do not care about permissions. This is now superseded by entity, type and permissions fields.
permissions: ${9:undefined} # not required. Permissions to apply/remove can be any combination of r, w and x (read, write and execute respectively)
"""
'add_host':
'prefix': "add_host_snippet"
'description': "add a host (and alternatively a group) to the ansible-playbook in-memory inventory"
'body': """
add_host:
name: ${1:undefined} # required. The hostname/ip of the host to add to the inventory, can include a colon and a port number.
groups: ${2:undefined} # not required. The groups to add the hostname to, comma separated.
"""
'airbrake_deployment':
'prefix': "airbrake_deployment_snippet"
'description': "Notify airbrake about app deployments"
'body': """
airbrake_deployment:
environment: ${1:undefined} # required. The airbrake environment name, typically 'production', 'staging', etc.
token: ${2:undefined} # required. API token.
repo: ${3:undefined} # not required. URL of the project repository
user: ${4:undefined} # not required. The username of the person doing the deployment
url: ${5:https://airbrake.io/deploys.txt} # not required. Optional URL to submit the notification to. Use to send notifications to Airbrake-compliant tools like Errbit.
validate_certs: ${6|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates.
revision: ${7:undefined} # not required. A hash, number, tag, or other identifier showing what revision was deployed
"""
'aireos_command':
'prefix': "aireos_command_snippet"
'description': "Run commands on remote devices running Cisco WLC"
'body': """
aireos_command:
commands: ${1:undefined} # required. List of commands to send to the remote aireos device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. A dict object containing connection details.
wait_for: ${5:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'aireos_config':
'prefix': "aireos_config_snippet"
'description': "Manage Cisco WLC configurations"
'body': """
aireos_config:
src: ${1:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines).
after: ${2:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${3:null} # not required. The ordered set of commands that should be configured. The commands must be the exact same commands as found in the device run-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
diff_against: ${4|intended,running|} # not required. choices: intended;running. When using the C(ansible-playbook --diff) command line argument the module can generate diffs against different sources.,When this option is configured as I(intended), the module will return the diff of the running-config against the configuration provided in the C(intended_config) argument.,When this option is configured as I(running), the module will return the before and after diff of the running-config with respect to any changes made to the device configuration.
intended_config: ${5:undefined} # not required. The C(intended_config) provides the master configuration that the node should conform to and is used to check the final running-config against. This argument will not modify any settings on the remote device and is strictly used to check the compliance of the current device's configuration against. When specifying this argument, the task should also modify the C(diff_against) value and set it to I(intended).
running_config: ${6:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(running_config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
provider: ${7:null} # not required. A dict object containing connection details.
before: ${8:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
save: ${9:false} # not required. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
backup: ${10:false} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
match: ${11|line,none|} # not required. choices: line;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
diff_ignore_lines: ${12:undefined} # not required. Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches.
"""
'aix_inittab':
'prefix': "aix_inittab_snippet"
'description': "Manages the inittab on AIX"
'body': """
aix_inittab:
action: ${1|boot,bootwait,hold,initdefault,false,once,ondemand,powerfail,powerwait,respawn,sysinit,wait|} # required. choices: boot;bootwait;hold;initdefault;false;once;ondemand;powerfail;powerwait;respawn;sysinit;wait. Action what the init has to do with this entry.
command: ${2:undefined} # required. What command has to run.
name: ${3:undefined} # required. Name of the inittab entry.
runlevel: ${4:undefined} # required. Runlevel of the entry.
state: ${5|absent,present|} # not required. choices: absent;present. Whether the entry should be present or absent in the inittab file.
insertafter: ${6:undefined} # not required. After which inittabline should the new entry inserted.
"""
'aix_lvol':
'prefix': "aix_lvol_snippet"
'description': "Configure AIX LVM logical volumes"
'body': """
aix_lvol:
vg: ${1:undefined} # required. The volume group this logical volume is part of.
lv: ${2:undefined} # required. The name of the logical volume.
pvs: ${3:undefined} # not required. Comma separated list of physical volumes e.g. C(hdisk1,hdisk2).
lv_type: ${4:jfs2} # not required. The type of the logical volume.
copies: ${5:1} # not required. The number of copies of the logical volume. Maximum copies are 3.
state: ${6|absent,present|} # not required. choices: absent;present. Control if the logical volume exists. If C(present) and the volume does not already exist then the C(size) option is required.
policy: ${7|maximum,minimum|} # not required. choices: maximum;minimum. Sets the interphysical volume allocation policy. C(maximum) allocates logical partitions across the maximum number of physical volumes. C(minimum) allocates logical partitions across the minimum number of physical volumes.
opts: ${8:undefined} # not required. Free-form options to be passed to the mklv command.
size: ${9:undefined} # not required. The size of the logical volume with one of the [MGT] units.
"""
'alternatives':
'prefix': "alternatives_snippet"
'description': "Manages alternative programs for common commands"
'body': """
alternatives:
path: ${1:undefined} # required. The path to the real executable that the link should point to.
name: ${2:undefined} # required. The generic name of the link.
priority: ${3:50} # not required. The priority of the alternative
link: ${4:undefined} # not required. The path to the symbolic link that should point to the real executable.,This option is always required on RHEL-based distributions. On Debian-based distributions this option is required when the alternative I(name) is unknown to the system.
"""
'aos_asn_pool':
'prefix': "aos_asn_pool_snippet"
'description': "Manage AOS ASN Pool"
'body': """
aos_asn_pool:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
ranges: ${2:undefined} # not required. List of ASNs ranges to add to the ASN Pool. Each range must have 2 values.
content: ${3:undefined} # not required. Datastructure of the ASN Pool to manage. The data can be in YAML / JSON or directly a variable. It's the same datastructure that is returned on success in I(value).
state: ${4|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the ASN Pool (present or not).
name: ${5:undefined} # not required. Name of the ASN Pool to manage. Only one of I(name), I(id) or I(content) can be set.
id: ${6:undefined} # not required. AOS Id of the ASN Pool to manage. Only one of I(name), I(id) or I(content) can be set.
"""
'aos_blueprint':
'prefix': "aos_blueprint_snippet"
'description': "Manage AOS blueprint instance"
'body': """
aos_blueprint:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
state: ${2|present,absent,build-ready|} # not required. choices: present;absent;build-ready. Indicate what is the expected state of the Blueprint.
reference_arch: ${3:undefined} # not required. When creating a blueprint, this value identifies a known AOS reference architecture value. I(Refer to AOS-server documentation for available values).
name: ${4:undefined} # not required. Name of the Blueprint to manage. Only one of I(name) or I(id) can be set.
timeout: ${5:5} # not required. When I(state=build-ready), this timeout identifies timeout in seconds to wait before declaring a failure.
id: ${6:undefined} # not required. AOS Id of the IP Pool to manage (can't be used to create a new IP Pool). Only one of I(name) or I(id) can be set.
template: ${7:undefined} # not required. When creating a blueprint, this value identifies, by name, an existing engineering design template within the AOS-server.
"""
'aos_blueprint_param':
'prefix': "aos_blueprint_param_snippet"
'description': "Manage AOS blueprint parameter values"
'body': """
aos_blueprint_param:
blueprint: ${1:undefined} # required. Blueprint Name or Id as defined in AOS.
session: ${2:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
state: ${3|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the Blueprint Parameter (present or not).
name: ${4:undefined} # not required. Name of blueprint parameter, as defined by AOS design template. You can use the option I(get_param_list) to get the complete list of supported parameters for your blueprint.
get_param_list: ${5:undefined} # not required. Get the complete list of supported parameters for this blueprint and the description of those parameters.
value: ${6:undefined} # not required. Blueprint parameter value. This value may be transformed by using the I(param_map) field; used when the blueprint parameter requires an AOS unique ID value.
param_map: ${7:undefined} # not required. Defines the aos-pyez collection that will is used to map the user-defined item name into the AOS unique ID value. For example, if the caller provides an IP address pool I(param_value) called \"Server-IpAddrs\", then the aos-pyez collection is 'IpPools'. Some I(param_map) are already defined by default like I(logical_device_maps).
"""
'aos_blueprint_virtnet':
'prefix': "aos_blueprint_virtnet_snippet"
'description': "Manage AOS blueprint parameter values"
'body': """
aos_blueprint_virtnet:
blueprint: ${1:undefined} # required. Blueprint Name or Id as defined in AOS.
session: ${2:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
content: ${3:undefined} # not required. Datastructure of the Virtual Network to manage. The data can be in YAML / JSON or directly a variable. It's the same datastructure that is returned on success in I(value).
state: ${4|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the Virtual Network (present or not).
name: ${5:undefined} # not required. Name of Virtual Network as part of the Blueprint.
"""
'aos_device':
'prefix': "aos_device_snippet"
'description': "Manage Devices on AOS Server"
'body': """
aos_device:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
state: ${2|normal|} # not required. choices: normal. Define in which state the device should be. Currently only I(normal) is supported but the goal is to add I(maint) and I(decomm).
name: ${3:undefined} # not required. The device serial-number; i.e. uniquely identifies the device in the AOS system. Only one of I(name) or I(id) can be set.
approve: ${4|yes,no|} # not required. choices: yes;no. The approve argument instruct the module to convert a device in quarantine mode into approved mode.
id: ${5:undefined} # not required. The AOS internal id for a device; i.e. uniquely identifies the device in the AOS system. Only one of I(name) or I(id) can be set.
location: ${6:undefined} # not required. When approving a device using the I(approve) argument, it's possible define the location of the device.
"""
'aos_external_router':
'prefix': "aos_external_router_snippet"
'description': "Manage AOS External Router"
'body': """
aos_external_router:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
content: ${2:undefined} # not required. Datastructure of the External Router to create. The format is defined by the I(content_format) parameter. It's the same datastructure that is returned on success in I(value).
state: ${3|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the External Router (present or not).
name: ${4:undefined} # not required. Name of the External Router to manage. Only one of I(name), I(id) or I(content) can be set.
loopback: ${5:undefined} # not required. IP address of the Loopback interface of the external_router.
asn: ${6:undefined} # not required. ASN id of the external_router.
id: ${7:undefined} # not required. AOS Id of the External Router to manage (can't be used to create a new External Router), Only one of I(name), I(id) or I(content) can be set.
"""
'aos_ip_pool':
'prefix': "aos_ip_pool_snippet"
'description': "Manage AOS IP Pool"
'body': """
aos_ip_pool:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
content: ${2:undefined} # not required. Datastructure of the IP Pool to manage. The data can be in YAML / JSON or directly a variable. It's the same datastructure that is returned on success in I(value).
subnets: ${3:undefined} # not required. List of subnet that needs to be part of the IP Pool.
state: ${4|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the IP Pool (present or not).
name: ${5:undefined} # not required. Name of the IP Pool to manage. Only one of I(name), I(id) or I(content) can be set.
id: ${6:undefined} # not required. AOS Id of the IP Pool to manage (can't be used to create a new IP Pool), Only one of I(name), I(id) or I(content) can be set.
"""
'aos_logical_device':
'prefix': "aos_logical_device_snippet"
'description': "Manage AOS Logical Device"
'body': """
aos_logical_device:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
content: ${2:undefined} # not required. Datastructure of the Logical Device to create. The data can be in YAML / JSON or directly a variable. It's the same datastructure that is returned on success in I(value).
state: ${3|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the Logical Device (present or not).
name: ${4:undefined} # not required. Name of the Logical Device to manage. Only one of I(name), I(id) or I(content) can be set.
id: ${5:undefined} # not required. AOS Id of the Logical Device to manage (can't be used to create a new Logical Device), Only one of I(name), I(id) or I(content) can be set.
"""
'aos_logical_device_map':
'prefix': "aos_logical_device_map_snippet"
'description': "Manage AOS Logical Device Map"
'body': """
aos_logical_device_map:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
content: ${2:undefined} # not required. Datastructure of the Logical Device Map to manage. The data can be in YAML / JSON or directly a variable. It's the same datastructure that is returned on success in I(value). Only one of I(name), I(id) or I(content) can be set.
state: ${3|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the Logical Device Map (present or not).
name: ${4:undefined} # not required. Name of the Logical Device Map to manage. Only one of I(name), I(id) or I(content) can be set.
id: ${5:undefined} # not required. AOS Id of the Logical Device Map to manage (can't be used to create a new Logical Device Map), Only one of I(name), I(id) or I(content) can be set.
"""
'aos_login':
'prefix': "aos_login_snippet"
'description': "Login to AOS server for session token"
'body': """
aos_login:
server: ${1:undefined} # required. Address of the AOS Server on which you want to open a connection.
passwd: ${2:admin} # not required. Password to use when connecting to the AOS server.
user: ${3:admin} # not required. Login username to use when connecting to the AOS server.
port: ${4:443} # not required. Port number to use when connecting to the AOS server.
"""
'aos_rack_type':
'prefix': "aos_rack_type_snippet"
'description': "Manage AOS Rack Type"
'body': """
aos_rack_type:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
content: ${2:undefined} # not required. Datastructure of the Rack Type to create. The data can be in YAML / JSON or directly a variable. It's the same datastructure that is returned on success in I(value).
state: ${3|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the Rack Type (present or not).
name: ${4:undefined} # not required. Name of the Rack Type to manage. Only one of I(name), I(id) or I(content) can be set.
id: ${5:undefined} # not required. AOS Id of the Rack Type to manage (can't be used to create a new Rack Type), Only one of I(name), I(id) or I(content) can be set.
"""
'aos_template':
'prefix': "aos_template_snippet"
'description': "Manage AOS Template"
'body': """
aos_template:
session: ${1:undefined} # required. An existing AOS session as obtained by M(aos_login) module.
content: ${2:undefined} # not required. Datastructure of the Template to create. The data can be in YAML / JSON or directly a variable. It's the same datastructure that is returned on success in I(value).
state: ${3|present,absent|} # not required. choices: present;absent. Indicate what is the expected state of the Template (present or not).
name: ${4:undefined} # not required. Name of the Template to manage. Only one of I(name), I(id) or I(src) can be set.
id: ${5:undefined} # not required. AOS Id of the Template to manage (can't be used to create a new Template), Only one of I(name), I(id) or I(src) can be set.
"""
'apache2_mod_proxy':
'prefix': "apache2_mod_proxy_snippet"
'description': "Set and/or get members' attributes of an Apache httpd 2.4 mod_proxy balancer pool"
'body': """
apache2_mod_proxy:
balancer_vhost: ${1:None} # required. (ipv4|ipv6|fqdn):port of the Apache httpd 2.4 mod_proxy balancer pool.
tls: ${2|true,false|} # not required. choices: true;false. Use https to access balancer management page.
member_host: ${3:None} # not required. (ipv4|ipv6|fqdn) of the balancer member to get or to set attributes to. Port number is autodetected and should not be specified here. If undefined, apache2_mod_proxy module will return a members list of dictionaries of all the current balancer pool members' attributes.
validate_certs: ${4|true,false|} # not required. choices: true;false. Validate ssl/tls certificates.
state: ${5|present,absent,enabled,disabled,drained,hot_standby,ignore_errors|} # not required. choices: present;absent;enabled;disabled;drained;hot_standby;ignore_errors. Desired state of the member host. (absent|disabled),drained,hot_standby,ignore_errors can be simultaneously invoked by separating them with a comma (e.g. state=drained,ignore_errors).
balancer_url_suffix: ${6:/balancer-manager/} # not required. Suffix of the balancer pool url required to access the balancer pool status page (e.g. balancer_vhost[:port]/balancer_url_suffix).
"""
'apache2_module':
'prefix': "apache2_module_snippet"
'description': "Enables/disables a module of the Apache2 webserver."
'body': """
apache2_module:
name: ${1:undefined} # required. Name of the module to enable/disable as given to C(a2enmod/a2dismod).
state: ${2|present,absent|} # not required. choices: present;absent. Desired state of the module.
identifier: ${3:undefined} # not required. Identifier of the module as listed by C(apache2ctl -M). This is optional and usually determined automatically by the common convention of appending C(_module) to I(name) as well as custom exception for popular modules.
force: ${4|True,False|} # not required. choices: True;False. Force disabling of default modules and override Debian warnings.
ignore_configcheck: ${5|True,False|} # not required. choices: True;False. Ignore configuration checks about inconsistent module configuration. Especially for mpm_* modules.
"""
'apk':
'prefix': "apk_snippet"
'description': "Manages apk packages"
'body': """
apk:
available: ${1|yes,no|} # not required. choices: yes;no. During upgrade, reset versioned world dependencies and change logic to prefer replacing or downgrading packages (instead of holding them) if the currently installed package is no longer available from any repository.
state: ${2|present,absent,latest|} # not required. choices: present;absent;latest. Indicates the desired package(s) state.,C(present) ensures the package(s) is/are present.,C(absent) ensures the package(s) is/are absent.,C(latest) ensures the package(s) is/are present and the latest version(s).
upgrade: ${3|yes,no|} # not required. choices: yes;no. Upgrade all installed packages to their latest version.
update_cache: ${4|yes,no|} # not required. choices: yes;no. Update repository indexes. Can be run with other steps or on it's own.
name: ${5:null} # not required. A package name, like C(foo), or multiple packages, like C(foo, bar).
repository: ${6:null} # not required. A package repository or multiple repositories. Unlike with the underlying apk command, this list will override the system repositories rather than supplement them.
"""
'apt':
'prefix': "apt_snippet"
'description': "Manages apt-packages"
'body': """
apt:
autoremove: ${1:no} # not required. If C(yes), remove unused dependency packages for all module states except I(build-dep). It can also be used as the only option.,Previous to version 2.4, autoclean was also an alias for autoremove, now it is its own separate command. See documentation for further information.
force: ${2:no} # not required. Corresponds to the C(--force-yes) to I(apt-get) and implies C(allow_unauthenticated: yes),This option will disable checking both the packages' signatures and the certificates of the web servers they are downloaded from.,This option *is not* the equivalent of passing the C(-f) flag to I(apt-get) on the command line,**This is a destructive operation with the potential to destroy your system, and it should almost never be used.** Please also see C(man apt-get) for more information.
force_apt_get: ${3:no} # not required. Force usage of apt-get instead of aptitude
update_cache: ${4:no} # not required. Run the equivalent of C(apt-get update) before the operation. Can be run as part of the package installation or as a separate step.
only_upgrade: ${5:no} # not required. Only upgrade a package if it is already installed.
deb: ${6:undefined} # not required. Path to a .deb package on the remote machine.,If :// in the path, ansible will attempt to download deb before installing. (Version added 2.1)
cache_valid_time: ${7:0} # not required. Update the apt cache if its older than the I(cache_valid_time). This option is set in seconds. As of Ansible 2.4, this implicitly sets I(update_cache) if set.
dpkg_options: ${8:force-confdef,force-confold} # not required. Add dpkg options to apt command. Defaults to '-o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\"',Options should be supplied as comma separated list
upgrade: ${9|dist,full,no,safe,yes|} # not required. choices: dist;full;no;safe;yes. If yes or safe, performs an aptitude safe-upgrade.,If full, performs an aptitude full-upgrade.,If dist, performs an apt-get dist-upgrade.,Note: This does not upgrade a specific package, use state=latest for that.,Note: Since 2.4, apt-get is used as a fall-back if aptitude is not present.
name: ${10:undefined} # not required. A list of package names, like C(foo), or package specifier with version, like C(foo=1.0). Name wildcards (fnmatch) like C(apt*) and version wildcards like C(foo=1.0*) are also supported.
autoclean: ${11:no} # not required. If C(yes), cleans the local repository of retrieved package files that can no longer be downloaded.
purge: ${12:no} # not required. Will force purging of configuration files if the module state is set to I(absent).
allow_unauthenticated: ${13:no} # not required. Ignore if packages cannot be authenticated. This is useful for bootstrapping environments that manage their own apt-key setup.
state: ${14|absent,build-dep,latest,present|} # not required. choices: absent;build-dep;latest;present. Indicates the desired package state. C(latest) ensures that the latest version is installed. C(build-dep) ensures the package build dependencies are installed.
default_release: ${15:undefined} # not required. Corresponds to the C(-t) option for I(apt) and sets pin priorities
install_recommends: ${16:undefined} # not required. Corresponds to the C(--no-install-recommends) option for I(apt). C(yes) installs recommended packages. C(no) does not install recommended packages. By default, Ansible will use the same defaults as the operating system. Suggested packages are never installed.
"""
'apt_key':
'prefix': "apt_key_snippet"
'description': "Add or remove an apt key"
'body': """
apt_key:
keyserver: ${1:undefined} # not required. The keyserver to retrieve key from.
url: ${2:undefined} # not required. The URL to retrieve key from.
data: ${3:undefined} # not required. The keyfile contents to add to the keyring.
keyring: ${4:undefined} # not required. The path to specific keyring file in /etc/apt/trusted.gpg.d/
state: ${5|absent,present|} # not required. choices: absent;present. Ensures that the key is present (added) or absent (revoked).
file: ${6:undefined} # not required. The path to a keyfile on the remote server to add to the keyring.
validate_certs: ${7:yes} # not required. If C(no), SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates.
id: ${8:undefined} # not required. The identifier of the key.,Including this allows check mode to correctly report the changed state.,If specifying a subkey's id be aware that apt-key does not understand how to remove keys via a subkey id. Specify the primary key's id instead.,This parameter is required when C(state) is set to C(absent).
"""
'apt_repository':
'prefix': "apt_repository_snippet"
'description': "Add and remove APT repositories"
'body': """
apt_repository:
repo: ${1:undefined} # required. A source string for the repository.
state: ${2|absent,present|} # not required. choices: absent;present. A source string state.
update_cache: ${3:yes} # not required. Run the equivalent of C(apt-get update) when a change occurs. Cache updates are run after making changes.
mode: ${4:420} # not required. The octal mode for newly created files in sources.list.d
codename: ${5:undefined} # not required. Override the distribution codename to use for PPA repositories. Should usually only be set when working with a PPA on a non-Ubuntu target (e.g. Debian or Mint)
validate_certs: ${6:yes} # not required. If C(no), SSL certificates for the target repo will not be validated. This should only be used on personally controlled sites using self-signed certificates.
filename: ${7:undefined} # not required. Sets the name of the source list file in sources.list.d. Defaults to a file name based on the repository source url. The .list extension will be automatically added.
"""
'apt_rpm':
'prefix': "apt_rpm_snippet"
'description': "apt_rpm package manager"
'body': """
apt_rpm:
pkg: ${1:undefined} # required. name of package to install, upgrade or remove.
state: ${2|absent,present|} # not required. choices: absent;present. Indicates the desired package state.
update_cache: ${3:no} # not required. update the package database first C(apt-get update).
"""
'archive':
'prefix': "archive_snippet"
'description': "Creates a compressed archive of one or more files or trees"
'body': """
archive:
path: ${1:undefined} # required. Remote absolute path, glob, or list of paths or globs for the file or files to compress or archive.
group: ${2:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
format: ${3|bz2,gz,tar,xz,zip|} # not required. choices: bz2;gz;tar;xz;zip. The type of compression to use.,Support for xz was added in version 2.5.
dest: ${4:undefined} # not required. The file name of the destination archive. This is required when C(path) refers to multiple files by either specifying a glob, a directory or multiple paths in a list.
selevel: ${5:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
seuser: ${6:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
setype: ${7:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
remove: ${8:no} # not required. Remove any added source files and trees after adding to archive.
unsafe_writes: ${9:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
serole: ${10:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
mode: ${11:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${12:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
owner: ${13:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
exclude_path: ${14:undefined} # not required. Remote absolute path, glob, or list of paths or globs for the file or files to exclude from the archive
"""
'aruba_command':
'prefix': "aruba_command_snippet"
'description': "Run commands on remote devices running Aruba Mobility Controller"
'body': """
aruba_command:
commands: ${1:undefined} # required. List of commands to send to the remote aruba device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. A dict object containing connection details.
wait_for: ${5:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'aruba_config':
'prefix': "aruba_config_snippet"
'description': "Manage Aruba configuration sections"
'body': """
aruba_config:
src: ${1:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
save_when: ${2|always,never,modified,changed|} # not required. choices: always;never;modified;changed. When changes are made to the device running-configuration, the changes are not copied to non-volatile storage by default. Using this argument will change that before. If the argument is set to I(always), then the running-config will always be copied to the startup-config and the I(modified) flag will always be set to True. If the argument is set to I(modified), then the running-config will only be copied to the startup-config if it has changed since the last save to startup-config. If the argument is set to I(never), the running-config will never be copied to the startup-config. If the argument is set to I(changed), then the running-config will only be copied to the startup-config if the task has made a change.
encrypt: ${3:true} # not required. This allows an Aruba controller's passwords and keys to be displayed in plain text when set to I(false) or encrypted when set to I(true). If set to I(false), the setting will re-encrypt at the end of the module run. Backups are still encrypted even when set to I(false).
after: ${4:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${5:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
intended_config: ${6:undefined} # not required. The C(intended_config) provides the master configuration that the node should conform to and is used to check the final running-config against. This argument will not modify any settings on the remote device and is strictly used to check the compliance of the current device's configuration against. When specifying this argument, the task should also modify the C(diff_against) value and set it to I(intended).
diff_against: ${7|startup,intended,running|} # not required. choices: startup;intended;running. When using the C(ansible-playbook --diff) command line argument the module can generate diffs against different sources.,When this option is configure as I(startup), the module will return the diff of the running-config against the startup-config.,When this option is configured as I(intended), the module will return the diff of the running-config against the configuration provided in the C(intended_config) argument.,When this option is configured as I(running), the module will return the before and after diff of the running-config with respect to any changes made to the device configuration.
parents: ${8:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${9:null} # not required. A dict object containing connection details.
before: ${10:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
running_config: ${11:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(running_config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
replace: ${12|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
backup: ${13:false} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
match: ${14|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
diff_ignore_lines: ${15:undefined} # not required. Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches.
"""
'asa_acl':
'prefix': "asa_acl_snippet"
'description': "Manage access-lists on a Cisco ASA"
'body': """
asa_acl:
lines: ${1:undefined} # required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
force: ${3|yes,no|} # not required. choices: yes;no. The force argument instructs the module to not consider the current devices running-config. When set to true, this will cause the module to push the contents of I(src) into the device without first checking if already configured.
context: ${4:null} # not required. Specifies which context to target if you are running in the ASA in multiple context mode. Defaults to the current context you login to.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
before: ${6:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
config: ${7:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(config) argument allows the implementer to pass in the configuruation to use as the base config for comparison.
after: ${8:null} # not required. The ordered set of commands to append to the end of the command stack if a changed needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
match: ${9|line,strict,exact|} # not required. choices: line;strict;exact. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. Finally if match is set to I(exact), command lines must be an equal match.
replace: ${10|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
"""
'asa_command':
'prefix': "asa_command_snippet"
'description': "Run arbitrary commands on Cisco ASA devices"
'body': """
asa_command:
commands: ${1:undefined} # required. List of commands to send to the remote device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retires as expired.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
retries: ${3:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${4:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
context: ${5:null} # not required. Specifies which context to target if you are running in the ASA in multiple context mode. Defaults to the current context you login to.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
wait_for: ${7:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${8|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'asa_config':
'prefix': "asa_config_snippet"
'description': "Manage configuration sections on Cisco ASA devices"
'body': """
asa_config:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
src: ${2:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
passwords: ${3|yes,no|} # not required. choices: yes;no. This argument specifies to include passwords in the config when retrieving the running-config from the remote device. This includes passwords related to VPN endpoints. This argument is mutually exclusive with I(defaults).
context: ${4:null} # not required. Specifies which context to target if you are running in the ASA in multiple context mode. Defaults to the current context you login to.
backup: ${5|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
after: ${6:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${7:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
replace: ${8|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct
parents: ${9:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
defaults: ${10|yes,no|} # not required. choices: yes;no. This argument specifies whether or not to collect all defaults when getting the remote device running config. When enabled, the module will get the current config by issuing the command C(show running-config all).
provider: ${11:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
save: ${12|yes,no|} # not required. choices: yes;no. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
config: ${13:null} # not required. The C(config) argument allows the playbook designer to supply the base configuration to be used to validate configuration changes necessary. If this argument is provided, the module will not download the running-config from the remote node.
match: ${14|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${15:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'assemble':
'prefix': "assemble_snippet"
'description': "Assembles a configuration file from fragments"
'body': """
assemble:
src: ${1:undefined} # required. An already existing directory full of source files.
dest: ${2:undefined} # required. A file to create using the concatenation of all of the source files.
ignore_hidden: ${3:no} # not required. A boolean that controls if files that start with a '.' will be included or not.
group: ${4:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
remote_src: ${5:yes} # not required. If False, it will search for src at originating/master machine, if True it will go to the remote/target machine for the src. Default is True.
selevel: ${6:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
seuser: ${7:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
decrypt: ${8:Yes} # not required. This option controls the autodecryption of source files using vault.
serole: ${9:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
unsafe_writes: ${10:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
delimiter: ${11:undefined} # not required. A delimiter to separate the file contents.
mode: ${12:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${13:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
owner: ${14:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
regexp: ${15:undefined} # not required. Assemble files only if C(regex) matches the filename. If not set, all files are assembled. All \"\\\" (backslash) must be escaped as \"\\\\\" to comply yaml syntax. Uses Python regular expressions; see U(http://docs.python.org/2/library/re.html).
validate: ${16:undefined} # not required. The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the sshd example below. The command is passed securely so shell features like expansion and pipes won't work.
backup: ${17:no} # not required. Create a backup file (if C(yes)), including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
setype: ${18:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'assert':
'prefix': "assert_snippet"
'description': "Asserts given expressions are true"
'body': """
assert:
that: ${1:undefined} # required. A string expression of the same form that can be passed to the 'when' statement,Alternatively, a list of string expressions
msg: ${2:undefined} # not required. The customized message used for a failing assertion
"""
'async_status':
'prefix': "async_status_snippet"
'description': "Obtain status of asynchronous task"
'body': """
async_status:
jid: ${1:undefined} # required. Job or task identifier
mode: ${2|status,cleanup|} # not required. choices: status;cleanup. if C(status), obtain the status; if C(cleanup), clean up the async job cache (by default in C(~/.ansible_async/)) for the specified job I(jid).
"""
'at':
'prefix': "at_snippet"
'description': "Schedule the execution of a command or script file via the at command"
'body': """
at:
count: ${1:undefined} # required. The count of units in the future to execute the command or script file.
units: ${2|minutes,hours,days,weeks|} # required. choices: minutes;hours;days;weeks. The type of units in the future to execute the command or script file.
state: ${3|absent,present|} # not required. choices: absent;present. The state dictates if the command or script file should be evaluated as present(added) or absent(deleted).
command: ${4:undefined} # not required. A command to be executed in the future.
unique: ${5:no} # not required. If a matching job is present a new job will not be added.
script_file: ${6:undefined} # not required. An existing script file to be executed in the future.
"""
'atomic_container':
'prefix': "atomic_container_snippet"
'description': "Manage the containers on the atomic host platform"
'body': """
atomic_container:
state: ${1|latest,absent,rollback|} # required. choices: latest;absent;rollback. State of the container
name: ${2:null} # required. Name of the container
image: ${3:null} # required. The image to use to install the container
backend: ${4|docker,ostree|} # required. choices: docker;ostree. Define the backend to use for the container
mode: ${5|user,system|} # required. choices: user;system. Define if it is an user or a system container
values: ${6:None} # not required. Values for the installation of the container. This option is permitted only with mode 'user' or 'system'. The values specified here will be used at installation time as --set arguments for atomic install.
rootfs: ${7:null} # not required. Define the rootfs of the image
"""
'atomic_host':
'prefix': "atomic_host_snippet"
'description': "Manage the atomic host platform"
'body': """
atomic_host:
revision: ${1:latest} # not required. The version number of the atomic host to be deployed. Providing C(latest) will upgrade to the latest available version.
"""
'atomic_image':
'prefix': "atomic_image_snippet"
'description': "Manage the container images on the atomic host platform"
'body': """
atomic_image:
name: ${1:undefined} # required. Name of the container image.
started: ${2:yes} # not required. Start or Stop the container.
state: ${3|absent,latest,present|} # not required. choices: absent;latest;present. The state of the container image.,The state C(latest) will ensure container image is upgraded to the latest version and forcefully restart container, if running.
backend: ${4|docker,ostree|} # not required. choices: docker;ostree. Define the backend where the image is pulled.
"""
'authorized_key':
'prefix': "authorized_key_snippet"
'description': "Adds or removes an SSH authorized key"
'body': """
authorized_key:
user: ${1:undefined} # required. The username on the remote host whose authorized_keys file will be modified
key: ${2:undefined} # required. The SSH public key(s), as a string or (since 1.9) url (https://github.com/username.keys)
comment: ${3:None} # not required. Change the comment on the public key. Rewriting the comment is useful in cases such as fetching it from GitHub or GitLab.,If no comment is specified, the existing comment will be kept.
exclusive: ${4|yes,no|} # not required. choices: yes;no. Whether to remove all other non-specified keys from the authorized_keys file. Multiple keys can be specified in a single C(key) string value by separating them by newlines.,This option is not loop aware, so if you use C(with_) , it will be exclusive per iteration of the loop, if you want multiple keys in the file you need to pass them all to C(key) in a single batch as mentioned above.
key_options: ${5:null} # not required. A string of ssh key options to be prepended to the key in the authorized_keys file
state: ${6|present,absent|} # not required. choices: present;absent. Whether the given key (with the given key_options) should or should not be in the file
path: ${7:(homedir)+/.ssh/authorized_keys} # not required. Alternate path to the authorized_keys file
validate_certs: ${8|yes,no|} # not required. choices: yes;no. This only applies if using a https url as the source of the keys. If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates as it avoids verifying the source site.,Prior to 2.1 the code worked as if this was set to C(yes).
manage_dir: ${9|yes,no|} # not required. choices: yes;no. Whether this module should manage the directory of the authorized key file. If set, the module will create the directory, as well as set the owner and permissions of an existing directory. Be sure to set C(manage_dir=no) if you are using an alternate directory for authorized_keys, as set with C(path), since you could lock yourself out of SSH access. See the example below.
"""
'avi_actiongroupconfig':
'prefix': "avi_actiongroupconfig_snippet"
'description': "Module for setup of ActionGroupConfig Avi RESTful Object"
'body': """
avi_actiongroupconfig:
external_only: ${1:undefined} # required. Generate alert only to external destinations.,Default value when not specified in API or module is interpreted by Avi Controller as False.
name: ${2:undefined} # required. Name of the object.
level: ${3:undefined} # required. When an alert is generated, mark its priority via the alert level.,Enum options - ALERT_LOW, ALERT_MEDIUM, ALERT_HIGH.,Default value when not specified in API or module is interpreted by Avi Controller as ALERT_LOW.
email_config_ref: ${4:undefined} # not required. Select the email notification configuration to use when sending alerts via email.,It is a reference to an object of type alertemailconfig.
autoscale_trigger_notification: ${5:undefined} # not required. Trigger notification to autoscale manager.,Default value when not specified in API or module is interpreted by Avi Controller as False.
uuid: ${6:undefined} # not required. Unique object identifier of the object.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_patch_op: ${8|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
avi_credentials: ${9:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
avi_api_update_method: ${10|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
api_version: ${11:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${12:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
snmp_trap_profile_ref: ${13:undefined} # not required. Select the snmp trap notification to use when sending alerts via snmp trap.,It is a reference to an object of type snmptrapprofile.
description: ${14:undefined} # not required. User defined description for the object.
controller: ${15:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${16:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${17:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${18:admin} # not required. Name of tenant used for all Avi API calls and context of object.
url: ${19:undefined} # not required. Avi controller URL of the object.
syslog_config_ref: ${20:undefined} # not required. Select the syslog notification configuration to use when sending alerts via syslog.,It is a reference to an object of type alertsyslogconfig.
tenant_ref: ${21:undefined} # not required. It is a reference to an object of type tenant.
action_script_config_ref: ${22:undefined} # not required. Reference of the action script configuration to be used.,It is a reference to an object of type alertscriptconfig.
tenant_uuid: ${23:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_alertconfig':
'prefix': "avi_alertconfig_snippet"
'description': "Module for setup of AlertConfig Avi RESTful Object"
'body': """
avi_alertconfig:
name: ${1:undefined} # required. Name of the alert configuration.
category: ${2:undefined} # required. Determines whether an alert is raised immediately when event occurs (realtime) or after specified number of events occurs within rolling time,window.,Enum options - REALTIME, ROLLINGWINDOW, WATERMARK.,Default value when not specified in API or module is interpreted by Avi Controller as REALTIME.
source: ${3:undefined} # required. Signifies system events or the type of client logsused in this alert configuration.,Enum options - CONN_LOGS, APP_LOGS, EVENT_LOGS, METRICS.
alert_rule: ${4:undefined} # required. List of filters matching on events or client logs used for triggering alerts.
username: ${5:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${6:undefined} # not required. A custom description field.
tenant_ref: ${7:undefined} # not required. It is a reference to an object of type tenant.
object_type: ${8:undefined} # not required. The object type to which the alert config is associated with.,Valid object types are - virtual service, pool, service engine.,Enum options - VIRTUALSERVICE, POOL, HEALTHMONITOR, NETWORKPROFILE, APPLICATIONPROFILE, HTTPPOLICYSET, DNSPOLICY, IPADDRGROUP, STRINGGROUP,,SSLPROFILE, SSLKEYANDCERTIFICATE, NETWORKSECURITYPOLICY, APPLICATIONPERSISTENCEPROFILE, ANALYTICSPROFILE, VSDATASCRIPTSET, TENANT, PKIPROFILE,,AUTHPROFILE, CLOUD, SERVERAUTOSCALEPOLICY, AUTOSCALELAUNCHCONFIG, MICROSERVICEGROUP, IPAMPROFILE, HARDWARESECURITYMODULEGROUP, POOLGROUP,,PRIORITYLABELS, POOLGROUPDEPLOYMENTPOLICY, GSLBSERVICE, GSLBSERVICERUNTIME, SCHEDULER, GSLBGEODBPROFILE, GSLBAPPLICATIONPERSISTENCEPROFILE,,TRAFFICCLONEPROFILE, VSVIP, WAFPOLICY, WAFPROFILE, ERRORPAGEPROFILE, ERRORPAGEBODY, L4POLICYSET, SERVICEENGINE, DEBUGSERVICEENGINE,,DEBUGCONTROLLER, DEBUGVIRTUALSERVICE, SERVICEENGINEGROUP, SEPROPERTIES, NETWORK, CONTROLLERNODE, CONTROLLERPROPERTIES, SYSTEMCONFIGURATION,,VRFCONTEXT, USER, ALERTCONFIG, ALERTSYSLOGCONFIG, ALERTEMAILCONFIG, ALERTTYPECONFIG, APPLICATION, ROLE, CLOUDPROPERTIES, SNMPTRAPPROFILE,,ACTIONGROUPPROFILE, MICROSERVICE, ALERTPARAMS, ACTIONGROUPCONFIG, CLOUDCONNECTORUSER, GSLB, GSLBDNSUPDATE, GSLBSITEOPS, GLBMGRWARMSTART,,IPAMDNSRECORD, GSLBDNSGSSTATUS, GSLBDNSGEOFILEOPS, GSLBDNSGEOUPDATE, GSLBDNSGEOCLUSTEROPS, GSLBDNSCLEANUP, GSLBSITEOPSRESYNC, TCPSTATRUNTIME,,UDPSTATRUNTIME, IPSTATRUNTIME, ARPSTATRUNTIME, MBSTATRUNTIME, IPSTKQSTATSRUNTIME, MALLOCSTATRUNTIME, SHMALLOCSTATRUNTIME, CPUUSAGERUNTIME,,L7GLOBALSTATSRUNTIME, L7VIRTUALSERVICESTATSRUNTIME, SEAGENTVNICDBRUNTIME, SEAGENTGRAPHDBRUNTIME, SEAGENTSTATERUNTIME, INTERFACERUNTIME,,ARPTABLERUNTIME, DISPATCHERSTATRUNTIME, DISPATCHERSTATCLEARRUNTIME, DISPATCHERTABLEDUMPRUNTIME, DISPATCHERREMOTETIMERLISTDUMPRUNTIME,,METRICSAGENTMESSAGE, HEALTHMONITORSTATRUNTIME, METRICSENTITYRUNTIME, PERSISTENCEINTERNAL, HTTPPOLICYSETINTERNAL, DNSPOLICYINTERNAL,,CONNECTIONDUMPRUNTIME, SHAREDDBSTATS, SHAREDDBSTATSCLEAR, ICMPSTATRUNTIME, ROUTETABLERUNTIME, VIRTUALMACHINE, POOLSERVER, SEVSLIST,,MEMINFORUNTIME, RTERINGSTATRUNTIME, ALGOSTATRUNTIME, HEALTHMONITORRUNTIME, CPUSTATRUNTIME, SEVM, HOST, PORTGROUP, CLUSTER, DATACENTER, VCENTER,,HTTPPOLICYSETSTATS, DNSPOLICYSTATS, METRICSSESTATS, RATELIMITERSTATRUNTIME, NETWORKSECURITYPOLICYSTATS, TCPCONNRUNTIME, POOLSTATS,,CONNPOOLINTERNAL, CONNPOOLSTATS, VSHASHSHOWRUNTIME, SELOGSTATSRUNTIME, NETWORKSECURITYPOLICYDETAIL, LICENSERUNTIME, SERVERRUNTIME,,METRICSRUNTIMESUMMARY, METRICSRUNTIMEDETAIL, DISPATCHERSEHMPROBETEMPDISABLERUNTIME, POOLDEBUG, VSLOGMGRMAP, SERUMINSERTIONSTATS, HTTPCACHE,,HTTPCACHESTATS, SEDOSSTATRUNTIME, VSDOSSTATRUNTIME, SERVERUPDATEREQ, VSSCALEOUTLIST, SEMEMDISTRUNTIME, TCPCONNRUNTIMEDETAIL, SEUPGRADESTATUS,,SEUPGRADEPREVIEW, SEFAULTINJECTEXHAUSTM, SEFAULTINJECTEXHAUSTMCL, SEFAULTINJECTEXHAUSTMCLSMALL, SEFAULTINJECTEXHAUSTCONN, SEHEADLESSONLINEREQ,,SEUPGRADE, SEUPGRADESTATUSDETAIL, SERESERVEDVS, SERESERVEDVSCLEAR, VSCANDIDATESEHOSTLIST, SEGROUPUPGRADE, REBALANCE, SEGROUPREBALANCE,,SEAUTHSTATSRUNTIME, AUTOSCALESTATE, VIRTUALSERVICEAUTHSTATS, NETWORKSECURITYPOLICYDOS, KEYVALINTERNAL, KEYVALSUMMARYINTERNAL,,SERVERSTATEUPDATEINFO, CLTRACKINTERNAL, CLTRACKSUMMARYINTERNAL, MICROSERVICERUNTIME, SEMICROSERVICE, VIRTUALSERVICEANALYSIS, CLIENTINTERNAL,,CLIENTSUMMARYINTERNAL, MICROSERVICEGROUPRUNTIME, BGPRUNTIME, REQUESTQUEUERUNTIME, MIGRATEALL, MIGRATEALLSTATUSSUMMARY, MIGRATEALLSTATUSDETAIL,,INTERFACESUMMARYRUNTIME, INTERFACELACPRUNTIME, DNSTABLE, GSLBSERVICEDETAIL, GSLBSERVICEINTERNAL, GSLBSERVICEHMONSTAT, SETROLESREQUEST,,TRAFFICCLONERUNTIME, GEOLOCATIONINFO, SEVSHBSTATRUNTIME, GEODBINTERNAL, GSLBSITEINTERNAL, WAFSTATS, USERDEFINEDDATASCRIPTCOUNTERS, LLDPRUNTIME,,VSESSHARINGPOOL, SEVSSPLACEMENT, L4POLICYSETSTATS, L4POLICYSETINTERNAL, SERESOURCEPROTO, SECONSUMERPROTO, SECREATEPENDINGPROTO, PLACEMENTSTATS,,SEVIPPROTO, RMVRFPROTO, VCENTERMAP, VIMGRVCENTERRUNTIME, INTERESTEDVMS, INTERESTEDHOSTS, VCENTERSUPPORTEDCOUNTERS, ENTITYCOUNTERS,,TRANSACTIONSTATS, SEVMCREATEPROGRESS, PLACEMENTSTATUS, VISUBFOLDERS, VIDATASTORE, VIHOSTRESOURCES, CLOUDCONNECTOR, VINETWORKSUBNETVMS,,VIDATASTORECONTENTS, VIMGRVCENTERCLOUDRUNTIME, VIVCENTERPORTGROUPS, VIVCENTERDATACENTERS, VIMGRHOSTRUNTIME, PLACEMENTGLOBALS, APICCONFIGURATION,,CIFTABLE, APICTRANSACTION, VIRTUALSERVICESTATEDBCACHESUMMARY, POOLSTATEDBCACHESUMMARY, SERVERSTATEDBCACHESUMMARY, APICAGENTINTERNAL,,APICTRANSACTIONFLAP, APICGRAPHINSTANCES, APICEPGS, APICEPGEPS, APICDEVICEPKGVER, APICTENANTS, APICVMMDOMAINS, NSXCONFIGURATION, NSXSGTABLE,,NSXAGENTINTERNAL, NSXSGINFO, NSXSGIPS, NSXAGENTINTERNALCLI, MAXOBJECTS.
autoscale_alert: ${9:undefined} # not required. This alert config applies to auto scale alerts.
controller: ${10:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
obj_uuid: ${11:undefined} # not required. Uuid of the resource for which alert was raised.
recommendation: ${12:undefined} # not required. Recommendation of alertconfig.
threshold: ${13:undefined} # not required. An alert is created only when the number of events meets or exceeds this number within the chosen time frame.,Allowed values are 1-65536.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
throttle: ${14:undefined} # not required. Alerts are suppressed (throttled) for this duration of time since the last alert was raised for this alert config.,Allowed values are 0-31536000.,Default value when not specified in API or module is interpreted by Avi Controller as 600.,Units(SEC).
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${16|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
expiry_time: ${17:undefined} # not required. An alert is expired and deleted after the expiry time has elapsed.,The original event triggering the alert remains in the event's log.,Allowed values are 1-31536000.,Default value when not specified in API or module is interpreted by Avi Controller as 86400.,Units(SEC).
uuid: ${18:undefined} # not required. Unique object identifier of the object.
url: ${19:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${20:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
enabled: ${21:undefined} # not required. Enable or disable this alert config from generating new alerts.,Default value when not specified in API or module is interpreted by Avi Controller as True.
avi_api_patch_op: ${22|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
summary: ${23:undefined} # not required. Summary of reason why alert is generated.
rolling_window: ${24:undefined} # not required. Only if the number of events is reached or exceeded within the time window will an alert be generated.,Allowed values are 1-31536000.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
state: ${25|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
api_context: ${26:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
action_group_ref: ${27:undefined} # not required. The alert config will trigger the selected alert action, which can send notifications and execute a controlscript.,It is a reference to an object of type actiongroupconfig.
tenant_uuid: ${28:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${29:16.4.4} # not required. Avi API version of to use for Avi API and objects.
tenant: ${30:admin} # not required. Name of tenant used for all Avi API calls and context of object.
"""
'avi_alertemailconfig':
'prefix': "avi_alertemailconfig_snippet"
'description': "Module for setup of AlertEmailConfig Avi RESTful Object"
'body': """
avi_alertemailconfig:
to_emails: ${1:undefined} # required. Alerts are sent to the comma separated list of email recipients.
name: ${2:undefined} # required. A user-friendly name of the email notification service.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${5:undefined} # not required. Unique object identifier of the object.
url: ${6:undefined} # not required. Avi controller URL of the object.
description: ${7:undefined} # not required. User defined description for the object.
cc_emails: ${8:undefined} # not required. Alerts are copied to the comma separated list of email recipients.
tenant_ref: ${9:undefined} # not required. It is a reference to an object of type tenant.
state: ${10|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
avi_credentials: ${14:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
api_context: ${15:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_alertscriptconfig':
'prefix': "avi_alertscriptconfig_snippet"
'description': "Module for setup of AlertScriptConfig Avi RESTful Object"
'body': """
avi_alertscriptconfig:
name: ${1:undefined} # required. A user-friendly name of the script.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
action_script: ${3:undefined} # not required. User defined alert action script.,Please refer to kb.avinetworks.com for more information.
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${5:undefined} # not required. Unique object identifier of the object.
url: ${6:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${10:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${13:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${14:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${15:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${16|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_alertsyslogconfig':
'prefix': "avi_alertsyslogconfig_snippet"
'description': "Module for setup of AlertSyslogConfig Avi RESTful Object"
'body': """
avi_alertsyslogconfig:
name: ${1:undefined} # required. A user-friendly name of the syslog notification.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
syslog_servers: ${4:undefined} # not required. The list of syslog servers.
uuid: ${5:undefined} # not required. Unique object identifier of the object.
url: ${6:undefined} # not required. Avi controller URL of the object.
description: ${7:undefined} # not required. User defined description for alert syslog config.
avi_credentials: ${8:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${9:undefined} # not required. It is a reference to an object of type tenant.
state: ${10|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_analyticsprofile':
'prefix': "avi_analyticsprofile_snippet"
'description': "Module for setup of AnalyticsProfile Avi RESTful Object"
'body': """
avi_analyticsprofile:
name: ${1:undefined} # required. The name of the analytics profile.
disable_se_analytics: ${2:undefined} # not required. Disable node (service engine) level analytics forvs metrics.,Default value when not specified in API or module is interpreted by Avi Controller as False.
apdex_server_rtt_tolerated_factor: ${3:undefined} # not required. Tolerated client to avi round trip time(rtt) factor.,It is a multiple of apdex_rtt_tolerated_factor.,Allowed values are 1-1000.,Default value when not specified in API or module is interpreted by Avi Controller as 4.0.
hs_security_tls12_score: ${4:undefined} # not required. Score assigned when supporting tls1.2 encryption protocol.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 5.0.
exclude_no_dns_record_as_error: ${5:undefined} # not required. Exclude queries to domains that did not have configured services/records from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
conn_server_lossy_zero_win_size_event_threshold: ${6:undefined} # not required. A server connection is considered lossy when percentage of times a packet could not be trasmitted due to tcp zero window is above this threshold.,Allowed values are 0-100.,Default value when not specified in API or module is interpreted by Avi Controller as 2.,Units(PERCENT).
conn_lossy_total_rexmt_threshold: ${7:undefined} # not required. A connection between client and avi is considered lossy when more than this percentage of packets are retransmitted.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 50.,Units(PERCENT).
hs_security_certscore_le07d: ${8:undefined} # not required. Score assigned when the certificate expires in less than or equal to 7 days.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 2.0.
hs_pscore_traffic_threshold_l4_client: ${9:undefined} # not required. Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed.,Default value when not specified in API or module is interpreted by Avi Controller as 10.0.
exclude_no_valid_gs_member_as_error: ${10:undefined} # not required. Exclude queries to gslb services that have no available members from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
hs_security_cipherscore_ge128b: ${11:undefined} # not required. Score assigned when the minimum cipher strength is greater than equal to 128 bits.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 5.0.
uuid: ${12:undefined} # not required. Uuid of the analytics profile.
exclude_invalid_dns_domain_as_error: ${13:undefined} # not required. Exclude dns queries to domains outside the domains configured in the dns application profile from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
exclude_http_error_codes: ${14:undefined} # not required. List of http status codes to be excluded from being classified as an error.,Error connections or responses impacts health score, are included as significant logs, and may be classified as part of a dos attack.
hs_max_anomaly_penalty: ${15:undefined} # not required. Maximum penalty that may be deducted from health score for anomalies.,Allowed values are 0-100.,Default value when not specified in API or module is interpreted by Avi Controller as 10.
avi_api_patch_op: ${16|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
avi_credentials: ${17:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
conn_server_lossy_ooo_threshold: ${18:undefined} # not required. A connection between avi and server is considered lossy when more than this percentage of out of order packets are received.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 50.,Units(PERCENT).
exclude_persistence_change_as_error: ${19:undefined} # not required. Exclude persistence server changed while load balancing' from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
hs_security_selfsignedcert_penalty: ${20:undefined} # not required. Deprecated.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 1.0.
conn_server_lossy_total_rexmt_threshold: ${21:undefined} # not required. A connection between avi and server is considered lossy when more than this percentage of packets are retransmitted.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 50.,Units(PERCENT).
username: ${22:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
hs_security_certscore_le30d: ${23:undefined} # not required. Score assigned when the certificate expires in less than or equal to 30 days.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 4.0.
exclude_syn_retransmit_as_error: ${24:undefined} # not required. Exclude 'server unanswered syns' from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${25:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
hs_security_hsts_penalty: ${26:undefined} # not required. Penalty for not enabling hsts.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 1.0.
apdex_rum_threshold: ${27:undefined} # not required. If a client is able to load a page in less than the satisfactory latency threshold, the pageload is considered satisfied.,It is considered tolerated if it is greater than satisfied but less than the tolerated latency multiplied by satisifed latency.,Greater than this number and the client's request is considered frustrated.,A pageload includes the time for dns lookup, download of all http objects, and page render time.,Allowed values are 1-30000.,Default value when not specified in API or module is interpreted by Avi Controller as 5000.,Units(MILLISECONDS).
password: ${28:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${29|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
conn_lossy_zero_win_size_event_threshold: ${30:undefined} # not required. A client connection is considered lossy when percentage of times a packet could not be trasmitted due to tcp zero window is above this threshold.,Allowed values are 0-100.,Default value when not specified in API or module is interpreted by Avi Controller as 2.,Units(PERCENT).
hs_security_encalgo_score_rc4: ${31:undefined} # not required. Score assigned when rc4 algorithm is used for encryption.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 2.5.
apdex_rtt_threshold: ${32:undefined} # not required. Satisfactory client to avi round trip time(rtt).,Allowed values are 1-2000.,Default value when not specified in API or module is interpreted by Avi Controller as 250.,Units(MILLISECONDS).
tenant_ref: ${33:undefined} # not required. It is a reference to an object of type tenant.
apdex_response_tolerated_factor: ${34:undefined} # not required. Client tolerated response latency factor.,Client must receive a response within this factor times the satisfactory threshold (apdex_response_threshold) to be considered tolerated.,Allowed values are 1-1000.,Default value when not specified in API or module is interpreted by Avi Controller as 4.0.
exclude_tcp_reset_as_error: ${35:undefined} # not required. Exclude tcp resets by client from the list of potential errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
hs_security_chain_invalidity_penalty: ${36:undefined} # not required. Penalty for allowing certificates with invalid chain.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 1.0.
exclude_invalid_dns_query_as_error: ${37:undefined} # not required. Exclude invalid dns queries from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
conn_lossy_ooo_threshold: ${38:undefined} # not required. A connection between client and avi is considered lossy when more than this percentage of out of order packets are received.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 50.,Units(PERCENT).
hs_security_cipherscore_lt128b: ${39:undefined} # not required. Score assigned when the minimum cipher strength is less than 128 bits.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 3.5.
hs_security_encalgo_score_none: ${40:undefined} # not required. Score assigned when no algorithm is used for encryption.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 0.0.
hs_event_throttle_window: ${41:undefined} # not required. Time window (in secs) within which only unique health change events should occur.,Default value when not specified in API or module is interpreted by Avi Controller as 1209600.
hs_security_nonpfs_penalty: ${42:undefined} # not required. Penalty for allowing non-pfs handshakes.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 1.0.
hs_security_certscore_gt30d: ${43:undefined} # not required. Score assigned when the certificate expires in more than 30 days.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 5.0.
exclude_server_tcp_reset_as_error: ${44:undefined} # not required. Exclude server tcp reset from errors.,It is common for applications like ms exchange.,Default value when not specified in API or module is interpreted by Avi Controller as False.
hs_min_dos_rate: ${45:undefined} # not required. Dos connection rate below which the dos security assessment will not kick in.,Default value when not specified in API or module is interpreted by Avi Controller as 1000.
hs_max_resources_penalty: ${46:undefined} # not required. Maximum penalty that may be deducted from health score for high resource utilization.,Allowed values are 0-100.,Default value when not specified in API or module is interpreted by Avi Controller as 25.
client_log_streaming_config: ${47:undefined} # not required. Configure to stream logs to an external server.,Field introduced in 17.1.1.
apdex_server_response_threshold: ${48:undefined} # not required. A server http response is considered satisfied if latency is less than the satisfactory latency threshold.,The response is considered tolerated when it is greater than satisfied but less than the tolerated latency factor * s_latency.,Greater than this number and the server response is considered frustrated.,Allowed values are 1-30000.,Default value when not specified in API or module is interpreted by Avi Controller as 400.,Units(MILLISECONDS).
hs_performance_boost: ${49:undefined} # not required. Adds free performance score credits to health score.,It can be used for compensating health score for known slow applications.,Allowed values are 0-100.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
client_log_config: ${50:undefined} # not required. Configure which logs are sent to the avi controller from ses and how they are processed.
exclude_gs_down_as_error: ${51:undefined} # not required. Exclude queries to gslb services that are operationally down from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
apdex_server_response_tolerated_factor: ${52:undefined} # not required. Server tolerated response latency factor.,Servermust response within this factor times the satisfactory threshold (apdex_server_response_threshold) to be considered tolerated.,Allowed values are 1-1000.,Default value when not specified in API or module is interpreted by Avi Controller as 4.0.
state: ${53|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
disable_server_analytics: ${54:undefined} # not required. Disable analytics on backend servers.,This may be desired in container environment when there are large number of ephemeral servers.,Default value when not specified in API or module is interpreted by Avi Controller as False.
conn_server_lossy_timeo_rexmt_threshold: ${55:undefined} # not required. A connection between avi and server is considered lossy when more than this percentage of packets are retransmitted due to timeout.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 20.,Units(PERCENT).
exclude_client_close_before_request_as_error: ${56:undefined} # not required. Exclude client closed connection before an http request could be completed from being classified as an error.,Default value when not specified in API or module is interpreted by Avi Controller as False.
hs_security_weak_signature_algo_penalty: ${57:undefined} # not required. Penalty for allowing weak signature algorithm(s).,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 1.0.
conn_lossy_timeo_rexmt_threshold: ${58:undefined} # not required. A connection between client and avi is considered lossy when more than this percentage of packets are retransmitted due to timeout.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 20.,Units(PERCENT).
api_version: ${59:16.4.4} # not required. Avi API version of to use for Avi API and objects.
apdex_rtt_tolerated_factor: ${60:undefined} # not required. Tolerated client to avi round trip time(rtt) factor.,It is a multiple of apdex_rtt_tolerated_factor.,Allowed values are 1-1000.,Default value when not specified in API or module is interpreted by Avi Controller as 4.0.
description: ${61:undefined} # not required. User defined description for the object.
hs_security_ssl30_score: ${62:undefined} # not required. Score assigned when supporting ssl3.0 encryption protocol.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 3.5.
apdex_rum_tolerated_factor: ${63:undefined} # not required. Virtual service threshold factor for tolerated page load time (plt) as multiple of apdex_rum_threshold.,Allowed values are 1-1000.,Default value when not specified in API or module is interpreted by Avi Controller as 4.0.
hs_security_cipherscore_eq000b: ${64:undefined} # not required. Score assigned when the minimum cipher strength is 0 bits.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 0.0.
ranges: ${65:undefined} # not required. List of http status code ranges to be excluded from being classified as an error.
apdex_server_rtt_threshold: ${66:undefined} # not required. Satisfactory client to avi round trip time(rtt).,Allowed values are 1-2000.,Default value when not specified in API or module is interpreted by Avi Controller as 125.,Units(MILLISECONDS).
exclude_server_dns_error_as_error: ${67:undefined} # not required. Exclude server dns error response from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
hs_security_tls11_score: ${68:undefined} # not required. Score assigned when supporting tls1.1 encryption protocol.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 5.0.
resp_code_block: ${69:undefined} # not required. Block of http response codes to be excluded from being classified as an error.,Enum options - AP_HTTP_RSP_4XX, AP_HTTP_RSP_5XX.
tenant: ${70:admin} # not required. Name of tenant used for all Avi API calls and context of object.
hs_pscore_traffic_threshold_l4_server: ${71:undefined} # not required. Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed.,Default value when not specified in API or module is interpreted by Avi Controller as 10.0.
hs_max_security_penalty: ${72:undefined} # not required. Maximum penalty that may be deducted from health score based on security assessment.,Allowed values are 0-100.,Default value when not specified in API or module is interpreted by Avi Controller as 100.
exclude_dns_policy_drop_as_significant: ${73:undefined} # not required. Exclude dns policy drops from the list of errors.,Field introduced in 17.2.2.,Default value when not specified in API or module is interpreted by Avi Controller as False.
tenant_uuid: ${74:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_context: ${75:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
url: ${76:undefined} # not required. Avi controller URL of the object.
hs_security_tls10_score: ${77:undefined} # not required. Score assigned when supporting tls1.0 encryption protocol.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 5.0.
hs_security_certscore_expired: ${78:undefined} # not required. Score assigned when the certificate has expired.,Allowed values are 0-5.,Default value when not specified in API or module is interpreted by Avi Controller as 0.0.
apdex_response_threshold: ${79:undefined} # not required. If a client receives an http response in less than the satisfactory latency threshold, the request is considered satisfied.,It is considered tolerated if it is not satisfied and less than tolerated latency factor multiplied by the satisfactory latency threshold.,Greater than this number and the client's request is considered frustrated.,Allowed values are 1-30000.,Default value when not specified in API or module is interpreted by Avi Controller as 500.,Units(MILLISECONDS).
exclude_unsupported_dns_query_as_error: ${80:undefined} # not required. Exclude unsupported dns queries from the list of errors.,Default value when not specified in API or module is interpreted by Avi Controller as False.
"""
'avi_api_session':
'prefix': "avi_api_session_snippet"
'description': "Avi API Module"
'body': """
avi_api_session:
http_method: ${1|get,put,post,patch,delete|} # required. choices: get;put;post;patch;delete. Allowed HTTP methods for RESTful services and are supported by Avi Controller.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
avi_credentials: ${3:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller: ${4:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
params: ${5:undefined} # not required. Query parameters passed to the HTTP API.
api_version: ${6:16.4.4} # not required. Avi API version of to use for Avi API and objects.
timeout: ${7:60} # not required. Timeout (in seconds) for Avi API calls.
api_context: ${8:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
path: ${9:undefined} # not required. Path for Avi API resource. For example, C(path: virtualservice) will translate to C(api/virtualserivce).
password: ${10:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
data: ${11:undefined} # not required. HTTP body in YAML or JSON format.
tenant_uuid: ${12:} # not required. UUID of tenant used for all Avi API calls and context of object.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
"""
'avi_api_version':
'prefix': "avi_api_version_snippet"
'description': "Avi API Version Module"
'body': """
avi_api_version:
username: ${1:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
avi_credentials: ${2:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller: ${3:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
api_context: ${5:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${6:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant_uuid: ${7:} # not required. UUID of tenant used for all Avi API calls and context of object.
tenant: ${8:admin} # not required. Name of tenant used for all Avi API calls and context of object.
"""
'avi_applicationpersistenceprofile':
'prefix': "avi_applicationpersistenceprofile_snippet"
'description': "Module for setup of ApplicationPersistenceProfile Avi RESTful Object"
'body': """
avi_applicationpersistenceprofile:
persistence_type: ${1:undefined} # required. Method used to persist clients to the same server for a duration of time or a session.,Enum options - PERSISTENCE_TYPE_CLIENT_IP_ADDRESS, PERSISTENCE_TYPE_HTTP_COOKIE, PERSISTENCE_TYPE_TLS, PERSISTENCE_TYPE_CLIENT_IPV6_ADDRESS,,PERSISTENCE_TYPE_CUSTOM_HTTP_HEADER, PERSISTENCE_TYPE_APP_COOKIE, PERSISTENCE_TYPE_GSLB_SITE.,Default value when not specified in API or module is interpreted by Avi Controller as PERSISTENCE_TYPE_CLIENT_IP_ADDRESS.
name: ${2:undefined} # required. A user-friendly name for the persistence profile.
server_hm_down_recovery: ${3:undefined} # not required. Specifies behavior when a persistent server has been marked down by a health monitor.,Enum options - HM_DOWN_PICK_NEW_SERVER, HM_DOWN_ABORT_CONNECTION, HM_DOWN_CONTINUE_PERSISTENT_SERVER.,Default value when not specified in API or module is interpreted by Avi Controller as HM_DOWN_PICK_NEW_SERVER.
uuid: ${4:undefined} # not required. Uuid of the persistence profile.
avi_credentials: ${5:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
avi_api_patch_op: ${6|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
http_cookie_persistence_profile: ${7:undefined} # not required. Specifies the http cookie persistence profile parameters.
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_update_method: ${9|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
hdr_persistence_profile: ${10:undefined} # not required. Specifies the custom http header persistence profile parameters.
api_version: ${11:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${12:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${13:undefined} # not required. User defined description for the object.
controller: ${14:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
ip_persistence_profile: ${15:undefined} # not required. Specifies the client ip persistence profile parameters.
api_context: ${16:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${17:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${18:admin} # not required. Name of tenant used for all Avi API calls and context of object.
app_cookie_persistence_profile: ${19:undefined} # not required. Specifies the application cookie persistence profile parameters.
url: ${20:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${21:undefined} # not required. It is a reference to an object of type tenant.
is_federated: ${22:undefined} # not required. This field describes the object's replication scope.,If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines.,If the field is set to true, then the object is replicated across the federation.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as False.
tenant_uuid: ${23:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_applicationprofile':
'prefix': "avi_applicationprofile_snippet"
'description': "Module for setup of ApplicationProfile Avi RESTful Object"
'body': """
avi_applicationprofile:
type: ${1:undefined} # required. Specifies which application layer proxy is enabled for the virtual service.,Enum options - APPLICATION_PROFILE_TYPE_L4, APPLICATION_PROFILE_TYPE_HTTP, APPLICATION_PROFILE_TYPE_SYSLOG, APPLICATION_PROFILE_TYPE_DNS,,APPLICATION_PROFILE_TYPE_SSL.
name: ${2:undefined} # required. The name of the application profile.
dos_rl_profile: ${3:undefined} # not required. Specifies various security related controls for virtual service.
preserve_client_ip: ${4:undefined} # not required. Specifies if client ip needs to be preserved for backend connection.,Not compatible with connection multiplexing.,Default value when not specified in API or module is interpreted by Avi Controller as False.
tcp_app_profile: ${5:undefined} # not required. Specifies the tcp application proxy profile parameters.
uuid: ${6:undefined} # not required. Uuid of the application profile.
dns_service_profile: ${7:undefined} # not required. Specifies various dns service related controls for virtual service.
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_patch_op: ${9|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
avi_credentials: ${10:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
avi_api_update_method: ${11|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
api_version: ${12:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${13:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${14:undefined} # not required. User defined description for the object.
http_profile: ${15:undefined} # not required. Specifies the http application proxy profile parameters.
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${17:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${18:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${19:admin} # not required. Name of tenant used for all Avi API calls and context of object.
url: ${20:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${21:undefined} # not required. It is a reference to an object of type tenant.
tenant_uuid: ${22:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_authprofile':
'prefix': "avi_authprofile_snippet"
'description': "Module for setup of AuthProfile Avi RESTful Object"
'body': """
avi_authprofile:
name: ${1:undefined} # required. Name of the auth profile.
type: ${2:undefined} # required. Type of the auth profile.,Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
http: ${5:undefined} # not required. Http user authentication params.
uuid: ${6:undefined} # not required. Uuid of the auth profile.
saml: ${7:undefined} # not required. Saml settings.,Field introduced in 17.2.3.
url: ${8:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${9:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${10:undefined} # not required. It is a reference to an object of type tenant.
state: ${11|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
api_context: ${12:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
avi_api_patch_op: ${13|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tacacs_plus: ${14:undefined} # not required. Tacacs+ settings.
ldap: ${15:undefined} # not required. Ldap server and directory settings.
tenant: ${16:admin} # not required. Name of tenant used for all Avi API calls and context of object.
tenant_uuid: ${17:} # not required. UUID of tenant used for all Avi API calls and context of object.
password: ${18:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${19:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${20|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
description: ${21:undefined} # not required. User defined description for the object.
"""
'avi_backup':
'prefix': "avi_backup_snippet"
'description': "Module for setup of Backup Avi RESTful Object"
'body': """
avi_backup:
file_name: ${1:undefined} # required. The file name of backup.
scheduler_ref: ${2:undefined} # not required. Scheduler information.,It is a reference to an object of type scheduler.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${5:undefined} # not required. Unique object identifier of the object.
local_file_url: ${6:undefined} # not required. Url to download the backup file.
url: ${7:undefined} # not required. Avi controller URL of the object.
remote_file_url: ${8:undefined} # not required. Url to download the backup file.
avi_credentials: ${9:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${10:undefined} # not required. It is a reference to an object of type tenant.
state: ${11|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${12:} # not required. UUID of tenant used for all Avi API calls and context of object.
backup_config_ref: ${13:undefined} # not required. Backupconfiguration information.,It is a reference to an object of type backupconfiguration.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
avi_api_patch_op: ${15|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${16:admin} # not required. Name of tenant used for all Avi API calls and context of object.
timestamp: ${17:undefined} # not required. Unix timestamp of when the backup file is created.
password: ${18:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${19:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${20|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_backupconfiguration':
'prefix': "avi_backupconfiguration_snippet"
'description': "Module for setup of BackupConfiguration Avi RESTful Object"
'body': """
avi_backupconfiguration:
name: ${1:undefined} # required. Name of backup configuration.
remote_hostname: ${2:undefined} # not required. Remote destination.
remote_directory: ${3:undefined} # not required. Directory at remote destination with write permission for ssh user.
uuid: ${4:undefined} # not required. Unique object identifier of the object.
avi_credentials: ${5:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
avi_api_patch_op: ${6|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
save_local: ${8:undefined} # not required. Local backup.
upload_to_remote_host: ${9:undefined} # not required. Remote backup.
backup_file_prefix: ${10:undefined} # not required. Prefix of the exported configuration file.,Field introduced in 17.1.1.
api_version: ${11:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${12:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
backup_passphrase: ${13:undefined} # not required. Passphrase of backup configuration.
controller: ${14:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${15:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
tenant: ${18:admin} # not required. Name of tenant used for all Avi API calls and context of object.
ssh_user_ref: ${19:undefined} # not required. Access credentials for remote destination.,It is a reference to an object of type cloudconnectoruser.
url: ${20:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${21:undefined} # not required. It is a reference to an object of type tenant.
maximum_backups_stored: ${22:undefined} # not required. Rotate the backup files based on this count.,Allowed values are 1-20.,Default value when not specified in API or module is interpreted by Avi Controller as 4.
tenant_uuid: ${23:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_certificatemanagementprofile':
'prefix': "avi_certificatemanagementprofile_snippet"
'description': "Module for setup of CertificateManagementProfile Avi RESTful Object"
'body': """
avi_certificatemanagementprofile:
name: ${1:undefined} # required. Name of the pki profile.
script_path: ${2:undefined} # required. Script_path of certificatemanagementprofile.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
password: ${4:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${6:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${10:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${13:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
script_params: ${14:undefined} # not required. List of customparams.
controller: ${15:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${16|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${17:undefined} # not required. Unique object identifier of the object.
"""
'avi_cloud':
'prefix': "avi_cloud_snippet"
'description': "Module for setup of Cloud Avi RESTful Object"
'body': """
avi_cloud:
vtype: ${1:undefined} # required. Cloud type.,Enum options - CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP,,CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE.,Default value when not specified in API or module is interpreted by Avi Controller as CLOUD_NONE.
name: ${2:undefined} # required. Name of the object.
vca_configuration: ${3:undefined} # not required. Vcloudairconfiguration settings for cloud.
proxy_configuration: ${4:undefined} # not required. Proxyconfiguration settings for cloud.
docker_configuration: ${5:undefined} # not required. Dockerconfiguration settings for cloud.
oshiftk8s_configuration: ${6:undefined} # not required. Oshiftk8sconfiguration settings for cloud.
mtu: ${7:undefined} # not required. Mtu setting for the cloud.,Default value when not specified in API or module is interpreted by Avi Controller as 1500.,Units(BYTES).
rancher_configuration: ${8:undefined} # not required. Rancherconfiguration settings for cloud.
uuid: ${9:undefined} # not required. Unique object identifier of the object.
linuxserver_configuration: ${10:undefined} # not required. Linuxserverconfiguration settings for cloud.
custom_tags: ${11:undefined} # not required. Custom tags for all avi created resources in the cloud infrastructure.,Field introduced in 17.1.5.
state: ${12|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
nsx_configuration: ${13:undefined} # not required. Configuration parameters for nsx manager.,Field introduced in 17.1.1.
avi_api_patch_op: ${14|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${15:admin} # not required. Name of tenant used for all Avi API calls and context of object.
apic_mode: ${16:undefined} # not required. Boolean flag to set apic_mode.,Default value when not specified in API or module is interpreted by Avi Controller as False.
dns_provider_ref: ${17:undefined} # not required. Dns profile for the cloud.,It is a reference to an object of type ipamdnsproviderprofile.
api_version: ${18:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${19:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
mesos_configuration: ${20:undefined} # not required. Mesosconfiguration settings for cloud.
openstack_configuration: ${21:undefined} # not required. Openstackconfiguration settings for cloud.
enable_vip_static_routes: ${22:undefined} # not required. Use static routes for vip side network resolution during virtualservice placement.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${23:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
aws_configuration: ${24:undefined} # not required. Awsconfiguration settings for cloud.
api_context: ${25:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
ipam_provider_ref: ${26:undefined} # not required. Ipam profile for the cloud.,It is a reference to an object of type ipamdnsproviderprofile.
cloudstack_configuration: ${27:undefined} # not required. Cloudstackconfiguration settings for cloud.
password: ${28:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${29|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
azure_configuration: ${30:undefined} # not required. Field introduced in 17.2.1.
license_tier: ${31:undefined} # not required. Specifies the default license tier which would be used by new se groups.,This field by default inherits the value from system configuration.,Enum options - ENTERPRISE_16, ENTERPRISE_18.,Field introduced in 17.2.5.
state_based_dns_registration: ${32:undefined} # not required. Dns records for vips are added/deleted based on the operational state of the vips.,Field introduced in 17.1.12.,Default value when not specified in API or module is interpreted by Avi Controller as True.
url: ${33:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${34:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${35:undefined} # not required. It is a reference to an object of type tenant.
dhcp_enabled: ${36:undefined} # not required. Select the ip address management scheme.,Default value when not specified in API or module is interpreted by Avi Controller as False.
east_west_ipam_provider_ref: ${37:undefined} # not required. Ipam profile for east-west services.,Warning - please use virtual subnets in this ipam profile that do not conflict with the underlay networks or any overlay networks in the cluster.,For example in aws and gcp, 169.254.0.0/16 is used for storing instance metadata.,Hence, it should not be used in this profile.,It is a reference to an object of type ipamdnsproviderprofile.
obj_name_prefix: ${38:undefined} # not required. Default prefix for all automatically created objects in this cloud.,This prefix can be overridden by the se-group template.
apic_configuration: ${39:undefined} # not required. Apicconfiguration settings for cloud.
prefer_static_routes: ${40:undefined} # not required. Prefer static routes over interface routes during virtualservice placement.,Default value when not specified in API or module is interpreted by Avi Controller as False.
license_type: ${41:undefined} # not required. If no license type is specified then default license enforcement for the cloud type is chosen.,The default mappings are container cloud is max ses, openstack and vmware is cores and linux it is sockets.,Enum options - LIC_BACKEND_SERVERS, LIC_SOCKETS, LIC_CORES, LIC_HOSTS, LIC_SE_BANDWIDTH.
vcenter_configuration: ${42:undefined} # not required. Vcenterconfiguration settings for cloud.
tenant_uuid: ${43:} # not required. UUID of tenant used for all Avi API calls and context of object.
east_west_dns_provider_ref: ${44:undefined} # not required. Dns profile for east-west services.,It is a reference to an object of type ipamdnsproviderprofile.
"""
'avi_cloudconnectoruser':
'prefix': "avi_cloudconnectoruser_snippet"
'description': "Module for setup of CloudConnectorUser Avi RESTful Object"
'body': """
avi_cloudconnectoruser:
name: ${1:undefined} # required. Name of the object.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
public_key: ${3:undefined} # not required. Public_key of cloudconnectoruser.
private_key: ${4:undefined} # not required. Private_key of cloudconnectoruser.
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${6:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${10:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
azure_serviceprincipal: ${12:undefined} # not required. Field introduced in 17.2.1.
azure_userpass: ${13:undefined} # not required. Field introduced in 17.2.1.
tenant: ${14:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${15:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${19:undefined} # not required. Unique object identifier of the object.
"""
'avi_cloudproperties':
'prefix': "avi_cloudproperties_snippet"
'description': "Module for setup of CloudProperties Avi RESTful Object"
'body': """
avi_cloudproperties:
info: ${1:undefined} # not required. Properties specific to a cloud type.
hyp_props: ${2:undefined} # not required. Hypervisor properties.
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${4:undefined} # not required. Unique object identifier of the object.
url: ${5:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${6:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller: ${7:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${9:} # not required. UUID of tenant used for all Avi API calls and context of object.
username: ${10:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
cc_props: ${12:undefined} # not required. Cloudconnector properties.
api_context: ${13:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${14:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
cc_vtypes: ${15:undefined} # not required. Cloud types supported by cloudconnector.,Enum options - CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP,,CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE.
avi_api_update_method: ${16|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
tenant: ${17:admin} # not required. Name of tenant used for all Avi API calls and context of object.
"""
'avi_cluster':
'prefix': "avi_cluster_snippet"
'description': "Module for setup of Cluster Avi RESTful Object"
'body': """
avi_cluster:
name: ${1:undefined} # required. Name of the object.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
uuid: ${3:undefined} # not required. Unique object identifier of the object.
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${5:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${6:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${7:undefined} # not required. It is a reference to an object of type tenant.
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${9:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${10|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
virtual_ip: ${11:undefined} # not required. A virtual ip address.,This ip address will be dynamically reconfigured so that it always is the ip of the cluster leader.
api_context: ${12:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
nodes: ${14:undefined} # not required. List of clusternode.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
rejoin_nodes_automatically: ${18:undefined} # not required. Re-join cluster nodes automatically in the event one of the node is reset to factory.,Default value when not specified in API or module is interpreted by Avi Controller as True.
"""
'avi_clusterclouddetails':
'prefix': "avi_clusterclouddetails_snippet"
'description': "Module for setup of ClusterCloudDetails Avi RESTful Object"
'body': """
avi_clusterclouddetails:
name: ${1:undefined} # required. Field introduced in 17.2.5.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${4:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${5:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${6:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.2.5.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${8:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${9|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${10:admin} # not required. Name of tenant used for all Avi API calls and context of object.
azure_info: ${11:undefined} # not required. Azure info to configure cluster_vip on the controller.,Field introduced in 17.2.5.
api_context: ${12:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${13:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${14:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${15|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${16:undefined} # not required. Field introduced in 17.2.5.
"""
'avi_controllerproperties':
'prefix': "avi_controllerproperties_snippet"
'description': "Module for setup of ControllerProperties Avi RESTful Object"
'body': """
avi_controllerproperties:
vs_se_ping_fail: ${1:undefined} # not required. Number of vs_se_ping_fail.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(SEC).
portal_token: ${2:undefined} # not required. Token used for uploading tech-support to portal.,Field introduced in 16.4.6,17.1.2.
cluster_ip_gratuitous_arp_period: ${3:undefined} # not required. Number of cluster_ip_gratuitous_arp_period.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(MIN).
persistence_key_rotate_period: ${4:undefined} # not required. Allowed values are 1-1051200.,Special values are 0 - 'disabled'.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(MIN).
bm_use_ansible: ${5:undefined} # not required. Use ansible for se creation in baremetal.,Field introduced in 17.2.2.,Default value when not specified in API or module is interpreted by Avi Controller as True.
attach_ip_retry_interval: ${6:undefined} # not required. Number of attach_ip_retry_interval.,Default value when not specified in API or module is interpreted by Avi Controller as 360.,Units(SEC).
vs_se_vnic_fail: ${7:undefined} # not required. Number of vs_se_vnic_fail.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
secure_channel_se_token_timeout: ${8:undefined} # not required. Number of secure_channel_se_token_timeout.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(MIN).
attach_ip_retry_limit: ${9:undefined} # not required. Number of attach_ip_retry_limit.,Default value when not specified in API or module is interpreted by Avi Controller as 4.
se_vnic_cooldown: ${10:undefined} # not required. Number of se_vnic_cooldown.,Default value when not specified in API or module is interpreted by Avi Controller as 120.,Units(SEC).
vnic_op_fail_time: ${11:undefined} # not required. Number of vnic_op_fail_time.,Default value when not specified in API or module is interpreted by Avi Controller as 180.,Units(SEC).
max_pcap_per_tenant: ${12:undefined} # not required. Maximum number of pcap files stored per tenant.,Default value when not specified in API or module is interpreted by Avi Controller as 4.
vs_se_bootup_fail: ${13:undefined} # not required. Number of vs_se_bootup_fail.,Default value when not specified in API or module is interpreted by Avi Controller as 480.,Units(SEC).
seupgrade_fabric_pool_size: ${14:undefined} # not required. Pool size used for all fabric commands during se upgrade.,Default value when not specified in API or module is interpreted by Avi Controller as 20.
vs_key_rotate_period: ${15:undefined} # not required. Allowed values are 1-1051200.,Special values are 0 - 'disabled'.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(MIN).
seupgrade_segroup_min_dead_timeout: ${16:undefined} # not required. Time to wait before marking segroup upgrade as stuck.,Default value when not specified in API or module is interpreted by Avi Controller as 360.,Units(SEC).
dns_refresh_period: ${17:undefined} # not required. Number of dns_refresh_period.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(MIN).
upgrade_lease_time: ${18:undefined} # not required. Number of upgrade_lease_time.,Default value when not specified in API or module is interpreted by Avi Controller as 360.,Units(SEC).
avi_api_patch_op: ${19|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
se_create_timeout: ${20:undefined} # not required. Number of se_create_timeout.,Default value when not specified in API or module is interpreted by Avi Controller as 900.,Units(SEC).
query_host_fail: ${21:undefined} # not required. Number of query_host_fail.,Default value when not specified in API or module is interpreted by Avi Controller as 180.,Units(SEC).
vs_apic_scaleout_timeout: ${22:undefined} # not required. Time to wait for the scaled out se to become ready before marking the scaleout done, applies to apic configuration only.,Default value when not specified in API or module is interpreted by Avi Controller as 360.,Units(SEC).
unresponsive_se_reboot: ${23:undefined} # not required. Number of unresponsive_se_reboot.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
state: ${24|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
se_offline_del: ${25:undefined} # not required. Number of se_offline_del.,Default value when not specified in API or module is interpreted by Avi Controller as 172000.,Units(SEC).
max_dead_se_in_grp: ${26:undefined} # not required. Number of max_dead_se_in_grp.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
upgrade_dns_ttl: ${27:undefined} # not required. Time to account for dns ttl during upgrade.,This is in addition to vs_scalein_timeout_for_upgrade in se_group.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as 5.,Units(SEC).
fatal_error_lease_time: ${28:undefined} # not required. Number of fatal_error_lease_time.,Default value when not specified in API or module is interpreted by Avi Controller as 120.,Units(SEC).
api_version: ${29:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${30:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
allow_ip_forwarding: ${31:undefined} # not required. Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
vs_se_attach_ip_fail: ${32:undefined} # not required. Time to wait before marking attach ip operation on an se as failed.,Field introduced in 17.2.2.,Default value when not specified in API or module is interpreted by Avi Controller as 3600.,Units(SEC).
avi_credentials: ${33:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
max_seq_vnic_failures: ${34:undefined} # not required. Number of max_seq_vnic_failures.,Default value when not specified in API or module is interpreted by Avi Controller as 3.
allow_unauthenticated_nodes: ${35:undefined} # not required. Boolean flag to set allow_unauthenticated_nodes.,Default value when not specified in API or module is interpreted by Avi Controller as False.
allow_unauthenticated_apis: ${36:undefined} # not required. Allow unauthenticated access for special apis.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${37:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
safenet_hsm_version: ${38:undefined} # not required. Version of the safenet package installed on the controller.,Field introduced in 16.5.2,17.2.3.
warmstart_se_reconnect_wait_time: ${39:undefined} # not required. Number of warmstart_se_reconnect_wait_time.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
api_context: ${40:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${41:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${42|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${43:undefined} # not required. Unique object identifier of the object.
tenant: ${44:admin} # not required. Name of tenant used for all Avi API calls and context of object.
dummy: ${45:undefined} # not required. Number of dummy.
max_seq_attach_ip_failures: ${46:undefined} # not required. Maximum number of consecutive attach ip failures that halts vs placement.,Field introduced in 17.2.2.,Default value when not specified in API or module is interpreted by Avi Controller as 3.
secure_channel_cleanup_timeout: ${47:undefined} # not required. Number of secure_channel_cleanup_timeout.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(MIN).
ssl_certificate_expiry_warning_days: ${48:undefined} # not required. Number of days for ssl certificate expiry warning.,Units(DAYS).
vs_se_vnic_ip_fail: ${49:undefined} # not required. Number of vs_se_vnic_ip_fail.,Default value when not specified in API or module is interpreted by Avi Controller as 120.,Units(SEC).
secure_channel_controller_token_timeout: ${50:undefined} # not required. Number of secure_channel_controller_token_timeout.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(MIN).
url: ${51:undefined} # not required. Avi controller URL of the object.
vs_se_create_fail: ${52:undefined} # not required. Number of vs_se_create_fail.,Default value when not specified in API or module is interpreted by Avi Controller as 1500.,Units(SEC).
api_idle_timeout: ${53:undefined} # not required. Allowed values are 0-1440.,Default value when not specified in API or module is interpreted by Avi Controller as 15.,Units(MIN).
crashed_se_reboot: ${54:undefined} # not required. Number of crashed_se_reboot.,Default value when not specified in API or module is interpreted by Avi Controller as 900.,Units(SEC).
appviewx_compat_mode: ${55:undefined} # not required. Export configuration in appviewx compatibility mode.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
vs_awaiting_se_timeout: ${56:undefined} # not required. Number of vs_awaiting_se_timeout.,Default value when not specified in API or module is interpreted by Avi Controller as 60.,Units(SEC).
se_failover_attempt_interval: ${57:undefined} # not required. Interval between attempting failovers to an se.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
dead_se_detection_timer: ${58:undefined} # not required. Number of dead_se_detection_timer.,Default value when not specified in API or module is interpreted by Avi Controller as 360.,Units(SEC).
tenant_uuid: ${59:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_customipamdnsprofile':
'prefix': "avi_customipamdnsprofile_snippet"
'description': "Module for setup of CustomIpamDnsProfile Avi RESTful Object"
'body': """
avi_customipamdnsprofile:
name: ${1:undefined} # required. Name of the custom ipam dns profile.,Field introduced in 17.1.1.
script_uri: ${2:undefined} # required. Script uri of form controller //ipamdnsscripts/<file-name>.,Field introduced in 17.1.1.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
password: ${4:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${6:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.1.1.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${10:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${13:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
script_params: ${14:undefined} # not required. Parameters that are always passed to the ipam/dns script.,Field introduced in 17.1.1.
controller: ${15:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${16|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${17:undefined} # not required. Field introduced in 17.1.1.
"""
'avi_dnspolicy':
'prefix': "avi_dnspolicy_snippet"
'description': "Module for setup of DnsPolicy Avi RESTful Object"
'body': """
avi_dnspolicy:
name: ${1:undefined} # required. Name of the dns policy.,Field introduced in 17.1.1.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${4:undefined} # not required. Uuid of the dns policy.,Field introduced in 17.1.1.
url: ${5:undefined} # not required. Avi controller URL of the object.
description: ${6:undefined} # not required. Field introduced in 17.1.1.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.1.1.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${10:undefined} # not required. Creator name.,Field introduced in 17.1.1.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
rule: ${13:undefined} # not required. Dns rules.,Field introduced in 17.1.1.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
tenant: ${15:admin} # not required. Name of tenant used for all Avi API calls and context of object.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_errorpagebody':
'prefix': "avi_errorpagebody_snippet"
'description': "Module for setup of ErrorPageBody Avi RESTful Object"
'body': """
avi_errorpagebody:
name: ${1:undefined} # required. Field introduced in 17.2.4.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${4:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${5:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${6:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.2.4.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${8:} # not required. UUID of tenant used for all Avi API calls and context of object.
error_page_body: ${9:undefined} # not required. Error page body sent to client when match.,Field introduced in 17.2.4.
avi_api_patch_op: ${10|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${11:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${12:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${13:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${14:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${15|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${16:undefined} # not required. Field introduced in 17.2.4.
"""
'avi_errorpageprofile':
'prefix': "avi_errorpageprofile_snippet"
'description': "Module for setup of ErrorPageProfile Avi RESTful Object"
'body': """
avi_errorpageprofile:
name: ${1:undefined} # required. Field introduced in 17.2.4.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${4:undefined} # not required. Field introduced in 17.2.4.
tenant_uuid: ${5:} # not required. UUID of tenant used for all Avi API calls and context of object.
error_pages: ${6:undefined} # not required. Defined error pages for http status codes.,Field introduced in 17.2.4.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.2.4.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant: ${10:admin} # not required. Name of tenant used for all Avi API calls and context of object.
url: ${11:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
company_name: ${13:undefined} # not required. Name of the company to show in error page.,Field introduced in 17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as Avi Networks.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
host_name: ${15:undefined} # not required. Fully qualified domain name for which the error page is generated.,Field introduced in 17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as Host Header.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
app_name: ${19:undefined} # not required. Name of the virtual service which generated the error page.,Field introduced in 17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as VS Name.
"""
'avi_gslb':
'prefix': "avi_gslb_snippet"
'description': "Module for setup of Gslb Avi RESTful Object"
'body': """
avi_gslb:
leader_cluster_uuid: ${1:undefined} # required. Mark this site as leader of gslb configuration.,This site is the one among the avi sites.
name: ${2:undefined} # required. Name for the gslb object.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${4:undefined} # not required. User defined description for the object.
state: ${5|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
maintenance_mode: ${6:undefined} # not required. This field disables the configuration operations on the leader for all federated objects.,Cud operations on gslb, gslbservice, gslbgeodbprofile and other federated objects will be rejected.,The rest-api disabling helps in upgrade scenarios where we don't want configuration sync operations to the gslb member when the member is being,upgraded.,This configuration programmatically blocks the leader from accepting new gslb configuration when member sites are undergoing upgrade.,Field introduced in 17.2.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
third_party_sites: ${7:undefined} # not required. Third party site member belonging to this gslb.,Field introduced in 17.1.1.
sites: ${8:undefined} # not required. Select avi site member belonging to this gslb.
controller: ${9:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
dns_configs: ${10:undefined} # not required. Sub domain configuration for the gslb.,Gslb service's fqdn must be a match one of these subdomains.
api_context: ${11:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${12:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${13|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${14:undefined} # not required. Uuid of the gslb object.
url: ${15:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${16:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${17:undefined} # not required. It is a reference to an object of type tenant.
is_federated: ${18:undefined} # not required. This field indicates that this object is replicated across gslb federation.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as True.
clear_on_max_retries: ${19:undefined} # not required. Max retries after which the remote site is treated as a fresh start.,In fresh start all the configs are downloaded.,Allowed values are 1-1024.,Default value when not specified in API or module is interpreted by Avi Controller as 20.
avi_api_patch_op: ${20|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
send_interval: ${21:undefined} # not required. Frequency with which group members communicate.,Allowed values are 1-3600.,Default value when not specified in API or module is interpreted by Avi Controller as 15.,Units(SEC).
tenant: ${22:admin} # not required. Name of tenant used for all Avi API calls and context of object.
client_ip_addr_group: ${23:undefined} # not required. Group to specify if the client ip addresses are public or private.,Field introduced in 17.1.2.
view_id: ${24:undefined} # not required. The view-id is used in change-leader mode to differentiate partitioned groups while they have the same gslb namespace.,Each partitioned group will be able to operate independently by using the view-id.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
api_version: ${25:16.4.4} # not required. Avi API version of to use for Avi API and objects.
tenant_uuid: ${26:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_gslbapplicationpersistenceprofile':
'prefix': "avi_gslbapplicationpersistenceprofile_snippet"
'description': "Module for setup of GslbApplicationPersistenceProfile Avi RESTful Object"
'body': """
avi_gslbapplicationpersistenceprofile:
name: ${1:undefined} # required. A user-friendly name for the persistence profile.,Field introduced in 17.1.1.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${3:undefined} # not required. Field introduced in 17.1.1.
controller: ${4:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${5:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${6:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${7:admin} # not required. Name of tenant used for all Avi API calls and context of object.
uuid: ${8:undefined} # not required. Uuid of the persistence profile.,Field introduced in 17.1.1.
url: ${9:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${10:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.1.1.
avi_credentials: ${11:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
state: ${12|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${13:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${14:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_gslbgeodbprofile':
'prefix': "avi_gslbgeodbprofile_snippet"
'description': "Module for setup of GslbGeoDbProfile Avi RESTful Object"
'body': """
avi_gslbgeodbprofile:
name: ${1:undefined} # required. A user-friendly name for the geodb profile.,Field introduced in 17.1.1.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${4:undefined} # not required. Uuid of the geodb profile.,Field introduced in 17.1.1.
state: ${5|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
url: ${6:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.1.1.
is_federated: ${9:undefined} # not required. This field indicates that this object is replicated across gslb federation.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as True.
api_context: ${10:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
entries: ${13:undefined} # not required. List of geodb entries.,An entry can either be a geodb file or an ip address group with geo properties.,Field introduced in 17.1.1.
password: ${14:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant_uuid: ${15:} # not required. UUID of tenant used for all Avi API calls and context of object.
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
description: ${18:undefined} # not required. Field introduced in 17.1.1.
"""
'avi_gslbhealthmonitor':
'prefix': "avi_gslbhealthmonitor_snippet"
'description': "Module for setup of GslbHealthMonitor Avi RESTful Object"
'body': """
avi_gslbhealthmonitor:
name: ${1:undefined} # required. A user friendly name for this health monitor.
type: ${2:undefined} # required. Type of the health monitor.,Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP,,HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
https_monitor: ${4:undefined} # not required. Healthmonitorhttp settings for gslbhealthmonitor.
receive_timeout: ${5:undefined} # not required. A valid response from the server is expected within the receive timeout window.,This timeout must be less than the send interval.,If server status is regularly flapping up and down, consider increasing this value.,Allowed values are 1-300.,Default value when not specified in API or module is interpreted by Avi Controller as 4.
description: ${6:undefined} # not required. User defined description for the object.
api_context: ${7:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
controller: ${8:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
udp_monitor: ${9:undefined} # not required. Healthmonitorudp settings for gslbhealthmonitor.
http_monitor: ${10:undefined} # not required. Healthmonitorhttp settings for gslbhealthmonitor.
password: ${11:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
successful_checks: ${13:undefined} # not required. Number of continuous successful health checks before server is marked up.,Allowed values are 1-50.,Default value when not specified in API or module is interpreted by Avi Controller as 2.
monitor_port: ${14:undefined} # not required. Use this port instead of the port defined for the server in the pool.,If the monitor succeeds to this port, the load balanced traffic will still be sent to the port of the server defined within the pool.,Allowed values are 1-65535.,Special values are 0 - 'use server port'.
uuid: ${15:undefined} # not required. Uuid of the health monitor.
url: ${16:undefined} # not required. Avi controller URL of the object.
dns_monitor: ${17:undefined} # not required. Healthmonitordns settings for gslbhealthmonitor.
tenant_ref: ${18:undefined} # not required. It is a reference to an object of type tenant.
avi_credentials: ${19:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
failed_checks: ${20:undefined} # not required. Number of continuous failed health checks before the server is marked down.,Allowed values are 1-50.,Default value when not specified in API or module is interpreted by Avi Controller as 2.
tcp_monitor: ${21:undefined} # not required. Healthmonitortcp settings for gslbhealthmonitor.
state: ${22|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
send_interval: ${23:undefined} # not required. Frequency, in seconds, that monitors are sent to a server.,Allowed values are 1-3600.,Default value when not specified in API or module is interpreted by Avi Controller as 5.
external_monitor: ${24:undefined} # not required. Healthmonitorexternal settings for gslbhealthmonitor.
tenant_uuid: ${25:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${26:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_gslbservice':
'prefix': "avi_gslbservice_snippet"
'description': "Module for setup of GslbService Avi RESTful Object"
'body': """
avi_gslbservice:
name: ${1:undefined} # required. Name for the gslb service.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
application_persistence_profile_ref: ${3:undefined} # not required. The federated application persistence associated with gslbservice site persistence functionality.,It is a reference to an object of type applicationpersistenceprofile.,Field introduced in 17.2.1.
avi_credentials: ${4:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
description: ${5:undefined} # not required. User defined description for the object.
wildcard_match: ${6:undefined} # not required. Enable wild-card match of fqdn if an exact match is not found in the dns table, the longest match is chosen by wild-carding the fqdn in the dns,request.,Default is false.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
enabled: ${7:undefined} # not required. Enable or disable the gslb service.,If the gslb service is enabled, then the vips are sent in the dns responses based on reachability and configured algorithm.,If the gslb service is disabled, then the vips are no longer available in the dns response.,Default value when not specified in API or module is interpreted by Avi Controller as True.
api_context: ${8:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
controller: ${9:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
domain_names: ${10:undefined} # not required. Fully qualified domain name of the gslb service.
is_federated: ${11:undefined} # not required. This field indicates that this object is replicated across gslb federation.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as True.
use_edns_client_subnet: ${12:undefined} # not required. Use the client ip subnet from the edns option as source ipaddress for client geo-location and consistent hash algorithm.,Default is true.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as True.
groups: ${13:undefined} # not required. Select list of pools belonging to this gslb service.
ttl: ${14:undefined} # not required. Ttl value (in seconds) for records served for this gslb service by the dns service.,Allowed values are 1-86400.,Units(SEC).
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
health_monitor_scope: ${16:undefined} # not required. Health monitor probe can be executed for all the members or it can be executed only for third-party members.,This operational mode is useful to reduce the number of health monitor probes in case of a hybrid scenario.,In such a case, avi members can have controller derived status while non-avi members can be probed by via health monitor probes in dataplane.,Enum options - GSLB_SERVICE_HEALTH_MONITOR_ALL_MEMBERS, GSLB_SERVICE_HEALTH_MONITOR_ONLY_NON_AVI_MEMBERS.,Default value when not specified in API or module is interpreted by Avi Controller as GSLB_SERVICE_HEALTH_MONITOR_ALL_MEMBERS.
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
controller_health_status_enabled: ${18:undefined} # not required. Gs member's overall health status is derived based on a combination of controller and datapath health-status inputs.,Note that the datapath status is determined by the association of health monitor profiles.,Only the controller provided status is determined through this configuration.,Default value when not specified in API or module is interpreted by Avi Controller as True.
uuid: ${19:undefined} # not required. Uuid of the gslb service.
url: ${20:undefined} # not required. Avi controller URL of the object.
down_response: ${21:undefined} # not required. Response to the client query when the gslb service is down.
tenant_ref: ${22:undefined} # not required. It is a reference to an object of type tenant.
avi_api_patch_op: ${23|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
created_by: ${24:undefined} # not required. Creator name.,Field introduced in 17.1.2.
api_version: ${25:16.4.4} # not required. Avi API version of to use for Avi API and objects.
health_monitor_refs: ${26:undefined} # not required. Verify vs health by applying one or more health monitors.,Active monitors generate synthetic traffic from dns service engine and to mark a vs up or down based on the response.,It is a reference to an object of type healthmonitor.
state: ${27|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant: ${28:admin} # not required. Name of tenant used for all Avi API calls and context of object.
site_persistence_enabled: ${29:undefined} # not required. Enable site-persistence for the gslbservice.,Field introduced in 17.2.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
min_members: ${30:undefined} # not required. The minimum number of members to distribute traffic to.,Allowed values are 1-65535.,Special values are 0 - 'disable'.,Field introduced in 17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
tenant_uuid: ${31:} # not required. UUID of tenant used for all Avi API calls and context of object.
pool_algorithm: ${32:undefined} # not required. The load balancing algorithm will pick a gslb pool within the gslb service list of available pools.,Enum options - GSLB_SERVICE_ALGORITHM_PRIORITY, GSLB_SERVICE_ALGORITHM_GEO.,Field introduced in 17.2.3.,Default value when not specified in API or module is interpreted by Avi Controller as GSLB_SERVICE_ALGORITHM_PRIORITY.
num_dns_ip: ${33:undefined} # not required. Number of ip addresses of this gslb service to be returned by the dns service.,Enter 0 to return all ip addresses.,Allowed values are 1-20.,Special values are 0- 'return all ip addresses'.
"""
'avi_gslbservice_patch_member':
'prefix': "avi_gslbservice_patch_member_snippet"
'description': "Avi API Module"
'body': """
avi_gslbservice_patch_member:
name: ${1:undefined} # required. Name of the GSLB Service
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
avi_credentials: ${3:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller: ${4:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
state: ${5|absent,present|} # not required. choices: absent;present. The state that should be applied to the member. Member is,identified using field member.ip.addr.
params: ${6:undefined} # not required. Query parameters passed to the HTTP API.
api_version: ${7:16.4.4} # not required. Avi API version of to use for Avi API and objects.
api_context: ${8:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${9:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
data: ${10:undefined} # not required. HTTP body of GSLB Service Member in YAML or JSON format.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
"""
'avi_hardwaresecuritymodulegroup':
'prefix': "avi_hardwaresecuritymodulegroup_snippet"
'description': "Module for setup of HardwareSecurityModuleGroup Avi RESTful Object"
'body': """
avi_hardwaresecuritymodulegroup:
name: ${1:undefined} # required. Name of the hsm group configuration object.
hsm: ${2:undefined} # required. Hardware security module configuration.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
tenant_uuid: ${5:} # not required. UUID of tenant used for all Avi API calls and context of object.
url: ${6:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_patch_op: ${10|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${11:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${12:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${13:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${14:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${15|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${16:undefined} # not required. Uuid of the hsm group configuration object.
"""
'avi_healthmonitor':
'prefix': "avi_healthmonitor_snippet"
'description': "Module for setup of HealthMonitor Avi RESTful Object"
'body': """
avi_healthmonitor:
name: ${1:undefined} # required. A user friendly name for this health monitor.
type: ${2:undefined} # required. Type of the health monitor.,Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP,,HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
https_monitor: ${4:undefined} # not required. Healthmonitorhttp settings for healthmonitor.
receive_timeout: ${5:undefined} # not required. A valid response from the server is expected within the receive timeout window.,This timeout must be less than the send interval.,If server status is regularly flapping up and down, consider increasing this value.,Allowed values are 1-2400.,Default value when not specified in API or module is interpreted by Avi Controller as 4.,Units(SEC).
description: ${6:undefined} # not required. User defined description for the object.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
api_context: ${8:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
controller: ${9:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
udp_monitor: ${10:undefined} # not required. Healthmonitorudp settings for healthmonitor.
http_monitor: ${11:undefined} # not required. Healthmonitorhttp settings for healthmonitor.
password: ${12:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${13|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
successful_checks: ${14:undefined} # not required. Number of continuous successful health checks before server is marked up.,Allowed values are 1-50.,Default value when not specified in API or module is interpreted by Avi Controller as 2.
monitor_port: ${15:undefined} # not required. Use this port instead of the port defined for the server in the pool.,If the monitor succeeds to this port, the load balanced traffic will still be sent to the port of the server defined within the pool.,Allowed values are 1-65535.,Special values are 0 - 'use server port'.
uuid: ${16:undefined} # not required. Uuid of the health monitor.
url: ${17:undefined} # not required. Avi controller URL of the object.
dns_monitor: ${18:undefined} # not required. Healthmonitordns settings for healthmonitor.
avi_credentials: ${19:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${20:undefined} # not required. It is a reference to an object of type tenant.
is_federated: ${21:undefined} # not required. This field describes the object's replication scope.,If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines.,If the field is set to true, then the object is replicated across the federation.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as False.
failed_checks: ${22:undefined} # not required. Number of continuous failed health checks before the server is marked down.,Allowed values are 1-50.,Default value when not specified in API or module is interpreted by Avi Controller as 2.
tcp_monitor: ${23:undefined} # not required. Healthmonitortcp settings for healthmonitor.
avi_api_patch_op: ${24|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
send_interval: ${25:undefined} # not required. Frequency, in seconds, that monitors are sent to a server.,Allowed values are 1-3600.,Default value when not specified in API or module is interpreted by Avi Controller as 10.,Units(SEC).
tenant: ${26:admin} # not required. Name of tenant used for all Avi API calls and context of object.
external_monitor: ${27:undefined} # not required. Healthmonitorexternal settings for healthmonitor.
tenant_uuid: ${28:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${29:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_httppolicyset':
'prefix': "avi_httppolicyset_snippet"
'description': "Module for setup of HTTPPolicySet Avi RESTful Object"
'body': """
avi_httppolicyset:
name: ${1:undefined} # required. Name of the http policy set.
http_security_policy: ${2:undefined} # not required. Http security policy for the virtual service.
uuid: ${3:undefined} # not required. Uuid of the http policy set.
state: ${4|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${5:undefined} # not required. Creator name.
avi_api_patch_op: ${6|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
avi_api_update_method: ${8|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
http_request_policy: ${9:undefined} # not required. Http request policy for the virtual service.
api_version: ${10:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${11:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${12:undefined} # not required. User defined description for the object.
controller: ${13:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${16:admin} # not required. Name of tenant used for all Avi API calls and context of object.
url: ${17:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${18:undefined} # not required. It is a reference to an object of type tenant.
cloud_config_cksum: ${19:undefined} # not required. Checksum of cloud configuration for pool.,Internally set by cloud connector.
http_response_policy: ${20:undefined} # not required. Http response policy for the virtual service.
tenant_uuid: ${21:} # not required. UUID of tenant used for all Avi API calls and context of object.
is_internal_policy: ${22:undefined} # not required. Boolean flag to set is_internal_policy.,Default value when not specified in API or module is interpreted by Avi Controller as False.
"""
'avi_ipaddrgroup':
'prefix': "avi_ipaddrgroup_snippet"
'description': "Module for setup of IpAddrGroup Avi RESTful Object"
'body': """
avi_ipaddrgroup:
name: ${1:undefined} # required. Name of the ip address group.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${3:undefined} # not required. User defined description for the object.
marathon_service_port: ${4:undefined} # not required. Task port associated with marathon service port.,If marathon app has multiple service ports, this is required.,Else, the first task port is used.
ranges: ${5:undefined} # not required. Configure ip address range(s).
controller: ${6:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
addrs: ${7:undefined} # not required. Configure ip address(es).
api_context: ${8:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${9:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${10|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${11:undefined} # not required. Uuid of the ip address group.
country_codes: ${12:undefined} # not required. Populate the ip address ranges from the geo database for this country.
api_version: ${13:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${14:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${15:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${16:undefined} # not required. It is a reference to an object of type tenant.
state: ${17|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
apic_epg_name: ${18:undefined} # not required. Populate ip addresses from members of this cisco apic epg.
prefixes: ${19:undefined} # not required. Configure ip address prefix(es).
avi_api_patch_op: ${20|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${21:admin} # not required. Name of tenant used for all Avi API calls and context of object.
marathon_app_name: ${22:undefined} # not required. Populate ip addresses from tasks of this marathon app.
ip_ports: ${23:undefined} # not required. Configure (ip address, port) tuple(s).
tenant_uuid: ${24:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_ipamdnsproviderprofile':
'prefix': "avi_ipamdnsproviderprofile_snippet"
'description': "Module for setup of IpamDnsProviderProfile Avi RESTful Object"
'body': """
avi_ipamdnsproviderprofile:
name: ${1:undefined} # required. Name for the ipam/dns provider profile.
type: ${2:undefined} # required. Provider type for the ipam/dns provider profile.,Enum options - IPAMDNS_TYPE_INFOBLOX, IPAMDNS_TYPE_AWS, IPAMDNS_TYPE_OPENSTACK, IPAMDNS_TYPE_GCP, IPAMDNS_TYPE_INFOBLOX_DNS, IPAMDNS_TYPE_CUSTOM,,IPAMDNS_TYPE_CUSTOM_DNS, IPAMDNS_TYPE_AZURE, IPAMDNS_TYPE_INTERNAL, IPAMDNS_TYPE_INTERNAL_DNS, IPAMDNS_TYPE_AWS_DNS, IPAMDNS_TYPE_AZURE_DNS.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
state: ${4|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
proxy_configuration: ${5:undefined} # not required. Field introduced in 17.1.1.
infoblox_profile: ${6:undefined} # not required. Provider details if type is infoblox.
controller: ${7:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
allocate_ip_in_vrf: ${8:undefined} # not required. If this flag is set, only allocate ip from networks in the virtual service vrf.,Applicable for avi vantage ipam only.,Field introduced in 17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as False.
internal_profile: ${9:undefined} # not required. Provider details if type is avi.
aws_profile: ${10:undefined} # not required. Provider details if type is aws.
api_context: ${11:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${12:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${13|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${14:undefined} # not required. Uuid of the ipam/dns provider profile.
azure_profile: ${15:undefined} # not required. Provider details if type is microsoft azure.,Field introduced in 17.2.1.
openstack_profile: ${16:undefined} # not required. Provider details if type is openstack.
gcp_profile: ${17:undefined} # not required. Provider details if type is google cloud.
url: ${18:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${19:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${20:undefined} # not required. It is a reference to an object of type tenant.
custom_profile: ${21:undefined} # not required. Provider details if type is custom.,Field introduced in 17.1.1.
avi_api_patch_op: ${22|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${23:admin} # not required. Name of tenant used for all Avi API calls and context of object.
tenant_uuid: ${24:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${25:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_microservicegroup':
'prefix': "avi_microservicegroup_snippet"
'description': "Module for setup of MicroServiceGroup Avi RESTful Object"
'body': """
avi_microservicegroup:
name: ${1:undefined} # required. Name of the microservice group.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${4:undefined} # not required. Uuid of the microservice group.
url: ${5:undefined} # not required. Avi controller URL of the object.
description: ${6:undefined} # not required. User defined description for the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${10:undefined} # not required. Creator name.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
service_refs: ${14:undefined} # not required. Configure microservice(es).,It is a reference to an object of type microservice.
api_context: ${15:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_network':
'prefix': "avi_network_snippet"
'description': "Module for setup of Network Avi RESTful Object"
'body': """
avi_network:
name: ${1:undefined} # required. Name of the object.
dhcp_enabled: ${2:undefined} # not required. Select the ip address management scheme for this network.,Default value when not specified in API or module is interpreted by Avi Controller as True.
vcenter_dvs: ${3:undefined} # not required. Boolean flag to set vcenter_dvs.,Default value when not specified in API or module is interpreted by Avi Controller as True.
configured_subnets: ${4:undefined} # not required. List of subnet.
vrf_context_ref: ${5:undefined} # not required. It is a reference to an object of type vrfcontext.
uuid: ${6:undefined} # not required. Unique object identifier of the object.
cloud_ref: ${7:undefined} # not required. It is a reference to an object of type cloud.
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_patch_op: ${9|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
avi_credentials: ${10:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant: ${11:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_version: ${12:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${13:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
exclude_discovered_subnets: ${14:undefined} # not required. When selected, excludes all discovered subnets in this network from consideration for virtual service placement.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${15:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${16:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${17:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
url: ${19:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${20:undefined} # not required. It is a reference to an object of type tenant.
synced_from_se: ${21:undefined} # not required. Boolean flag to set synced_from_se.,Default value when not specified in API or module is interpreted by Avi Controller as False.
vimgrnw_ref: ${22:undefined} # not required. It is a reference to an object of type vimgrnwruntime.
tenant_uuid: ${23:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_networkprofile':
'prefix': "avi_networkprofile_snippet"
'description': "Module for setup of NetworkProfile Avi RESTful Object"
'body': """
avi_networkprofile:
profile: ${1:undefined} # required. Networkprofileunion settings for networkprofile.
name: ${2:undefined} # required. The name of the network profile.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${5:undefined} # not required. Uuid of the network profile.
url: ${6:undefined} # not required. Avi controller URL of the object.
description: ${7:undefined} # not required. User defined description for the object.
avi_credentials: ${8:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${9:undefined} # not required. It is a reference to an object of type tenant.
state: ${10|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_networksecuritypolicy':
'prefix': "avi_networksecuritypolicy_snippet"
'description': "Module for setup of NetworkSecurityPolicy Avi RESTful Object"
'body': """
avi_networksecuritypolicy:
username: ${1:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${2:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${3:undefined} # not required. Unique object identifier of the object.
tenant_uuid: ${4:} # not required. UUID of tenant used for all Avi API calls and context of object.
rules: ${5:undefined} # not required. List of networksecurityrule.
avi_credentials: ${6:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${7:undefined} # not required. It is a reference to an object of type tenant.
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${9:undefined} # not required. Creator name.
name: ${10:undefined} # not required. Name of the object.
url: ${11:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
cloud_config_cksum: ${13:undefined} # not required. Checksum of cloud configuration for network sec policy.,Internally set by cloud connector.
tenant: ${14:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${15:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
description: ${19:undefined} # not required. User defined description for the object.
"""
'avi_pkiprofile':
'prefix': "avi_pkiprofile_snippet"
'description': "Module for setup of PKIProfile Avi RESTful Object"
'body': """
avi_pkiprofile:
name: ${1:undefined} # required. Name of the pki profile.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
uuid: ${3:undefined} # not required. Unique object identifier of the object.
avi_credentials: ${4:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
created_by: ${5:undefined} # not required. Creator name.
avi_api_patch_op: ${6|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_update_method: ${8|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
validate_only_leaf_crl: ${9:undefined} # not required. When enabled, avi will only validate the revocation status of the leaf certificate using crl.,To enable validation for the entire chain, disable this option and provide all the relevant crls.,Default value when not specified in API or module is interpreted by Avi Controller as True.
api_version: ${10:16.4.4} # not required. Avi API version of to use for Avi API and objects.
crls: ${11:undefined} # not required. Certificate revocation lists.
ignore_peer_chain: ${12:undefined} # not required. When enabled, avi will not trust intermediate and root certs presented by a client.,Instead, only the chain certs configured in the certificate authority section will be used to verify trust of the client's cert.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${13:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${16:admin} # not required. Name of tenant used for all Avi API calls and context of object.
url: ${17:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${18:undefined} # not required. It is a reference to an object of type tenant.
is_federated: ${19:undefined} # not required. This field describes the object's replication scope.,If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines.,If the field is set to true, then the object is replicated across the federation.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as False.
ca_certs: ${20:undefined} # not required. List of certificate authorities (root and intermediate) trusted that is used for certificate validation.
crl_check: ${21:undefined} # not required. When enabled, avi will verify via crl checks that certificates in the trust chain have not been revoked.,Default value when not specified in API or module is interpreted by Avi Controller as True.
tenant_uuid: ${22:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_pool':
'prefix': "avi_pool_snippet"
'description': "Module for setup of Pool Avi RESTful Object"
'body': """
avi_pool:
name: ${1:undefined} # required. The name of the pool.
lb_algorithm: ${2:undefined} # not required. The load balancing algorithm will pick a server within the pool's list of available servers.,Enum options - LB_ALGORITHM_LEAST_CONNECTIONS, LB_ALGORITHM_ROUND_ROBIN, LB_ALGORITHM_FASTEST_RESPONSE, LB_ALGORITHM_CONSISTENT_HASH,,LB_ALGORITHM_LEAST_LOAD, LB_ALGORITHM_FEWEST_SERVERS, LB_ALGORITHM_RANDOM, LB_ALGORITHM_FEWEST_TASKS, LB_ALGORITHM_NEAREST_SERVER,,LB_ALGORITHM_CORE_AFFINITY.,Default value when not specified in API or module is interpreted by Avi Controller as LB_ALGORITHM_LEAST_CONNECTIONS.
use_service_port: ${3:undefined} # not required. Do not translate the client's destination port when sending the connection to the server.,The pool or servers specified service port will still be used for health monitoring.,Default value when not specified in API or module is interpreted by Avi Controller as False.
rewrite_host_header_to_server_name: ${4:undefined} # not required. Rewrite incoming host header to server name of the server to which the request is proxied.,Enabling this feature rewrites host header for requests to all servers in the pool.,Default value when not specified in API or module is interpreted by Avi Controller as False.
host_check_enabled: ${5:undefined} # not required. Enable common name check for server certificate.,If enabled and no explicit domain name is specified, avi will use the incoming host header to do the match.,Default value when not specified in API or module is interpreted by Avi Controller as False.
enabled: ${6:undefined} # not required. Enable or disable the pool.,Disabling will terminate all open connections and pause health monitors.,Default value when not specified in API or module is interpreted by Avi Controller as True.
rewrite_host_header_to_sni: ${7:undefined} # not required. If sni server name is specified, rewrite incoming host header to the sni server name.,Default value when not specified in API or module is interpreted by Avi Controller as False.
capacity_estimation: ${8:undefined} # not required. Inline estimation of capacity of servers.,Default value when not specified in API or module is interpreted by Avi Controller as False.
max_conn_rate_per_server: ${9:undefined} # not required. Rate limit connections to each server.
servers: ${10:undefined} # not required. The pool directs load balanced traffic to this list of destination servers.,The servers can be configured by ip address, name, network or via ip address group.
apic_epg_name: ${11:undefined} # not required. Synchronize cisco apic epg members with pool servers.
fewest_tasks_feedback_delay: ${12:undefined} # not required. Periodicity of feedback for fewest tasks server selection algorithm.,Allowed values are 1-300.,Default value when not specified in API or module is interpreted by Avi Controller as 10.,Units(SEC).
server_auto_scale: ${13:undefined} # not required. Server autoscale.,Not used anymore.,Default value when not specified in API or module is interpreted by Avi Controller as False.
ipaddrgroup_ref: ${14:undefined} # not required. Use list of servers from ip address group.,It is a reference to an object of type ipaddrgroup.
avi_credentials: ${15:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
capacity_estimation_ttfb_thresh: ${16:undefined} # not required. The maximum time-to-first-byte of a server.,Allowed values are 1-5000.,Special values are 0 - 'automatic'.,Default value when not specified in API or module is interpreted by Avi Controller as 0.,Units(MILLISECONDS).
ab_pool: ${17:undefined} # not required. A/b pool configuration.
fail_action: ${18:undefined} # not required. Enable an action - close connection, http redirect or local http response - when a pool failure happens.,By default, a connection will be closed, in case the pool experiences a failure.
lookup_server_by_name: ${19:undefined} # not required. Allow server lookup by name.,Field introduced in 17.1.11,17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as False.
networks: ${20:undefined} # not required. (internal-use) networks designated as containing servers for this pool.,The servers may be further narrowed down by a filter.,This field is used internally by avi, not editable by the user.
lb_algorithm_hash: ${21:undefined} # not required. Criteria used as a key for determining the hash between the client and server.,Enum options - LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS, LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT,,LB_ALGORITHM_CONSISTENT_HASH_URI, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_HEADER, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_STRING.,Default value when not specified in API or module is interpreted by Avi Controller as LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS.
health_monitor_refs: ${22:undefined} # not required. Verify server health by applying one or more health monitors.,Active monitors generate synthetic traffic from each service engine and mark a server up or down based on the response.,The passive monitor listens only to client to server communication.,It raises or lowers the ratio of traffic destined to a server based on successful responses.,It is a reference to an object of type healthmonitor.
sni_enabled: ${23:undefined} # not required. Enable tls sni for server connections.,If disabled, avi will not send the sni extension as part of the handshake.,Default value when not specified in API or module is interpreted by Avi Controller as True.
server_name: ${24:undefined} # not required. Fully qualified dns hostname which will be used in the tls sni extension in server connections if sni is enabled.,If no value is specified, avi will use the incoming host header instead.
lb_algorithm_consistent_hash_hdr: ${25:undefined} # not required. Http header name to be used for the hash key.
cloud_ref: ${26:undefined} # not required. It is a reference to an object of type cloud.
lb_algorithm_core_nonaffinity: ${27:undefined} # not required. Degree of non-affinity for core afffinity based server selection.,Allowed values are 1-65535.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as 2.
autoscale_policy_ref: ${28:undefined} # not required. Reference to server autoscale policy.,It is a reference to an object of type serverautoscalepolicy.
ssl_profile_ref: ${29:undefined} # not required. When enabled, avi re-encrypts traffic to the backend servers.,The specific ssl profile defines which ciphers and ssl versions will be supported.,It is a reference to an object of type sslprofile.
east_west: ${30:undefined} # not required. Inherited config from virtualservice.
placement_networks: ${31:undefined} # not required. Manually select the networks and subnets used to provide reachability to the pool's servers.,Specify the subnet using the following syntax 10-1-1-0/24.,Use static routes in vrf configuration when pool servers are not directly connected butroutable from the service engine.
graceful_disable_timeout: ${32:undefined} # not required. Used to gracefully disable a server.,Virtual service waits for the specified time before terminating the existing connections to the servers that are disabled.,Allowed values are 1-7200.,Special values are 0 - 'immediate', -1 - 'infinite'.,Default value when not specified in API or module is interpreted by Avi Controller as 1.,Units(MIN).
avi_api_patch_op: ${33|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
nsx_securitygroup: ${34:undefined} # not required. A list of nsx service groups where the servers for the pool are created.,Field introduced in 17.1.1.
tenant: ${35:admin} # not required. Name of tenant used for all Avi API calls and context of object.
a_pool: ${36:undefined} # not required. Name of container cloud application that constitutes a pool in a a-b pool configuration, if different from vs app.
pki_profile_ref: ${37:undefined} # not required. Avi will validate the ssl certificate present by a server against the selected pki profile.,It is a reference to an object of type pkiprofile.
api_version: ${38:16.4.4} # not required. Avi API version of to use for Avi API and objects.
vrf_ref: ${39:undefined} # not required. Virtual routing context that the pool is bound to.,This is used to provide the isolation of the set of networks the pool is attached to.,The pool inherits the virtual routing conext of the virtual service, and this field is used only internally, and is set by pb-transform.,It is a reference to an object of type vrfcontext.
username: ${40:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
application_persistence_profile_ref: ${41:undefined} # not required. Persistence will ensure the same user sticks to the same server for a desired duration of time.,It is a reference to an object of type applicationpersistenceprofile.
inline_health_monitor: ${42:undefined} # not required. The passive monitor will monitor client to server connections and requests and adjust traffic load to servers based on successful responses.,This may alter the expected behavior of the lb method, such as round robin.,Default value when not specified in API or module is interpreted by Avi Controller as True.
default_server_port: ${43:undefined} # not required. Traffic sent to servers will use this destination server port unless overridden by the server's specific port attribute.,The ssl checkbox enables avi to server encryption.,Allowed values are 1-65535.,Default value when not specified in API or module is interpreted by Avi Controller as 80.
description: ${44:undefined} # not required. A description of the pool.
request_queue_depth: ${45:undefined} # not required. Minimum number of requests to be queued when pool is full.,Default value when not specified in API or module is interpreted by Avi Controller as 128.
state: ${46|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
server_reselect: ${47:undefined} # not required. Server reselect configuration for http requests.
ab_priority: ${48:undefined} # not required. Priority of this pool in a a-b pool pair.,Internally used.
controller: ${49:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${50:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${51:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
ssl_key_and_certificate_ref: ${52:undefined} # not required. Service engines will present a client ssl certificate to the server.,It is a reference to an object of type sslkeyandcertificate.
avi_api_update_method: ${53|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${54:undefined} # not required. Uuid of the pool.
autoscale_launch_config_ref: ${55:undefined} # not required. If configured then avi will trigger orchestration of pool server creation and deletion.,It is only supported for container clouds like mesos, opensift, kubernates, docker etc.,It is a reference to an object of type autoscalelaunchconfig.
request_queue_enabled: ${56:undefined} # not required. Enable request queue when pool is full.,Default value when not specified in API or module is interpreted by Avi Controller as False.
max_concurrent_connections_per_server: ${57:undefined} # not required. The maximum number of concurrent connections allowed to each server within the pool.,Note applied value will be no less than the number of service engines that the pool is placed on.,If set to 0, no limit is applied.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
url: ${58:undefined} # not required. Avi controller URL of the object.
prst_hdr_name: ${59:undefined} # not required. Header name for custom header persistence.
tenant_ref: ${60:undefined} # not required. It is a reference to an object of type tenant.
server_count: ${61:undefined} # not required. Number of server_count.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
autoscale_networks: ${62:undefined} # not required. Network ids for the launch configuration.
domain_name: ${63:undefined} # not required. Comma separated list of domain names which will be used to verify the common names or subject alternative names presented by server certificates.,It is performed only when common name check host_check_enabled is enabled.
connection_ramp_duration: ${64:undefined} # not required. Duration for which new connections will be gradually ramped up to a server recently brought online.,Useful for lb algorithms that are least connection based.,Allowed values are 1-300.,Special values are 0 - 'immediate'.,Default value when not specified in API or module is interpreted by Avi Controller as 10.,Units(MIN).
cloud_config_cksum: ${65:undefined} # not required. Checksum of cloud configuration for pool.,Internally set by cloud connector.
external_autoscale_groups: ${66:undefined} # not required. Names of external auto-scale groups for pool servers.,Currently available only for aws and azure.,Field introduced in 17.1.2.
tenant_uuid: ${67:} # not required. UUID of tenant used for all Avi API calls and context of object.
created_by: ${68:undefined} # not required. Creator name.
gslb_sp_enabled: ${69:undefined} # not required. Indicates if the pool is a site-persistence pool.,Field introduced in 17.2.1.
"""
'avi_poolgroup':
'prefix': "avi_poolgroup_snippet"
'description': "Module for setup of PoolGroup Avi RESTful Object"
'body': """
avi_poolgroup:
name: ${1:undefined} # required. The name of the pool group.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${3:undefined} # not required. Description of pool group.
implicit_priority_labels: ${4:undefined} # not required. Whether an implicit set of priority labels is generated.,Field introduced in 17.1.9,17.2.3.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${5:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
members: ${6:undefined} # not required. List of pool group members object of type poolgroupmember.
api_context: ${7:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
fail_action: ${8:undefined} # not required. Enable an action - close connection, http redirect, or local http response - when a pool group failure happens.,By default, a connection will be closed, in case the pool group experiences a failure.
password: ${9:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${10|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
priority_labels_ref: ${11:undefined} # not required. Uuid of the priority labels.,If not provided, pool group member priority label will be interpreted as a number with a larger number considered higher priority.,It is a reference to an object of type prioritylabels.
uuid: ${12:undefined} # not required. Uuid of the pool group.
cloud_ref: ${13:undefined} # not required. It is a reference to an object of type cloud.
avi_credentials: ${14:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${15:undefined} # not required. It is a reference to an object of type tenant.
state: ${16|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${17:undefined} # not required. Name of the user who created the object.
tenant_uuid: ${18:} # not required. UUID of tenant used for all Avi API calls and context of object.
url: ${19:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${20|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
cloud_config_cksum: ${21:undefined} # not required. Checksum of cloud configuration for poolgroup.,Internally set by cloud connector.
tenant: ${22:admin} # not required. Name of tenant used for all Avi API calls and context of object.
min_servers: ${23:undefined} # not required. The minimum number of servers to distribute traffic to.,Allowed values are 1-65535.,Special values are 0 - 'disable'.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
deployment_policy_ref: ${24:undefined} # not required. When setup autoscale manager will automatically promote new pools into production when deployment goals are met.,It is a reference to an object of type poolgroupdeploymentpolicy.
api_version: ${25:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_poolgroupdeploymentpolicy':
'prefix': "avi_poolgroupdeploymentpolicy_snippet"
'description': "Module for setup of PoolGroupDeploymentPolicy Avi RESTful Object"
'body': """
avi_poolgroupdeploymentpolicy:
name: ${1:undefined} # required. The name of the pool group deployment policy.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
target_test_traffic_ratio: ${3:undefined} # not required. Target traffic ratio before pool is made production.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 100.,Units(RATIO).
evaluation_duration: ${4:undefined} # not required. Duration of evaluation period for automatic deployment.,Allowed values are 60-86400.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
description: ${5:undefined} # not required. User defined description for the object.
test_traffic_ratio_rampup: ${6:undefined} # not required. Ratio of the traffic that is sent to the pool under test.,Test ratio of 100 means blue green.,Allowed values are 1-100.,Default value when not specified in API or module is interpreted by Avi Controller as 100.
rules: ${7:undefined} # not required. List of pgdeploymentrule.
auto_disable_old_prod_pools: ${8:undefined} # not required. It will automatically disable old production pools once there is a new production candidate.,Default value when not specified in API or module is interpreted by Avi Controller as True.
controller: ${9:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${10:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
webhook_ref: ${11:undefined} # not required. Webhook configured with url that avi controller will pass back information about pool group, old and new pool information and current deployment,rule results.,It is a reference to an object of type webhook.,Field introduced in 17.1.1.
password: ${12:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${13|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${14:undefined} # not required. Uuid of the pool group deployment policy.
cloud_ref: ${15:undefined} # not required. It is a reference to an object of type cloud.
avi_credentials: ${16:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${17:undefined} # not required. It is a reference to an object of type tenant.
state: ${18|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
url: ${19:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${20|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${21:admin} # not required. Name of tenant used for all Avi API calls and context of object.
scheme: ${22:undefined} # not required. Deployment scheme.,Enum options - BLUE_GREEN, CANARY.,Default value when not specified in API or module is interpreted by Avi Controller as BLUE_GREEN.
tenant_uuid: ${23:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${24:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_prioritylabels':
'prefix': "avi_prioritylabels_snippet"
'description': "Module for setup of PriorityLabels Avi RESTful Object"
'body': """
avi_prioritylabels:
name: ${1:undefined} # required. The name of the priority labels.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${4:undefined} # not required. Uuid of the priority labels.
tenant_uuid: ${5:} # not required. UUID of tenant used for all Avi API calls and context of object.
cloud_ref: ${6:undefined} # not required. It is a reference to an object of type cloud.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
url: ${10:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
equivalent_labels: ${13:undefined} # not required. Equivalent priority labels in descending order.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
description: ${18:undefined} # not required. A description of the priority labels.
"""
'avi_role':
'prefix': "avi_role_snippet"
'description': "Module for setup of Role Avi RESTful Object"
'body': """
avi_role:
name: ${1:undefined} # required. Name of the object.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${4:undefined} # not required. Avi controller URL of the object.
privileges: ${5:undefined} # not required. List of permission.
avi_credentials: ${6:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${7:undefined} # not required. It is a reference to an object of type tenant.
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${9:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${10|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${11:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${12:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${13:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${14:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${15|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${16:undefined} # not required. Unique object identifier of the object.
"""
'avi_scheduler':
'prefix': "avi_scheduler_snippet"
'description': "Module for setup of Scheduler Avi RESTful Object"
'body': """
avi_scheduler:
name: ${1:undefined} # required. Name of scheduler.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
state: ${3|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
enabled: ${4:undefined} # not required. Boolean flag to set enabled.,Default value when not specified in API or module is interpreted by Avi Controller as True.
api_context: ${5:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
backup_config_ref: ${6:undefined} # not required. Backup configuration to be executed by this scheduler.,It is a reference to an object of type backupconfiguration.
controller: ${7:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
frequency: ${8:undefined} # not required. Frequency at which custom scheduler will run.,Allowed values are 0-60.
scheduler_action: ${9:undefined} # not required. Define scheduler action.,Enum options - SCHEDULER_ACTION_RUN_A_SCRIPT, SCHEDULER_ACTION_BACKUP.,Default value when not specified in API or module is interpreted by Avi Controller as SCHEDULER_ACTION_BACKUP.
end_date_time: ${10:undefined} # not required. Scheduler end date and time.
password: ${11:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${12|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${13:undefined} # not required. Unique object identifier of the object.
start_date_time: ${14:undefined} # not required. Scheduler start date and time.
url: ${15:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${16:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${17:undefined} # not required. It is a reference to an object of type tenant.
frequency_unit: ${18:undefined} # not required. Unit at which custom scheduler will run.,Enum options - SCHEDULER_FREQUENCY_UNIT_MIN, SCHEDULER_FREQUENCY_UNIT_HOUR, SCHEDULER_FREQUENCY_UNIT_DAY, SCHEDULER_FREQUENCY_UNIT_WEEK,,SCHEDULER_FREQUENCY_UNIT_MONTH.
avi_api_patch_op: ${19|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
run_script_ref: ${20:undefined} # not required. Control script to be executed by this scheduler.,It is a reference to an object of type alertscriptconfig.
tenant: ${21:admin} # not required. Name of tenant used for all Avi API calls and context of object.
tenant_uuid: ${22:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${23:16.4.4} # not required. Avi API version of to use for Avi API and objects.
run_mode: ${24:undefined} # not required. Scheduler run mode.,Enum options - RUN_MODE_PERIODIC, RUN_MODE_AT, RUN_MODE_NOW.
"""
'avi_seproperties':
'prefix': "avi_seproperties_snippet"
'description': "Module for setup of SeProperties Avi RESTful Object"
'body': """
avi_seproperties:
username: ${1:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
se_agent_properties: ${2:undefined} # not required. Seagentproperties settings for seproperties.
uuid: ${3:undefined} # not required. Unique object identifier of the object.,Default value when not specified in API or module is interpreted by Avi Controller as default.
url: ${4:undefined} # not required. Avi controller URL of the object.
se_runtime_properties: ${5:undefined} # not required. Seruntimeproperties settings for seproperties.
avi_credentials: ${6:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller: ${7:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
state: ${8|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
api_version: ${9:16.4.4} # not required. Avi API version of to use for Avi API and objects.
avi_api_patch_op: ${10|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
se_bootup_properties: ${11:undefined} # not required. Sebootupproperties settings for seproperties.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${13:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${14:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant_uuid: ${15:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_update_method: ${16|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_serverautoscalepolicy':
'prefix': "avi_serverautoscalepolicy_snippet"
'description': "Module for setup of ServerAutoScalePolicy Avi RESTful Object"
'body': """
avi_serverautoscalepolicy:
name: ${1:undefined} # required. Name of the object.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
use_predicted_load: ${3:undefined} # not required. Use predicted load rather than current load.,Default value when not specified in API or module is interpreted by Avi Controller as False.
intelligent_autoscale: ${4:undefined} # not required. Use avi intelligent autoscale algorithm where autoscale is performed by comparing load on the pool against estimated capacity of all the servers.,Default value when not specified in API or module is interpreted by Avi Controller as False.
description: ${5:undefined} # not required. User defined description for the object.
intelligent_scaleout_margin: ${6:undefined} # not required. Minimum extra capacity as percentage of load used by the intelligent scheme.,Scaleout is triggered when available capacity is less than this margin.,Allowed values are 1-99.,Default value when not specified in API or module is interpreted by Avi Controller as 20.
scaleout_alertconfig_refs: ${7:undefined} # not required. Trigger scaleout when alerts due to any of these alert configurations are raised.,It is a reference to an object of type alertconfig.
min_size: ${8:undefined} # not required. No scale-in happens once number of operationally up servers reach min_servers.,Allowed values are 0-400.
controller: ${9:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
scalein_cooldown: ${10:undefined} # not required. Cooldown period during which no new scalein is triggered to allow previous scalein to successfully complete.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
api_context: ${11:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
scaleout_cooldown: ${12:undefined} # not required. Cooldown period during which no new scaleout is triggered to allow previous scaleout to successfully complete.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
max_size: ${13:undefined} # not required. Maximum number of servers after scaleout.,Allowed values are 0-400.
tenant: ${14:admin} # not required. Name of tenant used for all Avi API calls and context of object.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
intelligent_scalein_margin: ${16:undefined} # not required. Maximum extra capacity as percentage of load used by the intelligent scheme.,Scalein is triggered when available capacity is more than this margin.,Allowed values are 1-99.,Default value when not specified in API or module is interpreted by Avi Controller as 40.
uuid: ${17:undefined} # not required. Unique object identifier of the object.
url: ${18:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${19:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${20:undefined} # not required. It is a reference to an object of type tenant.
state: ${21|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
max_scalein_adjustment_step: ${22:undefined} # not required. Maximum number of servers to scalein simultaneously.,The actual number of servers to scalein is chosen such that target number of servers is always more than or equal to the min_size.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
avi_api_patch_op: ${23|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
scalein_alertconfig_refs: ${24:undefined} # not required. Trigger scalein when alerts due to any of these alert configurations are raised.,It is a reference to an object of type alertconfig.
avi_api_update_method: ${25|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
max_scaleout_adjustment_step: ${26:undefined} # not required. Maximum number of servers to scaleout simultaneously.,The actual number of servers to scaleout is chosen such that target number of servers is always less than or equal to the max_size.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
tenant_uuid: ${27:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${28:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_serviceengine':
'prefix': "avi_serviceengine_snippet"
'description': "Module for setup of ServiceEngine Avi RESTful Object"
'body': """
avi_serviceengine:
username: ${1:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
enable_state: ${2:undefined} # not required. Inorder to disable se set this field appropriately.,Enum options - SE_STATE_ENABLED, SE_STATE_DISABLED_FOR_PLACEMENT, SE_STATE_DISABLED, SE_STATE_DISABLED_FORCE.,Default value when not specified in API or module is interpreted by Avi Controller as SE_STATE_ENABLED.
avi_credentials: ${3:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
mgmt_vnic: ${4:undefined} # not required. Vnic settings for serviceengine.
tenant_ref: ${5:undefined} # not required. It is a reference to an object of type tenant.
controller_created: ${6:undefined} # not required. Boolean flag to set controller_created.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${7:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${8:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
flavor: ${9:undefined} # not required. Flavor of serviceengine.
password: ${10:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${11|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${12:undefined} # not required. Unique object identifier of the object.
name: ${13:undefined} # not required. Name of the object.,Default value when not specified in API or module is interpreted by Avi Controller as VM name unknown.
cloud_ref: ${14:undefined} # not required. It is a reference to an object of type cloud.
hypervisor: ${15:undefined} # not required. Enum options - default, vmware_esx, kvm, vmware_vsan, xen.
se_group_ref: ${16:undefined} # not required. It is a reference to an object of type serviceenginegroup.
container_mode: ${17:undefined} # not required. Boolean flag to set container_mode.,Default value when not specified in API or module is interpreted by Avi Controller as False.
data_vnics: ${18:undefined} # not required. List of vnic.
state: ${19|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
container_type: ${20:undefined} # not required. Enum options - container_type_bridge, container_type_host, container_type_host_dpdk.,Default value when not specified in API or module is interpreted by Avi Controller as CONTAINER_TYPE_HOST.
api_version: ${21:16.4.4} # not required. Avi API version of to use for Avi API and objects.
host_ref: ${22:undefined} # not required. It is a reference to an object of type vimgrhostruntime.
url: ${23:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${24|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${25:admin} # not required. Name of tenant used for all Avi API calls and context of object.
availability_zone: ${26:undefined} # not required. Availability_zone of serviceengine.
controller_ip: ${27:undefined} # not required. Controller_ip of serviceengine.
tenant_uuid: ${28:} # not required. UUID of tenant used for all Avi API calls and context of object.
resources: ${29:undefined} # not required. Seresources settings for serviceengine.
"""
'avi_serviceenginegroup':
'prefix': "avi_serviceenginegroup_snippet"
'description': "Module for setup of ServiceEngineGroup Avi RESTful Object"
'body': """
avi_serviceenginegroup:
name: ${1:undefined} # required. Name of the object.
se_vs_hb_max_vs_in_pkt: ${2:undefined} # not required. Maximum number of virtualservices for which heartbeat messages are aggregated in one packet.,Allowed values are 1-1024.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as 256.
disable_tso: ${3:undefined} # not required. Disable tcp segmentation offload (tso) in dpdk poll-mode driver packet transmit path.,Tso is on by default on nics that support it.,Field introduced in 17.2.5.,Default value when not specified in API or module is interpreted by Avi Controller as True.
host_attribute_value: ${4:undefined} # not required. Value of a (key, value) pair identifying a label for a set of nodes usually in container clouds.,Needs to be specified together with host_attribute_key.
async_ssl: ${5:undefined} # not required. Ssl handshakes will be handled by dedicated ssl threads.,Default value when not specified in API or module is interpreted by Avi Controller as False.
api_context: ${6:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
instance_flavor: ${7:undefined} # not required. Instance/flavor type for se instance.
auto_redistribute_active_standby_load: ${8:undefined} # not required. Redistribution of virtual services from the takeover se to the replacement se can cause momentary traffic loss.,If the auto-redistribute load option is left in its default off state, any desired rebalancing requires calls to rest api.,Default value when not specified in API or module is interpreted by Avi Controller as False.
auto_rebalance: ${9:undefined} # not required. If set, virtual services will be automatically migrated when load on an se is less than minimum or more than maximum thresholds.,Only alerts are generated when the auto_rebalance is not set.,Default value when not specified in API or module is interpreted by Avi Controller as False.
disk_per_se: ${10:undefined} # not required. Amount of disk space for each of the service engine virtual machines.,Default value when not specified in API or module is interpreted by Avi Controller as 10.,Units(GB).
se_tunnel_mode: ${11:undefined} # not required. Determines if dsr from secondary se is active or not 0 automatically determine based on hypervisor type.,1 disable dsr unconditionally.,~[0,1] enable dsr unconditionally.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
uuid: ${12:undefined} # not required. Unique object identifier of the object.
se_tunnel_udp_port: ${13:undefined} # not required. Udp port for tunneled packets from secondary to primary se in docker bridge mode.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as 1550.
disable_gro: ${14:undefined} # not required. Disable generic receive offload (gro) in dpdk poll-mode driver packet receive path.,Gro is on by default on nics that do not support lro (large receive offload) or do not gain performance boost from lro.,Field introduced in 17.2.5.,Default value when not specified in API or module is interpreted by Avi Controller as True.
vs_scalein_timeout: ${15:undefined} # not required. Time to wait for the scaled in se to drain existing flows before marking the scalein done.,Default value when not specified in API or module is interpreted by Avi Controller as 30.,Units(SEC).
mgmt_subnet: ${16:undefined} # not required. Management subnet to use for avi service engines.
cloud_ref: ${17:undefined} # not required. It is a reference to an object of type cloud.
se_remote_punt_udp_port: ${18:undefined} # not required. Udp port for punted packets in docker bridge mode.,Field introduced in 17.1.2.,Default value when not specified in API or module is interpreted by Avi Controller as 1501.
se_udp_encap_ipc: ${19:undefined} # not required. Determines if se-se ipc messages are encapsulated in an udp header 0 automatically determine based on hypervisor type.,1 use udp encap unconditionally.,~[0,1] don't use udp encap.,Field introduced in 17.1.2.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
min_cpu_usage: ${20:undefined} # not required. When cpu usage on an se falls below the minimum threshold, virtual services hosted on the se may be consolidated onto other underutilized ses.,After consolidation, unused service engines may then be eligible for deletion.,Allowed values are 20-60.,Default value when not specified in API or module is interpreted by Avi Controller as 30.,Units(PERCENT).
custom_securitygroups_data: ${21:undefined} # not required. Custom security groups to be associated with data vnics for se instances in openstack and aws clouds.,Field introduced in 17.1.3.
ingress_access_data: ${22:undefined} # not required. Program se security group ingress rules to allow vip data access from remote cidr type.,Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC.,Field introduced in 17.1.5.,Default value when not specified in API or module is interpreted by Avi Controller as SG_INGRESS_ACCESS_ALL.
vcenter_clusters: ${23:undefined} # not required. Vcenterclusters settings for serviceenginegroup.
enable_vip_on_all_interfaces: ${24:undefined} # not required. Enable vip on all interfaces of se.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as True.
ingress_access_mgmt: ${25:undefined} # not required. Program se security group ingress rules to allow ssh/icmp management access from remote cidr type.,Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC.,Field introduced in 17.1.5.,Default value when not specified in API or module is interpreted by Avi Controller as SG_INGRESS_ACCESS_ALL.
iptables: ${26:undefined} # not required. Iptable rules.
max_vs_per_se: ${27:undefined} # not required. Maximum number of virtual services that can be placed on a single service engine.,East west virtual services are excluded from this limit.,Allowed values are 1-1000.,Default value when not specified in API or module is interpreted by Avi Controller as 10.
connection_memory_percentage: ${28:undefined} # not required. Percentage of memory for connection state.,This will come at the expense of memory used for http in-memory cache.,Allowed values are 10-90.,Default value when not specified in API or module is interpreted by Avi Controller as 50.,Units(PERCENT).
service_ip_subnets: ${29:undefined} # not required. Subnets assigned to the se group.,Required for vs group placement.,Field introduced in 17.1.1.
placement_mode: ${30:undefined} # not required. If placement mode is 'auto', virtual services are automatically placed on service engines.,Enum options - PLACEMENT_MODE_AUTO.,Default value when not specified in API or module is interpreted by Avi Controller as PLACEMENT_MODE_AUTO.
max_scaleout_per_vs: ${31:undefined} # not required. Maximum number of active service engines for the virtual service.,Allowed values are 1-64.,Default value when not specified in API or module is interpreted by Avi Controller as 4.
os_reserved_memory: ${32:undefined} # not required. Amount of extra memory to be reserved for use by the operating system on a service engine.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
enable_routing: ${33:undefined} # not required. Enable routing for this serviceenginegroup .,Default value when not specified in API or module is interpreted by Avi Controller as False.
waf_mempool: ${34:undefined} # not required. Enable memory pool for waf.,Field introduced in 17.2.3.,Default value when not specified in API or module is interpreted by Avi Controller as True.
controller: ${35:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
per_app: ${36:undefined} # not required. Per-app se mode is designed for deploying dedicated load balancers per app (vs).,In this mode, each se is limited to a max of 2 vss.,Vcpus in per-app ses count towards licensing usage at 25% rate.,Default value when not specified in API or module is interpreted by Avi Controller as False.
openstack_availability_zones: ${37:undefined} # not required. Field introduced in 17.1.1.
vcenter_datastores_include: ${38:undefined} # not required. Boolean flag to set vcenter_datastores_include.,Default value when not specified in API or module is interpreted by Avi Controller as False.
se_name_prefix: ${39:undefined} # not required. Prefix to use for virtual machine name of service engines.,Default value when not specified in API or module is interpreted by Avi Controller as Avi.
avi_api_update_method: ${40|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
flow_table_new_syn_max_entries: ${41:undefined} # not required. Maximum number of flow table entries that have not completed tcp three-way handshake yet.,Field introduced in 17.2.5.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
se_vs_hb_max_pkts_in_batch: ${42:undefined} # not required. Maximum number of aggregated vs heartbeat packets to send in a batch.,Allowed values are 1-256.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as 8.
ignore_rtt_threshold: ${43:undefined} # not required. Ignore rtt samples if it is above threshold.,Field introduced in 17.1.6,17.2.2.,Default value when not specified in API or module is interpreted by Avi Controller as 5000.,Units(MILLISECONDS).
avi_credentials: ${44:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${45:undefined} # not required. It is a reference to an object of type tenant.
host_attribute_key: ${46:undefined} # not required. Key of a (key, value) pair identifying a label for a set of nodes usually in container clouds.,Needs to be specified together with host_attribute_value.,Ses can be configured differently including ha modes across different se groups.,May also be used for isolation between different classes of virtualservices.,Virtualservices' se group may be specified via annotations/labels.,A openshift/kubernetes namespace maybe annotated with a matching se group label as openshift.io/node-selector apptype=prod.,When multiple se groups are used in a cloud with host attributes specified,just a single se group can exist as a match-all se group without a,host_attribute_key.
username: ${47:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
url: ${48:undefined} # not required. Avi controller URL of the object.
dedicated_dispatcher_core: ${49:undefined} # not required. Dedicate the core that handles packet receive/transmit from the network to just the dispatching function.,Don't use it for tcp/ip and ssl functions.,Default value when not specified in API or module is interpreted by Avi Controller as False.
max_se: ${50:undefined} # not required. Maximum number of services engines in this group.,Allowed values are 0-1000.,Default value when not specified in API or module is interpreted by Avi Controller as 10.
api_version: ${51:16.4.4} # not required. Avi API version of to use for Avi API and objects.
mem_reserve: ${52:undefined} # not required. Boolean flag to set mem_reserve.,Default value when not specified in API or module is interpreted by Avi Controller as True.
license_type: ${53:undefined} # not required. If no license type is specified then default license enforcement for the cloud type is chosen.,Enum options - LIC_BACKEND_SERVERS, LIC_SOCKETS, LIC_CORES, LIC_HOSTS, LIC_SE_BANDWIDTH.,Field introduced in 17.2.5.
se_dos_profile: ${54:undefined} # not required. Dosthresholdprofile settings for serviceenginegroup.
enable_vmac: ${55:undefined} # not required. Use virtual mac address for interfaces on which floating interface ips are placed.,Default value when not specified in API or module is interpreted by Avi Controller as False.
tenant_uuid: ${56:} # not required. UUID of tenant used for all Avi API calls and context of object.
disable_csum_offloads: ${57:undefined} # not required. Stop using tcp/udp and ip checksum offload features of nics.,Field introduced in 17.1.14, 17.2.5.,Default value when not specified in API or module is interpreted by Avi Controller as False.
openstack_mgmt_network_name: ${58:undefined} # not required. Avi management network name.
udf_log_throttle: ${59:undefined} # not required. This setting limits the number of udf logs generated per second per core on this se.,Udf logs are generated due to the configured client log filters or the rules with logging enabled.,Default is 100 logs per second.,Set it to zero (0) to disable throttling.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as 100.,Units(PER_SECOND).
vcenter_hosts: ${60:undefined} # not required. Vcenterhosts settings for serviceenginegroup.
se_ipc_udp_port: ${61:undefined} # not required. Udp port for se_dp ipc in docker bridge mode.,Field introduced in 17.1.2.,Default value when not specified in API or module is interpreted by Avi Controller as 1500.
vcpus_per_se: ${62:undefined} # not required. Number of vcpus for each of the service engine virtual machines.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
hm_on_standby: ${63:undefined} # not required. Enable active health monitoring from the standby se for all placed virtual services.,Default value when not specified in API or module is interpreted by Avi Controller as True.
se_sb_dedicated_core: ${64:undefined} # not required. Sideband traffic will be handled by a dedicated core.,Field introduced in 16.5.2, 17.1.9, 17.2.3.,Default value when not specified in API or module is interpreted by Avi Controller as False.
cpu_socket_affinity: ${65:undefined} # not required. Allocate all the cpu cores for the service engine virtual machines on the same cpu socket.,Applicable only for vcenter cloud.,Default value when not specified in API or module is interpreted by Avi Controller as False.
realtime_se_metrics: ${66:undefined} # not required. Enable or disable real time se metrics.
archive_shm_limit: ${67:undefined} # not required. Amount of se memory in gb until which shared memory is collected in core archive.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as 8.,Units(GB).
hardwaresecuritymodulegroup_ref: ${68:undefined} # not required. It is a reference to an object of type hardwaresecuritymodulegroup.
custom_securitygroups_mgmt: ${69:undefined} # not required. Custom security groups to be associated with management vnic for se instances in openstack and aws clouds.,Field introduced in 17.1.3.
custom_tag: ${70:undefined} # not required. Custom tag will be used to create the tags for se instance in aws.,Note this is not the same as the prefix for se name.
floating_intf_ip_se_2: ${71:undefined} # not required. If serviceenginegroup is configured for legacy 1+1 active standby ha mode, floating ip's will be advertised only by the active se in the pair.,Virtual services in this group must be disabled/enabled for any changes to the floating ip's to take effect.,Only active se hosting vs tagged with active standby se 2 tag will advertise this floating ip when manual load distribution is enabled.
se_deprovision_delay: ${72:undefined} # not required. Duration to preserve unused service engine virtual machines before deleting them.,If traffic to a virtual service were to spike up abruptly, this se would still be available to be utilized again rather than creating a new se.,If this value is set to 0, controller will never delete any ses and administrator has to manually cleanup unused ses.,Allowed values are 0-525600.,Default value when not specified in API or module is interpreted by Avi Controller as 120.,Units(MIN).
log_disksz: ${73:undefined} # not required. Maximum disk capacity (in mb) to be allocated to an se.,This is exclusively used for debug and log data.,Default value when not specified in API or module is interpreted by Avi Controller as 10000.,Units(MB).
password: ${74:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
non_significant_log_throttle: ${75:undefined} # not required. This setting limits the number of non-significant logs generated per second per core on this se.,Default is 100 logs per second.,Set it to zero (0) to disable throttling.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as 100.,Units(PER_SECOND).
openstack_availability_zone: ${76:undefined} # not required. Field deprecated in 17.1.1.
extra_shared_config_memory: ${77:undefined} # not required. Extra config memory to support large geo db configuration.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as 0.,Units(MB).
auto_rebalance_interval: ${78:undefined} # not required. Frequency of rebalance, if 'auto rebalance' is enabled.,Default value when not specified in API or module is interpreted by Avi Controller as 300.,Units(SEC).
avi_api_patch_op: ${79|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
vcenter_datastores: ${80:undefined} # not required. List of vcenterdatastore.
state: ${81|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
se_sb_threads: ${82:undefined} # not required. Number of sideband threads per se.,Allowed values are 1-128.,Field introduced in 16.5.2, 17.1.9, 17.2.3.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
vs_scaleout_timeout: ${83:undefined} # not required. Time to wait for the scaled out se to become ready before marking the scaleout done.,Default value when not specified in API or module is interpreted by Avi Controller as 30.,Units(SEC).
active_standby: ${84:undefined} # not required. Service engines in active/standby mode for ha failover.,Default value when not specified in API or module is interpreted by Avi Controller as False.
auto_rebalance_capacity_per_se: ${85:undefined} # not required. Capacities of se for auto rebalance for each criteria.,Field introduced in 17.2.4.
num_flow_cores_sum_changes_to_ignore: ${86:undefined} # not required. Number of changes in num flow cores sum to ignore.,Default value when not specified in API or module is interpreted by Avi Controller as 8.
se_probe_port: ${87:undefined} # not required. Tcp port on se where echo service will be run.,Field introduced in 17.2.2.,Default value when not specified in API or module is interpreted by Avi Controller as 7.
algo: ${88:undefined} # not required. In compact placement, virtual services are placed on existing ses until max_vs_per_se limit is reached.,Enum options - PLACEMENT_ALGO_PACKED, PLACEMENT_ALGO_DISTRIBUTED.,Default value when not specified in API or module is interpreted by Avi Controller as PLACEMENT_ALGO_PACKED.
extra_config_multiplier: ${89:undefined} # not required. Multiplier for extra config to support large vs/pool config.,Default value when not specified in API or module is interpreted by Avi Controller as 0.0.
async_ssl_threads: ${90:undefined} # not required. Number of async ssl threads per se_dp.,Allowed values are 1-16.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
description: ${91:undefined} # not required. User defined description for the object.
openstack_mgmt_network_uuid: ${92:undefined} # not required. Management network uuid.
vcenter_folder: ${93:undefined} # not required. Folder to place all the service engine virtual machines in vcenter.,Default value when not specified in API or module is interpreted by Avi Controller as AviSeFolder.
vs_scalein_timeout_for_upgrade: ${94:undefined} # not required. During se upgrade, time to wait for the scaled-in se to drain existing flows before marking the scalein done.,Default value when not specified in API or module is interpreted by Avi Controller as 30.,Units(SEC).
cpu_reserve: ${95:undefined} # not required. Boolean flag to set cpu_reserve.,Default value when not specified in API or module is interpreted by Avi Controller as False.
allow_burst: ${96:undefined} # not required. Allow ses to be created using burst license.,Field introduced in 17.2.5.
floating_intf_ip: ${97:undefined} # not required. If serviceenginegroup is configured for legacy 1+1 active standby ha mode, floating ip's will be advertised only by the active se in the pair.,Virtual services in this group must be disabled/enabled for any changes to the floating ip's to take effect.,Only active se hosting vs tagged with active standby se 1 tag will advertise this floating ip when manual load distribution is enabled.
advertise_backend_networks: ${98:undefined} # not required. Advertise reach-ability of backend server networks via adc through bgp for default gateway feature.,Default value when not specified in API or module is interpreted by Avi Controller as False.
mgmt_network_ref: ${99:undefined} # not required. Management network to use for avi service engines.,It is a reference to an object of type network.
memory_per_se: ${100:undefined} # not required. Amount of memory for each of the service engine virtual machines.,Default value when not specified in API or module is interpreted by Avi Controller as 2048.
max_cpu_usage: ${101:undefined} # not required. When cpu usage on an se exceeds this threshold, virtual services hosted on this se may be rebalanced to other ses to reduce load.,A new se may be created as part of this process.,Allowed values are 40-90.,Default value when not specified in API or module is interpreted by Avi Controller as 80.,Units(PERCENT).
min_scaleout_per_vs: ${102:undefined} # not required. Minimum number of active service engines for the virtual service.,Allowed values are 1-64.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
license_tier: ${103:undefined} # not required. Specifies the license tier which would be used.,This field by default inherits the value from cloud.,Enum options - ENTERPRISE_16, ENTERPRISE_18.,Field introduced in 17.2.5.
vss_placement: ${104:undefined} # not required. If set, virtual services will be placed on only a subset of the cores of an se.,Field introduced in 17.2.5.
host_gateway_monitor: ${105:undefined} # not required. Enable the host gateway monitor when service engine is deployed as docker container.,Disabled by default.,Field introduced in 17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as False.
buffer_se: ${106:undefined} # not required. Excess service engine capacity provisioned for ha failover.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
hypervisor: ${107:undefined} # not required. Override default hypervisor.,Enum options - DEFAULT, VMWARE_ESX, KVM, VMWARE_VSAN, XEN.
ha_mode: ${108:undefined} # not required. High availability mode for all the virtual services using this service engine group.,Enum options - HA_MODE_SHARED_PAIR, HA_MODE_SHARED, HA_MODE_LEGACY_ACTIVE_STANDBY.,Default value when not specified in API or module is interpreted by Avi Controller as HA_MODE_SHARED.
vcenter_datastore_mode: ${109:undefined} # not required. Enum options - vcenter_datastore_any, vcenter_datastore_local, vcenter_datastore_shared.,Default value when not specified in API or module is interpreted by Avi Controller as VCENTER_DATASTORE_ANY.
auto_rebalance_criteria: ${110:undefined} # not required. Set of criteria for se auto rebalance.,Enum options - SE_AUTO_REBALANCE_CPU, SE_AUTO_REBALANCE_PPS, SE_AUTO_REBALANCE_MBPS, SE_AUTO_REBALANCE_OPEN_CONNS, SE_AUTO_REBALANCE_CPS.,Field introduced in 17.2.3.
distribute_load_active_standby: ${111:undefined} # not required. Use both the active and standby service engines for virtual service placement in the legacy active standby ha mode.,Default value when not specified in API or module is interpreted by Avi Controller as False.
least_load_core_selection: ${112:undefined} # not required. Select core with least load for new flow.,Default value when not specified in API or module is interpreted by Avi Controller as True.
aggressive_failure_detection: ${113:undefined} # not required. Enable aggressive failover configuration for ha.,Default value when not specified in API or module is interpreted by Avi Controller as False.
significant_log_throttle: ${114:undefined} # not required. This setting limits the number of significant logs generated per second per core on this se.,Default is 100 logs per second.,Set it to zero (0) to disable throttling.,Field introduced in 17.1.3.,Default value when not specified in API or module is interpreted by Avi Controller as 100.,Units(PER_SECOND).
waf_mempool_size: ${115:undefined} # not required. Memory pool size used for waf.,Field introduced in 17.2.3.,Default value when not specified in API or module is interpreted by Avi Controller as 64.,Units(KB).
se_bandwidth_type: ${116:undefined} # not required. Select the se bandwidth for the bandwidth license.,Enum options - SE_BANDWIDTH_UNLIMITED, SE_BANDWIDTH_25M, SE_BANDWIDTH_200M, SE_BANDWIDTH_1000M, SE_BANDWIDTH_10000M.,Field introduced in 17.2.5.
se_thread_multiplier: ${117:undefined} # not required. Multiplier for se threads based on vcpu.,Allowed values are 1-10.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
vs_host_redundancy: ${118:undefined} # not required. Ensure primary and secondary service engines are deployed on different physical hosts.,Default value when not specified in API or module is interpreted by Avi Controller as True.
tenant: ${119:admin} # not required. Name of tenant used for all Avi API calls and context of object.
"""
'avi_snmptrapprofile':
'prefix': "avi_snmptrapprofile_snippet"
'description': "Module for setup of SnmpTrapProfile Avi RESTful Object"
'body': """
avi_snmptrapprofile:
name: ${1:undefined} # required. A user-friendly name of the snmp trap configuration.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${3:16.4.4} # not required. Avi API version of to use for Avi API and objects.
trap_servers: ${4:undefined} # not required. The ip address or hostname of the snmp trap destination server.
avi_credentials: ${5:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${6:undefined} # not required. It is a reference to an object of type tenant.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${8:} # not required. UUID of tenant used for all Avi API calls and context of object.
url: ${9:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${10|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${11:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${12:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${13:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${14:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${15|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${16:undefined} # not required. Uuid of the snmp trap profile object.
"""
'avi_sslkeyandcertificate':
'prefix': "avi_sslkeyandcertificate_snippet"
'description': "Module for setup of SSLKeyAndCertificate Avi RESTful Object"
'body': """
avi_sslkeyandcertificate:
name: ${1:undefined} # required. Name of the object.
certificate: ${2:undefined} # required. Sslcertificate settings for sslkeyandcertificate.
status: ${3:undefined} # not required. Enum options - ssl_certificate_finished, ssl_certificate_pending.,Default value when not specified in API or module is interpreted by Avi Controller as SSL_CERTIFICATE_FINISHED.
username: ${4:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
certificate_management_profile_ref: ${5:undefined} # not required. It is a reference to an object of type certificatemanagementprofile.
controller: ${6:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
hardwaresecuritymodulegroup_ref: ${7:undefined} # not required. It is a reference to an object of type hardwaresecuritymodulegroup.
key: ${8:undefined} # not required. Private key.
api_context: ${9:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
key_params: ${10:undefined} # not required. Sslkeyparams settings for sslkeyandcertificate.
password: ${11:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${12|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
enckey_base64: ${13:undefined} # not required. Encrypted private key corresponding to the private key (e.g.,Those generated by an hsm such as thales nshield).
uuid: ${14:undefined} # not required. Unique object identifier of the object.
dynamic_params: ${15:undefined} # not required. Dynamic parameters needed for certificate management profile.
url: ${16:undefined} # not required. Avi controller URL of the object.
enckey_name: ${17:undefined} # not required. Name of the encrypted private key (e.g.,Those generated by an hsm such as thales nshield).
avi_credentials: ${18:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${19:undefined} # not required. It is a reference to an object of type tenant.
state: ${20|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${21:undefined} # not required. Creator name.
avi_api_patch_op: ${22|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${23:admin} # not required. Name of tenant used for all Avi API calls and context of object.
ca_certs: ${24:undefined} # not required. Ca certificates in certificate chain.
type: ${25:undefined} # not required. Enum options - ssl_certificate_type_virtualservice, ssl_certificate_type_system, ssl_certificate_type_ca.,Default value when not specified in API or module is interpreted by Avi Controller as SSL_CERTIFICATE_TYPE_VIRTUALSERVICE.
tenant_uuid: ${26:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${27:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_sslprofile':
'prefix': "avi_sslprofile_snippet"
'description': "Module for setup of SSLProfile Avi RESTful Object"
'body': """
avi_sslprofile:
name: ${1:undefined} # required. Name of the object.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
accepted_ciphers: ${3:undefined} # not required. Ciphers suites represented as defined by U(http://www.openssl.org/docs/apps/ciphers.html).,Default value when not specified in API or module is interpreted by Avi Controller as AES:3DES:RC4.
prefer_client_cipher_ordering: ${4:undefined} # not required. Prefer the ssl cipher ordering presented by the client during the ssl handshake over the one specified in the ssl profile.,Default value when not specified in API or module is interpreted by Avi Controller as False.
description: ${5:undefined} # not required. User defined description for the object.
tags: ${6:undefined} # not required. List of tag.
accepted_versions: ${7:undefined} # not required. Set of versions accepted by the server.
controller: ${8:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
api_context: ${10:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${11:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${12|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
ssl_session_timeout: ${13:undefined} # not required. The amount of time before an ssl session expires.,Default value when not specified in API or module is interpreted by Avi Controller as 86400.,Units(SEC).
uuid: ${14:undefined} # not required. Unique object identifier of the object.
url: ${15:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${16:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${17:undefined} # not required. It is a reference to an object of type tenant.
avi_api_patch_op: ${18|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
enable_ssl_session_reuse: ${19:undefined} # not required. Enable ssl session re-use.,Default value when not specified in API or module is interpreted by Avi Controller as True.
cipher_enums: ${20:undefined} # not required. Enum options - tls_ecdhe_ecdsa_with_aes_128_gcm_sha256, tls_ecdhe_ecdsa_with_aes_256_gcm_sha384, tls_ecdhe_rsa_with_aes_128_gcm_sha256,,tls_ecdhe_rsa_with_aes_256_gcm_sha384, tls_ecdhe_ecdsa_with_aes_128_cbc_sha256, tls_ecdhe_ecdsa_with_aes_256_cbc_sha384,,tls_ecdhe_rsa_with_aes_128_cbc_sha256, tls_ecdhe_rsa_with_aes_256_cbc_sha384, tls_rsa_with_aes_128_gcm_sha256, tls_rsa_with_aes_256_gcm_sha384,,tls_rsa_with_aes_128_cbc_sha256, tls_rsa_with_aes_256_cbc_sha256, tls_ecdhe_ecdsa_with_aes_128_cbc_sha, tls_ecdhe_ecdsa_with_aes_256_cbc_sha,,tls_ecdhe_rsa_with_aes_128_cbc_sha, tls_ecdhe_rsa_with_aes_256_cbc_sha, tls_rsa_with_aes_128_cbc_sha, tls_rsa_with_aes_256_cbc_sha,,tls_rsa_with_3des_ede_cbc_sha, tls_rsa_with_rc4_128_sha.
send_close_notify: ${21:undefined} # not required. Send 'close notify' alert message for a clean shutdown of the ssl connection.,Default value when not specified in API or module is interpreted by Avi Controller as True.
tenant: ${22:admin} # not required. Name of tenant used for all Avi API calls and context of object.
dhparam: ${23:undefined} # not required. Dh parameters used in ssl.,At this time, it is not configurable and is set to 2048 bits.
ssl_rating: ${24:undefined} # not required. Sslrating settings for sslprofile.
tenant_uuid: ${25:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${26:16.4.4} # not required. Avi API version of to use for Avi API and objects.
"""
'avi_stringgroup':
'prefix': "avi_stringgroup_snippet"
'description': "Module for setup of StringGroup Avi RESTful Object"
'body': """
avi_stringgroup:
type: ${1:undefined} # required. Type of stringgroup.,Enum options - SG_TYPE_STRING, SG_TYPE_KEYVAL.,Default value when not specified in API or module is interpreted by Avi Controller as SG_TYPE_STRING.
name: ${2:undefined} # required. Name of the string group.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${4:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${5:undefined} # not required. Uuid of the string group.
url: ${6:undefined} # not required. Avi controller URL of the object.
description: ${7:undefined} # not required. User defined description for the object.
avi_credentials: ${8:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${9:undefined} # not required. It is a reference to an object of type tenant.
state: ${10|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
kv: ${13:undefined} # not required. Configure key value in the string group.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
tenant: ${15:admin} # not required. Name of tenant used for all Avi API calls and context of object.
password: ${16:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_systemconfiguration':
'prefix': "avi_systemconfiguration_snippet"
'description': "Module for setup of SystemConfiguration Avi RESTful Object"
'body': """
avi_systemconfiguration:
username: ${1:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
docker_mode: ${2:undefined} # not required. Boolean flag to set docker_mode.,Default value when not specified in API or module is interpreted by Avi Controller as False.
dns_configuration: ${3:undefined} # not required. Dnsconfiguration settings for systemconfiguration.
proxy_configuration: ${4:undefined} # not required. Proxyconfiguration settings for systemconfiguration.
ssh_hmacs: ${5:undefined} # not required. Allowed hmac list for ssh to the management interface on the controller and service engines.,If this is not specified, all the default hmacs are allowed.,Ssh -q mac provides the list of default hmacs supported.
controller: ${6:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
linux_configuration: ${7:undefined} # not required. Linuxconfiguration settings for systemconfiguration.
url: ${8:undefined} # not required. Avi controller URL of the object.
api_context: ${9:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${10:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${11|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
email_configuration: ${12:undefined} # not required. Emailconfiguration settings for systemconfiguration.
uuid: ${13:undefined} # not required. Unique object identifier of the object.
dns_virtualservice_refs: ${14:undefined} # not required. Dns virtualservices hosting fqdn records for applications across avi vantage.,If no virtualservices are provided, avi vantage will provide dns services for configured applications.,Switching back to avi vantage from dns virtualservices is not allowed.,It is a reference to an object of type virtualservice.
default_license_tier: ${15:undefined} # not required. Specifies the default license tier which would be used by new clouds.,Enum options - ENTERPRISE_16, ENTERPRISE_18.,Field introduced in 17.2.5.,Default value when not specified in API or module is interpreted by Avi Controller as ENTERPRISE_18.
avi_credentials: ${16:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
state: ${17|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
global_tenant_config: ${18:undefined} # not required. Tenantconfiguration settings for systemconfiguration.
snmp_configuration: ${19:undefined} # not required. Snmpconfiguration settings for systemconfiguration.
avi_api_patch_op: ${20|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${21:admin} # not required. Name of tenant used for all Avi API calls and context of object.
ntp_configuration: ${22:undefined} # not required. Ntpconfiguration settings for systemconfiguration.
admin_auth_configuration: ${23:undefined} # not required. Adminauthconfiguration settings for systemconfiguration.
mgmt_ip_access_control: ${24:undefined} # not required. Configure ip access control for controller to restrict open access.
ssh_ciphers: ${25:undefined} # not required. Allowed ciphers list for ssh to the management interface on the controller and service engines.,If this is not specified, all the default ciphers are allowed.,Ssh -q cipher provides the list of default ciphers supported.
tenant_uuid: ${26:} # not required. UUID of tenant used for all Avi API calls and context of object.
api_version: ${27:16.4.4} # not required. Avi API version of to use for Avi API and objects.
portal_configuration: ${28:undefined} # not required. Portalconfiguration settings for systemconfiguration.
"""
'avi_tenant':
'prefix': "avi_tenant_snippet"
'description': "Module for setup of Tenant Avi RESTful Object"
'body': """
avi_tenant:
name: ${1:undefined} # required. Name of the object.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
password: ${3:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
uuid: ${4:undefined} # not required. Unique object identifier of the object.
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${6:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller: ${8:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${10:undefined} # not required. Creator of this tenant.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${12:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${13:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
config_settings: ${14:undefined} # not required. Tenantconfiguration settings for tenant.
local: ${15:undefined} # not required. Boolean flag to set local.,Default value when not specified in API or module is interpreted by Avi Controller as True.
tenant_uuid: ${16:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
description: ${18:undefined} # not required. User defined description for the object.
"""
'avi_trafficcloneprofile':
'prefix': "avi_trafficcloneprofile_snippet"
'description': "Module for setup of TrafficCloneProfile Avi RESTful Object"
'body': """
avi_trafficcloneprofile:
name: ${1:undefined} # required. Name for the traffic clone profile.,Field introduced in 17.1.1.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
password: ${3:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
uuid: ${4:undefined} # not required. Uuid of the traffic clone profile.,Field introduced in 17.1.1.
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
cloud_ref: ${6:undefined} # not required. It is a reference to an object of type cloud.,Field introduced in 17.1.1.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${8:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.1.1.
state: ${9|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${10:} # not required. UUID of tenant used for all Avi API calls and context of object.
url: ${11:undefined} # not required. Avi controller URL of the object.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
clone_servers: ${15:undefined} # not required. Field introduced in 17.1.1.
preserve_client_ip: ${16:undefined} # not required. Specifies if client ip needs to be preserved to clone destination.,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_useraccountprofile':
'prefix': "avi_useraccountprofile_snippet"
'description': "Module for setup of UserAccountProfile Avi RESTful Object"
'body': """
avi_useraccountprofile:
name: ${1:undefined} # required. Name of the object.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
max_concurrent_sessions: ${3:undefined} # not required. Maximum number of concurrent sessions allowed.,There are unlimited sessions by default.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
password: ${4:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
uuid: ${5:undefined} # not required. Unique object identifier of the object.
state: ${6|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
url: ${7:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${8:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller: ${9:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
account_lock_timeout: ${10:undefined} # not required. Lock timeout period (in minutes).,Default is 30 minutes.,Default value when not specified in API or module is interpreted by Avi Controller as 30.,Units(MIN).
api_version: ${11:16.4.4} # not required. Avi API version of to use for Avi API and objects.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
max_login_failure_count: ${13:undefined} # not required. Number of login attempts before lockout.,Default is 3 attempts.,Default value when not specified in API or module is interpreted by Avi Controller as 3.
tenant: ${14:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${15:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
max_password_history_count: ${16:undefined} # not required. Maximum number of passwords to be maintained in the password history.,Default is 4 passwords.,Default value when not specified in API or module is interpreted by Avi Controller as 4.
credentials_timeout_threshold: ${17:undefined} # not required. The time period after which credentials expire.,Default is 180 days.,Default value when not specified in API or module is interpreted by Avi Controller as 180.,Units(DAYS).
tenant_uuid: ${18:} # not required. UUID of tenant used for all Avi API calls and context of object.
avi_api_update_method: ${19|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'avi_virtualservice':
'prefix': "avi_virtualservice_snippet"
'description': "Module for setup of VirtualService Avi RESTful Object"
'body': """
avi_virtualservice:
name: ${1:undefined} # required. Name for the virtual service.
client_auth: ${2:undefined} # not required. Http authentication configuration for protected resources.
port_uuid: ${3:undefined} # not required. (internal-use) network port assigned to the virtual service ip address.,Field deprecated in 17.1.1.
availability_zone: ${4:undefined} # not required. Availability-zone to place the virtual service.,Field deprecated in 17.1.1.
error_page_profile_ref: ${5:undefined} # not required. Error page profile to be used for this virtualservice.this profile is used to send the custom error page to the client generated by the proxy.,It is a reference to an object of type errorpageprofile.,Field introduced in 17.2.4.
subnet_uuid: ${6:undefined} # not required. It represents subnet for the virtual service ip address allocation when auto_allocate_ip is true.it is only applicable in openstack or aws cloud.,This field is required if auto_allocate_ip is true.,Field deprecated in 17.1.1.
delay_fairness: ${7:undefined} # not required. Select the algorithm for qos fairness.,This determines how multiple virtual services sharing the same service engines will prioritize traffic over a congested network.,Default value when not specified in API or module is interpreted by Avi Controller as False.
vip: ${8:undefined} # not required. List of virtual service ips.,While creating a 'shared vs',please use vsvip_ref to point to the shared entities.,Field introduced in 17.1.1.
static_dns_records: ${9:undefined} # not required. List of static dns records applied to this virtual service.,These are static entries and no health monitoring is performed against the ip addresses.
enable_rhi_snat: ${10:undefined} # not required. Enable route health injection for source nat'ted floating ip address using the bgp config in the vrf context.
sideband_profile: ${11:undefined} # not required. Sideband configuration to be used for this virtualservice.it can be used for sending traffic to sideband vips for external inspection etc.
requests_rate_limit: ${12:undefined} # not required. Rate limit the incoming requests to this virtual service.
analytics_profile_ref: ${13:undefined} # not required. Specifies settings related to analytics.,It is a reference to an object of type analyticsprofile.
uuid: ${14:undefined} # not required. Uuid of the virtualservice.
ipam_network_subnet: ${15:undefined} # not required. Subnet and/or network for allocating virtualservice ip by ipam provider module.,Field deprecated in 17.1.1.
avi_allocated_fip: ${16:undefined} # not required. (internal-use) fip allocated by avi in the cloud infrastructure.,Field deprecated in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
ssl_profile_ref: ${17:undefined} # not required. Determines the set of ssl versions and ciphers to accept for ssl/tls terminated connections.,It is a reference to an object of type sslprofile.
created_by: ${18:undefined} # not required. Creator name.
discovered_network_ref: ${19:undefined} # not required. (internal-use) discovered networks providing reachability for client facing virtual service ip.,This field is deprecated.,It is a reference to an object of type network.,Field deprecated in 17.1.1.
max_cps_per_client: ${20:undefined} # not required. Maximum connections per second per client ip.,Allowed values are 10-1000.,Special values are 0- 'unlimited'.,Default value when not specified in API or module is interpreted by Avi Controller as 0.
avi_credentials: ${21:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
pool_group_ref: ${22:undefined} # not required. The pool group is an object that contains pools.,It is a reference to an object of type poolgroup.
ssl_sess_cache_avg_size: ${23:undefined} # not required. Expected number of ssl session cache entries (may be exceeded).,Allowed values are 1024-16383.,Default value when not specified in API or module is interpreted by Avi Controller as 1024.
vs_datascripts: ${24:undefined} # not required. Datascripts applied on the data traffic of the virtual service.
username: ${25:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
flow_dist: ${26:undefined} # not required. Criteria for flow distribution among ses.,Enum options - LOAD_AWARE, CONSISTENT_HASH_SOURCE_IP_ADDRESS, CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT.,Default value when not specified in API or module is interpreted by Avi Controller as LOAD_AWARE.
http_policies: ${27:undefined} # not required. Http policies applied on the data traffic of the virtual service.
application_profile_ref: ${28:undefined} # not required. Enable application layer specific features for the virtual service.,It is a reference to an object of type applicationprofile.
microservice_ref: ${29:undefined} # not required. Microservice representing the virtual service.,It is a reference to an object of type microservice.
controller: ${30:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
use_vip_as_snat: ${31:undefined} # not required. Use the virtual ip as the snat ip for health monitoring and sending traffic to the backend servers instead of the service engine interface ip.,The caveat of enabling this option is that the virtualservice cannot be configued in an active-active ha mode.,Dns based multi vip solution has to be used for ha & non-disruptive upgrade purposes.,Field introduced in 17.1.9,17.2.3.,Default value when not specified in API or module is interpreted by Avi Controller as False.
api_context: ${32:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${33:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
ip_address: ${34:undefined} # not required. Ip address of the virtual service.,Field deprecated in 17.1.1.
avi_api_update_method: ${35|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
east_west_placement: ${36:undefined} # not required. Force placement on all se's in service group (mesos mode only).,Default value when not specified in API or module is interpreted by Avi Controller as False.
floating_subnet_uuid: ${37:undefined} # not required. If auto_allocate_floating_ip is true and more than one floating-ip subnets exist, then the subnet for the floating ip address allocation.,This field is applicable only if the virtualservice belongs to an openstack or aws cloud.,In openstack or aws cloud it is required when auto_allocate_floating_ip is selected.,Field deprecated in 17.1.1.
service_pool_select: ${38:undefined} # not required. Select pool based on destination port.
close_client_conn_on_config_update: ${39:undefined} # not required. Close client connection on vs config update.,Field introduced in 17.2.4.,Default value when not specified in API or module is interpreted by Avi Controller as False.
type: ${40:undefined} # not required. Specify if this is a normal virtual service, or if it is the parent or child of an sni-enabled virtual hosted virtual service.,Enum options - VS_TYPE_NORMAL, VS_TYPE_VH_PARENT, VS_TYPE_VH_CHILD.,Default value when not specified in API or module is interpreted by Avi Controller as VS_TYPE_NORMAL.
enable_autogw: ${41:undefined} # not required. Response traffic to clients will be sent back to the source mac address of the connection, rather than statically sent to a default gateway.,Default value when not specified in API or module is interpreted by Avi Controller as True.
discovered_networks: ${42:undefined} # not required. (internal-use) discovered networks providing reachability for client facing virtual service ip.,This field is used internally by avi, not editable by the user.,Field deprecated in 17.1.1.
tenant_ref: ${43:undefined} # not required. It is a reference to an object of type tenant.
remove_listening_port_on_vs_down: ${44:undefined} # not required. Remove listening port if virtualservice is down.,Default value when not specified in API or module is interpreted by Avi Controller as False.
ssl_key_and_certificate_refs: ${45:undefined} # not required. Select or create one or two certificates, ec and/or rsa, that will be presented to ssl/tls terminated connections.,It is a reference to an object of type sslkeyandcertificate.
snat_ip: ${46:undefined} # not required. Nat'ted floating source ip address(es) for upstream connection to servers.
host_name_xlate: ${47:undefined} # not required. Translate the host name sent to the servers to this value.,Translate the host name sent from servers back to the value used by the client.
analytics_policy: ${48:undefined} # not required. Determines analytics settings for the application.
sp_pool_refs: ${49:undefined} # not required. Gslb pools used to manage site-persistence functionality.,Each site-persistence pool contains the virtualservices in all the other sites, that is auto-generated by the gslb manager.,This is a read-only field for the user.,It is a reference to an object of type pool.,Field introduced in 17.2.2.
flow_label_type: ${50:undefined} # not required. Criteria for flow labelling.,Enum options - NO_LABEL, APPLICATION_LABEL, SERVICE_LABEL.,Default value when not specified in API or module is interpreted by Avi Controller as NO_LABEL.
network_profile_ref: ${51:undefined} # not required. Determines network settings such as protocol, tcp or udp, and related options for the protocol.,It is a reference to an object of type networkprofile.
weight: ${52:undefined} # not required. The quality of service weight to assign to traffic transmitted from this virtual service.,A higher weight will prioritize traffic versus other virtual services sharing the same service engines.,Allowed values are 1-128.,Default value when not specified in API or module is interpreted by Avi Controller as 1.
dns_info: ${53:undefined} # not required. Service discovery specific data including fully qualified domain name, type and time-to-live of the dns record.,Note that only one of fqdn and dns_info setting is allowed.
content_rewrite: ${54:undefined} # not required. Profile used to match and rewrite strings in request and/or response body.
traffic_clone_profile_ref: ${55:undefined} # not required. Server network or list of servers for cloning traffic.,It is a reference to an object of type trafficcloneprofile.,Field introduced in 17.1.1.
avi_allocated_vip: ${56:undefined} # not required. (internal-use) vip allocated by avi in the cloud infrastructure.,Field deprecated in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
vrf_context_ref: ${57:undefined} # not required. Virtual routing context that the virtual service is bound to.,This is used to provide the isolation of the set of networks the application is attached to.,It is a reference to an object of type vrfcontext.
description: ${58:undefined} # not required. User defined description for the object.
subnet: ${59:undefined} # not required. Subnet providing reachability for client facing virtual service ip.,Field deprecated in 17.1.1.
service_metadata: ${60:undefined} # not required. Metadata pertaining to the service provided by this virtual service.,In openshift/kubernetes environments, egress pod info is stored.,Any user input to this field will be overwritten by avi vantage.
cloud_type: ${61:undefined} # not required. Enum options - cloud_none, cloud_vcenter, cloud_openstack, cloud_aws, cloud_vca, cloud_apic, cloud_mesos, cloud_linuxserver, cloud_docker_ucp,,cloud_rancher, cloud_oshift_k8s, cloud_azure.,Default value when not specified in API or module is interpreted by Avi Controller as CLOUD_NONE.
vh_domain_name: ${62:undefined} # not required. The exact name requested from the client's sni-enabled tls hello domain name field.,If this is a match, the parent vs will forward the connection to this child vs.
cloud_ref: ${63:undefined} # not required. It is a reference to an object of type cloud.
enable_rhi: ${64:undefined} # not required. Enable route health injection using the bgp config in the vrf context.
se_group_ref: ${65:undefined} # not required. The service engine group to use for this virtual service.,Moving to a new se group is disruptive to existing connections for this vs.,It is a reference to an object of type serviceenginegroup.
waf_policy_ref: ${66:undefined} # not required. Waf policy for the virtual service.,It is a reference to an object of type wafpolicy.,Field introduced in 17.2.1.
network_ref: ${67:undefined} # not required. Manually override the network on which the virtual service is placed.,It is a reference to an object of type network.,Field deprecated in 17.1.1.
scaleout_ecmp: ${68:undefined} # not required. Disable re-distribution of flows across service engines for a virtual service.,Enable if the network itself performs flow hashing with ecmp in environments such as gcp.,Default value when not specified in API or module is interpreted by Avi Controller as False.
state: ${69|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
nsx_securitygroup: ${70:undefined} # not required. A list of nsx service groups representing the clients which can access the virtual ip of the virtual service.,Field introduced in 17.1.1.
cloud_config_cksum: ${71:undefined} # not required. Checksum of cloud configuration for vs.,Internally set by cloud connector.
api_version: ${72:16.4.4} # not required. Avi API version of to use for Avi API and objects.
tenant_uuid: ${73:} # not required. UUID of tenant used for all Avi API calls and context of object.
vsvip_ref: ${74:undefined} # not required. Mostly used during the creation of shared vs, this field refers to entities that can be shared across virtual services.,It is a reference to an object of type vsvip.,Field introduced in 17.1.1.
performance_limits: ${75:undefined} # not required. Optional settings that determine performance limits like max connections or bandwdith etc.
use_bridge_ip_as_vip: ${76:undefined} # not required. Use bridge ip as vip on each host in mesos deployments.,Default value when not specified in API or module is interpreted by Avi Controller as False.
enabled: ${77:undefined} # not required. Enable or disable the virtual service.,Default value when not specified in API or module is interpreted by Avi Controller as True.
floating_ip: ${78:undefined} # not required. Floating ip to associate with this virtual service.,Field deprecated in 17.1.1.
auto_allocate_floating_ip: ${79:undefined} # not required. Auto-allocate floating/elastic ip from the cloud infrastructure.,Field deprecated in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
avi_api_patch_op: ${80|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
vh_parent_vs_uuid: ${81:undefined} # not required. Specifies the virtual service acting as virtual hosting (sni) parent.
services: ${82:undefined} # not required. List of services defined for this virtual service.
connections_rate_limit: ${83:undefined} # not required. Rate limit the incoming connections to this virtual service.
active_standby_se_tag: ${84:undefined} # not required. This configuration only applies if the virtualservice is in legacy active standby ha mode and load distribution among active standby is enabled.,This field is used to tag the virtualservice so that virtualservices with the same tag will share the same active serviceengine.,Virtualservices with different tags will have different active serviceengines.,If one of the serviceengine's in the serviceenginegroup fails, all virtualservices will end up using the same active serviceengine.,Redistribution of the virtualservices can be either manual or automated when the failed serviceengine recovers.,Redistribution is based on the auto redistribute property of the serviceenginegroup.,Enum options - ACTIVE_STANDBY_SE_1, ACTIVE_STANDBY_SE_2.,Default value when not specified in API or module is interpreted by Avi Controller as ACTIVE_STANDBY_SE_1.
pool_ref: ${85:undefined} # not required. The pool is an object that contains destination servers and related attributes such as load-balancing and persistence.,It is a reference to an object of type pool.
ign_pool_net_reach: ${86:undefined} # not required. Ignore pool servers network reachability constraints for virtual service placement.,Default value when not specified in API or module is interpreted by Avi Controller as False.
tenant: ${87:admin} # not required. Name of tenant used for all Avi API calls and context of object.
limit_doser: ${88:undefined} # not required. Limit potential dos attackers who exceed max_cps_per_client significantly to a fraction of max_cps_per_client for a while.,Default value when not specified in API or module is interpreted by Avi Controller as False.
url: ${89:undefined} # not required. Avi controller URL of the object.
auto_allocate_ip: ${90:undefined} # not required. Auto-allocate vip from the provided subnet.,Field deprecated in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
fqdn: ${91:undefined} # not required. Dns resolvable, fully qualified domain name of the virtualservice.,Only one of 'fqdn' and 'dns_info' configuration is allowed.
network_security_policy_ref: ${92:undefined} # not required. Network security policies for the virtual service.,It is a reference to an object of type networksecuritypolicy.
dns_policies: ${93:undefined} # not required. Dns policies applied on the dns traffic of the virtual service.,Field introduced in 17.1.1.
server_network_profile_ref: ${94:undefined} # not required. Determines the network settings profile for the server side of tcp proxied connections.,Leave blank to use the same settings as the client to vs side of the connection.,It is a reference to an object of type networkprofile.
discovered_subnet: ${95:undefined} # not required. (internal-use) discovered subnets providing reachability for client facing virtual service ip.,This field is deprecated.,Field deprecated in 17.1.1.
"""
'avi_vrfcontext':
'prefix': "avi_vrfcontext_snippet"
'description': "Module for setup of VrfContext Avi RESTful Object"
'body': """
avi_vrfcontext:
name: ${1:undefined} # required. Name of the object.
system_default: ${2:undefined} # not required. Boolean flag to set system_default.,Default value when not specified in API or module is interpreted by Avi Controller as False.
uuid: ${3:undefined} # not required. Unique object identifier of the object.
cloud_ref: ${4:undefined} # not required. It is a reference to an object of type cloud.
state: ${5|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_patch_op: ${6|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant: ${8:admin} # not required. Name of tenant used for all Avi API calls and context of object.
gateway_mon: ${9:undefined} # not required. Configure ping based heartbeat check for gateway in service engines of vrf.
bgp_profile: ${10:undefined} # not required. Bgp local and peer info.
username: ${11:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${12:undefined} # not required. User defined description for the object.
controller: ${13:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
avi_api_update_method: ${16|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
internal_gateway_monitor: ${17:undefined} # not required. Configure ping based heartbeat check for all default gateways in service engines of vrf.,Field introduced in 17.1.1.
static_routes: ${18:undefined} # not required. List of staticroute.
url: ${19:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${20:undefined} # not required. It is a reference to an object of type tenant.
debugvrfcontext: ${21:undefined} # not required. Configure debug flags for vrf.,Field introduced in 17.1.1.
api_version: ${22:16.4.4} # not required. Avi API version of to use for Avi API and objects.
tenant_uuid: ${23:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_vsdatascriptset':
'prefix': "avi_vsdatascriptset_snippet"
'description': "Module for setup of VSDataScriptSet Avi RESTful Object"
'body': """
avi_vsdatascriptset:
name: ${1:undefined} # required. Name for the virtual service datascript collection.
pool_refs: ${2:undefined} # not required. Uuid of pools that could be referred by vsdatascriptset objects.,It is a reference to an object of type pool.
pool_group_refs: ${3:undefined} # not required. Uuid of pool groups that could be referred by vsdatascriptset objects.,It is a reference to an object of type poolgroup.
string_group_refs: ${4:undefined} # not required. Uuid of string groups that could be referred by vsdatascriptset objects.,It is a reference to an object of type stringgroup.
ipgroup_refs: ${5:undefined} # not required. Uuid of ip groups that could be referred by vsdatascriptset objects.,It is a reference to an object of type ipaddrgroup.
uuid: ${6:undefined} # not required. Uuid of the virtual service datascript collection.
avi_credentials: ${7:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
created_by: ${8:undefined} # not required. Creator name.,Field introduced in 17.1.11,17.2.4.
avi_api_patch_op: ${9|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
state: ${10|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_update_method: ${11|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
api_version: ${12:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${13:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${14:undefined} # not required. User defined description for the object.
controller: ${15:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${16:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${17:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
tenant: ${18:admin} # not required. Name of tenant used for all Avi API calls and context of object.
datascript: ${19:undefined} # not required. Datascripts to execute.
url: ${20:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${21:undefined} # not required. It is a reference to an object of type tenant.
tenant_uuid: ${22:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_vsvip':
'prefix': "avi_vsvip_snippet"
'description': "Module for setup of VsVip Avi RESTful Object"
'body': """
avi_vsvip:
name: ${1:undefined} # required. Name for the vsvip object.,Field introduced in 17.1.1.
east_west_placement: ${2:undefined} # not required. Force placement on all service engines in the service engine group (container clouds only).,Field introduced in 17.1.1.,Default value when not specified in API or module is interpreted by Avi Controller as False.
username: ${3:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
password: ${4:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
state: ${6|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
cloud_ref: ${7:undefined} # not required. It is a reference to an object of type cloud.,Field introduced in 17.1.1.
dns_info: ${8:undefined} # not required. Service discovery specific data including fully qualified domain name, type and time-to-live of the dns record.,Field introduced in 17.1.1.
avi_credentials: ${9:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${10:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.1.1.
avi_api_patch_op: ${11|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant_uuid: ${12:} # not required. UUID of tenant used for all Avi API calls and context of object.
url: ${13:undefined} # not required. Avi controller URL of the object.
vip: ${14:undefined} # not required. List of virtual service ips and other shareable entities.,Field introduced in 17.1.1.
tenant: ${15:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${16:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
vrf_context_ref: ${17:undefined} # not required. Virtual routing context that the virtual service is bound to.,This is used to provide the isolation of the set of networks the application is attached to.,It is a reference to an object of type vrfcontext.,Field introduced in 17.1.1.
controller: ${18:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${19|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
uuid: ${20:undefined} # not required. Uuid of the vsvip object.,Field introduced in 17.1.1.
"""
'avi_wafpolicy':
'prefix': "avi_wafpolicy_snippet"
'description': "Module for setup of WafPolicy Avi RESTful Object"
'body': """
avi_wafpolicy:
name: ${1:undefined} # required. Field introduced in 17.2.1.
waf_profile_ref: ${2:undefined} # required. Waf profile for waf policy.,It is a reference to an object of type wafprofile.,Field introduced in 17.2.1.
mode: ${3:undefined} # required. Waf policy mode.,This can be detection or enforcement.,Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT.,Field introduced in 17.2.1.,Default value when not specified in API or module is interpreted by Avi Controller as WAF_MODE_DETECTION_ONLY.
pre_crs_groups: ${4:undefined} # not required. Waf rules are categorized in to groups based on their characterization.,These groups are created by the user and will be enforced before the crs groups.,Field introduced in 17.2.1.
uuid: ${5:undefined} # not required. Field introduced in 17.2.1.
post_crs_groups: ${6:undefined} # not required. Waf rules are categorized in to groups based on their characterization.,These groups are created by the user and will be enforced after the crs groups.,Field introduced in 17.2.1.
state: ${7|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
created_by: ${8:undefined} # not required. Creator name.,Field introduced in 17.2.4.
avi_api_patch_op: ${9|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
avi_credentials: ${10:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
avi_api_update_method: ${11|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
api_version: ${12:16.4.4} # not required. Avi API version of to use for Avi API and objects.
username: ${13:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
description: ${14:undefined} # not required. Field introduced in 17.2.1.
crs_groups: ${15:undefined} # not required. Waf rules are categorized in to groups based on their characterization.,These groups are system created with crs groups.,Field introduced in 17.2.1.
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
api_context: ${17:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${18:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
paranoia_level: ${19:undefined} # not required. Waf ruleset paranoia mode.,This is used to select rules based on the paranoia-level tag.,Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME.,Field introduced in 17.2.1.,Default value when not specified in API or module is interpreted by Avi Controller as WAF_PARANOIA_LEVEL_LOW.
tenant: ${20:admin} # not required. Name of tenant used for all Avi API calls and context of object.
url: ${21:undefined} # not required. Avi controller URL of the object.
tenant_ref: ${22:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.2.1.
tenant_uuid: ${23:} # not required. UUID of tenant used for all Avi API calls and context of object.
"""
'avi_wafprofile':
'prefix': "avi_wafprofile_snippet"
'description': "Module for setup of WafProfile Avi RESTful Object"
'body': """
avi_wafprofile:
name: ${1:undefined} # required. Field introduced in 17.2.1.
config: ${2:undefined} # required. Config params for waf.,Field introduced in 17.2.1.
files: ${3:undefined} # not required. List of data files used for waf rules.,Field introduced in 17.2.1.
username: ${4:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
uuid: ${6:undefined} # not required. Field introduced in 17.2.1.
tenant_uuid: ${7:} # not required. UUID of tenant used for all Avi API calls and context of object.
url: ${8:undefined} # not required. Avi controller URL of the object.
avi_credentials: ${9:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${10:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.2.1.
state: ${11|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
avi_api_patch_op: ${12|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${13:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${14:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
password: ${15:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
controller: ${16:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${17|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
description: ${18:undefined} # not required. Field introduced in 17.2.1.
"""
'avi_webhook':
'prefix': "avi_webhook_snippet"
'description': "Module for setup of Webhook Avi RESTful Object"
'body': """
avi_webhook:
name: ${1:undefined} # required. The name of the webhook profile.,Field introduced in 17.1.1.
username: ${2:} # not required. Username used for accessing Avi controller. The default value is the environment variable C(AVI_USERNAME).
password: ${3:} # not required. Password of Avi user in Avi controller. The default value is the environment variable C(AVI_PASSWORD).
uuid: ${4:undefined} # not required. Uuid of the webhook profile.,Field introduced in 17.1.1.
api_version: ${5:16.4.4} # not required. Avi API version of to use for Avi API and objects.
url: ${6:undefined} # not required. Avi controller URL of the object.
description: ${7:undefined} # not required. Field introduced in 17.1.1.
avi_credentials: ${8:undefined} # not required. Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
tenant_ref: ${9:undefined} # not required. It is a reference to an object of type tenant.,Field introduced in 17.1.1.
state: ${10|absent,present|} # not required. choices: absent;present. The state that should be applied on the entity.
tenant_uuid: ${11:} # not required. UUID of tenant used for all Avi API calls and context of object.
verification_token: ${12:undefined} # not required. Verification token sent back with the callback asquery parameters.,Field introduced in 17.1.1.
avi_api_patch_op: ${13|add,replace,delete|} # not required. choices: add;replace;delete. Patch operation to use when using avi_api_update_method as patch.
tenant: ${14:admin} # not required. Name of tenant used for all Avi API calls and context of object.
api_context: ${15:undefined} # not required. Avi API context that includes current session ID and CSRF Token.,This allows user to perform single login and re-use the session.
callback_url: ${16:undefined} # not required. Callback url for the webhook.,Field introduced in 17.1.1.
controller: ${17:} # not required. IP address or hostname of the controller. The default value is the environment variable C(AVI_CONTROLLER).
avi_api_update_method: ${18|put,patch|} # not required. choices: put;patch. Default method for object update is HTTP PUT.,Setting to patch will override that behavior to use HTTP PATCH.
"""
'awall':
'prefix': "awall_snippet"
'description': "Manage awall policies"
'body': """
awall:
state: ${1|enabled,disabled|} # not required. choices: enabled;disabled. The policy(ies) will be C(enabled),The policy(ies) will be C(disabled)
activate: ${2:false} # not required. Activate the new firewall rules. Can be run with other steps or on it's own.
name: ${3:null} # not required. A policy name, like C(foo), or multiple policies, like C(foo, bar).
"""
'aws_acm_facts':
'prefix': "aws_acm_facts_snippet"
'description': "Retrieve certificate facts from AWS Certificate Manager service"
'body': """
aws_acm_facts:
status: ${1|PENDING_VALIDATION,ISSUED,INACTIVE,EXPIRED,VALIDATION_TIMED_OUT|} # not required. choices: PENDING_VALIDATION;ISSUED;INACTIVE;EXPIRED;VALIDATION_TIMED_OUT. Status to filter the certificate results
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:undefined} # not required. The name of an ACM certificate
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
profile: ${7:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_api_gateway':
'prefix': "aws_api_gateway_snippet"
'description': "Manage AWS API Gateway APIs"
'body': """
aws_api_gateway:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
swagger_file: ${2:undefined} # not required. JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.
api_id: ${3:undefined} # not required. The ID of the API you want to manage.
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
stage: ${5:undefined} # not required. The name of the stage the API should be deployed to.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
swagger_dict: ${10:undefined} # not required. Swagger definitions API ansible dictionary which will be converted to JSON and uploaded.
deploy_desc: ${11:Automatic deployment by Ansible.} # not required. Description of the deployment - recorded and visible in the AWS console.
state: ${12|present,absent|} # not required. choices: present;absent. NOT IMPLEMENTED Create or delete API - currently we always create.
swagger_text: ${13:undefined} # not required. Swagger definitions for API in JSON or YAML as a string direct from playbook.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_application_scaling_policy':
'prefix': "aws_application_scaling_policy_snippet"
'description': "Manage Application Auto Scaling Scaling Policies"
'body': """
aws_application_scaling_policy:
resource_id: ${1:undefined} # required. The identifier of the resource associated with the scalable target.
policy_name: ${2:undefined} # required. The name of the scaling policy.
scalable_dimension: ${3|ecs:service:DesiredCount,ec2:spot-fleet-request:TargetCapacity,elasticmapreduce:instancegroup:InstanceCount,appstream:fleet:DesiredCapacity,dynamodb:table:ReadCapacityUnits,dynamodb:table:WriteCapacityUnits,dynamodb:index:ReadCapacityUnits,dynamodb:index:WriteCapacityUnits|} # required. choices: ecs:service:DesiredCount;ec2:spot-fleet-request:TargetCapacity;elasticmapreduce:instancegroup:InstanceCount;appstream:fleet:DesiredCapacity;dynamodb:table:ReadCapacityUnits;dynamodb:table:WriteCapacityUnits;dynamodb:index:ReadCapacityUnits;dynamodb:index:WriteCapacityUnits. The scalable dimension associated with the scalable target.
service_namespace: ${4|ecs,elasticmapreduce,ec2,appstream,dynamodb|} # required. choices: ecs;elasticmapreduce;ec2;appstream;dynamodb. The namespace of the AWS service.
policy_type: ${5|StepScaling,TargetTrackingScaling|} # required. choices: StepScaling;TargetTrackingScaling. The policy type.
profile: ${6:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
step_scaling_policy_configuration: ${8:undefined} # not required. A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
aws_secret_key: ${9:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${10:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${11:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${12:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
target_tracking_scaling_policy_configuration: ${13:undefined} # not required. A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_az_facts':
'prefix': "aws_az_facts_snippet"
'description': "Gather facts about availability zones in AWS."
'body': """
aws_az_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:[object Object]} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) for possible filters. Filter names and values are case sensitive. You can also use underscores instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_batch_compute_environment':
'prefix': "aws_batch_compute_environment_snippet"
'description': "Manage AWS Batch Compute Environments"
'body': """
aws_batch_compute_environment:
subnets: ${1:undefined} # required. The VPC subnets into which the compute resources are launched.
instance_types: ${2:undefined} # required. The instance types that may be launched.
maxv_cpus: ${3:undefined} # required. The maximum number of EC2 vCPUs that an environment can reach.
security_group_ids: ${4:undefined} # required. The EC2 security groups that are associated with instances launched in the compute environment.
instance_role: ${5:undefined} # required. The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
minv_cpus: ${6:undefined} # required. The minimum number of EC2 vCPUs that an environment should maintain.
compute_resource_type: ${7|EC2,SPOT|} # required. choices: EC2;SPOT. The type of compute resource.
state: ${8|present,absent|} # required. choices: present;absent. Describes the desired state.
service_role: ${9:undefined} # required. The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.
compute_environment_name: ${10:undefined} # required. The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed.
type: ${11|MANAGED,UNMANAGED|} # required. choices: MANAGED;UNMANAGED. The type of the compute environment.
profile: ${12:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
tags: ${13:undefined} # not required. Key-value pair tags to be applied to resources that are launched in the compute environment.
bid_percentage: ${14:undefined} # not required. The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance.
image_id: ${15:undefined} # not required. The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
ec2_url: ${16:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${17:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${18:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
desiredv_cpus: ${19:undefined} # not required. The desired number of EC2 vCPUS in the compute environment.
security_token: ${20:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${21:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${22:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
compute_environment_state: ${23|ENABLED,DISABLED|} # not required. choices: ENABLED;DISABLED. The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.
spot_iam_fleet_role: ${24:undefined} # not required. The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
ec2_key_pair: ${25:undefined} # not required. The EC2 key pair that is used for instances launched in the compute environment.
"""
'aws_batch_job_definition':
'prefix': "aws_batch_job_definition_snippet"
'description': "Manage AWS Batch Job Definitions"
'body': """
aws_batch_job_definition:
state: ${1|present,absent|} # required. choices: present;absent. Describes the desired state.
job_definition_name: ${2:undefined} # required. The name for the job definition
type: ${3:undefined} # required. The type of job definition
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
readonly_root_filesystem: ${5:undefined} # not required. When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run.
mount_points: ${6:undefined} # not required. The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run. List of dictionaries.
image: ${7:undefined} # not required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image <colon>tag ``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.
job_role_arn: ${8:undefined} # not required. The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
attempts: ${9:undefined} # not required. Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10 attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that many times.
user: ${10:undefined} # not required. The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
job_definition_arn: ${12:undefined} # not required. The arn for the job definition
aws_secret_key: ${13:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${14:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${15:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
parameters: ${16:undefined} # not required. Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
validate_certs: ${17:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${18:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
environment: ${19:undefined} # not required. The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run. List of dictionaries.
vcpus: ${20:undefined} # not required. The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares.
command: ${21:undefined} # not required. The command that is passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
volumes: ${22:undefined} # not required. A list of data volumes used in a job. List of dictionaries.
memory: ${23:undefined} # not required. The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run.
privileged: ${24:undefined} # not required. When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run.
ulimits: ${25:undefined} # not required. A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run. List of dictionaries.
"""
'aws_batch_job_queue':
'prefix': "aws_batch_job_queue_snippet"
'description': "Manage AWS Batch Job Queues"
'body': """
aws_batch_job_queue:
compute_environment_order: ${1:undefined} # required. The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment should execute a given job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to 3 compute environments with a job queue.
job_queue_name: ${2:undefined} # required. The name for the job queue
priority: ${3:undefined} # required. The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority parameter) are evaluated first when associated with same compute environment. Priority is determined in ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job queue with a priority value of 10.
state: ${4|present,absent|} # required. choices: present;absent. Describes the desired state.
aws_secret_key: ${5:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${6:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
job_queue_state: ${7|ENABLED,DISABLED|} # not required. choices: ENABLED;DISABLED. The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
profile: ${10:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${12:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_direct_connect_connection':
'prefix': "aws_direct_connect_connection_snippet"
'description': "Creates, deletes, modifies a DirectConnect connection"
'body': """
aws_direct_connect_connection:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
connection_id: ${3:undefined} # not required. The ID of the Direct Connect connection. I(name) or I(connection_id) is required to recreate or delete a connection. Modifying attributes of a connection with I(forced_update) will result in a new Direct Connect connection ID.
bandwidth: ${4|1Gbps,10Gbps|} # not required. choices: 1Gbps;10Gbps. The bandwidth of the Direct Connect connection. Required when I(state=present).
link_aggregation_group: ${5:undefined} # not required. The ID of the link aggregation group you want to associate with the connection. This is optional in case a stand-alone connection is desired.
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
forced_update: ${7:undefined} # not required. To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${9:undefined} # not required. The name of the Direct Connect connection. This is required to create a new connection. To recreate or delete a connection I(name) or I(connection_id) is required.
security_token: ${10:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${11:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${12|present,absent|} # not required. choices: present;absent. The state of the Direct Connect connection.
location: ${13:undefined} # not required. Where the Direct Connect connection is located. Required when I(state=present).
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_direct_connect_gateway':
'prefix': "aws_direct_connect_gateway_snippet"
'description': "Manage AWS Direct Connect Gateway."
'body': """
aws_direct_connect_gateway:
amazon_asn: ${1:undefined} # required. amazon side asn
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${5:undefined} # not required. name of the dxgw to be created or deleted
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
virtual_gateway_id: ${7:undefined} # not required. vpn gateway id of an existing virtual gateway
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
state: ${10|present,absent|} # not required. choices: present;absent. present to ensure resource is created.,absent to remove resource
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
direct_connect_gateway_id: ${12:undefined} # not required. id of an existing direct connect gateway
"""
'aws_direct_connect_link_aggregation_group':
'prefix': "aws_direct_connect_link_aggregation_group_snippet"
'description': "Manage Direct Connect LAG bundles."
'body': """
aws_direct_connect_link_aggregation_group:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:undefined} # not required. The name of the Direct Connect link aggregation group.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
state: ${6|present,absent|} # not required. choices: present;absent. The state of the Direct Connect link aggregation group.
delete_with_disassociation: ${7:undefined} # not required. To be used with I(state=absent) to delete connections after disassociating them with the LAG.
force_delete: ${8:undefined} # not required. This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
num_connections: ${11:undefined} # not required. The number of connections with which to intialize the link aggregation group.
connection_id: ${12:undefined} # not required. A connection ID to link with the link aggregation group upon creation.
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
bandwidth: ${14:undefined} # not required. The bandwidth of the link aggregation group.
wait_timeout: ${15:120} # not required. The duration in seconds to wait if I(wait) is True.
location: ${16:undefined} # not required. The location of the link aggregation group.
min_links: ${17:undefined} # not required. The minimum number of physical connections that must be operational for the LAG itself to be operational.
link_aggregation_group_id: ${18:undefined} # not required. The ID of the Direct Connect link aggregation group.
wait: ${19:undefined} # not required. Whether or not to wait for the operation to complete. May be useful when waiting for virtual interfaces to be deleted. May modify the time of waiting with C(wait_timeout).
"""
'aws_direct_connect_virtual_interface':
'prefix': "aws_direct_connect_virtual_interface_snippet"
'description': "Manage Direct Connect virtual interfaces."
'body': """
aws_direct_connect_virtual_interface:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
vlan: ${4:100} # not required. The VLAN ID.
name: ${5:undefined} # not required. The name of the virtual interface.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${7:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
virtual_interface_id: ${9:undefined} # not required. The virtual interface ID.
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
id_to_associate: ${11:undefined} # not required. The ID of the link aggrecation group or connection to associate with the virtual interface.
customer_address: ${12:undefined} # not required. The customer address CIDR with which to create the virtual interface.
state: ${13|present,absent|} # not required. choices: present;absent. The desired state of the Direct Connect virtual interface.
amazon_address: ${14:undefined} # not required. The amazon address CIDR with which to create the virtual interface.
authentication_key: ${15:undefined} # not required. The authentication key for BGP configuration.
bgp_asn: ${16:65000} # not required. The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
cidr: ${17:undefined} # not required. A list of route filter prefix CIDRs with which to create the public virtual interface.
address_type: ${18:undefined} # not required. The type of IP address for the BGP peer.
virtual_gateway_id: ${19:undefined} # not required. The virtual gateway ID required for creating a private virtual interface.
public: ${20:undefined} # not required. The type of virtual interface.
"""
'aws_elasticbeanstalk_app':
'prefix': "aws_elasticbeanstalk_app_snippet"
'description': "create, update, and delete an elastic beanstalk application"
'body': """
aws_elasticbeanstalk_app:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
description: ${4:undefined} # not required. the description of the application
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${7|absent,present|} # not required. choices: absent;present. whether to ensure the application is present or absent
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
terminate_by_force: ${10:false} # not required. when set to true, running environments will be terminated before deleting the application
app_name: ${11:undefined} # not required. name of the beanstalk application you wish to manage
"""
'aws_kms':
'prefix': "aws_kms_snippet"
'description': "Perform various KMS management tasks."
'body': """
aws_kms:
mode: ${1|grant,deny|} # required. choices: grant;deny. Grant or deny access.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
role_name: ${3:undefined} # not required. Role to allow/deny access. One of C(role_name) or C(role_arn) are required.
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
key_alias: ${5:undefined} # not required. Alias label to the key. One of C(key_alias) or C(key_arn) are required.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
role_arn: ${8:undefined} # not required. ARN of role to allow/deny access. One of C(role_name) or C(role_arn) are required.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
grant_types: ${11:undefined} # not required. List of grants to give to user/role. Likely \"role,role grant\" or \"role,role grant,admin\". Required when C(mode=grant).
key_arn: ${12:undefined} # not required. Full ARN to the key. One of C(key_alias) or C(key_arn) are required.
clean_invalid_entries: ${13:true} # not required. If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.,Only cleans if changes are being made.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_kms_facts':
'prefix': "aws_kms_facts_snippet"
'description': "Gather facts about AWS KMS keys"
'body': """
aws_kms_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:undefined} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. The filters aren't natively supported by boto3, but are supported to provide similar functionality to other modules. Standard tag filters (C(tag-key), C(tag-value) and C(tag:tagName)) are available, as are C(key-id) and C(alias)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
pending_deletion: ${8:false} # not required. Whether to get full details (tags, grants etc.) of keys pending deletion
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_region_facts':
'prefix': "aws_region_facts_snippet"
'description': "Gather facts about AWS regions."
'body': """
aws_region_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:[object Object]} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) for possible filters. Filter names and values are case sensitive. You can also use underscores instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_s3':
'prefix': "aws_s3_snippet"
'description': "manage objects in S3."
'body': """
aws_s3:
bucket: ${1:undefined} # required. Bucket name.
mode: ${2|get,put,delete,create,geturl,getstr,delobj,list|} # required. choices: get;put;delete;create;geturl;getstr;delobj;list. Switches the module behaviour between put (upload), get (download), geturl (return download url, Ansible 1.3+), getstr (download object as string (1.3+)), list (list keys, Ansible 2.0+), create (bucket), delete (bucket), and delobj (delete object, Ansible 2.0+).
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
permission: ${4:private} # not required. This option lets the user set the canned permissions on the object/bucket that are created. The permissions that can be set are 'private', 'public-read', 'public-read-write', 'authenticated-read' for a bucket or 'private', 'public-read', 'public-read-write', 'aws-exec-read', 'authenticated-read', 'bucket-owner-read', 'bucket-owner-full-control' for an object. Multiple permissions can be specified as a list.
dest: ${5:undefined} # not required. The destination file path when downloading an object/key with a GET operation.
object: ${6:undefined} # not required. Keyname of the object inside the bucket. Can be used to create \"virtual directories\", see examples.
prefix: ${7:} # not required. Limits the response to keys that begin with the specified prefix for list mode
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
marker: ${9:undefined} # not required. Specifies the key to start with when using list mode. Object keys are returned in alphabetical order, starting with key after the marker in order.
ignore_nonexistent_bucket: ${10:undefined} # not required. Overrides initial bucket lookups in case bucket or iam policies are restrictive. Example: a user may have the GetObject permission but no other permissions. In this case using the option mode: get will fail without specifying ignore_nonexistent_bucket: True.
overwrite: ${11:always} # not required. Force overwrite either locally on the filesystem or remotely with the object/key. Used with PUT and GET operations. Boolean or one of [always, never, different], true is equal to 'always' and false is equal to 'never', new in 2.0. When this is set to 'different', the md5 sum of the local file is compared with the 'ETag' of the object/key in S3. The ETag may or may not be an MD5 digest of the object data. See the ETag response header here U(http://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonResponseHeaders.html)
headers: ${12:undefined} # not required. Custom headers for PUT operation, as a dictionary of 'key=value' and 'key=value,key=value'.
aws_secret_key: ${13:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used.
src: ${14:undefined} # not required. The source file path when performing a PUT operation.
aws_access_key: ${15:null} # not required. AWS access key id. If not set then the value of the AWS_ACCESS_KEY environment variable is used.
encrypt: ${16:true} # not required. When set for PUT mode, asks for server-side encryption.
security_token: ${17:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
rgw: ${18:false} # not required. Enable Ceph RGW S3 support. This option requires an explicit url via s3_url.
region: ${19:undefined} # not required. AWS region to create the bucket in. If not set then the value of the AWS_REGION and EC2_REGION environment variables are checked, followed by the aws_region and ec2_region settings in the Boto config file. If none of those are set the region defaults to the S3 Location: US Standard. Prior to ansible 1.8 this parameter could be specified but had no effect.
retries: ${20:0} # not required. On recoverable failure, how many times to retry before actually failing.
max_keys: ${21:1000} # not required. Max number of results to return in list mode, set this if you want to retrieve fewer than the default 1000 keys.
version: ${22:undefined} # not required. Version ID of the object inside the bucket. Can be used to get a specific version of a file if versioning is enabled in the target bucket.
expiration: ${23:600} # not required. Time limit (in seconds) for the URL generated and returned by S3/Walrus when performing a mode=put or mode=geturl operation.
s3_url: ${24:undefined} # not required. S3 URL endpoint for usage with Ceph, Eucalypus, fakes3, etc. Otherwise assumes AWS
metadata: ${25:undefined} # not required. Metadata for PUT operation, as a dictionary of 'key=value' and 'key=value,key=value'.
validate_certs: ${26:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_s3_bucket_facts':
'prefix': "aws_s3_bucket_facts_snippet"
'description': "Lists S3 buckets in AWS"
'body': """
aws_s3_bucket_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
validate_certs: ${7:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_s3_cors':
'prefix': "aws_s3_cors_snippet"
'description': "Manage CORS for S3 buckets in AWS"
'body': """
aws_s3_cors:
name: ${1:null} # required. Name of the s3 bucket
state: ${2|present,absent|} # required. choices: present;absent. Create or remove cors on the s3 bucket
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
rules: ${7:undefined} # not required. Cors rules to put on the s3 bucket
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_ses_identity':
'prefix': "aws_ses_identity_snippet"
'description': "Manages SES email and domain identity"
'body': """
aws_ses_identity:
identity: ${1:undefined} # required. This is the email address or domain to verify / delete.,If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
bounce_notifications: ${3:undefined} # not required. Setup the SNS topic used to report bounce notifications.,If omitted, bounce notifications will not be delivered to a SNS topic.,If bounce notifications are not delivered to a SNS topic, I(feedback_forwarding) must be enabled.
feedback_forwarding: ${4:true} # not required. Whether or not to enable feedback forwarding.,This can only be false if both I(bounce_notifications) and I(complaint_notifications) specify SNS topics.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
complaint_notifications: ${6:undefined} # not required. Setup the SNS topic used to report complaint notifications.,If omitted, complaint notifications will not be delivered to a SNS topic.,If complaint notifications are not delivered to a SNS topic, I(feedback_forwarding) must be enabled.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${11|present,absent|} # not required. choices: present;absent. Whether to create(or update) or delete the identity.
delivery_notifications: ${12:undefined} # not required. Setup the SNS topic used to report delivery notifications.,If omitted, delivery notifications will not be delivered to a SNS topic.
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_ssm_parameter_store':
'prefix': "aws_ssm_parameter_store_snippet"
'description': "Manage key-value pairs in aws parameter store."
'body': """
aws_ssm_parameter_store:
name: ${1:undefined} # required. parameter key name.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
decryption: ${3:true} # not required. Work with SecureString type to get plain text secrets,Boolean
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. region.
string_type: ${7|String,StringList,SecureString|} # not required. choices: String;StringList;SecureString. Parameter String type
value: ${8:undefined} # not required. Parameter value.
state: ${9|present,absent|} # not required. choices: present;absent. Creates or modifies an existing parameter,Deletes a parameter
profile: ${10:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
key_id: ${12:aws/ssm (this key is automatically generated at the first parameter created).} # not required. aws KMS key to decrypt the secrets.
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
overwrite: ${14:true} # not required. Overwrite the value when create or update parameter,Boolean
description: ${15:undefined} # not required. parameter key desciption.
"""
'aws_waf_condition':
'prefix': "aws_waf_condition_snippet"
'description': "create and delete WAF Conditions"
'body': """
aws_waf_condition:
name: ${1:undefined} # required. Name of the Web Application Firewall condition to manage
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
purge_filters: ${6:undefined} # not required. Whether to remove existing filters from a condition if not passed in I(filters). Defaults to false
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
state: ${9|present,absent|} # not required. choices: present;absent. Whether the condition should be C(present) or C(absent)
filters: ${10:undefined} # not required. A list of the filters against which to match,For I(type)=C(byte), valid keys are C(field_to_match), C(position), C(header), C(transformation),For I(type)=C(geo), the only valid key is C(country),For I(type)=C(ip), the only valid key is C(ip_address),For I(type)=C(regex), valid keys are C(field_to_match), C(transformation) and C(regex_pattern),For I(type)=C(size), valid keys are C(field_to_match), C(transformation), C(comparison) and C(size),For I(type)=C(sql), valid keys are C(field_to_match) and C(transformation),For I(type)=C(xss), valid keys are C(field_to_match) and C(transformation),I(field_to_match) can be one of C(uri), C(query_string), C(header) C(method) and C(body),If I(field_to_match) is C(header), then C(header) must also be specified,I(transformation) can be one of C(none), C(compress_white_space), C(html_entity_decode), C(lowercase), C(cmd_line), C(url_decode),I(position), can be one of C(exactly), C(starts_with), C(ends_with), C(contains), C(contains_word),,I(comparison) can be one of C(EQ), C(NE), C(LE), C(LT), C(GE), C(GT),,I(target_string) is a maximum of 50 bytes,I(regex_pattern) is a dict with a C(name) key and C(regex_strings) list of strings to match
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
type: ${12|byte,geo,ip,regex,size,sql,xss|} # not required. choices: byte;geo;ip;regex;size;sql;xss. the type of matching to perform
"""
'aws_waf_facts':
'prefix': "aws_waf_facts_snippet"
'description': "Retrieve facts for WAF ACLs, Rule , Conditions and Filters."
'body': """
aws_waf_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:undefined} # not required. The name of a Web Application Firewall
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'aws_waf_rule':
'prefix': "aws_waf_rule_snippet"
'description': "create and delete WAF Rules"
'body': """
aws_waf_rule:
name: ${1:undefined} # required. Name of the Web Application Firewall rule
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
purge_conditions: ${5:undefined} # not required. Whether or not to remove conditions that are not passed when updating `conditions`. Defaults to false.
validate_certs: ${6:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${8|present,absent|} # not required. choices: present;absent. whether the rule should be present or absent
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
security_token: ${10:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
conditions: ${11:undefined} # not required. list of conditions used in the rule. Each condition should contain I(type): which is one of [C(byte), C(geo), C(ip), C(size), C(sql) or C(xss)] I(negated): whether the condition should be negated, and C(condition), the name of the existing condition. M(aws_waf_condition) can be used to create new conditions\n
metric_name: ${12:undefined} # not required. A friendly name or description for the metrics for the rule,The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.,You can't change metric_name after you create the rule,Defaults to the same as name with disallowed characters removed
"""
'aws_waf_web_acl':
'prefix': "aws_waf_web_acl_snippet"
'description': "create and delete WAF Web ACLs"
'body': """
aws_waf_web_acl:
name: ${1:undefined} # required. Name of the Web Application Firewall ACL to manage
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
purge_rules: ${3:undefined} # not required. Whether to remove rules that aren't passed with C(rules). Defaults to false
rules: ${4:undefined} # not required. A list of rules that the Web ACL will enforce.,Each rule must contain I(name), I(action), I(priority) keys.,Priorities must be unique, but not necessarily consecutive. Lower numbered priorities are evalauted first.,The I(type) key can be passed as C(rate_based), it defaults to C(regular)
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
metric_name: ${8:undefined} # not required. A friendly name or description for the metrics for this WebACL,The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.,You can't change metric_name after you create the WebACL,Metric name will default to I(name) with disallowed characters stripped out
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${11|present,absent|} # not required. choices: present;absent. whether the Web ACL should be present or absent
default_action: ${12|block,allow,count|} # not required. choices: block;allow;count. The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the Rule objects that are associated with the WebACL
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'azure':
'prefix': "azure_snippet"
'description': "create or terminate a virtual machine in azure"
'body': """
azure:
image: ${1:null} # required. system image for creating the virtual machine (e.g., b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu_DAILY_BUILD-precise-12_04_3-LTS-amd64-server-20131205-en-us-30GB)
storage_account: ${2:undefined} # required. the azure storage account in which to store the data disks.
name: ${3:null} # required. name of the virtual machine and associated cloud service.
location: ${4:null} # required. the azure location to use (e.g. 'East US')
role_size: ${5:Small} # not required. azure role size for the new virtual machine (e.g., Small, ExtraLarge, A6). You have to pay attention to the fact that instances of type G and DS are not available in all regions (locations). Make sure if you selected the size and type of instance available in your chosen location.
virtual_network_name: ${6:null} # not required. Name of virtual network.
wait_timeout_redirects: ${7:300} # not required. how long before wait gives up for redirects, in seconds
wait_timeout: ${8:600} # not required. how long before wait gives up, in seconds
user: ${9:null} # not required. the unix username for the new virtual machine.
auto_updates: ${10|yes,no|} # not required. choices: yes;no. Enable Auto Updates on Windows Machines
password: ${11:null} # not required. the unix password for the new virtual machine.
os_type: ${12|windows,linux|} # not required. choices: windows;linux. The type of the os that is gettings provisioned
wait: ${13|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
management_cert_path: ${14:null} # not required. path to an azure management certificate associated with the subscription id. Overrides the AZURE_CERT_PATH environment variable.
hostname: ${15:null} # not required. hostname to write /etc/hostname. Defaults to <name>.cloudapp.net.
ssh_cert_path: ${16:null} # not required. path to an X509 certificate containing the public ssh key to install in the virtual machine. See http://www.windowsazure.com/en-us/manage/linux/tutorials/intro-to-linux/ for more details.,if this option is specified, password-based ssh authentication will be disabled.
state: ${17:present} # not required. create or terminate instances
subscription_id: ${18:null} # not required. azure subscription id. Overrides the AZURE_SUBSCRIPTION_ID environment variable.
endpoints: ${19:22} # not required. a comma-separated list of TCP ports to expose on the virtual machine (e.g., \"22,80\")
enable_winrm: ${20|yes,no|} # not required. choices: yes;no. Enable winrm on Windows Machines
"""
'azure_rm_acs':
'prefix': "azure_rm_acs_snippet"
'description': "Manage an Azure Container Service Instance (ACS)."
'body': """
azure_rm_acs:
resource_group: ${1:undefined} # required. Name of a resource group where the Container Services exists or will be created.
diagnostics_profile: ${2:undefined} # required. Should VM Diagnostics be enabled for the Container Service VM's.
master_profile: ${3:undefined} # required. Master profile suboptions.
orchestration_platform: ${4:undefined} # required. Specifies the Container Orchestration Platform to use. Currently can be either DCOS, Kubernetes or Swarm.
linux_profile: ${5:undefined} # required. The linux profile suboptions.
agent_pool_profiles: ${6:undefined} # required. The agent pool profile suboptions.
name: ${7:undefined} # required. Name of the Container Services instance.
ad_user: ${8:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cert_validation_mode: ${9|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
append_tags: ${10:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${11:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
secret: ${12:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
tags: ${13:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
location: ${14:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
subscription_id: ${15:null} # not required. Your Azure subscription Id.
service_principal: ${16:null} # not required. The service principal suboptions.
profile: ${17:null} # not required. Security profile found in ~/.azure/credentials file.
state: ${18|absent,present|} # not required. choices: absent;present. Assert the state of the ACS. Use 'present' to create or update an ACS and 'absent' to delete it.
client_id: ${19:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
auth_source: ${20|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
password: ${21:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${22:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${23|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_availabilityset':
'prefix': "azure_rm_availabilityset_snippet"
'description': "Manage Azure availability set."
'body': """
azure_rm_availabilityset:
resource_group: ${1:undefined} # required. Name of a resource group where the availability set exists or will be created.
name: ${2:undefined} # required. Name of the availability set.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
client_id: ${6:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
password: ${8:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${9:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
sku: ${11|Classic,Aligned|} # not required. choices: Classic;Aligned. Define if the availability set supports managed disks.
append_tags: ${12:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${13:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
secret: ${14:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
platform_update_domain_count: ${15:5} # not required. Update domains indicate groups of virtual machines and underlying physical hardware that can be rebooted at the same time. Default is 5.
platform_fault_domain_count: ${16:3} # not required. Fault domains define the group of virtual machines that share a common power source and network switch. Should be between 1 and 3. Default is 3
state: ${17|absent,present|} # not required. choices: absent;present. Assert the state of the availability set. Use 'present' to create or update a availability set and 'absent' to delete a availability set.
location: ${18:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
auth_source: ${19|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${20:null} # not required. Your Azure subscription Id.
"""
'azure_rm_availabilityset_facts':
'prefix': "azure_rm_availabilityset_facts_snippet"
'description': "Get availability set facts."
'body': """
azure_rm_availabilityset_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Limit results to a specific availability set
resource_group: ${3:null} # not required. The resource group to search for the desired availability set
ad_user: ${4:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${6|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${7:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${8:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${9|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${10|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${11:null} # not required. Your Azure subscription Id.
password: ${12:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${13:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_containerinstance':
'prefix': "azure_rm_containerinstance_snippet"
'description': "Manage an Azure Container Instance."
'body': """
azure_rm_containerinstance:
resource_group: ${1:undefined} # required. Name of resource group.
name: ${2:undefined} # required. The name of the container group.
ad_user: ${3:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cert_validation_mode: ${4|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
registry_password: ${5:undefined} # not required. The password to log in container image registry server.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
state: ${7|absent,present|} # not required. choices: absent;present. Assert the state of the container instance. Use 'present' to create or update an container instance and 'absent' to delete it.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
location: ${9:undefined} # not required. Valid azure location. Defaults to location of the resource group.
subscription_id: ${10:null} # not required. Your Azure subscription Id.
containers: ${11:undefined} # not required. List of containers.
profile: ${12:null} # not required. Security profile found in ~/.azure/credentials file.
registry_login_server: ${13:undefined} # not required. The container image registry login server.
client_id: ${14:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${15|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
password: ${16:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
ip_address: ${17|public,none|} # not required. choices: public;none. The IP address type of the container group (default is 'none')
tenant: ${18:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
registry_username: ${19:undefined} # not required. The username to log in container image registry server.
force_update: ${20:false} # not required. Force update of existing container instance. Any update will result in deletion and recreation of existing containers.
auth_source: ${21|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
os_type: ${22|linux,windows|} # not required. choices: linux;windows. The OS type of containers.
ports: ${23:undefined} # not required. List of ports exposed within the container group.
"""
'azure_rm_containerregistry':
'prefix': "azure_rm_containerregistry_snippet"
'description': "Manage an Azure Container Registry."
'body': """
azure_rm_containerregistry:
resource_group: ${1:undefined} # required. Name of a resource group where the Container Registry exists or will be created.
name: ${2:null} # required. Name of the Container Registry.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${6:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
admin_user_enabled: ${7:false} # not required. If enabled, you can use the registry name as username and admin user access key as password to docker login to your container registry.
client_id: ${8:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${9|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
password: ${10:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${11:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
sku: ${12|Basic,Standard,Premium|} # not required. choices: Basic;Standard;Premium. Specifies the SKU to use. Currently can be either Basic, Standard or Premium.
append_tags: ${13:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${14:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${15|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
state: ${16|absent,present|} # not required. choices: absent;present. Assert the state of the container registry. Use 'present' to create or update an container registry and 'absent' to delete it.
location: ${17:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
auth_source: ${18|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${19:null} # not required. Your Azure subscription Id.
"""
'azure_rm_deployment':
'prefix': "azure_rm_deployment_snippet"
'description': "Create or destroy Azure Resource Manager template deployments"
'body': """
azure_rm_deployment:
resource_group_name: ${1:undefined} # required. The resource group name to use or create to host the deployed template
deployment_name: ${2:ansible-arm} # not required. The name of the deployment to be tracked in the resource group deployment history. Re-using a deployment name will overwrite the previous value in the resource group's deployment history.
wait_for_deployment_polling_period: ${3:10} # not required. Time (in seconds) to wait between polls when waiting for deployment completion.
cloud_environment: ${4:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
wait_for_deployment_completion: ${5|yes,no|} # not required. choices: yes;no. Whether or not to block until the deployment has completed.
cert_validation_mode: ${6|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
parameters: ${7:null} # not required. A hash of all the required template variables for the deployment template. This parameter is mutually exclusive with 'parameters_link'. Either one of them is required if \"state\" parameter is \"present\".
ad_user: ${8:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
state: ${9|present,absent|} # not required. choices: present;absent. If state is \"present\", template will be created. If state is \"present\" and if deployment exists, it will be updated. If state is \"absent\", stack will be removed.
secret: ${10:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
location: ${11:westus} # not required. The geo-locations in which the resource group will be located.
template: ${12:null} # not required. A hash containing the templates inline. This parameter is mutually exclusive with 'template_link'. Either one of them is required if \"state\" parameter is \"present\".
subscription_id: ${13:null} # not required. Your Azure subscription Id.
profile: ${14:null} # not required. Security profile found in ~/.azure/credentials file.
template_link: ${15:null} # not required. Uri of file containing the template body. This parameter is mutually exclusive with 'template'. Either one of them is required if \"state\" parameter is \"present\".
client_id: ${16:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${17|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
password: ${18:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${19:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
deployment_mode: ${20|complete,incremental|} # not required. choices: complete;incremental. In incremental mode, resources are deployed without deleting existing resources that are not included in the template. In complete mode resources are deployed and existing resources in the resource group not included in the template are deleted.
parameters_link: ${21:null} # not required. Uri of file containing the parameters body. This parameter is mutually exclusive with 'parameters'. Either one of them is required if \"state\" parameter is \"present\".
auth_source: ${22|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
"""
'azure_rm_dnsrecordset':
'prefix': "azure_rm_dnsrecordset_snippet"
'description': "Create, delete and update DNS record sets and records."
'body': """
azure_rm_dnsrecordset:
resource_group: ${1:undefined} # required. name of resource group
record_type: ${2|A,AAAA,CNAME,MX,NS,SRV,TXT,PTR|} # required. choices: A;AAAA;CNAME;MX;NS;SRV;TXT;PTR. the type of record set to create or delete
relative_name: ${3:undefined} # required. relative name of the record set
zone_name: ${4:undefined} # required. name of the existing DNS zone in which to manage the record set
profile: ${5:null} # not required. Security profile found in ~/.azure/credentials file.
api_profile: ${6|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
ad_user: ${7:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${8:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
record_mode: ${9|append,purge|} # not required. choices: append;purge. whether existing record values not sent to the module should be purged
state: ${10|absent,present|} # not required. choices: absent;present. Assert the state of the record set. Use C(present) to create or update and C(absent) to delete.
records: ${11:undefined} # not required. list of records to be created depending on the type of record (set)
time_to_live: ${12:3600} # not required. time to live of the record set in seconds
auth_source: ${13|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
client_id: ${14:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${15|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
subscription_id: ${16:null} # not required. Your Azure subscription Id.
password: ${17:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${18:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
secret: ${19:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
"""
'azure_rm_dnsrecordset_facts':
'prefix': "azure_rm_dnsrecordset_facts_snippet"
'description': "Get DNS Record Set facts."
'body': """
azure_rm_dnsrecordset_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
resource_group: ${2:undefined} # not required. Limit results by resource group. Required when filtering by name or type.
cloud_environment: ${3:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
top: ${4:100} # not required. Limit the maximum number of record sets to return
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cert_validation_mode: ${6|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
relative_name: ${7:undefined} # not required. Only show results for a Record Set.
record_type: ${8:undefined} # not required. Limit record sets by record type.
secret: ${9:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${10:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
zone_name: ${12:undefined} # not required. Limit results by zones. Required when filtering by name or type.
subscription_id: ${13:null} # not required. Your Azure subscription Id.
password: ${14:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${15:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${16|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_dnszone':
'prefix': "azure_rm_dnszone_snippet"
'description': "Manage Azure DNS zones."
'body': """
azure_rm_dnszone:
name: ${1:undefined} # required. name of the DNS Zone.
resource_group: ${2:undefined} # required. name of resource group.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
append_tags: ${6:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${7:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
state: ${9|absent,present|} # not required. choices: absent;present. Assert the state of the zone. Use 'present' to create or update and 'absent' to delete.
client_id: ${10:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${11|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
auth_source: ${12|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${13:null} # not required. Your Azure subscription Id.
password: ${14:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${15:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${16|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_dnszone_facts':
'prefix': "azure_rm_dnszone_facts_snippet"
'description': "Get DNS zone facts."
'body': """
azure_rm_dnszone_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:undefined} # not required. Only show results for a specific zone.
resource_group: ${3:undefined} # not required. Limit results by resource group. Required when filtering by name.
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
append_tags: ${6:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${7:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${8|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${9:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${10:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${11|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${12|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${13:null} # not required. Your Azure subscription Id.
password: ${14:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${15:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_functionapp':
'prefix': "azure_rm_functionapp_snippet"
'description': "Manage Azure Function Apps"
'body': """
azure_rm_functionapp:
name: ${1:undefined} # required. Name of the Azure Function App
resource_group: ${2:undefined} # required. Name of resource group
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
ad_user: ${4:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
secret: ${6:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
state: ${7|absent,present|} # not required. choices: absent;present. Assert the state of the Function App. Use 'present' to create or update a Function App and 'absent' to delete.
client_id: ${8:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${9|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
auth_source: ${10|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${11:null} # not required. Your Azure subscription Id.
password: ${12:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${13:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${14|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_functionapp_facts':
'prefix': "azure_rm_functionapp_facts_snippet"
'description': "Get Azure Function App facts"
'body': """
azure_rm_functionapp_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Only show results for a specific Function App
resource_group: ${3:null} # not required. Limit results to a resource group. Required when filtering by name
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_image':
'prefix': "azure_rm_image_snippet"
'description': "Manage Azure image."
'body': """
azure_rm_image:
resource_group: ${1:undefined} # required. Name of resource group.
name: ${2:undefined} # required. Name of the image.
source: ${3:undefined} # required. OS disk source from the same region, including a virtual machine id or name, OS disk blob uri, managed OS disk id or name, or OS snapshot id or name.
profile: ${4:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${5:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
ad_user: ${6:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
client_id: ${7:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${8|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
password: ${9:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
subscription_id: ${10:null} # not required. Your Azure subscription Id.
tenant: ${11:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${12|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
append_tags: ${13:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${14:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
secret: ${15:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
data_disk_sources: ${16:undefined} # not required. List of data disk sources, including unmanaged blob uri, managed disk id or name, or snapshot id or name.
state: ${17|absent,present|} # not required. choices: absent;present. Assert the state of the image. Use C(present) to create or update a image and C(absent) to delete an image.
location: ${18:undefined} # not required. Location of the image. Derived from I(resource_group) if not specified.
auth_source: ${19|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
os_type: ${20|Windows,Linux|} # not required. choices: Windows;Linux. The OS type of image.
"""
'azure_rm_keyvault':
'prefix': "azure_rm_keyvault_snippet"
'description': "Manage Key Vault instance."
'body': """
azure_rm_keyvault:
resource_group: ${1:undefined} # required. The name of the Resource Group to which the server belongs.
vault_name: ${2:undefined} # required. Name of the vault
ad_user: ${3:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
enabled_for_deployment: ${4:undefined} # not required. Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
cert_validation_mode: ${5|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
access_policies: ${6:undefined} # not required. An array of 0 to 16 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID.
sku: ${7:undefined} # not required. SKU details
cloud_environment: ${8:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
state: ${9|absent,present|} # not required. choices: absent;present. Assert the state of the KeyVault. Use 'present' to create or update an KeyVault and 'absent' to delete it.
enabled_for_template_deployment: ${10:undefined} # not required. Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
secret: ${11:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
location: ${12:undefined} # not required. Resource location. If not set, location from the resource group will be used as default.
subscription_id: ${13:null} # not required. Your Azure subscription Id.
profile: ${14:null} # not required. Security profile found in ~/.azure/credentials file.
client_id: ${15:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
password: ${17:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${18:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
vault_tenant: ${19:undefined} # not required. The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
recover_mode: ${20:undefined} # not required. Create vault in recovery mode.
enabled_for_disk_encryption: ${21:undefined} # not required. Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
api_profile: ${22|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
enable_soft_delete: ${23:undefined} # not required. Property to specify whether the soft delete functionality is enabled for this key vault.
"""
'azure_rm_keyvaultkey':
'prefix': "azure_rm_keyvaultkey_snippet"
'description': "Use Azure KeyVault keys."
'body': """
azure_rm_keyvaultkey:
key_name: ${1:undefined} # required. Name of the keyvault key.
keyvault_uri: ${2:undefined} # required. URI of the keyvault endpoint.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
pem_password: ${4:undefined} # not required. PEM password.
state: ${5|absent,present|} # not required. choices: absent;present. Assert the state of the key. Use 'present' to create a key and 'absent' to delete a key.
pem_file: ${6:undefined} # not required. PEM file.
client_id: ${7:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${8|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
tags: ${9:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
password: ${10:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${11:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
ad_user: ${12:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
append_tags: ${13:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${14:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${15|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${16:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
byok_file: ${17:undefined} # not required. BYOK file.
auth_source: ${18|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${19:null} # not required. Your Azure subscription Id.
"""
'azure_rm_keyvaultsecret':
'prefix': "azure_rm_keyvaultsecret_snippet"
'description': "Use Azure KeyVault Secrets."
'body': """
azure_rm_keyvaultsecret:
keyvault_uri: ${1:undefined} # required. URI of the keyvault endpoint.
secret_name: ${2:undefined} # required. Name of the keyvault secret.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
append_tags: ${6:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${7:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
state: ${9|absent,present|} # not required. choices: absent;present. Assert the state of the subnet. Use 'present' to create or update a secret and 'absent' to delete a secret .
tenant: ${10:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
client_id: ${11:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${12|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
auth_source: ${13|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${14:null} # not required. Your Azure subscription Id.
password: ${15:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
secret_value: ${16:undefined} # not required. Secret to be secured by keyvault.
api_profile: ${17|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_loadbalancer':
'prefix': "azure_rm_loadbalancer_snippet"
'description': "Manage Azure load balancers."
'body': """
azure_rm_loadbalancer:
resource_group: ${1:undefined} # required. Name of a resource group where the load balancer exists or will be created.
name: ${2:undefined} # required. Name of the load balancer.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
probe_port: ${4:undefined} # not required. (deprecated) The port that the health probe will use.,This option has been deprecated, and will be removed in 2.9. Use I(probes) instead.
append_tags: ${5:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
load_balancing_rules: ${6:undefined} # not required. Object collection representing the load balancing rules Gets the provisioning.
tags: ${7:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
ad_user: ${8:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${9:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
natpool_protocol: ${10:undefined} # not required. (deprecated) The protocol for the NAT pool.,This option has been deprecated, and will be removed in 2.9. Use I(inbound_nat_pools) instead.
inbound_nat_pools: ${11:undefined} # not required. Defines an external port range for inbound NAT to a single backend port on NICs associated with a load balancer.,Inbound NAT rules are created automatically for each NIC associated with the Load Balancer using an external port from this range.,Defining an Inbound NAT pool on your Load Balancer is mutually exclusive with defining inbound Nat rules.,Inbound NAT pools are referenced from virtual machine scale sets.,NICs that are associated with individual virtual machines cannot reference an inbound NAT pool.,They have to reference individual inbound NAT rules.
idle_timeout: ${12:4} # not required. (deprecated) Timeout for TCP idle connection in minutes.,This option has been deprecated, and will be removed in 2.9. Use I(load_balancing_rules) instead.
probe_interval: ${13:15} # not required. (deprecated) Time (in seconds) between endpoint health probes.,This option has been deprecated, and will be removed in 2.9. Use I(probes) instead.
client_id: ${14:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
probe_protocol: ${15|Tcp,Http|} # not required. choices: Tcp;Http. (deprecated) The protocol to use for the health probe.,This option has been deprecated, and will be removed in 2.9. Use I(probes) instead.
load_distribution: ${16|Default,SourceIP,SourceIPProtocol|} # not required. choices: Default;SourceIP;SourceIPProtocol. (deprecated) The type of load distribution that the load balancer will employ.,This option has been deprecated, and will be removed in 2.9. Use I(load_balancing_rules) instead.
frontend_port: ${17:undefined} # not required. (deprecated) Frontend port that will be exposed for the load balancer.,This option has been deprecated, and will be removed in 2.9. Use I(load_balancing_rules) instead.
backend_port: ${18:undefined} # not required. (deprecated) Backend port that will be exposed for the load balancer.,This option has been deprecated, and will be removed in 2.9. Use I(load_balancing_rules) instead.
probes: ${19:undefined} # not required. List of probe definitions used to check endpoint health.
public_ip_address_name: ${20:undefined} # not required. (deprecated) Name of an existing public IP address object to associate with the security group.,This option has been deprecated, and will be removed in 2.9. Use I(frontend_ip_configurations) instead.
probe_fail_count: ${21:3} # not required. (deprecated) The amount of probe failures for the load balancer to make a health determination.,This option has been deprecated, and will be removed in 2.9. Use I(probes) instead.
password: ${22:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
natpool_frontend_port_end: ${23:undefined} # not required. (deprecated) End of the port range for a NAT pool.,This option has been deprecated, and will be removed in 2.9. Use I(inbound_nat_pools) instead.
natpool_backend_port: ${24:undefined} # not required. (deprecated) Backend port used by the NAT pool.,This option has been deprecated, and will be removed in 2.9. Use I(inbound_nat_pools) instead.
tenant: ${25:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
secret: ${26:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
backend_address_pools: ${27:undefined} # not required. List of backend address pools
natpool_frontend_port_start: ${28:undefined} # not required. (deprecated) Start of the port range for a NAT pool.,This option has been deprecated, and will be removed in 2.9. Use I(inbound_nat_pools) instead.
protocol: ${29|Tcp,Udp|} # not required. choices: Tcp;Udp. (deprecated) The protocol (TCP or UDP) that the load balancer will use.,This option has been deprecated, and will be removed in 2.9. Use I(load_balancing_rules) instead.
frontend_ip_configurations: ${30:undefined} # not required. List of frontend IPs to be used
cert_validation_mode: ${31|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
state: ${32|absent,present|} # not required. choices: absent;present. Assert the state of the load balancer. Use C(present) to create/update a load balancer, or C(absent) to delete one.
location: ${33:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
probe_request_path: ${34:undefined} # not required. (deprecated) The URL that an HTTP probe will use (only relevant if probe_protocol is set to Http).,This option has been deprecated, and will be removed in 2.9. Use I(probes) instead.
auth_source: ${35|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${36:null} # not required. Your Azure subscription Id.
api_profile: ${37|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_loadbalancer_facts':
'prefix': "azure_rm_loadbalancer_facts_snippet"
'description': "Get load balancer facts."
'body': """
azure_rm_loadbalancer_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Limit results to a specific resource group.
resource_group: ${3:null} # not required. The resource group to search for the desired load balancer
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_managed_disk':
'prefix': "azure_rm_managed_disk_snippet"
'description': "Manage Azure Manage Disks"
'body': """
azure_rm_managed_disk:
resource_group: ${1:undefined} # required. Name of a resource group where the managed disk exists or will be created.
name: ${2:undefined} # required. Name of the managed disk.
ad_user: ${3:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
managed_by: ${4:undefined} # not required. Name of an existing virtual machine with which the disk is or will be associated, this VM should be in the same resource group.,To detach a disk from a vm, keep undefined.
cert_validation_mode: ${5|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
source_resource_uri: ${6:undefined} # not required. The resource ID of the managed disk to copy when I(create_option) is C(copy).
append_tags: ${7:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${8:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
state: ${9|absent,present|} # not required. choices: absent;present. Assert the state of the managed disk. Use C(present) to create or update a managed disk and 'absent' to delete a managed disk.
storage_account_type: ${10|Standard_LRS,Premium_LRS|} # not required. choices: Standard_LRS;Premium_LRS. Type of storage for the managed disk: C(Standard_LRS) or C(Premium_LRS). If not specified the disk is created C(Standard_LRS).
secret: ${11:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
location: ${12:resource_group location} # not required. Valid Azure location. Defaults to location of the resource group.
subscription_id: ${13:null} # not required. Your Azure subscription Id.
profile: ${14:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${15:null} # not required. Tags to assign to the managed disk.
source_uri: ${16:undefined} # not required. URI to a valid VHD file to be used when I(create_option) is C(import).
client_id: ${17:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${18|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
password: ${19:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
create_option: ${20|empty,import,copy|} # not required. choices: empty;import;copy. Allowed values: empty, import, copy. C(import) from a VHD file in I(source_uri) and C(copy) from previous managed disk I(source_resource_uri).
tenant: ${21:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
disk_size_gb: ${22:undefined} # not required. Size in GB of the managed disk to be created. If I(create_option) is C(copy) then the value must be greater than or equal to the source's size.
auth_source: ${23|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
os_type: ${24|linux,windows|} # not required. choices: linux;windows. Type of Operating System: C(linux) or C(windows). Used when I(create_option) is either C(copy) or C(import) and the source is an OS disk.
"""
'azure_rm_managed_disk_facts':
'prefix': "azure_rm_managed_disk_facts_snippet"
'description': "Get managed disk facts."
'body': """
azure_rm_managed_disk_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Limit results to a specific managed disk
resource_group: ${3:null} # not required. Limit results to a specific resource group
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_mysqldatabase':
'prefix': "azure_rm_mysqldatabase_snippet"
'description': "Manage MySQL Database instance."
'body': """
azure_rm_mysqldatabase:
resource_group: ${1:undefined} # required. The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
name: ${2:undefined} # required. The name of the database.
server_name: ${3:undefined} # required. The name of the server.
profile: ${4:null} # not required. Security profile found in ~/.azure/credentials file.
force_update: ${5:no} # not required. When set to C(true), will delete and recreate the existing MySQL database if any of the properties don't match what is set.,When set to C(false), no change will occur to the database even if any of the properties do not match.
ad_user: ${6:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
client_id: ${7:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${8|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
collation: ${9:undefined} # not required. The collation of the database. Check MySQL documentation for possible values.,This is only set on creation, use I(force_update) to recreate a database if the values don't match.
password: ${10:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${11:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
charset: ${12:undefined} # not required. The charset of the database. Check MySQL documentation for possible values.,This is only set on creation, use I(force_update) to recreate a database if the values don't match.
cloud_environment: ${13:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${14|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${15:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${17:null} # not required. Your Azure subscription Id.
"""
'azure_rm_mysqlserver':
'prefix': "azure_rm_mysqlserver_snippet"
'description': "Manage MySQL Server instance."
'body': """
azure_rm_mysqlserver:
name: ${1:undefined} # required. The name of the server.
resource_group: ${2:undefined} # required. The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
sku: ${3:undefined} # not required. The SKU (pricing tier) of the server.
profile: ${4:null} # not required. Security profile found in ~/.azure/credentials file.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
ad_user: ${6:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
storage_mb: ${7:undefined} # not required. The maximum storage allowed for a server.
admin_username: ${8:undefined} # not required. The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation).
api_profile: ${9|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
secret: ${10:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
version: ${11|5.6,5.7|} # not required. choices: 5.6;5.7. Server version.
location: ${12:undefined} # not required. Resource location. If not set, location from the resource group will be used as default.
client_id: ${13:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${14|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
tenant: ${15:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${17:null} # not required. Your Azure subscription Id.
password: ${18:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
enforce_ssl: ${19:false} # not required. Enable SSL enforcement.
admin_password: ${20:undefined} # not required. The password of the administrator login.
"""
'azure_rm_networkinterface':
'prefix': "azure_rm_networkinterface_snippet"
'description': "Manage Azure network interfaces."
'body': """
azure_rm_networkinterface:
resource_group: ${1:undefined} # required. Name of a resource group where the network interface exists or will be created.
subnet_name: ${2:null} # required. Name of an existing subnet within the specified virtual network. Required when creating a network interface
virtual_network_name: ${3:undefined} # required. Name or id of an existing virtual network with which the network interface will be associated. Required when creating a network interface.
name: ${4:undefined} # required. Name of the network interface.
public_ip_allocation_method: ${5|Dynamic,Static|} # not required. choices: Dynamic;Static. (Deprecate) If a public_ip_address_name is not provided, a default public IP address will be created. The allocation method determines whether or not the public IP address assigned to the network interface is permanent.,This option will be deprecated in 2.9, use I(ip_configurations) instead.
public_ip: ${6:true} # not required. (Deprecate) When creating a network interface, if no public IP address name is provided a default public IP address will be created. Set to false, if you do not want a public IP address automatically created.,This option will be deprecated in 2.9, use I(ip_configurations) instead.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
ip_configurations: ${8:undefined} # not required. List of ip configuration if contains mutilple configuration, should contain configuration object include field private_ip_address, private_ip_allocation_method, public_ip_address_name, public_ip, subnet_name, virtual_network_name, public_ip_allocation_method, name
public_ip_address_name: ${9:null} # not required. (Deprecate) Name of an existing public IP address object to associate with the security group.,This option will be deprecated in 2.9, use I(ip_configurations) instead.
password: ${10:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
append_tags: ${11:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${12:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
state: ${13|absent,present|} # not required. choices: absent;present. Assert the state of the network interface. Use 'present' to create or update an interface and 'absent' to delete an interface.
secret: ${14:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
location: ${15:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
subscription_id: ${16:null} # not required. Your Azure subscription Id.
profile: ${17:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${18:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
security_group_name: ${19:null} # not required. Name of an existing security group with which to associate the network interface. If not provided, a default security group will be created.
private_ip_allocation_method: ${20|Dynamic,Static|} # not required. choices: Dynamic;Static. (Deprecate) Specify whether or not the assigned IP address is permanent. NOTE: when creating a network interface specifying a value of 'Static' requires that a private_ip_address value be provided. You can update the allocation method to 'Static' after a dynamic private ip address has been assigned.,This option will be deprecated in 2.9, use I(ip_configurations) instead.
client_id: ${21:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${22|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
open_ports: ${23:null} # not required. When a default security group is created for a Linux host a rule will be added allowing inbound TCP connections to the default SSH port 22, and for a Windows host rules will be added allowing inbound access to RDP ports 3389 and 5986. Override the default ports by providing a list of open ports.
tenant: ${24:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
ad_user: ${25:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
private_ip_address: ${26:undefined} # not required. (Deprecate) Valid IPv4 address that falls within the specified subnet.,This option will be deprecated in 2.9, use I(ip_configurations) instead.
auth_source: ${27|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
os_type: ${28|Windows,Linux|} # not required. choices: Windows;Linux. Determines any rules to be added to a default security group. When creating a network interface, if no security group name is provided, a default security group will be created. If the os_type is 'Windows', a rule will be added allowing RDP access. If the os_type is 'Linux', a rule allowing SSH access will be added.
"""
'azure_rm_networkinterface_facts':
'prefix': "azure_rm_networkinterface_facts_snippet"
'description': "Get network interface facts."
'body': """
azure_rm_networkinterface_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Only show results for a specific network interface.
resource_group: ${3:null} # not required. Name of the resource group containing the network interface(s). Required when searching by name.
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_postgresqldatabase':
'prefix': "azure_rm_postgresqldatabase_snippet"
'description': "Manage PostgreSQL Database instance."
'body': """
azure_rm_postgresqldatabase:
resource_group: ${1:undefined} # required. The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
name: ${2:undefined} # required. The name of the database.
server_name: ${3:undefined} # required. The name of the server.
profile: ${4:null} # not required. Security profile found in ~/.azure/credentials file.
force_update: ${5:no} # not required. When set to C(true), will delete and recreate the existing PostgreSQL database if any of the properties don't match what is set.,When set to C(false), no change will occur to the database even if any of the properties do not match.
ad_user: ${6:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
client_id: ${7:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${8|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
collation: ${9:undefined} # not required. The collation of the database. Check PostgreSQL documentation for possible values.,This is only set on creation, use I(force_update) to recreate a database if the values don't match.
password: ${10:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${11:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
charset: ${12:undefined} # not required. The charset of the database. Check PostgreSQL documentation for possible values.,This is only set on creation, use I(force_update) to recreate a database if the values don't match.
cloud_environment: ${13:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${14|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${15:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${17:null} # not required. Your Azure subscription Id.
"""
'azure_rm_postgresqlserver':
'prefix': "azure_rm_postgresqlserver_snippet"
'description': "Manage PostgreSQL Server instance."
'body': """
azure_rm_postgresqlserver:
name: ${1:undefined} # required. The name of the server.
resource_group: ${2:undefined} # required. The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
sku: ${3:undefined} # not required. The SKU (pricing tier) of the server.
profile: ${4:null} # not required. Security profile found in ~/.azure/credentials file.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
ad_user: ${6:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
storage_mb: ${7:undefined} # not required. The maximum storage allowed for a server.
admin_username: ${8:undefined} # not required. The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation).
api_profile: ${9|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
secret: ${10:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
version: ${11|9.5,9.6|} # not required. choices: 9.5;9.6. Server version.
location: ${12:undefined} # not required. Resource location. If not set, location from the resource group will be used as default.
client_id: ${13:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${14|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
tenant: ${15:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${17:null} # not required. Your Azure subscription Id.
password: ${18:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
enforce_ssl: ${19:false} # not required. Enable SSL enforcement.
admin_password: ${20:undefined} # not required. The password of the administrator login.
"""
'azure_rm_publicipaddress':
'prefix': "azure_rm_publicipaddress_snippet"
'description': "Manage Azure Public IP Addresses."
'body': """
azure_rm_publicipaddress:
resource_group: ${1:undefined} # required. Name of resource group with which the Public IP is associated.
name: ${2:undefined} # required. Name of the Public IP.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${6:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
domain_name_label: ${7:null} # not required. The customizable portion of the FQDN assigned to public IP address. This is an explicit setting. If no value is provided, any existing value will be removed on an existing public IP.
client_id: ${8:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
allocation_method: ${9|Dynamic,Static|} # not required. choices: Dynamic;Static. Control whether the assigned Public IP remains permanently assigned to the object. If not set to 'Static', the IP address my changed anytime an associated virtual machine is power cycled.
password: ${10:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${11:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${12|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
append_tags: ${13:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${14:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
state: ${15|absent,present|} # not required. choices: absent;present. Assert the state of the Public IP. Use 'present' to create or update a and 'absent' to delete.
cert_validation_mode: ${16|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
location: ${17:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
auth_source: ${18|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${19:null} # not required. Your Azure subscription Id.
"""
'azure_rm_publicipaddress_facts':
'prefix': "azure_rm_publicipaddress_facts_snippet"
'description': "Get public IP facts."
'body': """
azure_rm_publicipaddress_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Only show results for a specific Public IP.
resource_group: ${3:null} # not required. Limit results by resource group. Required when using name parameter.
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_resourcegroup':
'prefix': "azure_rm_resourcegroup_snippet"
'description': "Manage Azure resource groups."
'body': """
azure_rm_resourcegroup:
name: ${1:undefined} # required. Name of the resource group.
profile: ${2:null} # not required. Security profile found in ~/.azure/credentials file.
force: ${3:false} # not required. Remove a resource group and all associated resources. Use with state 'absent' to delete a resource group that contains resources.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
append_tags: ${6:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${7:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
state: ${9|absent,present|} # not required. choices: absent;present. Assert the state of the resource group. Use 'present' to create or update and 'absent' to delete. When 'absent' a resource group containing resources will not be removed unless the force option is used.
location: ${10:null} # not required. Azure location for the resource group. Required when creating a new resource group. Cannot be changed once resource group is created.
client_id: ${11:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${12|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
auth_source: ${13|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${14:null} # not required. Your Azure subscription Id.
password: ${15:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${16:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${17|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_resourcegroup_facts':
'prefix': "azure_rm_resourcegroup_facts_snippet"
'description': "Get resource group facts."
'body': """
azure_rm_resourcegroup_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Limit results to a specific resource group.
tags: ${3:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${4:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${6|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${7:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${8:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${9|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${10|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${11:null} # not required. Your Azure subscription Id.
password: ${12:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${13:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_securitygroup':
'prefix': "azure_rm_securitygroup_snippet"
'description': "Manage Azure network security groups."
'body': """
azure_rm_securitygroup:
resource_group: ${1:undefined} # required. Name of the resource group the security group belongs to.
profile: ${2:null} # not required. Security profile found in ~/.azure/credentials file.
purge_rules: ${3:false} # not required. Remove any existing rules not matching those defined in the rules parameters.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
rules: ${5:null} # not required. Set of rules shaping traffic flow to or from a subnet or NIC. Each rule is a dictionary.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
append_tags: ${7:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${8:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${9:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
default_rules: ${10:null} # not required. The set of default rules automatically added to a security group at creation. In general default rules will not be modified. Modify rules to shape the flow of traffic to or from a subnet or NIC. See rules below for the makeup of a rule dict.
api_profile: ${11|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
purge_default_rules: ${12:false} # not required. Remove any existing rules not matching those defined in the default_rules parameter.
state: ${13|absent,present|} # not required. choices: absent;present. Assert the state of the security group. Set to 'present' to create or update a security group. Set to 'absent' to remove a security group.
location: ${14:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
client_id: ${15:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${16|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
auth_source: ${17|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${18:null} # not required. Your Azure subscription Id.
password: ${19:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${20:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
name: ${21:null} # not required. Name of the security group to operate on.
"""
'azure_rm_securitygroup_facts':
'prefix': "azure_rm_securitygroup_facts_snippet"
'description': "Get security group facts."
'body': """
azure_rm_securitygroup_facts:
resource_group: ${1:undefined} # required. Name of the resource group to use.
profile: ${2:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${3:null} # not required. Only show results for a specific security group.
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_sqldatabase':
'prefix': "azure_rm_sqldatabase_snippet"
'description': "Manage SQL Database instance."
'body': """
azure_rm_sqldatabase:
resource_group: ${1:undefined} # required. The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
name: ${2:undefined} # required. The name of the database to be operated on (updated or created).
server_name: ${3:undefined} # required. The name of the server.
profile: ${4:null} # not required. Security profile found in ~/.azure/credentials file.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
recovery_services_recovery_point_resource_id: ${7:undefined} # not required. Required if I(create_mode) is C(restore_long_term_retention_backup), then this value is required. Specifies the resource ID of the recovery point to restore from.
edition: ${8|web,business,basic,standard,premium,free,stretch,data_warehouse,system,system2|} # not required. choices: web;business;basic;standard;premium;free;stretch;data_warehouse;system;system2. The edition of the database. The DatabaseEditions enumeration contains all the valid editions. If I(create_mode) is C(non_readable_secondary) or C(online_secondary), this value is ignored. To see possible values, query the capabilities API (/subscriptions/{subscriptionId}/providers/Microsoft.Sql/locations/{locationID}/capabilities) referred to by operationId: 'Capabilities_ListByLocation.'.
elastic_pool_name: ${9:undefined} # not required. The name of the elastic pool the database is in. Not supported for C(data_warehouse) edition.
client_id: ${10:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${11|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
max_size_bytes: ${12:undefined} # not required. The max size of the database expressed in bytes. If I(create_mode) is not C(default), this value is ignored. To see possible values, query the capabilities API (/subscriptions/{subscriptionId}/providers/Microsoft.Sql/locations/{locationID}/capabilities) referred to by operationId: 'Capabilities_ListByLocation."
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
zone_redundant: ${14:false} # not required. Is this database is zone redundant? It means the replicas of this database will be spread across multiple availability zones.
tenant: ${15:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
restore_point_in_time: ${16:undefined} # not required. Required if I(create_mode) is C(point_in_time_restore), this value is required. If I(create_mode) is C(restore), this value is optional. Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. Must be greater than or equal to the source database's earliestRestoreDate value.
create_mode: ${17|copy,default,non_readable_secondary,online_secondary,point_in_time_restore,recovery,restore,restore_long_term_retention_backup|} # not required. choices: copy;default;non_readable_secondary;online_secondary;point_in_time_restore;recovery;restore;restore_long_term_retention_backup. Specifies the mode of database creation.,C(default): regular database creation.,C(copy): creates a database as a copy of an existing database.,C(online_secondary)/C(non_readable_secondary): creates a database as a (readable or nonreadable) secondary replica of an existing database.,C(point_in_time_restore): Creates a database by restoring a point in time backup of an existing database.,C(recovery): Creates a database by restoring a geo-replicated backup.,C(restore): Creates a database by restoring a backup of a deleted database.,C(restore_long_term_retention_backup): Creates a database by restoring from a long term retention vault.,C(copy), C(non_readable_secondary), C(online_secondary) and C(restore_long_term_retention_backup) are not supported for C(data_warehouse) edition.
source_database_deletion_date: ${18:undefined} # not required. Required if I(create_mode) is C(restore) and I(source_database_id) is the deleted database's original resource id when it existed (as opposed to its current restorable dropped database id), then this value is required. Specifies the time that the database was deleted.
force_update: ${19:undefined} # not required. SQL Database will be updated if given parameters differ from existing resource state.,To force SQL Database update in any circumstances set this parameter to True.
collation: ${20:undefined} # not required. The collation of the database. If I(create_mode) is not C(default), this value is ignored.
secret: ${21:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
source_database_id: ${22:undefined} # not required. Required unless I(create_mode) is C(default) or C(restore_long_term_retention_backup).,Specifies the resource ID of the source database
state: ${23|absent,present|} # not required. choices: absent;present. Assert the state of the SQL Database. Use 'present' to create or update an SQL Database and 'absent' to delete it.
location: ${24:undefined} # not required. Resource location. If not set, location from the resource group will be used as C(default).
sample_name: ${25|adventure_works_lt|} # not required. choices: adventure_works_lt. Indicates the name of the sample schema to apply when creating this database. If I(create_mode) is not C(default), this value is ignored. Not supported for C(data_warehouse) edition.
auth_source: ${26|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${27:null} # not required. Your Azure subscription Id.
read_scale: ${28:false} # not required. If the database is a geo-secondary, indicates whether read-only connections are allowed to this database or not. Not supported for C(data_warehouse) edition.
api_profile: ${29|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_sqlserver':
'prefix': "azure_rm_sqlserver_snippet"
'description': "Manage SQL Server instance"
'body': """
azure_rm_sqlserver:
resource_group: ${1:undefined} # required. The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
name: ${2:undefined} # required. The name of the server.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${4:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
client_id: ${6:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${7|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
password: ${8:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
identity: ${9:undefined} # not required. The identity type. Set this to 'SystemAssigned' in order to automatically create and assign an Azure Active Directory principal for the resour ce. Possible values include: 'SystemAssigned"
tenant: ${10:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
append_tags: ${11:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
cloud_environment: ${12:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${13|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
admin_username: ${14:undefined} # not required. Administrator username for the server. Once created it cannot be changed.
secret: ${15:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
version: ${16:undefined} # not required. The version of the server. For example '12.0'.
location: ${17:undefined} # not required. Resource location.
auth_source: ${18|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${19:null} # not required. Your Azure subscription Id.
admin_password: ${20:undefined} # not required. The administrator login password (required for server creation).
"""
'azure_rm_sqlserver_facts':
'prefix': "azure_rm_sqlserver_facts_snippet"
'description': "Get SQL Server facts."
'body': """
azure_rm_sqlserver_facts:
resource_group: ${1:undefined} # required. The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
profile: ${2:null} # not required. Security profile found in ~/.azure/credentials file.
server_name: ${3:undefined} # not required. The name of the server.
ad_user: ${4:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${6|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${7:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${8:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${9|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${10|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${11:null} # not required. Your Azure subscription Id.
password: ${12:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${13:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_storageaccount':
'prefix': "azure_rm_storageaccount_snippet"
'description': "Manage Azure storage accounts."
'body': """
azure_rm_storageaccount:
resource_group: ${1:undefined} # required. Name of the resource group to use.
profile: ${2:null} # not required. Security profile found in ~/.azure/credentials file.
kind: ${3|Storage,BlobStorage|} # not required. choices: Storage;BlobStorage. The 'kind' of storage.
account_type: ${4|Premium_LRS,Standard_GRS,Standard_LRS,Standard_RAGRS,Standard_ZRS|} # not required. choices: Premium_LRS;Standard_GRS;Standard_LRS;Standard_RAGRS;Standard_ZRS. Type of storage account. Required when creating a storage account. NOTE: Standard_ZRS and Premium_LRS accounts cannot be changed to other account types, and other account types cannot be changed to Standard_ZRS or Premium_LRS.
custom_domain: ${5:null} # not required. User domain assigned to the storage account. Must be a dictionary with 'name' and 'use_sub_domain' keys where 'name' is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.,Can be added to an existing storage account. Will be ignored during storage account creation.
tags: ${6:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
cloud_environment: ${7:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
append_tags: ${8:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${9:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${10:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
api_profile: ${11|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
state: ${12|absent,present|} # not required. choices: absent;present. Assert the state of the storage account. Use 'present' to create or update a storage account and 'absent' to delete an account.
client_id: ${13:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
location: ${14:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
access_tier: ${15|Hot,Cool|} # not required. choices: Hot;Cool. The access tier for this storage account. Required for a storage account of kind 'BlobStorage'.
cert_validation_mode: ${16|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
auth_source: ${17|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${18:null} # not required. Your Azure subscription Id.
password: ${19:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${20:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
name: ${21:null} # not required. Name of the storage account to update or create.
"""
'azure_rm_storageaccount_facts':
'prefix': "azure_rm_storageaccount_facts_snippet"
'description': "Get storage account facts."
'body': """
azure_rm_storageaccount_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Only show results for a specific account.
resource_group: ${3:null} # not required. Limit results to a resource group. Required when filtering by name.
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_storageblob':
'prefix': "azure_rm_storageblob_snippet"
'description': "Manage blob containers and blob objects."
'body': """
azure_rm_storageblob:
resource_group: ${1:undefined} # required. Name of the resource group to use.
container: ${2:undefined} # required. Name of a blob container within the storage account.
storage_account_name: ${3:undefined} # required. Name of the storage account to use.
profile: ${4:null} # not required. Security profile found in ~/.azure/credentials file.
force: ${5:false} # not required. Overwrite existing blob or file when uploading or downloading. Force deletion of a container that contains blobs.
client_id: ${6:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
tags: ${7:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
dest: ${8:null} # not required. Destination file path. Use with state 'present' to download a blob.
cloud_environment: ${9:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
secret: ${10:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
content_language: ${11:null} # not required. Set the blob content-language header.
content_type: ${12:null} # not required. Set the blob content-type header. For example, 'image/png'.
cert_validation_mode: ${13|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
public_access: ${14|container,blob|} # not required. choices: container;blob. Determine a container's level of public access. By default containers are private. Can only be set at time of container creation.
password: ${15:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${16:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${17|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
src: ${18:null} # not required. Source file path. Use with state 'present' to upload a blob.
append_tags: ${19:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${20:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
blob_type: ${21|block,page|} # not required. choices: block;page. Type of Blob Object.
state: ${22|absent,present|} # not required. choices: absent;present. Assert the state of a container or blob.,Use state 'absent' with a container value only to delete a container. Include a blob value to remove a specific blob. A container will not be deleted, if it contains blobs. Use the force option to override, deleting the container and all associated blobs.,Use state 'present' to create or update a container and upload or download a blob. If the container does not exist, it will be created. If it exists, it will be updated with configuration options. Provide a blob name and either src or dest to upload or download. Provide a src path to upload and a dest path to download. If a blob (uploading) or a file (downloading) already exists, it will not be overwritten unless the force parameter is true.
blob: ${23:null} # not required. Name of a blob object within the container.
auth_source: ${24|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
content_md5: ${25:null} # not required. Set the blob md5 hash value.
subscription_id: ${26:null} # not required. Your Azure subscription Id.
content_disposition: ${27:null} # not required. Set the blob content-disposition header.
cache_control: ${28:null} # not required. Set the blob cache-control header.
content_encoding: ${29:null} # not required. Set the blob encoding header.
"""
'azure_rm_subnet':
'prefix': "azure_rm_subnet_snippet"
'description': "Manage Azure subnets."
'body': """
azure_rm_subnet:
resource_group: ${1:undefined} # required. Name of resource group.
virtual_network_name: ${2:undefined} # required. Name of an existing virtual network with which the subnet is or will be associated.
name: ${3:undefined} # required. Name of the subnet.
address_prefix_cidr: ${4:undefined} # required. CIDR defining the IPv4 address space of the subnet. Must be valid within the context of the virtual network.
profile: ${5:null} # not required. Security profile found in ~/.azure/credentials file.
ad_user: ${6:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${7:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
security_group_name: ${8:null} # not required. Name of an existing security group with which to associate the subnet.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
password: ${11:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${12:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
cloud_environment: ${13:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
state: ${14|absent,present|} # not required. choices: absent;present. Assert the state of the subnet. Use 'present' to create or update a subnet and 'absent' to delete a subnet.
cert_validation_mode: ${15|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${17:null} # not required. Your Azure subscription Id.
"""
'azure_rm_virtualmachine':
'prefix': "azure_rm_virtualmachine_snippet"
'description': "Manage Azure virtual machines."
'body': """
azure_rm_virtualmachine:
resource_group: ${1:undefined} # required. Name of the resource group containing the virtual machine.
image: ${2:undefined} # required. Specifies the image used to build the VM.,If a string, the image is sourced from a custom image based on the name.,If a dict with the keys C(publisher), C(offer), C(sku), and C(version), the image is sourced from a Marketplace image. NOTE: set image.version to C(latest) to get the most recent version of a given image.,If a dict with the keys C(name) and C(resource_group), the image is sourced from a custom image based on the C(name) and C(resource_group) set. NOTE: the key C(resource_group) is optional and if omitted, all images in the subscription will be searched for by C(name).,Custom image support was added in Ansible 2.5
name: ${3:undefined} # required. Name of the virtual machine.
virtual_network_resource_group: ${4:undefined} # not required. When creating a virtual machine, if a specific virtual network from another resource group should be used, use this parameter to specify the resource group to use.
storage_container_name: ${5:vhds} # not required. Name of the container to use within the storage account to store VHD blobs. If no name is specified a default container will created.
allocated: ${6:true} # not required. Toggle that controls if the machine is allocated/deallocated, only useful with state='present'.
ssh_password_enabled: ${7:true} # not required. When the os_type is Linux, setting ssh_password_enabled to false will disable SSH password authentication and require use of SSH keys.
availability_set: ${8:null} # not required. Name or ID of an existing availability set to add the VM to. The availability_set should be in the same resource group as VM.
append_tags: ${9:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${10:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
state: ${11|absent,present|} # not required. choices: absent;present. Assert the state of the virtual machine.,State 'present' will check that the machine exists with the requested configuration. If the configuration of the existing machine does not match, the machine will be updated. Use options started, allocated and restarted to change the machine's power state.,State 'absent' will remove the virtual machine.
secret: ${12:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
subnet_name: ${13:undefined} # not required. When creating a virtual machine, if a network interface name is not provided, one will be created. The new network interface will be assigned to the first subnet found in the virtual network. Use this parameter to provide a specific subnet instead.
location: ${14:undefined} # not required. Valid Azure location. Defaults to location of the resource group.
admin_password: ${15:undefined} # not required. Password for the admin username. Not required if the os_type is Linux and SSH password authentication is disabled by setting ssh_password_enabled to false.
virtual_network_name: ${16:undefined} # not required. When creating a virtual machine, if a network interface name is not provided, one will be created. The new network interface will be assigned to the first virtual network found in the resource group. Use this parameter to provide a specific virtual network instead.
client_id: ${17:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
storage_blob_name: ${18:undefined} # not required. Name fo the storage blob used to hold the VM's OS disk image. If no name is provided, defaults to the VM name + '.vhd'. If you provide a name, it must end with '.vhd"
password: ${19:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
restarted: ${20:false} # not required. Use with state 'present' to restart a running VM.
api_profile: ${21|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
os_type: ${22|Windows,Linux|} # not required. choices: Windows;Linux. Base type of operating system.
public_ip_allocation_method: ${23|Dynamic,Static|} # not required. choices: Dynamic;Static. If a public IP address is created when creating the VM (because a Network Interface was not provided), determines if the public IP address remains permanently associated with the Network Interface. If set to 'Dynamic' the public IP address may change any time the VM is rebooted or power cycled.
managed_disk_type: ${24|Standard_LRS,Premium_LRS|} # not required. choices: Standard_LRS;Premium_LRS. Managed OS disk type
ssh_public_keys: ${25:undefined} # not required. For os_type Linux provide a list of SSH keys. Each item in the list should be a dictionary where the dictionary contains two keys: path and key_data. Set the path to the default location of the authorized_keys files. On an Enterprise Linux host, for example, the path will be /home/<admin username>/.ssh/authorized_keys. Set key_data to the actual value of the public key.
remove_on_absent: ${26:all} # not required. When removing a VM using state 'absent', also remove associated resources,It can be 'all' or a list with any of the following: ['network_interfaces', 'virtual_storage', 'public_ips'],Any other input will be ignored
cloud_environment: ${27:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
short_hostname: ${28:undefined} # not required. Name assigned internally to the host. On a linux VM this is the name returned by the `hostname` command. When creating a virtual machine, short_hostname defaults to name.
started: ${29:true} # not required. Use with state 'present' to start the machine. Set to false to have the machine be 'stopped'.
cert_validation_mode: ${30|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
network_interface_names: ${31:undefined} # not required. List of existing network interface names to add to the VM. If a network interface name is not provided when the VM is created, a default network interface will be created. In order for the module to create a network interface, at least one Virtual Network with one Subnet must exist.
subscription_id: ${32:null} # not required. Your Azure subscription Id.
profile: ${33:null} # not required. Security profile found in ~/.azure/credentials file.
tags: ${34:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
open_ports: ${35:undefined} # not required. If a network interface is created when creating the VM, a security group will be created as well. For Linux hosts a rule will be added to the security group allowing inbound TCP connections to the default SSH port 22, and for Windows hosts ports 3389 and 5986 will be opened. Override the default open ports by providing a list of ports.
plan: ${36:undefined} # not required. A dictionary describing a third-party billing plan for an instance
auth_source: ${37|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
vm_size: ${38:undefined} # not required. A valid Azure VM size value. For example, 'Standard_D4'. The list of choices varies depending on the subscription and location. Check your subscription for available choices. Required when creating a VM.
tenant: ${39:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
admin_username: ${40:undefined} # not required. Admin username used to access the host after it is created. Required when creating a VM.
custom_data: ${41:null} # not required. Data which is made available to the virtual machine and used by e.g., cloud-init.
storage_account_name: ${42:undefined} # not required. Name of an existing storage account that supports creation of VHD blobs. If not specified for a new VM, a new storage account named <vm name>01 will be created using storage type 'Standard_LRS'.
data_disks: ${43:null} # not required. Describes list of data disks.
os_disk_caching: ${44|ReadOnly,ReadWrite|} # not required. choices: ReadOnly;ReadWrite. Type of OS disk caching.
"""
'azure_rm_virtualmachine_extension':
'prefix': "azure_rm_virtualmachine_extension_snippet"
'description': "Managed Azure Virtual Machine extension"
'body': """
azure_rm_virtualmachine_extension:
resource_group: ${1:undefined} # required. Name of a resource group where the vm extension exists or will be created.
name: ${2:undefined} # required. Name of the vm extension
ad_user: ${3:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cert_validation_mode: ${4|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
state: ${6|absent,present|} # not required. choices: absent;present. Assert the state of the vm extension. Use 'present' to create or update a vm extension and 'absent' to delete a vm extension.
secret: ${7:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
location: ${8:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
protected_settings: ${9:undefined} # not required. Json formatted protected settings for the extension.
subscription_id: ${10:null} # not required. Your Azure subscription Id.
type_handler_version: ${11:undefined} # not required. The type version of the extension handler.
profile: ${12:null} # not required. Security profile found in ~/.azure/credentials file.
auto_upgrade_minor_version: ${13:undefined} # not required. Whether the extension handler should be automatically upgraded across minor versions.
virtual_machine_extension_type: ${14:undefined} # not required. The type of the extension handler.
client_id: ${15:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
password: ${17:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${18:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
virtual_machine_name: ${19:undefined} # not required. The name of the virtual machine where the extension should be create or updated.
publisher: ${20:undefined} # not required. The name of the extension handler publisher.
settings: ${21:undefined} # not required. Json formatted public settings for the extension.
api_profile: ${22|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
"""
'azure_rm_virtualmachine_scaleset':
'prefix': "azure_rm_virtualmachine_scaleset_snippet"
'description': "Manage Azure virtual machine scale sets."
'body': """
azure_rm_virtualmachine_scaleset:
resource_group: ${1:undefined} # required. Name of the resource group containing the virtual machine scale set.
image: ${2:undefined} # required. Specifies the image used to build the VM.,If a string, the image is sourced from a custom image based on the name.,If a dict with the keys C(publisher), C(offer), C(sku), and C(version), the image is sourced from a Marketplace image. NOTE: set image.version to C(latest) to get the most recent version of a given image.,If a dict with the keys C(name) and C(resource_group), the image is sourced from a custom image based on the C(name) and C(resource_group) set. NOTE: the key C(resource_group) is optional and if omitted, all images in the subscription will be searched for by C(name).,Custom image support was added in Ansible 2.5
vm_size: ${3:undefined} # required. A valid Azure VM size value. For example, 'Standard_D4'. The list of choices varies depending on the subscription and location. Check your subscription for available choices.
capacity: ${4:undefined} # required. Capacity of VMSS.
name: ${5:undefined} # required. Name of the virtual machine.
load_balancer: ${6:undefined} # not required. Load balancer name.
profile: ${7:null} # not required. Security profile found in ~/.azure/credentials file.
admin_password: ${8:undefined} # not required. Password for the admin username. Not required if the os_type is Linux and SSH password authentication is disabled by setting ssh_password_enabled to false.
tags: ${9:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
virtual_network_name: ${10:undefined} # not required. Virtual Network name.
cloud_environment: ${11:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
upgrade_policy: ${12|Manual,Automatic|} # not required. choices: Manual;Automatic. Upgrade policy.
managed_disk_type: ${13|Standard_LRS,Premium_LRS|} # not required. choices: Standard_LRS;Premium_LRS. Managed disk type.
ssh_public_keys: ${14:undefined} # not required. For os_type Linux provide a list of SSH keys. Each item in the list should be a dictionary where the dictionary contains two keys: path and key_data. Set the path to the default location of the authorized_keys files. On an Enterprise Linux host, for example, the path will be /home/<admin username>/.ssh/authorized_keys. Set key_data to the actual value of the public key.
client_id: ${15:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
cert_validation_mode: ${16|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
tier: ${17|Basic,Standard|} # not required. choices: Basic;Standard. SKU Tier.
password: ${18:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
ssh_password_enabled: ${19:true} # not required. When the os_type is Linux, setting ssh_password_enabled to false will disable SSH password authentication and require use of SSH keys.
subscription_id: ${20:null} # not required. Your Azure subscription Id.
tenant: ${21:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
api_profile: ${22|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
remove_on_absent: ${23:all} # not required. When removing a VM using state 'absent', also remove associated resources.,It can be 'all' or a list with any of the following: ['network_interfaces', 'virtual_storage', 'public_ips'].,Any other input will be ignored.
append_tags: ${24:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${25:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${26:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
admin_username: ${27:undefined} # not required. Admin username used to access the host after it is created. Required when creating a VM.
state: ${28|absent,present|} # not required. choices: absent;present. Assert the state of the virtual machine scale set.,State 'present' will check that the machine exists with the requested configuration. If the configuration of the existing machine does not match, the machine will be updated. state.,State 'absent' will remove the virtual machine scale set.
subnet_name: ${29:undefined} # not required. Subnet name.
location: ${30:undefined} # not required. Valid Azure location. Defaults to location of the resource group.
auth_source: ${31|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
os_type: ${32|Windows,Linux|} # not required. choices: Windows;Linux. Base type of operating system.
data_disks: ${33:null} # not required. Describes list of data disks.
os_disk_caching: ${34|ReadOnly,ReadWrite|} # not required. choices: ReadOnly;ReadWrite. Type of OS disk caching.
"""
'azure_rm_virtualmachine_scaleset_facts':
'prefix': "azure_rm_virtualmachine_scaleset_facts_snippet"
'description': "Get Virtual Machine Scale Set facts"
'body': """
azure_rm_virtualmachine_scaleset_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Limit results to a specific virtual machine scale set
resource_group: ${3:null} # not required. The resource group to search for the desired virtual machine scale set
ad_user: ${4:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${5:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${6|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${7:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${8:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${9|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${10|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${11:null} # not required. Your Azure subscription Id.
password: ${12:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${13:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'azure_rm_virtualmachineimage_facts':
'prefix': "azure_rm_virtualmachineimage_facts_snippet"
'description': "Get virtual machine image facts."
'body': """
azure_rm_virtualmachineimage_facts:
location: ${1:undefined} # required. Azure location value (ie. westus, eastus, eastus2, northcentralus, etc.). Supplying only a location value will yield a list of available publishers for the location.
profile: ${2:null} # not required. Security profile found in ~/.azure/credentials file.
offer: ${3:null} # not required. Name of an image offering. Combine with sku to see a list of available image versions.
ad_user: ${4:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
client_id: ${5:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${6|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
password: ${7:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${8:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
sku: ${9:null} # not required. Image offering SKU. Combine with offer to see a list of available versions.
publisher: ${10:null} # not required. Name of an image publisher. List image offerings associated with a particular publisher.
name: ${11:null} # not required. Only show results for a specific security group.
cloud_environment: ${12:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${13|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${14:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
version: ${15:null} # not required. Specific version number of an image.
auth_source: ${16|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${17:null} # not required. Your Azure subscription Id.
"""
'azure_rm_virtualnetwork':
'prefix': "azure_rm_virtualnetwork_snippet"
'description': "Manage Azure virtual networks."
'body': """
azure_rm_virtualnetwork:
name: ${1:undefined} # required. name of the virtual network.
resource_group: ${2:undefined} # required. name of resource group.
profile: ${3:null} # not required. Security profile found in ~/.azure/credentials file.
dns_servers: ${4:null} # not required. Custom list of DNS servers. Maximum length of two. The first server in the list will be treated as the Primary server. This is an explicit list. Existing DNS servers will be replaced with the specified list. Use the purge_dns_servers option to remove all custom DNS servers and revert to default Azure servers.
tags: ${5:null} # not required. Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.\n
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
append_tags: ${7:true} # not required. Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
ad_user: ${8:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
secret: ${9:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
cert_validation_mode: ${11|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
state: ${12|absent,present|} # not required. choices: absent;present. Assert the state of the virtual network. Use 'present' to create or update and 'absent' to delete.
auth_source: ${13|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
address_prefixes_cidr: ${14:null} # not required. List of IPv4 address ranges where each is formatted using CIDR notation. Required when creating a new virtual network or using purge_address_prefixes.
client_id: ${15:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
purge_address_prefixes: ${16:false} # not required. Use with state present to remove any existing address_prefixes.
purge_dns_servers: ${17:false} # not required. Use with state present to remove existing DNS servers, reverting to default Azure servers. Mutually exclusive with dns_servers.
subscription_id: ${18:null} # not required. Your Azure subscription Id.
password: ${19:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${20:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
location: ${21:resource_group location} # not required. Valid azure location. Defaults to location of the resource group.
"""
'azure_rm_virtualnetwork_facts':
'prefix': "azure_rm_virtualnetwork_facts_snippet"
'description': "Get virtual network facts."
'body': """
azure_rm_virtualnetwork_facts:
profile: ${1:null} # not required. Security profile found in ~/.azure/credentials file.
name: ${2:null} # not required. Only show results for a specific security group.
resource_group: ${3:null} # not required. Limit results by resource group. Required when filtering by name.
tags: ${4:null} # not required. Limit results by providing a list of tags. Format tags as 'key' or 'key:value'.
ad_user: ${5:null} # not required. Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
cloud_environment: ${6:AzureCloud} # not required. For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
cert_validation_mode: ${7|validate,ignore|} # not required. choices: validate;ignore. Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable.
secret: ${8:null} # not required. Azure client secret. Use when authenticating with a Service Principal.
client_id: ${9:null} # not required. Azure client ID. Use when authenticating with a Service Principal.
api_profile: ${10|latest|} # not required. choices: latest. Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack.
auth_source: ${11|auto,cli,credential_file,env|} # not required. choices: auto;cli;credential_file;env. Controls the source of the credentials to use for authentication.,C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials).,When set to C(cli), the credentials will be sources from the default Azure CLI profile.,Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
subscription_id: ${12:null} # not required. Your Azure subscription Id.
password: ${13:null} # not required. Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
tenant: ${14:null} # not required. Azure tenant ID. Use when authenticating with a Service Principal.
"""
'bcf_switch':
'prefix': "bcf_switch_snippet"
'description': "Create and remove a bcf switch."
'body': """
bcf_switch:
name: ${1:undefined} # required. The name of the switch.
mac: ${2:undefined} # required. The MAC address of the switch.
controller: ${3:undefined} # required. The controller IP address.
fabric_role: ${4|spine,leaf|} # required. choices: spine;leaf. Fabric role of the switch.
access_token: ${5:undefined} # not required. Big Cloud Fabric access token. If this isn't set then the environment variable C(BIGSWITCH_ACCESS_TOKEN) is used.
state: ${6|present,absent|} # not required. choices: present;absent. Whether the switch should be present or absent.
leaf_group: ${7:undefined} # not required. The leaf group of the switch if the switch is a leaf.
validate_certs: ${8|true,false|} # not required. choices: true;false. If C(false), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates.
"""
'beadm':
'prefix': "beadm_snippet"
'description': "Manage ZFS boot environments on FreeBSD/Solaris/illumos systems."
'body': """
beadm:
name: ${1:undefined} # required. ZFS boot environment name.
state: ${2|present,absent,activated,mounted,unmounted|} # not required. choices: present;absent;activated;mounted;unmounted. Create or delete ZFS boot environment.
force: ${3|true,false|} # not required. choices: true;false. Specifies if the unmount should be forced.
mountpoint: ${4:false} # not required. Path where to mount the ZFS boot environment
snapshot: ${5:false} # not required. If specified, the new boot environment will be cloned from the given snapshot or inactive boot environment.
options: ${6:false} # not required. Create the datasets for new BE with specific ZFS properties. Multiple options can be specified. This option is available only on Solarish platforms.
description: ${7:false} # not required. Associate a description with a new boot environment. This option is available only on Solarish platforms.
"""
'bearychat':
'prefix': "bearychat_snippet"
'description': "Send BearyChat notifications"
'body': """
bearychat:
url: ${1:undefined} # required. BearyChat WebHook URL. This authenticates you to the bearychat service. It looks like C(https://hook.bearychat.com/=ae2CF/incoming/e61bd5c57b164e04b11ac02e66f47f60).
text: ${2:undefined} # not required. Message to send.
markdown: ${3|yes|} # not required. choices: yes. If C(yes), text will be parsed as markdown.
attachments: ${4:undefined} # not required. Define a list of attachments. For more information, see https://github.com/bearyinnovative/bearychat-tutorial/blob/master/robots/incoming.md#attachments
channel: ${5:undefined} # not required. Channel to send the message to. If absent, the message goes to the default channel selected by the I(url).
"""
'bigip_asm_policy':
'prefix': "bigip_asm_policy_snippet"
'description': "Manage BIG-IP ASM policies"
'body': """
bigip_asm_policy:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. The ASM policy to manage or create.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
template: ${5|ActiveSync v1.0 v2.0 (http),ActiveSync v1.0 v2.0 (https),Comprehensive,Drupal,Fundamental,Joomla,LotusDomino 6.5 (http),LotusDomino 6.5 (https),OWA Exchange 2003 (http),OWA Exchange 2003 (https),OWA Exchange 2003 with ActiveSync (http),OWA Exchange 2003 with ActiveSync (https),OWA Exchange 2007 (http),OWA Exchange 2007 (https),OWA Exchange 2007 with ActiveSync (http),OWA Exchange 2007 with ActiveSync (https),OWA Exchange 2010 (http),OWA Exchange 2010 (https),Oracle 10g Portal (http),Oracle 10g Portal (https),Oracle Applications 11i (http),Oracle Applications 11i (https),PeopleSoft Portal 9 (http),PeopleSoft Portal 9 (https),Rapid Deployment Policy,SAP NetWeaver 7 (http),SAP NetWeaver 7 (https),SharePoint 2003 (http),SharePoint 2003 (https),SharePoint 2007 (http),SharePoint 2007 (https),SharePoint 2010 (http),SharePoint 2010 (https),Vulnerability Assessment Baseline,Wordpress|} # not required. choices: ActiveSync v1.0 v2.0 (http);ActiveSync v1.0 v2.0 (https);Comprehensive;Drupal;Fundamental;Joomla;LotusDomino 6.5 (http);LotusDomino 6.5 (https);OWA Exchange 2003 (http);OWA Exchange 2003 (https);OWA Exchange 2003 with ActiveSync (http);OWA Exchange 2003 with ActiveSync (https);OWA Exchange 2007 (http);OWA Exchange 2007 (https);OWA Exchange 2007 with ActiveSync (http);OWA Exchange 2007 with ActiveSync (https);OWA Exchange 2010 (http);OWA Exchange 2010 (https);Oracle 10g Portal (http);Oracle 10g Portal (https);Oracle Applications 11i (http);Oracle Applications 11i (https);PeopleSoft Portal 9 (http);PeopleSoft Portal 9 (https);Rapid Deployment Policy;SAP NetWeaver 7 (http);SAP NetWeaver 7 (https);SharePoint 2003 (http);SharePoint 2003 (https);SharePoint 2007 (http);SharePoint 2007 (https);SharePoint 2010 (http);SharePoint 2010 (https);Vulnerability Assessment Baseline;Wordpress. An ASM policy built-in template. If the template does not exist we will raise an error.,Once the policy has been created, this value cannot change.,The C(Comprehensive), C(Drupal), C(Fundamental), C(Joomla), C(Vulnerability Assessment Baseline), and C(Wordpress) templates are only available on BIG-IP versions >= 13.
file: ${6:undefined} # not required. Full path to a policy file to be imported into the BIG-IP ASM.,Policy files exported from newer versions of BIG-IP cannot be imported into older versions of BIG-IP. The opposite, however, is true; you can import older into newer.
active: ${7|true,false|} # not required. choices: true;false. If C(yes) will apply and activate existing inactive policy. If C(no), it will deactivate existing active policy. Generally should be C(yes) only in cases where you want to activate new or existing policy.
partition: ${8:Common} # not required. Device partition to manage resources on.
state: ${9|present,absent|} # not required. choices: present;absent. When C(state) is C(present), and C(file) or C(template) parameter is provided, new ASM policy is imported and created with the given C(name).,When C(state) is present and no C(file) or C(template) parameter is provided new blank ASM policy is created with the given C(name).,When C(state) is C(absent), ensures that the policy is removed, even if it is currently active.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${11:null} # not required. A dict object containing connection details.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_command':
'prefix': "bigip_command_snippet"
'description': "Run arbitrary command on F5 devices"
'body': """
bigip_command:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
transport: ${2|rest,cli|} # required. choices: rest;cli. Configures the transport connection to use when connecting to the remote device. The transport argument supports connectivity to the device over cli (ssh) or rest.
commands: ${3:undefined} # required. The commands to send to the remote BIG-IP device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries as expired.,The I(commands) argument also accepts an alternative form that allows for complex values that specify the command to run and the output format to return. This can be done on a command by command basis. The complex argument supports the keywords C(command) and C(output) where C(command) is the command to run and C(output) is 'text' or 'one-line'.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${5:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
wait_for: ${6:undefined} # not required. Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured retries, the task fails. See examples.
retries: ${7:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditionals.
interval: ${8:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditional, the interval indicates how to long to wait before trying the command again.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
validate_certs: ${11:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
match: ${12:all} # not required. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the I(wait_for) must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'bigip_config':
'prefix': "bigip_config_snippet"
'description': "Manage BIG-IP configuration sections"
'body': """
bigip_config:
password: ${1:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
reset: ${4:false} # not required. Loads the default configuration on the device. If this option is specified, the default configuration will be loaded before any commands or other provided configuration is run.
merge_content: ${5:undefined} # not required. Loads the specified configuration that you want to merge into the running configuration. This is equivalent to using the C(tmsh) command C(load sys config from-terminal merge). If you need to read configuration from a file or template, use Ansible's C(file) or C(template) lookup plugins respectively.
verify: ${6:false} # not required. Validates the specified configuration to see whether they are valid to replace the running configuration. The running configuration will not be changed.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
save: ${9:false} # not required. The C(save) argument instructs the module to save the running-config to startup-config. This operation is performed after any changes are made to the current running config. If no changes are made, the configuration is still saved to the startup config. This option will always cause the module to return changed.
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_configsync_action':
'prefix': "bigip_configsync_action_snippet"
'description': "Perform different actions related to config-sync"
'body': """
bigip_configsync_action:
device_group: ${1:undefined} # required. The device group that you want to perform config-sync actions on.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
sync_most_recent_to_device: ${5|true,false|} # not required. choices: true;false. Specifies that the system synchronizes configuration data from the device with the most recent configuration. In this case, the device will do a \"pull\" from the most recently updated device. This option is mutually exclusive with the C(sync_device_to_group) options.
sync_device_to_group: ${6|true,false|} # not required. choices: true;false. Specifies that the system synchronizes configuration data from this device to other members of the device group. In this case, the device will do a \"push\" to all the other devices in the group. This option is mutually exclusive with the C(sync_group_to_device) option.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
overwrite_config: ${9|true,false|} # not required. choices: true;false. Indicates that the sync operation overwrites the configuration on the target.
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_device_connectivity':
'prefix': "bigip_device_connectivity_snippet"
'description': "Manages device IP configuration settings for HA on a BIG-IP"
'body': """
bigip_device_connectivity:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
multicast_interface: ${4:undefined} # not required. Interface over which the system sends multicast messages associated with failover. When C(failover_multicast) is C(yes) and this option is not provided, a default of C(eth0) will be used.
validate_certs: ${5:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
server_port: ${6:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
mirror_primary_address: ${7:undefined} # not required. Specifies the primary IP address for the system to use to mirror connections.
failover_multicast: ${8|true,false|} # not required. choices: true;false. When C(yes), ensures that the Failover Multicast configuration is enabled and if no further multicast configuration is provided, ensures that C(multicast_interface), C(multicast_address) and C(multicast_port) are the defaults specified in each option's description. When C(no), ensures that Failover Multicast configuration is disabled.
config_sync_ip: ${9:undefined} # not required. Local IP address that the system uses for ConfigSync operations.
provider: ${10:null} # not required. A dict object containing connection details.
mirror_secondary_address: ${11:undefined} # not required. Specifies the secondary IP address for the system to use to mirror connections.
multicast_address: ${12:undefined} # not required. IP address for the system to send multicast messages associated with failover. When C(failover_multicast) is C(yes) and this option is not provided, a default of C(224.0.0.245) will be used.
unicast_failover: ${13:undefined} # not required. Desired addresses to use for failover operations. Options C(address) and C(port) are supported with dictionary structure where C(address) is the local IP address that the system uses for failover operations. Port specifies the port that the system uses for failover operations. If C(port) is not specified, the default value C(1026) will be used. If you are specifying the (recommended) management IP address, use 'management-ip' in the address field.
multicast_port: ${14:undefined} # not required. Port for the system to send multicast messages associated with failover. When C(failover_multicast) is C(yes) and this option is not provided, a default of C(62960) will be used. This value must be between 0 and 65535.
"""
'bigip_device_dns':
'prefix': "bigip_device_dns_snippet"
'description': "Manage BIG-IP device DNS settings"
'body': """
bigip_device_dns:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${3:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
forwarders: ${4:undefined} # not required. A list of BIND servers that the system can use to perform DNS lookups,Deprecated in 2.4. Use the GUI or edit named.conf.
name_servers: ${5:undefined} # not required. A list of name servers that the system uses to validate DNS lookups
search: ${6:undefined} # not required. A list of domains that the system searches for local domain lookups, to resolve local host names.
cache: ${7|enabled,disabled|} # not required. choices: enabled;disabled. Specifies whether the system caches DNS lookups or performs the operation each time a lookup is needed. Please note that this applies only to Access Policy Manager features, such as ACLs, web application rewrites, and authentication.
state: ${8|absent,present|} # not required. choices: absent;present. The state of the variable on the system. When C(present), guarantees that an existing variable is set to C(value).
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
ip_version: ${11|4,6|} # not required. choices: 4;6. Specifies whether the DNS specifies IP addresses using IPv4 or IPv6.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_device_group':
'prefix': "bigip_device_group_snippet"
'description': "Manage device groups on a BIG-IP"
'body': """
bigip_device_group:
name: ${1:undefined} # required. Specifies the name of the device group.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
auto_sync: ${5:undefined} # not required. Indicates whether configuration synchronization occurs manually or automatically. When creating a new device group, this option will default to C(false).
validate_certs: ${6:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
max_incremental_sync_size: ${7:undefined} # not required. Specifies the size of the changes cache for incremental sync. For example, using the default, if you make more than 1024 KB worth of incremental changes, the system performs a full synchronization operation. Using incremental synchronization operations can reduce the per-device sync/load time for configuration changes. This setting is relevant only when C(full_sync) is C(false).
server_port: ${8:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
save_on_auto_sync: ${9:undefined} # not required. When performing an auto-sync, specifies whether the configuration will be saved or not. If C(false), only the running configuration will be changed on the device(s) being synced to. When creating a new device group, this option will default to C(false).
state: ${10|present,absent|} # not required. choices: present;absent. When C(state) is C(present), ensures the device group exists.,When C(state) is C(absent), ensures that the device group is removed.
full_sync: ${11:undefined} # not required. Specifies whether the system synchronizes the entire configuration during synchronization operations. When C(false), the system performs incremental synchronization operations, based on the cache size specified in C(max_incremental_sync_size). Incremental configuration synchronization is a mechanism for synchronizing a device-group's configuration among its members, without requiring a full configuration load for each configuration change. In order for this to work, all devices in the device-group must initially agree on the configuration. Typically this requires at least one full configuration load to each device. When creating a new device group, this option will default to C(false).
provider: ${12:null} # not required. A dict object containing connection details.
type: ${13|sync-failover,sync-only|} # not required. choices: sync-failover;sync-only. Specifies that the type of group. A C(sync-failover) device group contains devices that synchronize their configuration data and fail over to one another when a device becomes unavailable. A C(sync-only) device group has no such failover. When creating a new device group, this option will default to C(sync-only). This setting cannot be changed once it has been set.
description: ${14:undefined} # not required. Description of the device group.
"""
'bigip_device_group_member':
'prefix': "bigip_device_group_member_snippet"
'description': "Manages members in a device group"
'body': """
bigip_device_group_member:
name: ${1:undefined} # required. Specifies the name of the device that you want to add to the device group. Often this will be the hostname of the device. This member must be trusted by the device already. Trusting can be done with the C(bigip_device_trust) module and the C(peer_hostname) option to that module.
device_group: ${2:undefined} # required. The device group that you want to add the member to.
server: ${3:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${4:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${5:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
state: ${6|present,absent|} # not required. choices: present;absent. When C(present), ensures that the device group member.,When C(absent), ensures the device group member is removed.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_device_httpd':
'prefix': "bigip_device_httpd_snippet"
'description': "Manage HTTPD related settings on BIG-IP"
'body': """
bigip_device_httpd:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
auth_pam_validate_ip: ${4:undefined} # not required. Sets the authPamValidateIp setting.
hostname_lookup: ${5:undefined} # not required. Sets whether or not to display the hostname, if possible.
log_level: ${6|alert,crit,debug,emerg,error,info,notice,warn|} # not required. choices: alert;crit;debug;emerg;error;info;notice;warn. Sets the minimum httpd log level.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
auth_name: ${8:undefined} # not required. Sets the BIG-IP authentication realm name.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
auth_pam_dashboard_timeout: ${10:undefined} # not required. Sets whether or not the BIG-IP dashboard will timeout.
redirect_http_to_https: ${11:undefined} # not required. Whether or not to redirect http requests to the GUI to https.
fast_cgi_timeout: ${12:undefined} # not required. Sets the timeout of FastCGI.
allow: ${13|all,IP address, such as 172.27.1.10,IP range, such as 172.27.*.* or 172.27.0.0/255.255.0.0|} # not required. choices: all;IP address, such as 172.27.1.10;IP range, such as 172.27.*.* or 172.27.0.0/255.255.0.0. Specifies, if you have enabled HTTPD access, the IP address or address range for other systems that can communicate with this system.
provider: ${14:null} # not required. A dict object containing connection details.
ssl_port: ${15:undefined} # not required. The HTTPS port to listen on.
auth_pam_idle_timeout: ${16:undefined} # not required. Sets the GUI timeout for automatic logout, in seconds.
max_clients: ${17:undefined} # not required. Sets the maximum number of clients that can connect to the GUI at once.
"""
'bigip_device_ntp':
'prefix': "bigip_device_ntp_snippet"
'description': "Manage NTP servers on a BIG-IP"
'body': """
bigip_device_ntp:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
ntp_servers: ${4:undefined} # not required. A list of NTP servers to set on the device. At least one of C(ntp_servers) or C(timezone) is required.
state: ${5|absent,present|} # not required. choices: absent;present. The state of the NTP servers on the system. When C(present), guarantees that the NTP servers are set on the system. When C(absent), removes the specified NTP servers from the device configuration.
server_port: ${6:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${7:null} # not required. A dict object containing connection details.
timezone: ${8:UTC} # not required. The timezone to set for NTP lookups. At least one of C(ntp_servers) or C(timezone) is required.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_device_sshd':
'prefix': "bigip_device_sshd_snippet"
'description': "Manage the SSHD settings of a BIG-IP"
'body': """
bigip_device_sshd:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${3:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
server_port: ${4:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
banner_text: ${5:undefined} # not required. Specifies the text to include on the pre-login banner that displays when a user attempts to login to the system using SSH.
inactivity_timeout: ${6:undefined} # not required. Specifies the number of seconds before inactivity causes an SSH session to log out.
banner: ${7|enabled,disabled|} # not required. choices: enabled;disabled. Whether to enable the banner or not.
port: ${8:undefined} # not required. Port that you want the SSH daemon to run on.
log_level: ${9|debug,debug1,debug2,debug3,error,fatal,info,quiet,verbose|} # not required. choices: debug;debug1;debug2;debug3;error;fatal;info;quiet;verbose. Specifies the minimum SSHD message level to include in the system log.
allow: ${10|all,IP address, such as 172.27.1.10,IP range, such as 172.27.*.* or 172.27.0.0/255.255.0.0|} # not required. choices: all;IP address, such as 172.27.1.10;IP range, such as 172.27.*.* or 172.27.0.0/255.255.0.0. Specifies, if you have enabled SSH access, the IP address or address range for other systems that can use SSH to communicate with this system.
provider: ${11:null} # not required. A dict object containing connection details.
login: ${12|enabled,disabled|} # not required. choices: enabled;disabled. Specifies, when checked C(enabled), that the system accepts SSH communications.
validate_certs: ${13:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_device_trust':
'prefix': "bigip_device_trust_snippet"
'description': "Manage the trust relationships between BIG-IPs"
'body': """
bigip_device_trust:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
peer_server: ${2:undefined} # required. The peer address to connect to and trust for synchronizing configuration. This is typically the management address of the remote device, but may also be a Self IP.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
type: ${5|peer,subordinate|} # not required. choices: peer;subordinate. Specifies whether the device you are adding is a Peer or a Subordinate. The default is C(peer).,The difference between the two is a matter of mitigating risk of compromise.,A subordinate device cannot sign a certificate for another device.,In the case where the security of an authority device in a trust domain is compromised, the risk of compromise is minimized for any subordinate device.,Designating devices as subordinate devices is recommended for device groups with a large number of member devices, where the risk of compromise is high.
peer_hostname: ${6:undefined} # not required. The hostname that you want to associate with the device. This value will be used to easily distinguish this device in BIG-IP configuration. If not specified, the value of C(peer_server) will be used as a default.
peer_user: ${7:undefined} # not required. The API username of the remote peer device that you are trusting. Note that the CLI user cannot be used unless it too has an API account. If this value is not specified, then the value of C(user), or the environment variable C(F5_USER) will be used.
peer_password: ${8:undefined} # not required. The password of the API username of the remote peer device that you are trusting. If this value is not specified, then the value of C(password), or the environment variable C(F5_PASSWORD) will be used.
state: ${9|absent,present|} # not required. choices: absent;present. When C(present), ensures the specified devices are trusted.,When C(absent), removes the device trusts.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${11:null} # not required. A dict object containing connection details.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_facts':
'prefix': "bigip_facts_snippet"
'description': "Collect facts from F5 BIG-IP devices"
'body': """
bigip_facts:
password: ${1:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
include: ${4|address_class,certificate,client_ssl_profile,device,device_group,interface,key,node,pool,provision,rule,self_ip,software,system_info,traffic_group,trunk,virtual_address,virtual_server,vlan|} # required. choices: address_class;certificate;client_ssl_profile;device;device_group;interface;key;node;pool;provision;rule;self_ip;software;system_info;traffic_group;trunk;virtual_address;virtual_server;vlan. Fact category or list of categories to collect
filter: ${5||} # not required. choices: . Shell-style glob matching string used to filter fact keys. Not applicable for software, provision, and system_info fact categories.
session: ${6||} # not required. choices: . BIG-IP session support; may be useful to avoid concurrency issues in certain circumstances.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_gtm_datacenter':
'prefix': "bigip_gtm_datacenter_snippet"
'description': "Manage Datacenter configuration in BIG-IP"
'body': """
bigip_gtm_datacenter:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. The name of the data center.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
description: ${5:undefined} # not required. The description of the data center.
partition: ${6:Common} # not required. Device partition to manage resources on.
state: ${7|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. The virtual address state. If C(absent), an attempt to delete the virtual address will be made. This will only succeed if this virtual address is not in use by a virtual server. C(present) creates the virtual address and enables it. If C(enabled), enable the virtual address if it exists. If C(disabled), create the virtual address if needed, and set state to C(disabled).
contact: ${8:undefined} # not required. The name of the contact for the data center.
location: ${9:undefined} # not required. The location of the data center.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${11:null} # not required. A dict object containing connection details.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_gtm_facts':
'prefix': "bigip_gtm_facts_snippet"
'description': "Collect facts from F5 BIG-IP GTM devices"
'body': """
bigip_gtm_facts:
include: ${1|pool,wide_ip,server|} # required. choices: pool;wide_ip;server. Fact category to collect.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
filter: ${5:undefined} # not required. Perform regex filter of response. Filtering is done on the name of the resource. Valid filters are anything that can be provided to Python's C(re) module.
server_port: ${6:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${7:null} # not required. A dict object containing connection details.
validate_certs: ${8:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_gtm_pool':
'prefix': "bigip_gtm_pool_snippet"
'description': "Manages F5 BIG-IP GTM pools"
'body': """
bigip_gtm_pool:
name: ${1:undefined} # required. Name of the GTM pool.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
alternate_lb_method: ${5|round-robin,return-to-dns,none,ratio,topology,static-persistence,global-availability,virtual-server-capacity,packet-rate,drop-packet,fallback-ip,virtual-server-score|} # not required. choices: round-robin;return-to-dns;none;ratio;topology;static-persistence;global-availability;virtual-server-capacity;packet-rate;drop-packet;fallback-ip;virtual-server-score. The load balancing mode that the system tries if the C(preferred_lb_method) is unsuccessful in picking a pool.
validate_certs: ${6:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
partition: ${7:Common} # not required. Device partition to manage resources on.
fallback_ip: ${8:undefined} # not required. Specifies the IPv4, or IPv6 address of the server to which the system directs requests when it cannot use one of its pools to do so. Note that the system uses the fallback IP only if you select the C(fallback_ip) load balancing method.
state: ${9|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. Pool member state. When C(present), ensures that the pool is created and enabled. When C(absent), ensures that the pool is removed from the system. When C(enabled) or C(disabled), ensures that the pool is enabled or disabled (respectively) on the remote device.
fallback_lb_method: ${10|round-robin,return-to-dns,ratio,topology,static-persistence,global-availability,virtual-server-capacity,least-connections,lowest-round-trip-time,fewest-hops,packet-rate,cpu,completion-rate,quality-of-service,kilobytes-per-second,drop-packet,fallback-ip,virtual-server-score|} # not required. choices: round-robin;return-to-dns;ratio;topology;static-persistence;global-availability;virtual-server-capacity;least-connections;lowest-round-trip-time;fewest-hops;packet-rate;cpu;completion-rate;quality-of-service;kilobytes-per-second;drop-packet;fallback-ip;virtual-server-score. The load balancing mode that the system tries if both the C(preferred_lb_method) and C(alternate_lb_method)s are unsuccessful in picking a pool.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
preferred_lb_method: ${12|round-robin,return-to-dns,ratio,topology,static-persistence,global-availability,virtual-server-capacity,least-connections,lowest-round-trip-time,fewest-hops,packet-rate,cpu,completion-rate,quality-of-service,kilobytes-per-second,drop-packet,fallback-ip,virtual-server-score|} # not required. choices: round-robin;return-to-dns;ratio;topology;static-persistence;global-availability;virtual-server-capacity;least-connections;lowest-round-trip-time;fewest-hops;packet-rate;cpu;completion-rate;quality-of-service;kilobytes-per-second;drop-packet;fallback-ip;virtual-server-score. The load balancing mode that the system tries first.
type: ${13|a,aaaa,cname,mx,naptr,srv|} # not required. choices: a;aaaa;cname;mx;naptr;srv. The type of GTM pool that you want to create. On BIG-IP releases prior to version 12, this parameter is not required. On later versions of BIG-IP, this is a required parameter.
provider: ${14:null} # not required. A dict object containing connection details.
"""
'bigip_gtm_server':
'prefix': "bigip_gtm_server_snippet"
'description': "Manages F5 BIG-IP GTM servers"
'body': """
bigip_gtm_server:
name: ${1:undefined} # required. The name of the server.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
user: ${4:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
link_discovery: ${5|enabled,disabled,enabled-no-delete|} # not required. choices: enabled;disabled;enabled-no-delete. Specifies whether the system auto-discovers the links for this server. When creating a new GTM server, if this parameter is not specified, the default value C(disabled) is used.,If you set this parameter to C(enabled) or C(enabled-no-delete), you must also ensure that the C(virtual_server_discovery) parameter is also set to C(enabled) or C(enabled-no-delete).
datacenter: ${6:undefined} # not required. Data center the server belongs to. When creating a new GTM server, this value is required.
partition: ${7:Common} # not required. Device partition to manage resources on.
server_type: ${8|alteon-ace-director,cisco-css,cisco-server-load-balancer,generic-host,radware-wsd,windows-nt-4.0,bigip,cisco-local-director-v2,extreme,generic-load-balancer,sun-solaris,cacheflow,cisco-local-director-v3,foundry-server-iron,netapp,windows-2000-server|} # not required. choices: alteon-ace-director;cisco-css;cisco-server-load-balancer;generic-host;radware-wsd;windows-nt-4.0;bigip;cisco-local-director-v2;extreme;generic-load-balancer;sun-solaris;cacheflow;cisco-local-director-v3;foundry-server-iron;netapp;windows-2000-server. Specifies the server type. The server type determines the metrics that the system can collect from the server. When creating a new GTM server, the default value C(bigip) is used.
state: ${9|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. The server state. If C(absent), an attempt to delete the server will be made. This will only succeed if this server is not in use by a virtual server. C(present) creates the server and enables it. If C(enabled), enable the server if it exists. If C(disabled), create the server if needed, and set state to C(disabled).
devices: ${10:undefined} # not required. Lists the self IP addresses and translations for each device. When creating a new GTM server, this value is required. This list is a complex list that specifies a number of keys. There are several supported keys.,The C(name) key specifies a name for the device. The device name must be unique per server. This key is required.,The C(address) key contains an IP address, or list of IP addresses, for the destination server. This key is required.,The C(translation) key contains an IP address to translate the C(address) value above to. This key is optional.,Specifying duplicate C(name) fields is a supported means of providing device addresses. In this scenario, the addresses will be assigned to the C(name)'s list of addresses.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${12:null} # not required. A dict object containing connection details.
virtual_server_discovery: ${13|enabled,disabled,enabled-no-delete|} # not required. choices: enabled;disabled;enabled-no-delete. Specifies whether the system auto-discovers the virtual servers for this server. When creating a new GTM server, if this parameter is not specified, the default value C(disabled) is used.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_gtm_virtual_server':
'prefix': "bigip_gtm_virtual_server_snippet"
'description': "Manages F5 BIG-IP GTM virtual servers"
'body': """
bigip_gtm_virtual_server:
virtual_server_name: ${1:undefined} # required. Virtual server name.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
virtual_server_server: ${5:undefined} # required. Virtual server server.
validate_certs: ${6:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
state: ${7|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. Virtual server state.
host: ${8:undefined} # not required. Virtual server host.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
port: ${11:undefined} # not required. Virtual server port.
"""
'bigip_gtm_wide_ip':
'prefix': "bigip_gtm_wide_ip_snippet"
'description': "Manages F5 BIG-IP GTM wide ip"
'body': """
bigip_gtm_wide_ip:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. Wide IP name. This name must be formatted as a fully qualified domain name (FQDN). You can also use the alias C(wide_ip) but this is deprecated and will be removed in a future Ansible version.
pool_lb_method: ${4|round-robin,ratio,topology,global-availability|} # required. choices: round-robin;ratio;topology;global-availability. Specifies the load balancing method used to select a pool in this wide IP. This setting is relevant only when multiple pools are configured for a wide IP.
server: ${5:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
type: ${6|a,aaaa,cname,mx,naptr,srv|} # not required. choices: a;aaaa;cname;mx;naptr;srv. Specifies the type of wide IP. GTM wide IPs need to be keyed by query type in addition to name, since pool members need different attributes depending on the response RDATA they are meant to supply. This value is required if you are using BIG-IP versions >= 12.0.0.
partition: ${7:Common} # not required. Device partition to manage resources on.
state: ${8|present,absent,disabled,enabled|} # not required. choices: present;absent;disabled;enabled. When C(present) or C(enabled), ensures that the Wide IP exists and is enabled.,When C(absent), ensures that the Wide IP has been removed.,When C(disabled), ensures that the Wide IP exists and is disabled.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
pools: ${11:undefined} # not required. The pools that you want associated with the Wide IP.,If C(ratio) is not provided when creating a new Wide IP, it will default to 1.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_hostname':
'prefix': "bigip_hostname_snippet"
'description': "Manage the hostname of a BIG-IP"
'body': """
bigip_hostname:
hostname: ${1:undefined} # required. Hostname of the BIG-IP host.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server_port: ${5:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${6:null} # not required. A dict object containing connection details.
validate_certs: ${7:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_iapp_service':
'prefix': "bigip_iapp_service_snippet"
'description': "Manages TCL iApp services on a BIG-IP"
'body': """
bigip_iapp_service:
name: ${1:undefined} # required. The name of the iApp service that you want to deploy.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
force: ${5:false} # not required. Forces the updating of an iApp service even if the parameters to the service have not changed. This option is of particular importance if the iApp template that underlies the service has been updated in-place. This option is equivalent to re-configuring the iApp if that template has changed.
parameters: ${6:undefined} # not required. A hash of all the required template variables for the iApp template. If your parameters are stored in a file (the more common scenario) it is recommended you use either the `file` or `template` lookups to supply the expected parameters.,These parameters typically consist of the C(lists), C(tables), and C(variables) fields.
strict_updates: ${7:true} # not required. Indicates whether the application service is tied to the template, so when the template is updated, the application service changes to reflect the updates.,When C(yes), disallows any updates to the resources that the iApp service has created, if they are not updated directly through the iApp.,When C(no), allows updates outside of the iApp.,If this option is specified in the Ansible task, it will take precedence over any similar setting in the iApp Server payload that you provide in the C(parameters) field.
partition: ${8:Common} # not required. Device partition to manage resources on.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${10|present,absent|} # not required. choices: present;absent. When C(present), ensures that the iApp service is created and running. When C(absent), ensures that the iApp service has been removed.
template: ${11:undefined} # not required. The iApp template from which to instantiate a new service. This template must exist on your BIG-IP before you can successfully create a service. This parameter is required if the C(state) parameter is C(present).
provider: ${12:null} # not required. A dict object containing connection details.
traffic_group: ${13:undefined} # not required. The traffic group for the iApp service. When creating a new service, if this value is not specified, the default of C(/Common/traffic-group-1) will be used.,If this option is specified in the Ansible task, it will take precedence over any similar setting in the iApp Server payload that you provide in the C(parameters) field.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_iapp_template':
'prefix': "bigip_iapp_template_snippet"
'description': "Manages TCL iApp templates on a BIG-IP"
'body': """
bigip_iapp_template:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
force: ${4:undefined} # not required. Specifies whether or not to force the uploading of an iApp. When C(yes), will force update the iApp even if there are iApp services using it. This will not update the running service though. Use C(bigip_iapp_service) to do that. When C(no), will update the iApp only if there are no iApp services using the template.
name: ${5:undefined} # not required. The name of the iApp template that you want to delete. This option is only available when specifying a C(state) of C(absent) and is provided as a way to delete templates that you may no longer have the source of.
partition: ${6:Common} # not required. Device partition to manage resources on.
content: ${7:undefined} # not required. Sets the contents of an iApp template directly to the specified value. This is for simple values, but can be used with lookup plugins for anything complex or with formatting. C(content) must be provided when creating new templates.
state: ${8|present,absent|} # not required. choices: present;absent. Whether the iApp template should exist or not.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
validate_certs: ${11:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_iapplx_package':
'prefix': "bigip_iapplx_package_snippet"
'description': "Manages Javascript iApp packages on a BIG-IP"
'body': """
bigip_iapplx_package:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
package: ${4:undefined} # not required. The iAppLX package that you want to upload or remove. When C(state) is C(present), and you intend to use this module in a C(role), it is recommended that you use the C({{ role_path }}) variable. An example is provided in the C(EXAMPLES) section.,When C(state) is C(absent), it is not necessary for the package to exist on the Ansible controller. If the full path to the package is provided, the fileame will specifically be cherry picked from it to properly remove the package.
state: ${5|present,absent|} # not required. choices: present;absent. Whether the iAppLX package should exist or not.
server_port: ${6:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${7:null} # not required. A dict object containing connection details.
validate_certs: ${8:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_irule':
'prefix': "bigip_irule_snippet"
'description': "Manage iRules across different modules on a BIG-IP"
'body': """
bigip_irule:
module: ${1|ltm,gtm|} # required. choices: ltm;gtm. The BIG-IP module to add the iRule to.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
src: ${4:undefined} # required. The iRule file to interpret and upload to the BIG-IP. Either one of C(src) or C(content) must be provided.
name: ${5:undefined} # required. The name of the iRule.
server: ${6:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
partition: ${7:Common} # not required. Device partition to manage resources on.
content: ${8:undefined} # not required. When used instead of 'src', sets the contents of an iRule directly to the specified value. This is for simple values, but can be used with lookup plugins for anything complex or with formatting. Either one of C(src) or C(content) must be provided.
state: ${9|present,absent|} # not required. choices: present;absent. Whether the iRule should exist or not.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${11:null} # not required. A dict object containing connection details.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_monitor_http':
'prefix': "bigip_monitor_http_snippet"
'description': "Manages F5 BIG-IP LTM http monitors"
'body': """
bigip_monitor_http:
name: ${1:undefined} # required. Monitor name.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
interval: ${5:undefined} # not required. The interval specifying how frequently the monitor instance of this template will run. If this parameter is not provided when creating a new monitor, then the default value will be 5. This value B(must) be less than the C(timeout) value.
parent: ${6:/Common/http} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(http) parent on the C(Common) partition.
receive: ${7:undefined} # not required. The receive string for the monitor call.
ip: ${8:undefined} # not required. IP address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'.
partition: ${9:Common} # not required. Device partition to manage resources on.
send: ${10:undefined} # not required. The send string for the monitor call. When creating a new monitor, if this value is not provided, the default C(GET /\\r\\n) will be used.
port: ${11:undefined} # not required. Port address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'. Note that if specifying an IP address, a value between 1 and 65535 must be specified.
server_port: ${12:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${13|present,absent|} # not required. choices: present;absent. When C(present), ensures that the monitor exists.,When C(absent), ensures the monitor is removed.
time_until_up: ${14:undefined} # not required. Specifies the amount of time in seconds after the first successful response before a node will be marked up. A value of 0 will cause a node to be marked up immediately after a valid response is received from the node. If this parameter is not provided when creating a new monitor, then the default value will be 0.
timeout: ${15:undefined} # not required. The number of seconds in which the node or service must respond to the monitor request. If the target responds within the set time period, it is considered up. If the target does not respond within the set time period, it is considered down. You can change this number to any number you want, however, it should be 3 times the interval number of seconds plus 1 second. If this parameter is not provided when creating a new monitor, then the default value will be 16.
provider: ${16:null} # not required. A dict object containing connection details.
target_password: ${17:undefined} # not required. Specifies the password, if the monitored target requires authentication.
validate_certs: ${18:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
target_username: ${19:undefined} # not required. Specifies the user name, if the monitored target requires authentication.
receive_disable: ${20:undefined} # not required. This setting works like C(receive), except that the system marks the node or pool member disabled when its response matches the C(receive_disable) string but not C(receive). To use this setting, you must specify both C(receive_disable) and C(receive).
"""
'bigip_monitor_https':
'prefix': "bigip_monitor_https_snippet"
'description': "Manages F5 BIG-IP LTM https monitors"
'body': """
bigip_monitor_https:
name: ${1:undefined} # required. Monitor name.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
interval: ${5:undefined} # not required. The interval specifying how frequently the monitor instance of this template will run. If this parameter is not provided when creating a new monitor, then the default value will be 5. This value B(must) be less than the C(timeout) value.
parent: ${6:/Common/https} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(https) parent on the C(Common) partition.
receive: ${7:undefined} # not required. The receive string for the monitor call.
ip: ${8:undefined} # not required. IP address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'.
partition: ${9:Common} # not required. Device partition to manage resources on.
send: ${10:undefined} # not required. The send string for the monitor call. When creating a new monitor, if this value is not provided, the default C(GET /\\\\r\\\\n) will be used.
port: ${11:undefined} # not required. Port address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'. Note that if specifying an IP address, a value between 1 and 65535 must be specified
server_port: ${12:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${13|present,absent|} # not required. choices: present;absent. When C(present), ensures that the monitor exists.,When C(absent), ensures the monitor is removed.
time_until_up: ${14:undefined} # not required. Specifies the amount of time in seconds after the first successful response before a node will be marked up. A value of 0 will cause a node to be marked up immediately after a valid response is received from the node. If this parameter is not provided when creating a new monitor, then the default value will be 0.
timeout: ${15:undefined} # not required. The number of seconds in which the node or service must respond to the monitor request. If the target responds within the set time period, it is considered up. If the target does not respond within the set time period, it is considered down. You can change this number to any number you want, however, it should be 3 times the interval number of seconds plus 1 second. If this parameter is not provided when creating a new monitor, then the default value will be 16.
provider: ${16:null} # not required. A dict object containing connection details.
target_password: ${17:undefined} # not required. Specifies the password, if the monitored target requires authentication.
validate_certs: ${18:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
target_username: ${19:undefined} # not required. Specifies the user name, if the monitored target requires authentication.
receive_disable: ${20:undefined} # not required. This setting works like C(receive), except that the system marks the node or pool member disabled when its response matches the C(receive_disable) string but not C(receive). To use this setting, you must specify both C(receive_disable) and C(receive).
"""
'bigip_monitor_snmp_dca':
'prefix': "bigip_monitor_snmp_dca_snippet"
'description': "Manages BIG-IP SNMP data collecting agent (DCA) monitors"
'body': """
bigip_monitor_snmp_dca:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. Monitor name.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
interval: ${5:undefined} # not required. Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. When creating a new monitor, the default is C(10).
disk_threshold: ${6:undefined} # not required. Specifies the maximum acceptable disk usage on the target server. When creating a new monitor, the default is C(90) percent.
parent: ${7:/Common/snmp_dca} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(snmp_dca) parent on the C(Common) partition.
community: ${8:undefined} # not required. Specifies the community name that the system must use to authenticate with the host server through SNMP. When creating a new monitor, the default value is C(public). Note that this value is case sensitive.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
cpu_threshold: ${10:undefined} # not required. Specifies the maximum acceptable CPU usage on the target server. When creating a new monitor, the default is C(80) percent.
description: ${11:undefined} # not required. Specifies descriptive text that identifies the monitor.
cpu_coefficient: ${12:undefined} # not required. Specifies the coefficient that the system uses to calculate the weight of the CPU threshold in the dynamic ratio load balancing algorithm. When creating a new monitor, the default is C(1.5).
time_until_up: ${13:undefined} # not required. Specifies the number of seconds to wait after a resource first responds correctly to the monitor before setting the resource to 'up'. During the interval, all responses from the resource must be correct. When the interval expires, the resource is marked 'up'. A value of 0, means that the resource is marked up immediately upon receipt of the first correct response. When creating a new monitor, the default is C(0).
partition: ${14:Common} # not required. Device partition to manage resources on.
memory_threshold: ${15:undefined} # not required. Specifies the maximum acceptable memory usage on the target server. When creating a new monitor, the default is C(70) percent.
disk_coefficient: ${16:undefined} # not required. Specifies the coefficient that the system uses to calculate the weight of the disk threshold in the dynamic ratio load balancing algorithm. When creating a new monitor, the default is C(2.0).
state: ${17|present,absent|} # not required. choices: present;absent. When C(present), ensures that the monitor exists.,When C(absent), ensures the monitor is removed.
version: ${18|v1,v2c|} # not required. choices: v1;v2c. Specifies the version of SNMP that the host server uses. When creating a new monitor, the default is C(v1). When C(v1), specifies that the host server uses SNMP version 1. When C(v2c), specifies that the host server uses SNMP version 2c.
agent_type: ${19|UCD,WIN2000,GENERIC|} # not required. choices: UCD;WIN2000;GENERIC. Specifies the SNMP agent running on the monitored server. When creating a new monitor, the default is C(UCD) (UC-Davis).
memory_coefficient: ${20:undefined} # not required. Specifies the coefficient that the system uses to calculate the weight of the memory threshold in the dynamic ratio load balancing algorithm. When creating a new monitor, the default is C(1.0).
timeout: ${21:undefined} # not required. Specifies the number of seconds the target has in which to respond to the monitor request. When creating a new monitor, the default is C(30) seconds. If the target responds within the set time period, it is considered 'up'. If the target does not respond within the set time period, it is considered 'down'. When this value is set to 0 (zero), the system uses the interval from the parent monitor. Note that C(timeout) and C(time_until_up) combine to control when a resource is set to up.
provider: ${22:null} # not required. A dict object containing connection details.
validate_certs: ${23:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_monitor_tcp':
'prefix': "bigip_monitor_tcp_snippet"
'description': "Manages F5 BIG-IP LTM tcp monitors"
'body': """
bigip_monitor_tcp:
name: ${1:undefined} # required. Monitor name.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
interval: ${5:undefined} # not required. The interval specifying how frequently the monitor instance of this template will run. If this parameter is not provided when creating a new monitor, then the default value will be 5. This value B(must) be less than the C(timeout) value.
parent: ${6:/Common/tcp} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(tcp) parent on the C(Common) partition.
receive: ${7:undefined} # not required. The receive string for the monitor call.
ip: ${8:undefined} # not required. IP address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'.,If this value is an IP address, and the C(type) is C(tcp) (the default), then a C(port) number must be specified.
partition: ${9:Common} # not required. Device partition to manage resources on.
send: ${10:undefined} # not required. The send string for the monitor call.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${12|present,absent|} # not required. choices: present;absent. When C(present), ensures that the monitor exists.,When C(absent), ensures the monitor is removed.
time_until_up: ${13:undefined} # not required. Specifies the amount of time in seconds after the first successful response before a node will be marked up. A value of 0 will cause a node to be marked up immediately after a valid response is received from the node. If this parameter is not provided when creating a new monitor, then the default value will be 0.
timeout: ${14:undefined} # not required. The number of seconds in which the node or service must respond to the monitor request. If the target responds within the set time period, it is considered up. If the target does not respond within the set time period, it is considered down. You can change this number to any number you want, however, it should be 3 times the interval number of seconds plus 1 second. If this parameter is not provided when creating a new monitor, then the default value will be 16.
provider: ${15:null} # not required. A dict object containing connection details.
validate_certs: ${16:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
port: ${17:undefined} # not required. Port address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'. Note that if specifying an IP address, a value between 1 and 65535 must be specified,This argument is not supported for TCP Echo types.
"""
'bigip_monitor_tcp_echo':
'prefix': "bigip_monitor_tcp_echo_snippet"
'description': "Manages F5 BIG-IP LTM tcp echo monitors"
'body': """
bigip_monitor_tcp_echo:
name: ${1:undefined} # required. Monitor name.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
interval: ${5:undefined} # not required. The interval specifying how frequently the monitor instance of this template will run. If this parameter is not provided when creating a new monitor, then the default value will be 5. This value B(must) be less than the C(timeout) value.
parent: ${6:/Common/tcp_echo} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(tcp_echo) parent on the C(Common) partition.
ip: ${7:undefined} # not required. IP address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'.,If this value is an IP address, and the C(type) is C(tcp) (the default), then a C(port) number must be specified.
partition: ${8:Common} # not required. Device partition to manage resources on.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${10|present,absent|} # not required. choices: present;absent. When C(present), ensures that the monitor exists.,When C(absent), ensures the monitor is removed.
time_until_up: ${11:undefined} # not required. Specifies the amount of time in seconds after the first successful response before a node will be marked up. A value of 0 will cause a node to be marked up immediately after a valid response is received from the node. If this parameter is not provided when creating a new monitor, then the default value will be 0.
timeout: ${12:undefined} # not required. The number of seconds in which the node or service must respond to the monitor request. If the target responds within the set time period, it is considered up. If the target does not respond within the set time period, it is considered down. You can change this number to any number you want, however, it should be 3 times the interval number of seconds plus 1 second. If this parameter is not provided when creating a new monitor, then the default value will be 16.
provider: ${13:null} # not required. A dict object containing connection details.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_monitor_tcp_half_open':
'prefix': "bigip_monitor_tcp_half_open_snippet"
'description': "Manages F5 BIG-IP LTM tcp half-open monitors"
'body': """
bigip_monitor_tcp_half_open:
name: ${1:undefined} # required. Monitor name.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
interval: ${5:undefined} # not required. The interval specifying how frequently the monitor instance of this template will run. If this parameter is not provided when creating a new monitor, then the default value will be 5. This value B(must) be less than the C(timeout) value.
parent: ${6:/Common/tcp_half_open} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(tcp_half_open) parent on the C(Common) partition.
ip: ${7:undefined} # not required. IP address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'.,If this value is an IP address, and the C(type) is C(tcp) (the default), then a C(port) number must be specified.
partition: ${8:Common} # not required. Device partition to manage resources on.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${10|present,absent|} # not required. choices: present;absent. When C(present), ensures that the monitor exists.,When C(absent), ensures the monitor is removed.
time_until_up: ${11:undefined} # not required. Specifies the amount of time in seconds after the first successful response before a node will be marked up. A value of 0 will cause a node to be marked up immediately after a valid response is received from the node. If this parameter is not provided when creating a new monitor, then the default value will be 0.
timeout: ${12:undefined} # not required. The number of seconds in which the node or service must respond to the monitor request. If the target responds within the set time period, it is considered up. If the target does not respond within the set time period, it is considered down. You can change this number to any number you want, however, it should be 3 times the interval number of seconds plus 1 second. If this parameter is not provided when creating a new monitor, then the default value will be 16.
provider: ${13:null} # not required. A dict object containing connection details.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
port: ${15:undefined} # not required. Port address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'. Note that if specifying an IP address, a value between 1 and 65535 must be specified
"""
'bigip_monitor_udp':
'prefix': "bigip_monitor_udp_snippet"
'description': "Manages F5 BIG-IP LTM udp monitors"
'body': """
bigip_monitor_udp:
name: ${1:undefined} # required. Monitor name.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
interval: ${5:undefined} # not required. The interval specifying how frequently the monitor instance of this template will run. If this parameter is not provided when creating a new monitor, then the default value will be 5. This value B(must) be less than the C(timeout) value.
parent: ${6:/Common/udp} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(udp) parent on the C(Common) partition.
receive: ${7:undefined} # not required. The receive string for the monitor call.
ip: ${8:undefined} # not required. IP address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'.
partition: ${9:Common} # not required. Device partition to manage resources on.
send: ${10:undefined} # not required. The send string for the monitor call. When creating a new monitor, if this value is not provided, the default C(default send string) will be used.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${12|present,absent|} # not required. choices: present;absent. When C(present), ensures that the monitor exists.,When C(absent), ensures the monitor is removed.
time_until_up: ${13:undefined} # not required. Specifies the amount of time in seconds after the first successful response before a node will be marked up. A value of 0 will cause a node to be marked up immediately after a valid response is received from the node. If this parameter is not provided when creating a new monitor, then the default value will be 0.
timeout: ${14:undefined} # not required. The number of seconds in which the node or service must respond to the monitor request. If the target responds within the set time period, it is considered up. If the target does not respond within the set time period, it is considered down. You can change this number to any number you want, however, it should be 3 times the interval number of seconds plus 1 second. If this parameter is not provided when creating a new monitor, then the default value will be 16.
provider: ${15:null} # not required. A dict object containing connection details.
validate_certs: ${16:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
port: ${17:undefined} # not required. Port address part of the IP/port definition. If this parameter is not provided when creating a new monitor, then the default value will be '*'. Note that if specifying an IP address, a value between 1 and 65535 must be specified.
receive_disable: ${18:undefined} # not required. This setting works like C(receive), except that the system marks the node or pool member disabled when its response matches the C(receive_disable) string but not C(receive). To use this setting, you must specify both C(receive_disable) and C(receive).
"""
'bigip_node':
'prefix': "bigip_node_snippet"
'description': "Manages F5 BIG-IP LTM nodes"
'body': """
bigip_node:
name: ${1:undefined} # required. Specifies the name of the node.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
provider: ${5:null} # not required. A dict object containing connection details.
quorum: ${6:undefined} # not required. Monitor quorum value when C(monitor_type) is C(m_of_n).
partition: ${7:Common} # not required. Device partition to manage resources on.
fqdn: ${8:undefined} # not required. FQDN name of the node. This can be any name that is a valid RFC 1123 DNS name. Therefore, the only characters that can be used are \"A\" to \"Z\", \"a\" to \"z\", \"0\" to \"9\", the hyphen (\"-\") and the period (\".\").,FQDN names must include at lease one period; delineating the host from the domain. ex. C(host.domain).,FQDN names must end with a letter or a number.,When creating a new node, one of either C(address) or C(fqdn) must be provided. This parameter cannot be updated after it is set.
monitors: ${9:undefined} # not required. Specifies the health monitors that the system currently uses to monitor this node.
state: ${10|present,absent,enabled,disabled,offline|} # not required. choices: present;absent;enabled;disabled;offline. Specifies the current state of the node. C(enabled) (All traffic allowed), specifies that system sends traffic to this node regardless of the node's state. C(disabled) (Only persistent or active connections allowed), Specifies that the node can handle only persistent or active connections. C(offline) (Only active connections allowed), Specifies that the node can handle only active connections. In all cases except C(absent), the node will be created if it does not yet exist.,Be particularly careful about changing the status of a node whose FQDN cannot be resolved. These situations disable your ability to change their C(state) to C(disabled) or C(offline). They will remain in an *Unavailable - Enabled* state.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
address: ${12:undefined} # not required. IP address of the node. This can be either IPv4 or IPv6. When creating a new node, one of either C(address) or C(fqdn) must be provided. This parameter cannot be updated after it is set.
validate_certs: ${13:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
monitor_type: ${14|and_list,m_of_n,single|} # not required. choices: and_list;m_of_n;single. Monitor rule type when C(monitors) is specified. When creating a new pool, if this value is not specified, the default of 'and_list' will be used.,Both C(single) and C(and_list) are functionally identical since BIG-IP considers all monitors as \"a list\". BIG=IP either has a list of many, or it has a list of one. Where they differ is in the extra guards that C(single) provides; namely that it only allows a single monitor.
description: ${15:undefined} # not required. Specifies descriptive text that identifies the node.
"""
'bigip_partition':
'prefix': "bigip_partition_snippet"
'description': "Manage BIG-IP partitions"
'body': """
bigip_partition:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${4:undefined} # required. Name of the partition
description: ${5:undefined} # not required. The description to attach to the Partition.
state: ${6|present,absent|} # not required. choices: present;absent. Whether the partition should exist or not.
route_domain: ${7:undefined} # not required. The default Route Domain to assign to the Partition. If no route domain is specified, then the default route domain for the system (typically zero) will be used only when creating a new partition.
server_port: ${8:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${9:null} # not required. A dict object containing connection details.
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_policy':
'prefix': "bigip_policy_snippet"
'description': "Manage general policy configuration on a BIG-IP"
'body': """
bigip_policy:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. The name of the policy to create.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
description: ${5:undefined} # not required. The description to attach to the policy.,This parameter is only supported on versions of BIG-IP >= 12.1.0. On earlier versions it will simply be ignored.
rules: ${6:undefined} # not required. Specifies a list of rules that you want associated with this policy. The order of this list is the order they will be evaluated by BIG-IP. If the specified rules do not exist (for example when creating a new policy) then they will be created.,The C(conditions) for a default rule are C(all).,The C(actions) for a default rule are C(ignore).,The C(bigip_policy_rule) module can be used to create and edit existing and new rules.
partition: ${7:Common} # not required. Device partition to manage resources on.
strategy: ${8|first,all,best|} # not required. choices: first;all;best. Specifies the method to determine which actions get executed in the case where there are multiple rules that match. When creating new policies, the default is C(first).,This module does not allow you to specify the C(best) strategy to use. It will choose the system default (C(/Common/best-match)) for you instead.
state: ${9|present,absent,draft|} # not required. choices: present;absent;draft. When C(state) is C(present), ensures that the policy exists and is published. When C(state) is C(absent), ensures that the policy is removed, even if it is currently drafted.,When C(state) is C(draft), ensures that the policy exists and is drafted. When modifying rules, it is required that policies first be in a draft.,Drafting is only supported on versions of BIG-IP >= 12.1.0. On versions prior to that, specifying a C(state) of C(draft) will raise an error.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${11:null} # not required. A dict object containing connection details.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_policy_rule':
'prefix': "bigip_policy_rule_snippet"
'description': "Manage LTM policy rules on a BIG-IP"
'body': """
bigip_policy_rule:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. The name of the rule.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
policy: ${5:undefined} # required. The name of the policy that you want to associate this rule with.
description: ${6:undefined} # not required. Description of the policy rule.
actions: ${7:undefined} # not required. The actions that you want the policy rule to perform.,The available attributes vary by the action, however, each action requires that a C(type) be specified.,These conditions can be specified in any order. Despite them being a list, the BIG-IP does not treat their order as anything special.,Available C(type) values are C(forward).
validate_certs: ${8:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
partition: ${9:Common} # not required. Device partition to manage resources on.
state: ${10|present,absent|} # not required. choices: present;absent. When C(present), ensures that the key is uploaded to the device. When C(absent), ensures that the key is removed from the device. If the key is currently in use, the module will not be able to remove the key.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${12:null} # not required. A dict object containing connection details.
conditions: ${13:undefined} # not required. A list of attributes that describe the condition.,See suboptions for details on how to construct each list entry.,The ordering of this list is important, the module will ensure the order is kept when modifying the task.,The suboption options listed below are not required for all condition types, read the description for more details.,These conditions can be specified in any order. Despite them being a list, the BIG-IP does not treat their order as anything special.
"""
'bigip_pool':
'prefix': "bigip_pool_snippet"
'description': "Manages F5 BIG-IP LTM pools"
'body': """
bigip_pool:
password: ${1:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
name: ${4:undefined} # required. Pool name
monitors: ${5:undefined} # not required. Monitor template name list. If the partition is not provided as part of the monitor name, then the C(partition) option will be used instead.
lb_method: ${6|dynamic-ratio-member,dynamic-ratio-node,fastest-app-response,fastest-node,least-connections-member,least-connections-node,least-sessions,observed-member,observed-node,predictive-member,predictive-node,ratio-least-connections-member,ratio-least-connections-node,ratio-member,ratio-node,ratio-session,round-robin,weighted-least-connections-member,weighted-least-connections-nod|} # not required. choices: dynamic-ratio-member;dynamic-ratio-node;fastest-app-response;fastest-node;least-connections-member;least-connections-node;least-sessions;observed-member;observed-node;predictive-member;predictive-node;ratio-least-connections-member;ratio-least-connections-node;ratio-member;ratio-node;ratio-session;round-robin;weighted-least-connections-member;weighted-least-connections-nod. Load balancing method. When creating a new pool, if this value is not specified, the default of C(round-robin) will be used.
quorum: ${7:undefined} # not required. Monitor quorum value when C(monitor_type) is C(m_of_n).,Quorum must be a value of 1 or greater when C(monitor_type) is C(m_of_n).
description: ${8:undefined} # not required. Specifies descriptive text that identifies the pool.
partition: ${9:Common} # not required. Device partition to manage resources on.
slow_ramp_time: ${10:undefined} # not required. Sets the ramp-up time (in seconds) to gradually ramp up the load on newly added or freshly detected up pool members.
service_down_action: ${11|none,reset,drop,reselect|} # not required. choices: none;reset;drop;reselect. Sets the action to take when node goes down in pool.
reselect_tries: ${12:undefined} # not required. Sets the number of times the system tries to contact a pool member after a passive failure.
state: ${13|absent,present|} # not required. choices: absent;present. When C(present), guarantees that the pool exists with the provided attributes.,When C(absent), removes the pool from the system.
server_port: ${14:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${15:null} # not required. A dict object containing connection details.
metadata: ${16:undefined} # not required. Arbitrary key/value pairs that you can attach to a pool. This is useful in situations where you might want to annotate a pool to me managed by Ansible.,Key names will be stored as strings; this includes names that are numbers.,Values for all of the keys will be stored as strings; this includes values that are numbers.,Data will be persisted, not ephemeral.
validate_certs: ${17:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
monitor_type: ${18|and_list,m_of_n,single|} # not required. choices: and_list;m_of_n;single. Monitor rule type when C(monitors) is specified.,When creating a new pool, if this value is not specified, the default of 'and_list' will be used.,When C(single) ensures that all specified monitors are checked, but additionally includes checks to make sure you only specified a single monitor.,When C(and_list) ensures that B(all) monitors are checked.,When C(m_of_n) ensures that C(quorum) of C(monitors) are checked. C(m_of_n) B(requires) that a C(quorum) of 1 or greater be set either in the playbook, or already existing on the device.,Both C(single) and C(and_list) are functionally identical since BIG-IP considers all monitors as \"a list\".
"""
'bigip_pool_member':
'prefix': "bigip_pool_member_snippet"
'description': "Manages F5 BIG-IP LTM pool members"
'body': """
bigip_pool_member:
state: ${1|present,absent|} # required. choices: present;absent. Pool member state.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
host: ${3:undefined} # required. Pool member IP.
user: ${4:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${5:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
port: ${6:undefined} # required. Pool member port.
pool: ${7:undefined} # required. Pool name. This pool must exist.
session_state: ${8|enabled,disabled|} # not required. choices: enabled;disabled. Set new session availability status for pool member.
ratio: ${9:undefined} # not required. Pool member ratio weight. Valid values range from 1 through 100. New pool members -- unless overridden with this value -- default to 1.
description: ${10:undefined} # not required. Pool member description.
monitor_state: ${11|enabled,disabled|} # not required. choices: enabled;disabled. Set monitor availability status for pool member.
partition: ${12:Common} # not required. Partition
connection_limit: ${13:undefined} # not required. Pool member connection limit. Setting this to 0 disables the limit.
preserve_node: ${14|true,false|} # not required. choices: true;false. When state is absent and the pool member is no longer referenced in other pools, the default behavior removes the unused node o bject. Setting this to 'yes' disables this behavior.
server_port: ${15:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${16:null} # not required. A dict object containing connection details.
rate_limit: ${17:undefined} # not required. Pool member rate limit (connections-per-second). Setting this to 0 disables the limit.
priority_group: ${18:undefined} # not required. Specifies a number representing the priority group for the pool member.,When adding a new member, the default is 0, meaning that the member has no priority.,To specify a priority, you must activate priority group usage when you create a new pool or when adding or removing pool members. When activated, the system load balances traffic according to the priority group number assigned to the pool member.,The higher the number, the higher the priority, so a member with a priority of 3 has higher priority than a member with a priority of 1.
validate_certs: ${19:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_profile_client_ssl':
'prefix': "bigip_profile_client_ssl_snippet"
'description': "Manages client SSL profiles on a BIG-IP"
'body': """
bigip_profile_client_ssl:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. Specifies the name of the profile.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
parent: ${5:/Common/clientssl} # not required. The parent template of this monitor template. Once this value has been set, it cannot be changed. By default, this value is the C(clientssl) parent on the C(Common) partition.
cert_key_chain: ${6:undefined} # not required. One or more certificates and keys to associate with the SSL profile. This option is always a list. The keys in the list dictate the details of the client/key/chain combination. Note that BIG-IPs can only have one of each type of each certificate/key type. This means that you can only have one RSA, one DSA, and one ECDSA per profile. If you attempt to assign two RSA, DSA, or ECDSA certificate/key combo, the device will reject this.,This list is a complex list that specifies a number of keys. There are several supported keys.
ciphers: ${7:undefined} # not required. Specifies the list of ciphers that the system supports. When creating a new profile, the default cipher list is C(DEFAULT).
partition: ${8:Common} # not required. Device partition to manage resources on.
state: ${9|present,absent|} # not required. choices: present;absent. When C(present), ensures that the profile exists.,When C(absent), ensures the profile is removed.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${11:null} # not required. A dict object containing connection details.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_provision':
'prefix': "bigip_provision_snippet"
'description': "Manage BIG-IP module provisioning"
'body': """
bigip_provision:
name: ${1|am,afm,apm,asm,avr,fps,gtm,ilx,lc,ltm,pem,sam,swg,vcmp|} # required. choices: am;afm;apm;asm;avr;fps;gtm;ilx;lc;ltm;pem;sam;swg;vcmp. The module to provision in BIG-IP.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
level: ${5|dedicated,nominal,minimum|} # not required. choices: dedicated;nominal;minimum. Sets the provisioning level for the requested modules. Changing the level for one module may require modifying the level of another module. For example, changing one module to C(dedicated) requires setting all others to C(none). Setting the level of a module to C(none) means that the module is not activated.
state: ${6|present,absent|} # not required. choices: present;absent. The state of the provisioned module on the system. When C(present), guarantees that the specified module is provisioned at the requested level provided that there are sufficient resources on the device (such as physical RAM) to support the provisioned module. When C(absent), de-provision the module.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_qkview':
'prefix': "bigip_qkview_snippet"
'description': "Manage qkviews on the device"
'body': """
bigip_qkview:
dest: ${1:undefined} # required. Destination on your local filesystem when you want to save the qkview.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
max_file_size: ${5:0} # not required. Max file size, in bytes, of the qkview to create. By default, no max file size is specified.
force: ${6:true} # not required. If C(no), the file will only be transferred if the destination does not exist.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
asm_request_log: ${8:false} # not required. When C(True), includes the ASM request log data. When C(False), excludes the ASM request log data.
filename: ${9:localhost.localdomain.qkview} # not required. Name of the qkview to create on the remote BIG-IP.
exclude_core: ${10:false} # not required. Exclude core files from the qkview.
complete_information: ${11:true} # not required. Include complete information in the qkview.
provider: ${12:null} # not required. A dict object containing connection details.
exclude: ${13|all,audit,secure,bash_history|} # not required. choices: all;audit;secure;bash_history. Exclude various file from the qkview.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_remote_syslog':
'prefix': "bigip_remote_syslog_snippet"
'description': "Manipulate remote syslog settings on a BIG-IP"
'body': """
bigip_remote_syslog:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
remote_host: ${4:undefined} # required. Specifies the IP address, or hostname, for the remote system to which the system sends log messages.
remote_port: ${5:undefined} # not required. Specifies the port that the system uses to send messages to the remote logging server. When creating a remote syslog, if this parameter is not specified, the default value C(514) is used.
validate_certs: ${6:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
local_ip: ${7:undefined} # not required. Specifies the local IP address of the system that is logging. To provide no local IP, specify the value C(none). When creating a remote syslog, if this parameter is not specified, the default value C(none) is used.
state: ${8|absent,present|} # not required. choices: absent;present. When C(present), guarantees that the remote syslog exists with the provided attributes.,When C(absent), removes the remote syslog from the system.
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
"""
'bigip_routedomain':
'prefix': "bigip_routedomain_snippet"
'description': "Manage route domains on a BIG-IP"
'body': """
bigip_routedomain:
password: ${1:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
server: ${3:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
flow_eviction_policy: ${4:undefined} # not required. The eviction policy to use with this route domain. Apply an eviction policy to provide customized responses to flow overflows and slow flows on the route domain.
service_policy: ${5:undefined} # not required. Service policy to associate with the route domain.
description: ${6:undefined} # not required. Specifies descriptive text that identifies the route domain.
parent: ${7:undefined} # not required. Specifies the route domain the system searches when it cannot find a route in the configured domain.
partition: ${8:Common} # not required. Partition to create the route domain on. Partitions cannot be updated once they are created.
connection_limit: ${9:undefined} # not required. The maximum number of concurrent connections allowed for the route domain. Setting this to C(0) turns off connection limits.
provider: ${10:null} # not required. A dict object containing connection details.
strict: ${11|enabled,disabled|} # not required. choices: enabled;disabled. Specifies whether the system enforces cross-routing restrictions or not.
state: ${12|present,absent|} # not required. choices: present;absent. Whether the route domain should exist or not.
routing_protocol: ${13|BFD,BGP,IS-IS,OSPFv2,OSPFv3,PIM,RIP,RIPng|} # not required. choices: BFD;BGP;IS-IS;OSPFv2;OSPFv3;PIM;RIP;RIPng. Dynamic routing protocols for the system to use in the route domain.
server_port: ${14:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
bwc_policy: ${15:undefined} # not required. The bandwidth controller for the route domain.
vlans: ${16:undefined} # not required. VLANs for the system to use in the route domain
validate_certs: ${17:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
id: ${18:undefined} # not required. The unique identifying integer representing the route domain.,This field is required when creating a new route domain.,In version 2.5, this value is no longer used to reference a route domain when making modifications to it (for instance during update and delete operations). Instead, the C(name) parameter is used. In version 2.6, the C(name) value will become a required parameter.
name: ${19:undefined} # not required. The name of the route domain.,When creating a new route domain, if this value is not specified, then the value of C(id) will be used for it.
"""
'bigip_security_address_list':
'prefix': "bigip_security_address_list_snippet"
'description': "Manage address lists on BIG-IP AFM"
'body': """
bigip_security_address_list:
name: ${1:undefined} # required. Specifies the name of the address list.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
geo_locations: ${5:undefined} # not required. List of geolocations specified by their C(country) and C(region).
addresses: ${6:undefined} # not required. Individual addresses that you want to add to the list. These addresses differ from ranges, and lists of lists such as what can be used in C(address_ranges) and C(address_lists) respectively.
address_ranges: ${7:undefined} # not required. A list of address ranges where the range starts with a port number, is followed by a dash (-) and then a second number.,If the first address is greater than the second number, the numbers will be reversed so-as to be properly formatted. ie, C(2.2.2.2-1.1.1). would become C(1.1.1.1-2.2.2.2).
address_lists: ${8:undefined} # not required. Simple list of existing address lists to add to this list. Address lists can be specified in either their fully qualified name (/Common/foo) or their short name (foo). If a short name is used, the C(partition) argument will automatically be prepended to the short name.
fqdns: ${9:undefined} # not required. A list of fully qualified domain names (FQDNs).,An FQDN has at least one decimal point in it, separating the host from the domain.,To add FQDNs to a list requires that a global FQDN resolver be configured. At the moment, this must either be done via C(bigip_command), or, in the GUI of BIG-IP. If using C(bigip_command), this can be done with C(tmsh modify security firewall global-fqdn-policy FOO) where C(FOO) is a DNS resolver configured at C(tmsh create net dns-resolver FOO).
partition: ${10:Common} # not required. Device partition to manage resources on.
state: ${11|present,absent|} # not required. choices: present;absent. When C(present), ensures that the address list and entries exists.,When C(absent), ensures the address list is removed.
server_port: ${12:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${13:null} # not required. A dict object containing connection details.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
description: ${15:undefined} # not required. Description of the address list
"""
'bigip_security_port_list':
'prefix': "bigip_security_port_list_snippet"
'description': "Manage port lists on BIG-IP AFM"
'body': """
bigip_security_port_list:
user: ${1:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${3:undefined} # required. Specifies the name of the port list.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
description: ${5:undefined} # not required. Description of the port list
port_ranges: ${6:undefined} # not required. A list of port ranges where the range starts with a port number, is followed by a dash (-) and then a second number.,If the first number is greater than the second number, the numbers will be reversed so-as to be properly formatted. ie, 90-78 would become 78-90.
partition: ${7:Common} # not required. Device partition to manage resources on.
port_lists: ${8:undefined} # not required. Simple list of existing port lists to add to this list. Port lists can be specified in either their fully qualified name (/Common/foo) or their short name (foo). If a short name is used, the C(partition) argument will automatically be prepended to the short name.
state: ${9|present,absent|} # not required. choices: present;absent. When C(present), ensures that the address list and entries exists.,When C(absent), ensures the address list is removed.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${11:null} # not required. A dict object containing connection details.
validate_certs: ${12:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
ports: ${13:undefined} # not required. Simple list of port values to add to the list
"""
'bigip_selfip':
'prefix': "bigip_selfip_snippet"
'description': "Manage Self-IPs on a BIG-IP system"
'body': """
bigip_selfip:
name: ${1:Value of C(address)} # required. The self IP to create.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
vlan: ${5:undefined} # not required. The VLAN that the new self IPs will be on. When creating a new Self IP, this value is required.
partition: ${6:Common} # not required. Device partition to manage resources on. You can set different partitions for Self IPs, but the address used may not match any other address used by a Self IP. In that sense, Self IPs are not isolated by partitions as other resources on a BIG-IP are.
netmask: ${7:undefined} # not required. The netmask for the self IP. When creating a new Self IP, this value is required.
allow_service: ${8:undefined} # not required. Configure port lockdown for the Self IP. By default, the Self IP has a \"default deny\" policy. This can be changed to allow TCP and UDP ports as well as specific protocols. This list should contain C(protocol):C(port) values.
state: ${9|absent,present|} # not required. choices: absent;present. When C(present), guarantees that the Self-IP exists with the provided attributes.,When C(absent), removes the Self-IP from the system.
route_domain: ${10:undefined} # not required. The route domain id of the system. When creating a new Self IP, if this value is not specified, a default value of C(0) will be used.,This value cannot be changed after it is set.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
address: ${12:undefined} # not required. The IP addresses for the new self IP. This value is ignored upon update as addresses themselves cannot be changed after they are created.,This value is required when creating new self IPs.
traffic_group: ${13:undefined} # not required. The traffic group for the Self IP addresses in an active-active, redundant load balancer configuration. When creating a new Self IP, if this value is not specified, the default of C(/Common/traffic-group-local-only) will be used.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
provider: ${15:null} # not required. A dict object containing connection details.
"""
'bigip_snat_pool':
'prefix': "bigip_snat_pool_snippet"
'description': "Manage SNAT pools on a BIG-IP"
'body': """
bigip_snat_pool:
name: ${1:undefined} # required. The name of the SNAT pool.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
partition: ${5:Common} # not required. Device partition to manage resources on.
members: ${6:undefined} # not required. List of members to put in the SNAT pool. When a C(state) of present is provided, this parameter is required. Otherwise, it is optional.
state: ${7|present,absent|} # not required. choices: present;absent. Whether the SNAT pool should exist or not.
server_port: ${8:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${9:null} # not required. A dict object containing connection details.
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_snmp':
'prefix': "bigip_snmp_snippet"
'description': "Manipulate general SNMP settings on a BIG-IP"
'body': """
bigip_snmp:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
agent_status_traps: ${4|enabled,disabled|} # not required. choices: enabled;disabled. When C(enabled), ensures that the system sends a trap whenever the SNMP agent starts running or stops running. This is usually enabled by default on a BIG-IP.
agent_authentication_traps: ${5|enabled,disabled|} # not required. choices: enabled;disabled. When C(enabled), ensures that the system sends authentication warning traps to the trap destinations. This is usually disabled by default on a BIG-IP.
device_warning_traps: ${6|enabled,disabled|} # not required. choices: enabled;disabled. When C(enabled), ensures that the system sends device warning traps to the trap destinations. This is usually enabled by default on a BIG-IP.
contact: ${7:undefined} # not required. Specifies the name of the person who administers the SNMP service for this system.
server_port: ${8:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${9:null} # not required. A dict object containing connection details.
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
location: ${11:undefined} # not required. Specifies the description of this system's physical location.
"""
'bigip_snmp_trap':
'prefix': "bigip_snmp_trap_snippet"
'description': "Manipulate SNMP trap information on a BIG-IP"
'body': """
bigip_snmp_trap:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${4:undefined} # required. Name of the SNMP configuration endpoint.
snmp_version: ${5|1,2c|} # not required. choices: 1;2c. Specifies to which Simple Network Management Protocol (SNMP) version the trap destination applies.
destination: ${6:undefined} # not required. Specifies the address for the trap destination. This can be either an IP address or a hostname.
network: ${7|other,management,default|} # not required. choices: other;management;default. Specifies the name of the trap network. This option is not supported in versions of BIG-IP < 12.1.0. If used on versions < 12.1.0, it will simply be ignored.
partition: ${8:Common} # not required. Device partition to manage resources on.
community: ${9:undefined} # not required. Specifies the community name for the trap destination.
state: ${10|present,absent|} # not required. choices: present;absent. When C(present), ensures that the cloud connector exists. When C(absent), ensures that the cloud connector does not exist.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${12:null} # not required. A dict object containing connection details.
validate_certs: ${13:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
port: ${14:undefined} # not required. Specifies the port for the trap destination.
"""
'bigip_software_update':
'prefix': "bigip_software_update_snippet"
'description': "Manage the software update settings of a BIG-IP"
'body': """
bigip_software_update:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
auto_phone_home: ${4:undefined} # not required. Specifies whether to automatically send phone home data to the F5 Networks PhoneHome server.
auto_check: ${5:undefined} # not required. Specifies whether to automatically check for updates on the F5 Networks downloads server.
frequency: ${6|daily,monthly,weekly|} # not required. choices: daily;monthly;weekly. Specifies the schedule for the automatic update check.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_ssl_certificate':
'prefix': "bigip_ssl_certificate_snippet"
'description': "Import/Delete certificates from BIG-IP"
'body': """
bigip_ssl_certificate:
name: ${1:undefined} # required. SSL Certificate Name. This is the cert name used when importing a certificate into the F5. It also determines the filenames of the objects on the LTM.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
partition: ${5:Common} # not required. Device partition to manage resources on.
content: ${6:undefined} # not required. Sets the contents of a certificate directly to the specified value. This is used with lookup plugins or for anything with formatting or,C(content) must be provided when C(state) is C(present).
issuer_cert: ${7:undefined} # not required. Issuer certificate used for OCSP monitoring.,This parameter is only valid on versions of BIG-IP 13.0.0 or above.
state: ${8|present,absent|} # not required. choices: present;absent. Certificate state. This determines if the provided certificate and key is to be made C(present) on the device or C(absent).
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
validate_certs: ${11:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_ssl_key':
'prefix': "bigip_ssl_key_snippet"
'description': "Import/Delete SSL keys from BIG-IP"
'body': """
bigip_ssl_key:
name: ${1:undefined} # required. The name of the key.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
partition: ${5:Common} # not required. Device partition to manage resources on.
server_port: ${6:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
content: ${7:undefined} # not required. Sets the contents of a key directly to the specified value. This is used with lookup plugins or for anything with formatting or templating. This must be provided when C(state) is C(present).
state: ${8|present,absent|} # not required. choices: present;absent. When C(present), ensures that the key is uploaded to the device. When C(absent), ensures that the key is removed from the device. If the key is currently in use, the module will not be able to remove the key.
passphrase: ${9:undefined} # not required. Passphrase on key.
provider: ${10:null} # not required. A dict object containing connection details.
validate_certs: ${11:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_static_route':
'prefix': "bigip_static_route_snippet"
'description': "Manipulate static routes on a BIG-IP"
'body': """
bigip_static_route:
name: ${1:undefined} # required. Name of the static route.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
destination: ${5:undefined} # not required. Specifies an IP address for the static entry in the routing table. When creating a new static route, this value is required.,This value cannot be changed once it is set.
gateway_address: ${6:undefined} # not required. Specifies the router for the system to use when forwarding packets to the destination host or network. Also known as the next-hop router address. This can be either an IPv4 or IPv6 address. When it is an IPv6 address that starts with C(FE80:), the address will be treated as a link-local address. This requires that the C(vlan) parameter also be supplied.
validate_certs: ${7:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
vlan: ${8:undefined} # not required. Specifies the VLAN or Tunnel through which the system forwards packets to the destination. When C(gateway_address) is a link-local IPv6 address, this value is required
route_domain: ${9:undefined} # not required. The route domain id of the system. When creating a new static route, if this value is not specified, a default value of C(0) will be used.,This value cannot be changed once it is set.
mtu: ${10:undefined} # not required. Specifies a specific maximum transmission unit (MTU).
state: ${11|present,absent|} # not required. choices: present;absent. When C(present), ensures that the cloud connector exists. When C(absent), ensures that the cloud connector does not exist.
server_port: ${12:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
reject: ${13:undefined} # not required. Specifies that the system drops packets sent to the destination.
netmask: ${14:undefined} # not required. The netmask for the static route. When creating a new static route, this value is required.,This value can be in either IP or CIDR format.,This value cannot be changed once it is set.
provider: ${15:null} # not required. A dict object containing connection details.
pool: ${16:undefined} # not required. Specifies the pool through which the system forwards packets to the destination.
description: ${17:undefined} # not required. Descriptive text that identifies the route.
"""
'bigip_sys_db':
'prefix': "bigip_sys_db_snippet"
'description': "Manage BIG-IP system database variables"
'body': """
bigip_sys_db:
key: ${1:undefined} # required. The database variable to manipulate.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
value: ${5:undefined} # not required. The value to set the key to. At least one of value and state C(reset) are required.
state: ${6|present,reset|} # not required. choices: present;reset. The state of the variable on the system. When C(present), guarantees that an existing variable is set to C(value). When C(reset) sets the variable back to the default value. At least one of value and state C(reset) are required.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_sys_global':
'prefix': "bigip_sys_global_snippet"
'description': "Manage BIG-IP global settings"
'body': """
bigip_sys_global:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
security_banner: ${4:undefined} # not required. Specifies whether the system displays an advisory message on the login screen.
net_reboot: ${5:undefined} # not required. Specifies, when C(enabled), that the next time you reboot the system, the system boots to an ISO image on the network, rather than an internal media drive.
banner_text: ${6:undefined} # not required. Specifies the text to present in the advisory banner.
console_timeout: ${7:undefined} # not required. Specifies the number of seconds of inactivity before the system logs off a user that is logged on.
quiet_boot: ${8:undefined} # not required. Specifies, when C(enabled), that the system suppresses informational text on the console during the boot cycle. When C(disabled), the system presents messages and informational text on the console during the boot cycle.
mgmt_dhcp: ${9:undefined} # not required. Specifies whether or not to enable DHCP client on the management interface
state: ${10|present|} # not required. choices: present. The state of the variable on the system. When C(present), guarantees that an existing variable is set to C(value).
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${12:null} # not required. A dict object containing connection details.
gui_setup: ${13:undefined} # not required. C(enable) or C(disabled) the Setup utility in the browser-based Configuration utility.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
lcd_display: ${15:undefined} # not required. Specifies, when C(enabled), that the system menu displays on the LCD screen on the front of the unit. This setting has no effect when used on the VE platform.
"""
'bigip_traffic_group':
'prefix': "bigip_traffic_group_snippet"
'description': "Manages traffic groups on BIG-IP"
'body': """
bigip_traffic_group:
name: ${1:undefined} # required. The name of the traffic group.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
partition: ${5:Common} # not required. Device partition to manage resources on.
state: ${6|present,absent|} # not required. choices: present;absent. When C(present), ensures that the traffic group exists.,When C(absent), ensures the traffic group is removed.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${8:null} # not required. A dict object containing connection details.
validate_certs: ${9:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_ucs':
'prefix': "bigip_ucs_snippet"
'description': "Manage upload, installation and removal of UCS files"
'body': """
bigip_ucs:
password: ${1:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
force: ${4|true,false|} # not required. choices: true;false. If C(yes) will upload the file every time and replace the file on the device. If C(no), the file will only be uploaded if it does not already exist. Generally should be C(yes) only in cases where you have reason to believe that the image was corrupted during upload.
reset_trust: ${5|true,false|} # not required. choices: true;false. When specified, the device and trust domain certs and keys are not loaded from the UCS. Instead, a new set is regenerated.
no_platform_check: ${6|true,false|} # not required. choices: true;false. Bypasses the platform check and allows a UCS that was created using a different platform to be installed. By default (without this option), a UCS created from a different platform is not allowed to be installed.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
state: ${8|absent,installed,present|} # not required. choices: absent;installed;present. When C(installed), ensures that the UCS is uploaded and installed, on the system. When C(present), ensures that the UCS is uploaded. When C(absent), the UCS will be removed from the system. When C(installed), the uploading of the UCS is idempotent, however the installation of that configuration is not idempotent.
include_chassis_level_config: ${9|true,false|} # not required. choices: true;false. During restore of the UCS file, include chassis level configuration that is shared among boot volume sets. For example, cluster default configuration.
passphrase: ${10|true,false|} # not required. choices: true;false. Specifies the passphrase that is necessary to load the specified UCS file.
provider: ${11:null} # not required. A dict object containing connection details.
ucs: ${12:undefined} # not required. The path to the UCS file to install. The parameter must be provided if the C(state) is either C(installed) or C(activated). When C(state) is C(absent), the full path for this parameter will be ignored and only the filename will be used to select a UCS for removal. Therefore you could specify C(/mickey/mouse/test.ucs) and this module would only look for C(test.ucs).
no_license: ${13|true,false|} # not required. choices: true;false. Performs a full restore of the UCS file and all the files it contains, with the exception of the license file. The option must be used to restore a UCS on RMA devices (Returned Materials Authorization).
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_ucs_fetch':
'prefix': "bigip_ucs_fetch_snippet"
'description': "Fetches a UCS file from remote nodes"
'body': """
bigip_ucs_fetch:
dest: ${1:undefined} # required. A directory to save the UCS file into.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${4:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
force: ${5:true} # not required. If C(no), the file will only be transferred if the destination does not exist.
fail_on_missing: ${6:false} # not required. Make the module fail if the UCS file on the remote system is missing.
create_on_missing: ${7:true} # not required. Creates the UCS based on the value of C(src) if the file does not already exist on the remote system.
src: ${8:undefined} # not required. The name of the UCS file to create on the remote server for downloading
encryption_password: ${9:undefined} # not required. Password to use to encrypt the UCS file if desired
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
server_port: ${11:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${12:null} # not required. A dict object containing connection details.
backup: ${13:false} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
"""
'bigip_user':
'prefix': "bigip_user_snippet"
'description': "Manage user accounts and user attributes on a BIG-IP"
'body': """
bigip_user:
password: ${1:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
username_credential: ${4:undefined} # required. Name of the user to create, remove or modify. There is a special case that exists for the user C(root).
update_password: ${5|always,on_create|} # not required. choices: always;on_create. C(always) will allow to update passwords if the user chooses to do so. C(on_create) will only set the password for newly created users. When C(username_credential) is C(root), this value will be forced to C(always).
shell: ${6|bash,none,tmsh|} # not required. choices: bash;none;tmsh. Optionally set the users shell.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
password_credential: ${8:undefined} # not required. Set the users password to this unencrypted value. C(password_credential) is required when creating a new account.
partition_access: ${9:undefined} # not required. Specifies the administrative partition to which the user has access. C(partition_access) is required when creating a new account. Should be in the form \"partition:role\". Valid roles include C(acceleration-policy-editor), C(admin), C(application-editor), C(auditor) C(certificate-manager), C(guest), C(irule-manager), C(manager), C(no-access) C(operator), C(resource-admin), C(user-manager), C(web-application-security-administrator), and C(web-application-security-editor). Partition portion of tuple should be an existing partition or the value 'all'.
partition: ${10:Common} # not required. Device partition to manage resources on.
state: ${11|present,absent|} # not required. choices: present;absent. Whether the account should exist or not, taking action if the state is different from what is stated.
full_name: ${12:undefined} # not required. Full name of the user.
provider: ${13:null} # not required. A dict object containing connection details.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigip_vcmp_guest':
'prefix': "bigip_vcmp_guest_snippet"
'description': "Manages vCMP guests on a BIG-IP"
'body': """
bigip_vcmp_guest:
name: ${1:undefined} # required. The name of the vCMP guest to manage.
password: ${2:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server: ${3:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${4:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
mgmt_address: ${5:undefined} # not required. Specifies the IP address, and subnet or subnet mask that you use to access the guest when you want to manage a module running within the guest. This parameter is required if the C(mgmt_network) parameter is C(bridged).,When creating a new guest, if you do not specify a network or network mask, a default of C(/24) (C(255.255.255.0)) will be assumed.
vlans: ${6:undefined} # not required. VLANs that the guest uses to communicate with other guests, the host, and with the external network. The available VLANs in the list are those that are currently configured on the vCMP host.,The order of these VLANs is not important; in fact, it's ignored. This module will order the VLANs for you automatically. Therefore, if you deliberately re-order them in subsequent tasks, you will find that this module will B(not) register a change.
partition: ${7:Common} # not required. Device partition to manage resources on.
delete_virtual_disk: ${8:false} # not required. When C(state) is C(absent), will additionally delete the virtual disk associated with the vCMP guest. By default, this value is C(no).
initial_image: ${9:undefined} # not required. Specifies the base software release ISO image file for installing the TMOS hypervisor instance and any licensed BIG-IP modules onto the guest's virtual disk. When creating a new guest, this parameter is required.
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
state: ${11|configured,disabled,provisioned,present,absent|} # not required. choices: configured;disabled;provisioned;present;absent. The state of the vCMP guest on the system. Each state implies the actions of all states before it.,When C(configured), guarantees that the vCMP guest exists with the provided attributes. Additionally, ensures that the vCMP guest is turned off.,When C(disabled), behaves the same as C(configured) the name of this state is just a convenience for the user that is more understandable.,When C(provisioned), will ensure that the guest is created and installed. This state will not start the guest; use C(deployed) for that. This state is one step beyond C(present) as C(present) will not install the guest; only setup the configuration for it to be installed.,When C(present), ensures the guest is properly provisioned and starts the guest so that it is in a running state.,When C(absent), removes the vCMP from the system.
server_port: ${12:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${13:null} # not required. A dict object containing connection details.
mgmt_route: ${14:undefined} # not required. Specifies the gateway address for the C(mgmt_address).,If this value is not specified when creating a new guest, it is set to C(none).,The value C(none) can be used during an update to remove this value.
mgmt_network: ${15|bridged,isolated,host only|} # not required. choices: bridged;isolated;host only. Specifies the method by which the management address is used in the vCMP guest.,When C(bridged), specifies that the guest can communicate with the vCMP host's management network.,When C(isolated), specifies that the guest is isolated from the vCMP host's management network. In this case, the only way that a guest can communicate with the vCMP host is through the console port or through a self IP address on the guest that allows traffic through port 22.,When C(host only), prevents the guest from installing images and hotfixes other than those provided by the hypervisor.,If the guest setting is C(isolated) or C(host only), the C(mgmt_address) does not apply.,Concerning mode changing, changing C(bridged) to C(isolated) causes the vCMP host to remove all of the guest's management interfaces from its bridged management network. This immediately disconnects the guest's VMs from the physical management network. Changing C(isolated) to C(bridged) causes the vCMP host to dynamically add the guest's management interfaces to the bridged management network. This immediately connects all of the guest's VMs to the physical management network. Changing this property while the guest is in the C(configured) or C(provisioned) state has no immediate effect.
cores_per_slot: ${16:undefined} # not required. Specifies the number of cores that the system allocates to the guest.,Each core represents a portion of CPU and memory. Therefore, the amount of memory allocated per core is directly tied to the amount of CPU. This amount of memory varies per hardware platform type.,The number you can specify depends on the type of hardware you have.,In the event of a reboot, the system persists the guest to the same slot on which it ran prior to the reboot.
"""
'bigip_virtual_address':
'prefix': "bigip_virtual_address_snippet"
'description': "Manage LTM virtual addresses on a BIG-IP"
'body': """
bigip_virtual_address:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
address: ${3:undefined} # required. Virtual address. This value cannot be modified after it is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
provider: ${5:null} # not required. A dict object containing connection details.
icmp_echo: ${6|enabled,disabled,selective|} # not required. choices: enabled;disabled;selective. Specifies how the systems sends responses to (ICMP) echo requests on a per-virtual address basis for enabling route advertisement. When C(enabled), the BIG-IP system intercepts ICMP echo request packets and responds to them directly. When C(disabled), the BIG-IP system passes ICMP echo requests through to the backend servers. When (selective), causes the BIG-IP system to internally enable or disable responses based on virtual server state; C(when_any_available), C(when_all_available, or C(always), regardless of the state of any virtual servers.
auto_delete: ${7|enabled,disabled|} # not required. choices: enabled;disabled. Specifies whether the system automatically deletes the virtual address with the deletion of the last associated virtual server. When C(disabled), specifies that the system leaves the virtual address even when all associated virtual servers have been deleted. When creating the virtual address, the default value is C(enabled).
partition: ${8:Common} # not required. Device partition to manage resources on.
connection_limit: ${9:undefined} # not required. Specifies the number of concurrent connections that the system allows on this virtual address.
netmask: ${10:255.255.255.255} # not required. Netmask of the provided virtual address. This value cannot be modified after it is set.
state: ${11|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. The virtual address state. If C(absent), an attempt to delete the virtual address will be made. This will only succeed if this virtual address is not in use by a virtual server. C(present) creates the virtual address and enables it. If C(enabled), enable the virtual address if it exists. If C(disabled), create the virtual address if needed, and set state to C(disabled).
arp_state: ${12|enabled,disabled|} # not required. choices: enabled;disabled. Specifies whether the system accepts ARP requests. When (disabled), specifies that the system does not accept ARP requests. Note that both ARP and ICMP Echo must be disabled in order for forwarding virtual servers using that virtual address to forward ICMP packets. If (enabled), then the packets are dropped.
server_port: ${13:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
traffic_group: ${14:undefined} # not required. The traffic group for the virtual address. When creating a new address, if this value is not specified, the default of C(/Common/traffic-group-1) will be used.
validate_certs: ${15:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
use_route_advertisement: ${16:undefined} # not required. Specifies whether the system uses route advertisement for this virtual address. When disabled, the system does not advertise routes for this virtual address.
advertise_route: ${17|always,when_all_available,when_any_available|} # not required. choices: always;when_all_available;when_any_available. Specifies what routes of the virtual address the system advertises. When C(when_any_available), advertises the route when any virtual server is available. When C(when_all_available), advertises the route when all virtual servers are available. When (always), always advertises the route regardless of the virtual servers available.
"""
'bigip_virtual_server':
'prefix': "bigip_virtual_server_snippet"
'description': "Manage LTM virtual servers on a BIG-IP"
'body': """
bigip_virtual_server:
destination: ${1:undefined} # required. Destination IP of the virtual server.,Required when C(state) is C(present) and virtual server does not exist.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${4:undefined} # required. Virtual server name.
server: ${5:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
disabled_vlans: ${6:undefined} # not required. List of VLANs to be disabled. If the partition is not specified in the VLAN, then the C(partition) option of this module will be used.,This parameter is mutually exclusive with the C(enabled_vlans) parameters.
description: ${7:undefined} # not required. Virtual server description.
fallback_persistence_profile: ${8:undefined} # not required. Specifies the persistence profile you want the system to use if it cannot use the specified default persistence profile.,If you want to remove the existing fallback persistence profile, specify an empty value; C(\"\"). See the documentation for an example.
default_persistence_profile: ${9:undefined} # not required. Default Profile which manages the session persistence.,If you want to remove the existing default persistence profile, specify an empty value; C(\"\"). See the documentation for an example.
server_port: ${10:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
enabled_vlans: ${11:undefined} # not required. List of VLANs to be enabled. When a VLAN named C(all) is used, all VLANs will be allowed. VLANs can be specified with or without the leading partition. If the partition is not specified in the VLAN, then the C(partition) option of this module will be used.,This parameter is mutually exclusive with the C(disabled_vlans) parameter.
port: ${12:undefined} # not required. Port of the virtual server. Required when C(state) is C(present) and virtual server does not exist.,If you do not want to specify a particular port, use the value C(0). The result is that the virtual server will listen on any port.
pool: ${13:undefined} # not required. Default pool for the virtual server.,If you want to remove the existing pool, specify an empty value; C(\"\"). See the documentation for an example.
validate_certs: ${14:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
partition: ${15:Common} # not required. Device partition to manage resources on.
profiles: ${16:undefined} # not required. List of profiles (HTTP, ClientSSL, ServerSSL, etc) to apply to both sides of the connection (client-side and server-side).,If you only want to apply a particular profile to the client-side of the connection, specify C(client-side) for the profile's C(context).,If you only want to apply a particular profile to the server-side of the connection, specify C(server-side) for the profile's C(context).,If C(context) is not provided, it will default to C(all).
irules: ${17:undefined} # not required. List of rules to be applied in priority order.,If you want to remove existing iRules, specify a single empty value; C(\"\"). See the documentation for an example.
source: ${18:undefined} # not required. Specifies an IP address or network from which the virtual server accepts traffic.,The virtual server accepts clients only from one of these IP addresses.,For this setting to function effectively, specify a value other than 0.0.0.0/0 or ::/0 (that is, any/0, any6/0).,In order to maximize utility of this setting, specify the most specific address prefixes covering all customer addresses and no others.,Specify the IP address in Classless Inter-Domain Routing (CIDR) format; address/prefix, where the prefix length is in bits. For example, for IPv4, 10.0.0.1/32 or 10.0.0.0/24, and for IPv6, ffe1::0020/64 or 2001:ed8:77b5:2:10:10:100:42/64.
state: ${19|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. The virtual server state. If C(absent), delete the virtual server if it exists. C(present) creates the virtual server and enable it. If C(enabled), enable the virtual server if it exists. If C(disabled), create the virtual server if needed, and set state to C(disabled).
policies: ${20:undefined} # not required. Specifies the policies for the virtual server
provider: ${21:null} # not required. A dict object containing connection details.
snat: ${22|None,Automap,Name of a SNAT pool (eg \"/Common/snat_pool_name\") to enable SNAT with the specific pool|} # not required. choices: None;Automap;Name of a SNAT pool (eg \"/Common/snat_pool_name\") to enable SNAT with the specific pool. Source network address policy.
metadata: ${23:undefined} # not required. Arbitrary key/value pairs that you can attach to a pool. This is useful in situations where you might want to annotate a virtual to me managed by Ansible.,Key names will be stored as strings; this includes names that are numbers.,Values for all of the keys will be stored as strings; this includes values that are numbers.,Data will be persisted, not ephemeral.
"""
'bigip_vlan':
'prefix': "bigip_vlan_snippet"
'description': "Manage VLANs on a BIG-IP system"
'body': """
bigip_vlan:
password: ${1:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
name: ${2:undefined} # required. The VLAN to manage. If the special VLAN C(ALL) is specified with the C(state) value of C(absent) then all VLANs will be removed.
server: ${3:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${4:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
dag_round_robin: ${5:undefined} # not required. Specifies whether some of the stateless traffic on the VLAN should be disaggregated in a round-robin order instead of using a static hash. The stateless traffic includes non-IP L2 traffic, ICMP, some UDP protocols, and so on.,When creating a new VLAN, if this parameter is not specified, the default of (no) is used.
untagged_interfaces: ${6:undefined} # not required. Specifies a list of untagged interfaces and trunks that you want to configure for the VLAN.
server_port: ${7:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
partition: ${8:Common} # not required. Device partition to manage resources on.
provider: ${9:null} # not required. A dict object containing connection details.
mtu: ${10:undefined} # not required. Specifies the maximum transmission unit (MTU) for traffic on this VLAN. When creating a new VLAN, if this parameter is not specified, the default value used will be C(1500).,This number must be between 576 to 9198.
state: ${11|absent,present|} # not required. choices: absent;present. The state of the VLAN on the system. When C(present), guarantees that the VLAN exists with the provided attributes. When C(absent), removes the VLAN from the system.
tag: ${12:undefined} # not required. Tag number for the VLAN. The tag number can be any integer between 1 and 4094. The system automatically assigns a tag number if you do not specify a value.
tagged_interfaces: ${13:undefined} # not required. Specifies a list of tagged interfaces and trunks that you want to configure for the VLAN. Use tagged interfaces or trunks when you want to assign a single interface or trunk to multiple VLANs.
cmp_hash: ${14:undefined} # not required. Specifies how the traffic on the VLAN will be disaggregated. The value selected determines the traffic disaggregation method. You can choose to disaggregate traffic based on C(source-address) (the source IP address), C(destination-address) (destination IP address), or C(default), which specifies that the default CMP hash uses L4 ports.,When creating a new VLAN, if this parameter is not specified, the default of C(default) is used.
dag_tunnel: ${15:undefined} # not required. Specifies how the disaggregator (DAG) distributes received tunnel-encapsulated packets to TMM instances. Select C(inner) to distribute packets based on information in inner headers. Select C(outer) to distribute packets based on information in outer headers without inspecting inner headers.,When creating a new VLAN, if this parameter is not specified, the default of C(outer) is used.,This parameter is not supported on Virtual Editions of BIG-IP.
validate_certs: ${16:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
description: ${17:undefined} # not required. The description to give to the VLAN.
"""
'bigip_wait':
'prefix': "bigip_wait_snippet"
'description': "Wait for a BIG-IP condition before continuing"
'body': """
bigip_wait:
server: ${1:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${2:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${3:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
server_port: ${4:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
delay: ${5:0} # not required. Number of seconds to wait before starting to poll.
sleep: ${6:1} # not required. Number of seconds to sleep between checks, before 2.3 this was hardcoded to 1 second.
timeout: ${7:7200} # not required. Maximum number of seconds to wait for.,When used without other conditions it is equivalent of just sleeping.,The default timeout is deliberately set to 2 hours because no individual REST API.
provider: ${8:null} # not required. A dict object containing connection details.
msg: ${9:undefined} # not required. This overrides the normal error message from a failure to meet the required conditions.
validate_certs: ${10:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigiq_regkey_license':
'prefix': "bigiq_regkey_license_snippet"
'description': "Manages licenses in a BIG-IQ registration key pool"
'body': """
bigiq_regkey_license:
regkey_pool: ${1:undefined} # required. The registration key pool that you want to place the license in.,You must be mindful to name your registration pools unique names. While BIG-IQ does not require this, this module does. If you do not do this, the behavior of the module is undefined and you may end up putting licenses in the wrong registration key pool.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
license_key: ${4:undefined} # required. The license key to put in the pool.
password: ${5:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
description: ${6:undefined} # not required. Description of the license.
state: ${7|absent,present|} # not required. choices: absent;present. The state of the regkey license in the pool on the system.,When C(present), guarantees that the license exists in the pool.,When C(absent), removes the license from the pool.
accept_eula: ${8:undefined} # not required. A key that signifies that you accept the F5 EULA for this license.,A copy of the EULA can be found here https://askf5.f5.com/csp/article/K12902,This is required when C(state) is C(present).
server_port: ${9:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${10:null} # not required. A dict object containing connection details.
validate_certs: ${11:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
"""
'bigiq_regkey_pool':
'prefix': "bigiq_regkey_pool_snippet"
'description': "Manages registration key pools on BIG-IQ"
'body': """
bigiq_regkey_pool:
name: ${1:undefined} # required. Specifies the name of the registration key pool.,You must be mindful to name your registration pools unique names. While BIG-IQ does not require this, this module does. If you do not do this, the behavior of the module is undefined and you may end up putting licenses in the wrong registration key pool.
server: ${2:undefined} # required. The BIG-IP host. You can omit this option if the environment variable C(F5_SERVER) is set.
user: ${3:undefined} # required. The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable C(F5_USER) is set.
password: ${4:undefined} # required. The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable C(F5_PASSWORD) is set.
state: ${5|absent,present|} # not required. choices: absent;present. The state of the regkey pool on the system.,When C(present), guarantees that the pool exists.,When C(absent), removes the pool, and the licenses it contains, from the system.
server_port: ${6:443} # not required. The BIG-IP server port. You can omit this option if the environment variable C(F5_SERVER_PORT) is set.
provider: ${7:null} # not required. A dict object containing connection details.
validate_certs: ${8:true} # not required. If C(no), SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable C(F5_VALIDATE_CERTS) is set.
description: ${9:undefined} # not required. A description to attach to the pool.
"""
'bigmon_chain':
'prefix': "bigmon_chain_snippet"
'description': "Create and remove a bigmon inline service chain."
'body': """
bigmon_chain:
controller: ${1:undefined} # required. The controller IP address.
name: ${2:undefined} # required. The name of the chain.
access_token: ${3:undefined} # not required. Bigmon access token. If this isn't set, the environment variable C(BIGSWITCH_ACCESS_TOKEN) is used.
state: ${4|present,absent|} # not required. choices: present;absent. Whether the service chain should be present or absent.
validate_certs: ${5|true,false|} # not required. choices: true;false. If C(false), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates.
"""
'bigmon_policy':
'prefix': "bigmon_policy_snippet"
'description': "Create and remove a bigmon out-of-band policy."
'body': """
bigmon_policy:
name: ${1:undefined} # required. The name of the policy.
controller: ${2:undefined} # required. The controller address.
policy_description: ${3:undefined} # not required. Description of policy.
access_token: ${4:undefined} # not required. Bigmon access token. If this isn't set, the environment variable C(BIGSWITCH_ACCESS_TOKEN) is used.
start_time: ${5:ansible_date_time.iso8601} # not required. Date the policy becomes active
state: ${6|present,absent|} # not required. choices: present;absent. Whether the policy should be present or absent.
priority: ${7:100} # not required. A priority associated with this policy. The higher priority policy takes precedence over a lower priority.
action: ${8|forward,drop,flow-gen|} # not required. choices: forward;drop;flow-gen. Forward matching packets to delivery interfaces, Drop is for measure rate of matching packets, but do not forward to delivery interfaces, capture packets and write to a PCAP file, or enable NetFlow generation.
duration: ${9:0} # not required. Run policy for duration duration or until delivery_packet_count packets are delivered, whichever comes first.
validate_certs: ${10|true,false|} # not required. choices: true;false. If C(false), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates.
delivery_packet_count: ${11:0} # not required. Run policy until delivery_packet_count packets are delivered.
"""
'bigpanda':
'prefix': "bigpanda_snippet"
'description': "Notify BigPanda about deployments"
'body': """
bigpanda:
component: ${1:undefined} # required. The name of the component being deployed. Ex: billing
token: ${2:undefined} # required. API token.
state: ${3|started,finished,failed|} # required. choices: started;finished;failed. State of the deployment.
version: ${4:undefined} # required. The deployment version.
description: ${5:undefined} # not required. Free text description of the deployment.
url: ${6:https://api.bigpanda.io} # not required. Base URL of the API server.
hosts: ${7:machine's hostname} # not required. Name of affected host name. Can be a list.
env: ${8:undefined} # not required. The environment name, typically 'production', 'staging', etc.
owner: ${9:undefined} # not required. The person responsible for the deployment.
validate_certs: ${10|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'blockinfile':
'prefix': "blockinfile_snippet"
'description': "Insert/update/remove a text block surrounded by marker lines"
'body': """
blockinfile:
path: ${1:undefined} # required. The file to modify.,Before 2.3 this option was only usable as I(dest), I(destfile) and I(name).
group: ${2:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
insertbefore: ${3|BOF,*regex*|} # not required. choices: BOF;*regex*. If specified, the block will be inserted before the last match of specified regular expression. A special value is available; C(BOF) for inserting the block at the beginning of the file. If specified regular expression has no matches, the block will be inserted at the end of the file.
unsafe_writes: ${4:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
backup: ${5:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
create: ${6:no} # not required. Create a new file if it doesn't exist.
seuser: ${7:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
serole: ${8:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
owner: ${9:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
mode: ${10:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
marker: ${11:# {mark} ANSIBLE MANAGED BLOCK} # not required. The marker line template. \"{mark}\" will be replaced with the values in marker_begin (default=\"BEGIN\") and marker_end (default=\"END\").
state: ${12|absent,present|} # not required. choices: absent;present. Whether the block should be there or not.
block: ${13:} # not required. The text to insert inside the marker lines. If it's missing or an empty string, the block will be removed as if C(state) were specified to C(absent).
selevel: ${14:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
insertafter: ${15|EOF,*regex*|} # not required. choices: EOF;*regex*. If specified, the block will be inserted after the last match of specified regular expression. A special value is available; C(EOF) for inserting the block at the end of the file. If specified regular expression has no matches, C(EOF) will be used instead.
validate: ${16:None} # not required. The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
attributes: ${17:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
marker_begin: ${18:BEGIN} # not required. This will be inserted at {mark} in the opening ansible block marker.
marker_end: ${19:END} # not required. This will be inserted at {mark} in the closing ansible block marker.
setype: ${20:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'bower':
'prefix': "bower_snippet"
'description': "Manage bower packages with bower"
'body': """
bower:
path: ${1:undefined} # required. The base path where to install the bower packages
state: ${2|present,absent,latest|} # not required. choices: present;absent;latest. The state of the bower package
production: ${3|yes,no|} # not required. choices: yes;no. Install with --production flag
name: ${4:undefined} # not required. The name of a bower package to install
version: ${5:undefined} # not required. The version to be installed
relative_execpath: ${6:null} # not required. Relative path to bower executable from install path
offline: ${7|yes,no|} # not required. choices: yes;no. Install packages from local cache, if the packages were installed before
"""
'bundler':
'prefix': "bundler_snippet"
'description': "Manage Ruby Gem dependencies with Bundler"
'body': """
bundler:
executable: ${1:null} # not required. The path to the bundler executable
chdir: ${2:temporary working directory} # not required. The directory to execute the bundler commands from. This directoy needs to contain a valid Gemfile or .bundle/ directory
gemfile: ${3:Gemfile in current directory} # not required. Only applies if state is C(present). The path to the gemfile to use to install gems.
clean: ${4|true,false|} # not required. choices: true;false. Only applies if state is C(present). If set removes any gems on the target host that are not in the gemfile
user_install: ${5|true,false|} # not required. choices: true;false. Only applies if state is C(present). Installs gems in the local user's cache or for all users
extra_args: ${6:null} # not required. A space separated string of additional commands that can be applied to the Bundler command. Refer to the Bundler documentation for more information
state: ${7|present,latest|} # not required. choices: present;latest. The desired state of the Gem bundle. C(latest) updates gems to the most recent, acceptable version
deployment_mode: ${8|true,false|} # not required. choices: true;false. Only applies if state is C(present). If set it will only install gems that are in the default or production groups. Requires a Gemfile.lock file to have been created prior
binstub_directory: ${9:null} # not required. Only applies if state is C(present). Specifies the directory to install any gem bins files to. When executed the bin files will run within the context of the Gemfile and fail if any required gem dependencies are not installed. If C(chdir) is set then this path is relative to C(chdir)
exclude_groups: ${10:null} # not required. A list of Gemfile groups to exclude during operations. This only applies when state is C(present). Bundler considers this a 'remembered' property for the Gemfile and will automatically exclude groups in future operations even if C(exclude_groups) is not set
local: ${11|true,false|} # not required. choices: true;false. If set only installs gems from the cache on the target host
gem_path: ${12:RubyGems gem paths} # not required. Only applies if state is C(present). Specifies the directory to install the gems into. If C(chdir) is set then this path is relative to C(chdir)
"""
'bzr':
'prefix': "bzr_snippet"
'description': "Deploy software (or files) from bzr branches"
'body': """
bzr:
dest: ${1:undefined} # required. Absolute path of where the branch should be cloned to.
name: ${2:undefined} # required. SSH or HTTP protocol address of the parent branch.
executable: ${3:undefined} # not required. Path to bzr executable to use. If not supplied, the normal mechanism for resolving binary paths will be used.
version: ${4:head} # not required. What version of the branch to clone. This can be the bzr revno or revid.
force: ${5:no} # not required. If C(yes), any modified files in the working tree will be discarded. Before 1.9 the default value was C(yes).
"""
'campfire':
'prefix': "campfire_snippet"
'description': "Send a message to Campfire"
'body': """
campfire:
msg: ${1:undefined} # required. The message body.
token: ${2:undefined} # required. API token.
subscription: ${3:undefined} # required. The subscription name to use.
room: ${4:undefined} # required. Room number to which the message should be sent.
notify: ${5|56k,bell,bezos,bueller,clowntown,cottoneyejoe,crickets,dadgummit,dangerzone,danielsan,deeper,drama,greatjob,greyjoy,guarantee,heygirl,horn,horror,inconceivable,live,loggins,makeitso,noooo,nyan,ohmy,ohyeah,pushit,rimshot,rollout,rumble,sax,secret,sexyback,story,tada,tmyk,trololo,trombone,unix,vuvuzela,what,whoomp,yeah,yodel|} # not required. choices: 56k;bell;bezos;bueller;clowntown;cottoneyejoe;crickets;dadgummit;dangerzone;danielsan;deeper;drama;greatjob;greyjoy;guarantee;heygirl;horn;horror;inconceivable;live;loggins;makeitso;noooo;nyan;ohmy;ohyeah;pushit;rimshot;rollout;rumble;sax;secret;sexyback;story;tada;tmyk;trololo;trombone;unix;vuvuzela;what;whoomp;yeah;yodel. Send a notification sound before the message.
"""
'capabilities':
'prefix': "capabilities_snippet"
'description': "Manage Linux capabilities"
'body': """
capabilities:
capability: ${1:undefined} # required. Desired capability to set (with operator and flags, if state is C(present)) or remove (if state is C(absent))
path: ${2:undefined} # required. Specifies the path to the file to be managed.
state: ${3|absent,present|} # not required. choices: absent;present. Whether the entry should be present or absent in the file's capabilities.
"""
'catapult':
'prefix': "catapult_snippet"
'description': "Send a sms / mms using the catapult bandwidth api"
'body': """
catapult:
src: ${1:null} # required. One of your catapult telephone numbers the message should come from (must be in E.164 format, like C(+19195551212)).
user_id: ${2:null} # required. User Id from Api account page.
api_secret: ${3:null} # required. Api Secret from Api account page.
dest: ${4:null} # required. The phone number or numbers the message should be sent to (must be in E.164 format, like C(+19195551212)).
api_token: ${5:null} # required. Api Token from Api account page.
msg: ${6:null} # required. The contents of the text message (must be 2048 characters or less).
media: ${7:undefined} # not required. For MMS messages, a media url to the location of the media to be sent with the message.
"""
'ce_aaa_server':
'prefix': "ce_aaa_server_snippet"
'description': "Manages AAA server global configuration on HUAWEI CloudEngine switches."
'body': """
ce_aaa_server:
acct_scheme_name: ${1:null} # not required. Accounting scheme name. The value is a string of 1 to 32 characters.
first_author_mode: ${2|invalid,local,hwtacacs,if-authenticated,none|} # not required. choices: invalid;local;hwtacacs;if-authenticated;none. Preferred authorization mode.
authen_scheme_name: ${3:null} # not required. Name of an authentication scheme. The value is a string of 1 to 32 characters.
author_scheme_name: ${4:null} # not required. Name of an authorization scheme. The value is a string of 1 to 32 characters.
radius_server_group: ${5:null} # not required. RADIUS server group's name. The value is a string of 1 to 32 case-insensitive characters.
domain_name: ${6:null} # not required. Name of a domain. The value is a string of 1 to 64 characters.
first_authen_mode: ${7|invalid,local,hwtacacs,radius,none|} # not required. choices: invalid;local;hwtacacs;radius;none. Preferred authentication mode.
state: ${8|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
local_user_group: ${9:null} # not required. Name of the user group where the user belongs. The user inherits all the rights of the user group. The value is a string of 1 to 32 characters.
hwtacas_template: ${10:null} # not required. Name of a HWTACACS template. The value is a string of 1 to 32 case-insensitive characters.
accounting_mode: ${11|invalid,hwtacacs,radius,none|} # not required. choices: invalid;hwtacacs;radius;none. Accounting Mode.
"""
'ce_aaa_server_host':
'prefix': "ce_aaa_server_host_snippet"
'description': "Manages AAA server host configuration on HUAWEI CloudEngine switches."
'body': """
ce_aaa_server_host:
radius_server_port: ${1:null} # not required. Configured server port for a particular server. The value is an integer ranging from 1 to 65535.
hwtacacs_server_ipv6: ${2:null} # not required. Server IPv6 address. Must be a valid unicast IP address. The total length is 128 bits.
local_service_type: ${3:null} # not required. The type of local user login through, such as ftp ssh snmp telnet.
radius_server_name: ${4:null} # not required. Hostname of configured server. The value is a string of 0 to 255 case-sensitive characters.
radius_server_mode: ${5|Secondary-server,Primary-server|} # not required. choices: Secondary-server;Primary-server. Configured primary or secondary server for a particular server.
hwtacacs_server_type: ${6|Authentication,Authorization,Accounting,Common|} # not required. choices: Authentication;Authorization;Accounting;Common. Hwtacacs server type.
radius_vpn_name: ${7:null} # not required. Set VPN instance. The value is a string of 1 to 31 case-sensitive characters.
radius_server_ipv6: ${8:null} # not required. IPv6 address of configured server. The total length is 128 bits.
radius_server_type: ${9|Authentication,Accounting|} # not required. choices: Authentication;Accounting. Type of Radius Server.
hwtacacs_server_ip: ${10:null} # not required. Server IPv4 address. Must be a valid unicast IP address. The value is a string of 0 to 255 characters, in dotted decimal notation.
local_user_group: ${11:null} # not required. Name of the user group where the user belongs. The user inherits all the rights of the user group. The value is a string of 1 to 32 characters.
local_user_level: ${12:null} # not required. Login level of a local user. The value is an integer ranging from 0 to 15.
radius_server_ip: ${13:null} # not required. IPv4 address of configured server. The value is a string of 0 to 255 characters, in dotted decimal notation.
local_ftp_dir: ${14:null} # not required. FTP user directory. The value is a string of 1 to 255 characters.
hwtacacs_vpn_name: ${15:null} # not required. VPN instance name.
hwtacacs_is_secondary_server: ${16|true,false|} # not required. choices: true;false. Whether the server is secondary.
radius_group_name: ${17:null} # not required. RADIUS server group's name. The value is a string of 1 to 32 case-insensitive characters.
hwtacacs_template: ${18:null} # not required. Name of a HWTACACS template. The value is a string of 1 to 32 case-insensitive characters.
local_password: ${19:null} # not required. Login password of a user. The password can contain letters, numbers, and special characters. The value is a string of 1 to 255 characters.
state: ${20|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
hwtacacs_server_host_name: ${21:null} # not required. Hwtacacs server host name.
local_user_name: ${22:null} # not required. Name of a local user. The value is a string of 1 to 253 characters.
hwtacacs_is_public_net: ${23|true,false|} # not required. choices: true;false. Set the public-net.
"""
'ce_acl':
'prefix': "ce_acl_snippet"
'description': "Manages base ACL configuration on HUAWEI CloudEngine switches."
'body': """
ce_acl:
acl_name: ${1:undefined} # required. ACL number or name. For a numbered rule group, the value ranging from 2000 to 2999 indicates a basic ACL. For a named rule group, the value is a string of 1 to 32 case-sensitive characters starting with a letter, spaces not supported.
acl_step: ${2:null} # not required. ACL step. The value is an integer ranging from 1 to 20. The default value is 5.
log_flag: ${3|true,false|} # not required. choices: true;false. Flag of logging matched data packets.
source_ip: ${4:null} # not required. Source IP address. The value is a string of 0 to 255 characters.The default value is 0.0.0.0. The value is in dotted decimal notation.
state: ${5|present,absent,delete_acl|} # not required. choices: present;absent;delete_acl. Specify desired state of the resource.
src_mask: ${6:null} # not required. Mask of a source IP address. The value is an integer ranging from 1 to 32.
rule_action: ${7|permit,deny|} # not required. choices: permit;deny. Matching mode of basic ACL rules.
rule_name: ${8:null} # not required. Name of a basic ACL rule. The value is a string of 1 to 32 characters. The value is case-insensitive, and cannot contain spaces or begin with an underscore (_).
acl_num: ${9:null} # not required. ACL number. The value is an integer ranging from 2000 to 2999.
vrf_name: ${10:null} # not required. VPN instance name. The value is a string of 1 to 31 characters.The default value is _public_.
acl_description: ${11:null} # not required. ACL description. The value is a string of 1 to 127 characters.
rule_id: ${12:null} # not required. ID of a basic ACL rule in configuration mode. The value is an integer ranging from 0 to 4294967294.
time_range: ${13:null} # not required. Name of a time range in which an ACL rule takes effect. The value is a string of 1 to 32 characters. The value is case-insensitive, and cannot contain spaces. The name must start with an uppercase or lowercase letter. In addition, the word \"all\" cannot be specified as a time range name.
rule_description: ${14:null} # not required. Description about an ACL rule. The value is a string of 1 to 127 characters.
frag_type: ${15|fragment,clear_fragment|} # not required. choices: fragment;clear_fragment. Type of packet fragmentation.
"""
'ce_acl_advance':
'prefix': "ce_acl_advance_snippet"
'description': "Manages advanced ACL configuration on HUAWEI CloudEngine switches."
'body': """
ce_acl_advance:
acl_name: ${1:undefined} # required. ACL number or name. For a numbered rule group, the value ranging from 3000 to 3999 indicates a advance ACL. For a named rule group, the value is a string of 1 to 32 case-sensitive characters starting with a letter, spaces not supported.
acl_step: ${2:null} # not required. ACL step. The value is an integer ranging from 1 to 20. The default value is 5.
protocol: ${3|ip,icmp,igmp,ipinip,tcp,udp,gre,ospf|} # not required. choices: ip;icmp;igmp;ipinip;tcp;udp;gre;ospf. Protocol type.
precedence: ${4:null} # not required. Data packets can be filtered based on the priority field. The value is an integer ranging from 0 to 7.
src_port_op: ${5|lt,eq,gt,range|} # not required. choices: lt;eq;gt;range. Range type of the source port.
log_flag: ${6|true,false|} # not required. choices: true;false. Flag of logging matched data packets.
time_range: ${7:null} # not required. Name of a time range in which an ACL rule takes effect.
src_port_begin: ${8:null} # not required. Start port number of the source port. The value is an integer ranging from 0 to 65535.
frag_type: ${9|fragment,clear_fragment|} # not required. choices: fragment;clear_fragment. Type of packet fragmentation.
dest_port_op: ${10|lt,eq,gt,range|} # not required. choices: lt;eq;gt;range. Range type of the destination port.
dest_pool_name: ${11:null} # not required. Name of a destination pool. The value is a string of 1 to 32 characters.
acl_description: ${12:null} # not required. ACL description. The value is a string of 1 to 127 characters.
ttl_expired: ${13|true,false|} # not required. choices: true;false. Whether TTL Expired is matched, with the TTL value of 1.
icmp_type: ${14:null} # not required. ICMP type. This parameter is available only when the packet protocol is ICMP. The value is an integer ranging from 0 to 255.
src_mask: ${15:null} # not required. Source IP address mask. The value is an integer ranging from 1 to 32.
icmp_name: ${16|unconfiged,echo,echo-reply,fragmentneed-DFset,host-redirect,host-tos-redirect,host-unreachable,information-reply,information-request,net-redirect,net-tos-redirect,net-unreachable,parameter-problem,port-unreachable,protocol-unreachable,reassembly-timeout,source-quench,source-route-failed,timestamp-reply,timestamp-request,ttl-exceeded,address-mask-reply,address-mask-request,custom|} # not required. choices: unconfiged;echo;echo-reply;fragmentneed-DFset;host-redirect;host-tos-redirect;host-unreachable;information-reply;information-request;net-redirect;net-tos-redirect;net-unreachable;parameter-problem;port-unreachable;protocol-unreachable;reassembly-timeout;source-quench;source-route-failed;timestamp-reply;timestamp-request;ttl-exceeded;address-mask-reply;address-mask-request;custom. ICMP name.
established: ${17|true,false|} # not required. choices: true;false. Match established connections.
igmp_type: ${18|host-query,mrouter-adver,mrouter-solic,mrouter-termi,mtrace-resp,mtrace-route,v1host-report,v2host-report,v2leave-group,v3host-report|} # not required. choices: host-query;mrouter-adver;mrouter-solic;mrouter-termi;mtrace-resp;mtrace-route;v1host-report;v2host-report;v2leave-group;v3host-report. Internet Group Management Protocol.
tos: ${19:null} # not required. ToS value on which data packet filtering is based. The value is an integer ranging from 0 to 15.
acl_num: ${20:null} # not required. ACL number. The value is an integer ranging from 3000 to 3999.
rule_action: ${21|permit,deny|} # not required. choices: permit;deny. Matching mode of basic ACL rules.
state: ${22|present,absent,delete_acl|} # not required. choices: present;absent;delete_acl. Specify desired state of the resource.
tcp_flag_mask: ${23:null} # not required. TCP flag mask value. The value is an integer ranging from 0 to 63.
src_port_end: ${24:null} # not required. End port number of the source port. The value is an integer ranging from 0 to 65535.
dest_ip: ${25:null} # not required. Destination IP address. The value is a string of 0 to 255 characters.The default value is 0.0.0.0. The value is in dotted decimal notation.
icmp_code: ${26:null} # not required. ICMP message code. Data packets can be filtered based on the ICMP message code. The value is an integer ranging from 0 to 255.
dest_port_end: ${27:null} # not required. End port number of the destination port. The value is an integer ranging from 0 to 65535.
dscp: ${28:null} # not required. Differentiated Services Code Point. The value is an integer ranging from 0 to 63.
rule_name: ${29:null} # not required. Name of a basic ACL rule. The value is a string of 1 to 32 characters.
rule_description: ${30:null} # not required. Description about an ACL rule.
dest_mask: ${31:null} # not required. Destination IP address mask. The value is an integer ranging from 1 to 32.
src_port_pool_name: ${32:null} # not required. Name of a source port pool. The value is a string of 1 to 32 characters.
source_ip: ${33:null} # not required. Source IP address. The value is a string of 0 to 255 characters.The default value is 0.0.0.0. The value is in dotted decimal notation.
syn_flag: ${34:null} # not required. TCP flag value. The value is an integer ranging from 0 to 63.
vrf_name: ${35:null} # not required. VPN instance name. The value is a string of 1 to 31 characters.The default value is _public_.
src_pool_name: ${36:null} # not required. Name of a source pool. The value is a string of 1 to 32 characters.
dest_port_begin: ${37:null} # not required. Start port number of the destination port. The value is an integer ranging from 0 to 65535.
dest_port_pool_name: ${38:null} # not required. Name of a destination port pool. The value is a string of 1 to 32 characters.
rule_id: ${39:null} # not required. ID of a basic ACL rule in configuration mode. The value is an integer ranging from 0 to 4294967294.
"""
'ce_acl_interface':
'prefix': "ce_acl_interface_snippet"
'description': "Manages applying ACLs to interfaces on HUAWEI CloudEngine switches."
'body': """
ce_acl_interface:
interface: ${1:undefined} # required. Interface name. Only support interface full name, such as \"40GE2/0/1\".
direction: ${2|inbound,outbound|} # required. choices: inbound;outbound. Direction ACL to be applied in on the interface.
acl_name: ${3:undefined} # required. ACL number or name. For a numbered rule group, the value ranging from 2000 to 4999. For a named rule group, the value is a string of 1 to 32 case-sensitive characters starting with a letter, spaces not supported.
state: ${4|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
"""
'ce_bfd_global':
'prefix': "ce_bfd_global_snippet"
'description': "Manages BFD global configuration on HUAWEI CloudEngine devices."
'body': """
ce_bfd_global:
tos_exp_dynamic: ${1:null} # not required. Indicates the priority of BFD control packets for dynamic BFD sessions. The value is an integer ranging from 0 to 7. The default priority is 7, which is the highest priority of BFD control packets.
default_ip: ${2:null} # not required. Specifies the default multicast IP address. The value ranges from 224.0.0.107 to 224.0.0.250.
damp_init_wait_time: ${3:null} # not required. Specifies an initial flapping suppression time for a BFD session. The value is an integer ranging from 1 to 3600000, in milliseconds. The default value is 2000.
bfd_enable: ${4|enable,disable|} # not required. choices: enable;disable. Enables the global Bidirectional Forwarding Detection (BFD) function.
delay_up_time: ${5:null} # not required. Specifies the delay before a BFD session becomes Up. The value is an integer ranging from 1 to 600, in seconds. The default value is 0, indicating that a BFD session immediately becomes Up.
state: ${6|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
damp_max_wait_time: ${7:null} # not required. Specifies a maximum flapping suppression time for a BFD session. The value is an integer ranging from 1 to 3600000, in milliseconds. The default value is 15000.
damp_second_wait_time: ${8:null} # not required. Specifies a secondary flapping suppression time for a BFD session. The value is an integer ranging from 1 to 3600000, in milliseconds. The default value is 5000.
tos_exp_static: ${9:null} # not required. Indicates the priority of BFD control packets for static BFD sessions. The value is an integer ranging from 0 to 7. The default priority is 7, which is the highest priority of BFD control packets.
"""
'ce_bfd_session':
'prefix': "ce_bfd_session_snippet"
'description': "Manages BFD session configuration on HUAWEI CloudEngine devices."
'body': """
ce_bfd_session:
session_name: ${1:null} # required. Specifies the name of a BFD session. The value is a string of 1 to 15 case-sensitive characters without spaces.
src_addr: ${2:null} # not required. Indicates the source IP address carried in BFD packets.
out_if_name: ${3:null} # not required. Specifies the type and number of the interface bound to the BFD session.
state: ${4|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
dest_addr: ${5:null} # not required. Specifies the peer IP address bound to the BFD session.
vrf_name: ${6:null} # not required. Specifies the name of a Virtual Private Network (VPN) instance that is bound to a BFD session. The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.
create_type: ${7|static,auto|} # not required. choices: static;auto. BFD session creation mode, the currently created BFD session only supports static or static auto-negotiation mode.
use_default_ip: ${8:false} # not required. Indicates the default multicast IP address that is bound to a BFD session. By default, BFD uses the multicast IP address 224.0.0.184. You can set the multicast IP address by running the default-ip-address command. The value is a bool type.
addr_type: ${9|ipv4|} # not required. choices: ipv4. Specifies the peer IP address type.
"""
'ce_bfd_view':
'prefix': "ce_bfd_view_snippet"
'description': "Manages BFD session view configuration on HUAWEI CloudEngine devices."
'body': """
ce_bfd_view:
session_name: ${1:null} # required. Specifies the name of a BFD session. The value is a string of 1 to 15 case-sensitive characters without spaces.
local_discr: ${2:null} # not required. Specifies the local discriminator of a BFD session. The value is an integer that ranges from 1 to 16384.
detect_multi: ${3:null} # not required. Specifies the local detection multiplier of a BFD session. The value is an integer that ranges from 3 to 50.
remote_discr: ${4:null} # not required. Specifies the remote discriminator of a BFD session. The value is an integer that ranges from 1 to 4294967295.
description: ${5:null} # not required. Specifies the description of a BFD session. The value is a string of 1 to 51 case-sensitive characters with spaces.
admin_down: ${6:false} # not required. Enables the BFD session to enter the AdminDown state. By default, a BFD session is enabled. The default value is bool type.
tos_exp: ${7:null} # not required. Specifies a priority for BFD control packets. The value is an integer ranging from 0 to 7. The default value is 7, which is the highest priority.
min_tx_interval: ${8:null} # not required. Specifies the minimum interval for receiving BFD packets. The value is an integer that ranges from 50 to 1000, in milliseconds.
min_rx_interval: ${9:null} # not required. Specifies the minimum interval for sending BFD packets. The value is an integer that ranges from 50 to 1000, in milliseconds.
state: ${10|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
wtr_interval: ${11:null} # not required. Specifies the WTR time of a BFD session. The value is an integer that ranges from 1 to 60, in minutes. The default value is 0.
"""
'ce_bgp':
'prefix': "ce_bgp_snippet"
'description': "Manages BGP configuration on HUAWEI CloudEngine switches."
'body': """
ce_bgp:
router_id: ${1:null} # not required. ID of a router that is in IPv4 address format.
memory_limit: ${2|no_use,true,false|} # not required. choices: no_use;true;false. Support BGP RIB memory protection.
vrf_rid_auto_sel: ${3|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, VPN BGP instances are enabled to automatically select router IDs. If the value is false, VPN BGP instances are disabled from automatically selecting router IDs.
suppress_interval: ${4:null} # not required. Suppress interval.
as_number: ${5:null} # not required. Local AS number. The value is a string of 1 to 11 characters.
confed_id_number: ${6:null} # not required. Confederation ID. The value is a string of 1 to 11 characters.
bgp_rid_auto_sel: ${7|no_use,true,false|} # not required. choices: no_use;true;false. The function to automatically select router IDs for all VPN BGP instances is enabled.
default_af_type: ${8|ipv4uni,ipv6uni|} # not required. choices: ipv4uni;ipv6uni. Type of a created address family, which can be IPv4 unicast or IPv6 unicast. The default type is IPv4 unicast.
conn_retry_time: ${9:null} # not required. ConnectRetry interval. The value is an integer, in seconds. The default value is 32s.
is_shutdown: ${10|no_use,true,false|} # not required. choices: no_use;true;false. Interrupt BGP all neighbor.
keepalive_time: ${11:null} # not required. If the value of a timer changes, the BGP peer relationship between the routers is disconnected. The value is an integer ranging from 0 to 21845. The default value is 60.
confed_peer_as_num: ${12:null} # not required. Confederation AS number, in two-byte or four-byte format. The value is a string of 1 to 11 characters.
min_hold_time: ${13:null} # not required. Min hold time, in seconds. The value of the hold time can be 0 or range from 20 to 65535.
ebgp_if_sensitive: ${14|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, After the fast EBGP interface awareness function is enabled, EBGP sessions on an interface are deleted immediately when the interface goes Down. If the value is false, After the fast EBGP interface awareness function is enabled, EBGP sessions on an interface are not deleted immediately when the interface goes Down.
check_first_as: ${15|no_use,true,false|} # not required. choices: no_use;true;false. Check the first AS in the AS_Path of the update messages from EBGP peers.
clear_interval: ${16:null} # not required. Clear interval.
confed_nonstanded: ${17|no_use,true,false|} # not required. choices: no_use;true;false. Configure the device to be compatible with devices in a nonstandard confederation.
time_wait_for_rib: ${18:null} # not required. Period of waiting for the End-Of-RIB flag. The value is an integer ranging from 3 to 3000. The default value is 600.
hold_time: ${19:null} # not required. Hold time, in seconds. The value of the hold time can be 0 or range from 3 to 65535.
as_path_limit: ${20:null} # not required. Maximum number of AS numbers in the AS_Path attribute. The default value is 255.
hold_interval: ${21:null} # not required. Hold interval.
state: ${22|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
vrf_name: ${23:null} # not required. Name of a BGP instance. The name is a case-sensitive string of characters.
keep_all_routes: ${24|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the system stores all route update messages received from all peers (groups) after BGP connection setup. If the value is false, the system stores only BGP update messages that are received from peers and pass the configured import policy.
gr_peer_reset: ${25|no_use,true,false|} # not required. choices: no_use;true;false. Peer disconnection through GR.
graceful_restart: ${26|no_use,true,false|} # not required. choices: no_use;true;false. Enable GR of the BGP speaker in the specified address family, peer address, or peer group.
"""
'ce_bgp_af':
'prefix': "ce_bgp_af_snippet"
'description': "Manages BGP Address-family configuration on HUAWEI CloudEngine switches."
'body': """
ce_bgp_af:
af_type: ${1|ipv4uni,ipv4multi,ipv4vpn,ipv6uni,ipv6vpn,evpn|} # required. choices: ipv4uni;ipv4multi;ipv4vpn;ipv6uni;ipv6vpn;evpn. Address family type of a BGP instance.
vrf_name: ${2:undefined} # required. Name of a BGP instance. The name is a case-sensitive string of characters. The BGP instance can be used only after the corresponding VPN instance is created. The value is a string of 1 to 31 case-sensitive characters.
reflector_cluster_id: ${3:null} # not required. Set a cluster ID. Configuring multiple RRs in a cluster can enhance the stability of the network. The value is an integer ranging from 1 to 4294967295.
ingress_lsp_policy_name: ${4:null} # not required. Ingress lsp policy name.
vrf_rid_auto_sel: ${5|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, VPN BGP instances are enabled to automatically select router IDs. If the value is false, VPN BGP instances are disabled from automatically selecting router IDs.
preference_internal: ${6:null} # not required. Set the protocol priority of IBGP routes. The value is an integer ranging from 1 to 255.
maximum_load_balance: ${7:null} # not required. Specify the maximum number of equal-cost routes in the BGP routing table. The value is an integer ranging from 1 to 65535.
preference_local: ${8:null} # not required. Set the protocol priority of a local BGP route. The value is an integer ranging from 1 to 255.
preference_external: ${9:null} # not required. Set the protocol priority of EBGP routes. The value is an integer ranging from 1 to 255.
router_id_neglect: ${10|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the router ID attribute is ignored when BGP selects the optimal route. If the value is false, the router ID attribute is not ignored when BGP selects the optimal route.
default_local_pref: ${11:null} # not required. Set the Local-Preference attribute. The value is an integer. The value is an integer ranging from 0 to 4294967295.
reflector_cluster_ipv4: ${12:null} # not required. Set a cluster ipv4 address. The value is expressed in the format of an IPv4 address.
prefrence_policy_name: ${13:null} # not required. Set a routing policy to filter routes so that a configured priority is applied to the routes that match the specified policy. The value is a string of 1 to 40 characters.
default_rt_import_enable: ${14|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, importing default routes to the BGP routing table is allowed. If the value is false, importing default routes to the BGP routing table is not allowed.
nhp_relay_route_policy_name: ${15:null} # not required. Specify the name of a route-policy for route iteration. The value is a string of 1 to 40 characters.
igp_metric_ignore: ${16|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the metrics of next-hop IGP routes are not compared when BGP selects an optimal route. If the value is false, the metrics of next-hop IGP routes are not compared when BGP selects an optimal route. A route with a smaller metric has a higher priority.
as_path_neglect: ${17|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the AS path attribute is ignored when BGP selects an optimal route. If the value is false, the AS path attribute is not ignored when BGP selects an optimal route. An AS path with a smaller length has a higher priority.
auto_frr_enable: ${18|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, BGP auto FRR is enabled. If the value is false, BGP auto FRR is disabled.
mask_len: ${19:null} # not required. Specify the mask length of an IP address. The value is an integer ranging from 0 to 128.
ibgp_ecmp_nexthop_changed: ${20|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the next hop of an advertised route is changed to the advertiser itself in IBGP load-balancing scenarios. If the value is false, the next hop of an advertised route is not changed to the advertiser itself in IBGP load-balancing scenarios.
nexthop_third_party: ${21|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the third-party next hop function is enabled. If the value is false, the third-party next hop function is disabled.
state: ${22|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
default_med: ${23:null} # not required. Specify the Multi-Exit-Discriminator (MED) of BGP routes. The value is an integer ranging from 0 to 4294967295.
add_path_sel_num: ${24:null} # not required. Number of Add-Path routes. The value is an integer ranging from 2 to 64.
med_none_as_maximum: ${25|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, when BGP selects an optimal route, the system uses 4294967295 as the MED value of a route if the route's attribute does not carry a MED value. If the value is false, the system uses 0 as the MED value of a route if the route's attribute does not carry a MED value.
ebgp_ecmp_nexthop_changed: ${26|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the next hop of an advertised route is changed to the advertiser itself in EBGP load-balancing scenarios. If the value is false, the next hop of an advertised route is not changed to the advertiser itself in EBGP load-balancing scenarios.
ecmp_nexthop_changed: ${27|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the next hop of an advertised route is changed to the advertiser itself in BGP load-balancing scenarios. If the value is false, the next hop of an advertised route is not changed to the advertiser itself in BGP load-balancing scenarios.
lowest_priority: ${28|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, enable reduce priority to advertise route. If the value is false, disable reduce priority to advertise route.
rr_filter_number: ${29:null} # not required. Set the number of the extended community filter supported by an RR group. The value is a string of 1 to 51 characters.
import_process_id: ${30:null} # not required. Process ID of an imported routing protocol. The value is an integer ranging from 0 to 4294967295.
router_id: ${31:null} # not required. ID of a router that is in IPv4 address format. The value is a string of 0 to 255 characters. The value is in dotted decimal notation.
determin_med: ${32|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, BGP deterministic-MED is enabled. If the value is false, BGP deterministic-MED is disabled.
load_balancing_as_path_ignore: ${33|no_use,true,false|} # not required. choices: no_use;true;false. Load balancing as path ignore.
reflect_chg_path: ${34|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the route reflector is enabled to modify route path attributes based on an export policy. If the value is false, the route reflector is disabled from modifying route path attributes based on an export policy.
always_compare_med: ${35|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the MEDs of routes learned from peers in different autonomous systems are compared when BGP selects an optimal route. If the value is false, the MEDs of routes learned from peers in different autonomous systems are not compared when BGP selects an optimal route.
allow_invalid_as: ${36|no_use,true,false|} # not required. choices: no_use;true;false. Allow routes with BGP origin AS validation result Invalid to be selected. If the value is true, invalid routes can participate in route selection. If the value is false, invalid routes cannot participate in route selection.
relay_delay_enable: ${37|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, relay delay enable. If the value is false, relay delay disable.
rib_only_policy_name: ${38:null} # not required. Specify the name of a routing policy. The value is a string of 1 to 40 characters.
max_load_ebgp_num: ${39:null} # not required. Specify the maximum number of equal-cost EBGP routes. The value is an integer ranging from 1 to 65535.
import_protocol: ${40|direct,ospf,isis,static,rip,ospfv3,ripng|} # not required. choices: direct;ospf;isis;static;rip;ospfv3;ripng. Routing protocol from which routes can be imported.
ebgp_if_sensitive: ${41|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, after the fast EBGP interface awareness function is enabled, EBGP sessions on an interface are deleted immediately when the interface goes Down. If the value is false, after the fast EBGP interface awareness function is enabled, EBGP sessions on an interface are not deleted immediately when the interface goes Down.
network_address: ${42:null} # not required. Specify the IP address advertised by BGP. The value is a string of 0 to 255 characters.
supernet_uni_adv: ${43|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the function to advertise supernetwork unicast routes is enabled. If the value is false, the function to advertise supernetwork unicast routes is disabled.
next_hop_sel_depend_type: ${44|default,dependTunnel,dependIp|} # not required. choices: default;dependTunnel;dependIp. Next hop select depend type.
originator_prior: ${45|no_use,true,false|} # not required. choices: no_use;true;false. Originator prior.
active_route_advertise: ${46|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, BGP is enabled to advertise only optimal routes in the RM to peers. If the value is false, BGP is not enabled to advertise only optimal routes in the RM to peers.
reflect_between_client: ${47|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, route reflection is enabled between clients. If the value is false, route reflection is disabled between clients.
policy_vpn_target: ${48|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, VPN-Target filtering function is performed for received VPN routes. If the value is false, VPN-Target filtering function is not performed for received VPN routes.
summary_automatic: ${49|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, automatic aggregation is enabled for locally imported routes. If the value is false, automatic aggregation is disabled for locally imported routes.
rib_only_enable: ${50|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, BGP routes cannot be advertised to the IP routing table. If the value is false, Routes preferred by BGP are advertised to the IP routing table.
max_load_ibgp_num: ${51:null} # not required. Specify the maximum number of equal-cost IBGP routes. The value is an integer ranging from 1 to 65535.
route_sel_delay: ${52:null} # not required. Route selection delay. The value is an integer ranging from 0 to 3600.
supernet_label_adv: ${53|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the function to advertise supernetwork label is enabled. If the value is false, the function to advertise supernetwork label is disabled.
policy_ext_comm_enable: ${54|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, modifying extended community attributes is allowed. If the value is false, modifying extended community attributes is not allowed.
"""
'ce_bgp_neighbor':
'prefix': "ce_bgp_neighbor_snippet"
'description': "Manages BGP peer configuration on HUAWEI CloudEngine switches."
'body': """
ce_bgp_neighbor:
remote_as: ${1:undefined} # required. AS number of a peer. The value is a string of 1 to 11 characters.
vrf_name: ${2:undefined} # required. Name of a BGP instance. The name is a case-sensitive string of characters. The BGP instance can be used only after the corresponding VPN instance is created.
peer_addr: ${3:undefined} # required. Connection address of a peer, which can be an IPv4 or IPv6 address.
prepend_global_as: ${4|no_use,true,false|} # not required. choices: no_use;true;false. Add the global AS number to the Update packets to be advertised.
ebgp_max_hop: ${5:null} # not required. Maximum number of hops in an indirect EBGP connection. The value is an ranging from 1 to 255.
is_ignore: ${6|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the session with a specified peer is torn down and all related routing entries are cleared. If the value is false, the session with a specified peer is retained.
prepend_fake_as: ${7|no_use,true,false|} # not required. choices: no_use;true;false. Add the Fake AS number to received Update packets.
fake_as: ${8:null} # not required. Fake AS number that is specified for a local peer. The value is a string of 1 to 11 characters.
is_single_hop: ${9|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the system is enabled to preferentially use the single-hop mode for BFD session setup between IBGP peers. If the value is false, the system is disabled from preferentially using the single-hop mode for BFD session setup between IBGP peers.
conventional: ${10|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the router has all extended capabilities. If the value is false, the router does not have all extended capabilities.
hold_time: ${11:null} # not required. Specify the Hold time of a peer or peer group. The value is 0 or an integer ranging from 3 to 65535.
tx_interval: ${12:null} # not required. Specify the minimum interval at which BFD packets are sent. The value is an integer ranging from 50 to 1000, in milliseconds.
pswd_cipher_text: ${13:null} # not required. The character string in a password identifies the contents of the password, spaces not supported. The value is a string of 1 to 255 characters.
local_if_name: ${14:null} # not required. Name of a source interface that sends BGP packets. The value is a string of 1 to 63 characters.
rx_interval: ${15:null} # not required. Specify the minimum interval at which BFD packets are received. The value is an integer ranging from 50 to 1000, in milliseconds.
state: ${16|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
dual_as: ${17|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the EBGP peer can use either a fake AS number or the actual AS number. If the value is false, the EBGP peer can only use a fake AS number.
connect_mode: ${18:null} # not required. The value can be Connect-only, Listen-only, or Both.
description: ${19:null} # not required. Description of a peer, which can be letters or digits. The value is a string of 1 to 80 characters.
is_log_change: ${20|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, BGP is enabled to record peer session status and event information. If the value is false, BGP is disabled from recording peer session status and event information.
keep_alive_time: ${21:null} # not required. Specify the Keepalive time of a peer or peer group. The value is an integer ranging from 0 to 21845. The default value is 60.
key_chain_name: ${22:null} # not required. Specify the Keychain authentication name used when BGP peers establish a TCP connection. The value is a string of 1 to 47 case-insensitive characters.
conn_retry_time: ${23:null} # not required. ConnectRetry interval. The value is an integer ranging from 1 to 65535.
min_hold_time: ${24:null} # not required. Specify the Min hold time of a peer or peer group.
multiplier: ${25:null} # not required. Specify the detection multiplier. The default value is 3. The value is an integer ranging from 3 to 50.
valid_ttl_hops: ${26:null} # not required. Enable GTSM on a peer or peer group. The valid-TTL-Value parameter is used to specify the number of TTL hops to be detected. The value is an integer ranging from 1 to 255.
is_bfd_block: ${27|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, peers are enabled to inherit the BFD function from the peer group. If the value is false, peers are disabled to inherit the BFD function from the peer group.
tcp_MSS: ${28:null} # not required. Maximum TCP MSS value used for TCP connection establishment for a peer. The value is an integer ranging from 176 to 4096.
is_bfd_enable: ${29|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, BFD is enabled. If the value is false, BFD is disabled.
route_refresh: ${30|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, BGP is enabled to advertise REFRESH packets. If the value is false, the route refresh function is enabled.
pswd_type: ${31|null,cipher,simple|} # not required. choices: null;cipher;simple. Enable BGP peers to establish a TCP connection and perform the Message Digest 5 (MD5) authentication for BGP messages.
mpls_local_ifnet_disable: ${32|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, peer create MPLS Local IFNET disable. If the value is false, peer create MPLS Local IFNET enable.
"""
'ce_bgp_neighbor_af':
'prefix': "ce_bgp_neighbor_af_snippet"
'description': "Manages BGP neighbor Address-family configuration on HUAWEI CloudEngine switches."
'body': """
ce_bgp_neighbor_af:
af_type: ${1|ipv4uni,ipv4multi,ipv4vpn,ipv6uni,ipv6vpn,evpn|} # required. choices: ipv4uni;ipv4multi;ipv4vpn;ipv6uni;ipv6vpn;evpn. Address family type of a BGP instance.
remote_address: ${2:undefined} # required. IPv4 or IPv6 peer connection address.
vrf_name: ${3:undefined} # required. Name of a BGP instance. The name is a case-sensitive string of characters. The BGP instance can be used only after the corresponding VPN instance is created.
import_pref_filt_name: ${4:null} # not required. Specify the IPv4 filtering policy applied to the routes received from a specified peer. The value is a string of 1 to 169 characters.
advertise_irb: ${5|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, advertised IRB routes are distinguished. If the value is false, advertised IRB routes are not distinguished.
substitute_as_enable: ${6|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the function to replace a specified peer's AS number in the AS-Path attribute with the local AS number is enabled. If the value is false, the function to replace a specified peer's AS number in the AS-Path attribute with the local AS number is disabled.
advertise_ext_community: ${7|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the extended community attribute is advertised to peers. If the value is false, the extended community attribute is not advertised to peers.
default_rt_match_mode: ${8|null,matchall,matchany|} # not required. choices: null;matchall;matchany. null, Null. matchall, Advertise the default route if all matching conditions are met. matchany, Advertise the default route if any matching condition is met.
redirect_ip: ${9|no_use,true,false|} # not required. choices: no_use;true;false. Redirect ip.
route_limit: ${10:null} # not required. Configure the maximum number of routes that can be accepted from a peer. The value is an integer ranging from 1 to 4294967295.
import_as_path_filter: ${11:null} # not required. Apply an AS_Path-based filtering policy to the routes received from a specified peer. The value is an integer ranging from 1 to 256.
public_as_only_force: ${12|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, sent BGP update messages carry only the public AS number but do not carry private AS numbers. If the value is false, sent BGP update messages can carry private AS numbers.
vpls_enable: ${13|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, vpls enable. If the value is false, vpls disable.
allow_as_loop_enable: ${14|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, repetitive local AS numbers are allowed. If the value is false, repetitive local AS numbers are not allowed.
advertise_arp: ${15|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, advertised ARP routes are distinguished. If the value is false, advertised ARP routes are not distinguished.
import_as_path_name_or_num: ${16:null} # not required. A routing strategy based on the AS path list for routing received by a designated peer.
orf_mode: ${17|null,receive,send,both|} # not required. choices: null;receive;send;both. ORF mode. null, Default value. receive, ORF for incoming packets. send, ORF for outgoing packets. both, ORF for incoming and outgoing packets.
nexthop_configure: ${18|null,local,invariable|} # not required. choices: null;local;invariable. null, The next hop is not changed. local, The next hop is changed to the local IP address. invariable, Prevent the device from changing the next hop of each imported IGP route when advertising it to its BGP peers.
discard_ext_community: ${19|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the extended community attribute in the peer route information is discarded. If the value is false, the extended community attribute in the peer route information is not discarded.
is_nonstd_ipprefix_mod: ${20|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, Non-standard capability codes are used during capability negotiation. If the value is false, RFC-defined standard ORF capability codes are used during capability negotiation.
keep_all_routes: ${21|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the system stores all route update messages received from all peers (groups) after BGP connection setup. If the value is false, the system stores only BGP update messages that are received from peers and pass the configured import policy.
orftype: ${22:null} # not required. ORF Type. The value is an integer ranging from 0 to 65535.
advertise_community: ${23|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the community attribute is advertised to peers. If the value is false, the community attribute is not advertised to peers.
export_as_path_name_or_num: ${24:null} # not required. Application of a AS path list based filtering policy to the routing of a specified peer.
adv_add_path_num: ${25:null} # not required. The number of addPath advertise route. The value is an integer ranging from 2 to 64.
ipprefix_orf_enable: ${26|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the address prefix-based Outbound Route Filter (ORF) capability is enabled for peers. If the value is false, the address prefix-based Outbound Route Filter (ORF) capability is disabled for peers.
route_limit_type: ${27|noparameter,alertOnly,idleForever,idleTimeout|} # not required. choices: noparameter;alertOnly;idleForever;idleTimeout. Noparameter, After the number of received routes exceeds the threshold and the timeout timer expires,no action. AlertOnly, An alarm is generated and no additional routes will be accepted if the maximum number of routes allowed have been received. IdleForever, The connection that is interrupted is not automatically re-established if the maximum number of routes allowed have been received. IdleTimeout, After the number of received routes exceeds the threshold and the timeout timer expires, the connection that is interrupted is automatically re-established.
public_as_only_skip_peer_as: ${28|no_use,true,false|} # not required. choices: no_use;true;false. Public as only skip peer as.
origin_as_valid: ${29|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, Application results of route announcement. If the value is false, Routing application results are not notified.
route_limit_idle_timeout: ${30:null} # not required. Specify the value of the idle-timeout timer to automatically reestablish the connections after they are cut off when the number of routes exceeds the set threshold. The value is an integer ranging from 1 to 1200.
reflect_client: ${31|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the local device functions as the route reflector and a peer functions as a client of the route reflector. If the value is false, the route reflector and client functions are not configured.
import_rt_policy_name: ${32:null} # not required. Specify the filtering policy applied to the routes learned from a peer. The value is a string of 1 to 40 characters.
route_limit_percent: ${33:null} # not required. Specify the percentage of routes when a router starts to generate an alarm. The value is an integer ranging from 1 to 100.
export_rt_policy_name: ${34:null} # not required. Specify the filtering policy applied to the routes to be advertised to a peer. The value is a string of 1 to 40 characters.
public_as_only: ${35|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, sent BGP update messages carry only the public AS number but do not carry private AS numbers. If the value is false, sent BGP update messages can carry private AS numbers.
redirect_ip_vaildation: ${36|no_use,true,false|} # not required. choices: no_use;true;false. Redirect ip vaildation.
import_acl_name_or_num: ${37:null} # not required. Apply an IPv4 ACL-based filtering policy to the routes received from a specified peer. The value is a string of 1 to 32 characters.
allow_as_loop_limit: ${38:null} # not required. Set the maximum number of repetitive local AS number. The value is an integer ranging from 1 to 10.
add_path_mode: ${39|null,receive,send,both|} # not required. choices: null;receive;send;both. null, Null. receive, Support receiving Add-Path routes. send, Support sending Add-Path routes. both, Support receiving and sending Add-Path routes.
export_as_path_filter: ${40:null} # not required. Apply an AS_Path-based filtering policy to the routes to be advertised to a specified peer. The value is an integer ranging from 1 to 256.
vpls_ad_disable: ${41|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, enable vpls-ad. If the value is false, disable vpls-ad.
public_as_only_replace: ${42|no_use,true,false|} # not required. choices: no_use;true;false. Private as replaced by public as number.
public_as_only_limited: ${43|no_use,true,false|} # not required. choices: no_use;true;false. Limited use public as number.
preferred_value: ${44:null} # not required. Assign a preferred value for the routes learned from a specified peer. The value is an integer ranging from 0 to 65535.
export_acl_name_or_num: ${45:null} # not required. Apply an IPv4 ACL-based filtering policy to the routes to be advertised to a specified peer. The value is a string of 1 to 32 characters.
soostring: ${46:null} # not required. Configure the Site-of-Origin (SoO) extended community attribute. The value is a string of 3 to 21 characters.
update_pkt_standard_compatible: ${47|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, When the vpnv4 multicast neighbor receives and updates the message, the message has no label. If the value is false, When the vpnv4 multicast neighbor receives and updates the message, the message has label.
advertise_remote_nexthop: ${48|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the remote next-hop attribute is advertised to peers. If the value is false, the remote next-hop attribute is not advertised to any peers.
default_rt_adv_policy: ${49:null} # not required. Specify the name of a used policy. The value is a string. The value is a string of 1 to 40 characters.
export_pref_filt_name: ${50:null} # not required. Specify the IPv4 filtering policy applied to the routes to be advertised to a specified peer. The value is a string of 1 to 169 characters.
default_rt_adv_enable: ${51|no_use,true,false|} # not required. choices: no_use;true;false. If the value is true, the function to advertise default routes to peers is enabled. If the value is false, the function to advertise default routes to peers is disabled.
rt_updt_interval: ${52:null} # not required. Specify the minimum interval at which Update packets are sent. The value is an integer, in seconds. The value is an integer ranging from 0 to 600.
"""
'ce_command':
'prefix': "ce_command_snippet"
'description': "Run arbitrary command on HUAWEI CloudEngine devices."
'body': """
ce_command:
commands: ${1:undefined} # required. The commands to send to the remote HUAWEI CloudEngine device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of I(retries) has been exceeded.
retries: ${2:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditionals.
wait_for: ${3:null} # not required. Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured retries, the task fails. See examples.
match: ${4:all} # not required. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the I(wait_for) must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
interval: ${5:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditional, the interval indicates how to long to wait before trying the command again.
"""
'ce_config':
'prefix': "ce_config_snippet"
'description': "Manage Huawei CloudEngine configuration sections."
'body': """
ce_config:
src: ${1:null} # not required. The I(src) argument provides a path to the configuration file to load into the remote system. The path can either be a full system path to the configuration file if the value starts with / or relative to the root of the implemented role or playbook. This argument is mutually exclusive with the I(lines) and I(parents) arguments.
backup: ${2:false} # not required. This argument will cause the module to create a full backup of the current C(current-configuration) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
after: ${3:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${4:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device current-configuration. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
replace: ${5|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${6:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
defaults: ${7:false} # not required. The I(defaults) argument will influence how the current-configuration is collected from the device. When the value is set to true, the command used to collect the current-configuration is append with the all keyword. When the value is set to false, the command is issued without the all keyword.
save: ${8:false} # not required. The C(save) argument instructs the module to save the current-configuration to saved-configuration. This operation is performed after any changes are made to the current running config. If no changes are made, the configuration is still saved to the startup config. This option will always cause the module to return changed.
config: ${9:null} # not required. The module, by default, will connect to the remote device and retrieve the current current-configuration to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current-configuration for every task in a playbook. The I(config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
match: ${10|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the current-configuration on the remote device.
before: ${11:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'ce_dldp':
'prefix': "ce_dldp_snippet"
'description': "Manages global DLDP configuration on HUAWEI CloudEngine switches."
'body': """
ce_dldp:
reset: ${1|enable,disable|} # not required. choices: enable;disable. Specify whether reset DLDP state of disabled interfaces.
enable: ${2|enable,disable|} # not required. choices: enable;disable. Set global DLDP enable state.
work_mode: ${3|enhance,normal|} # not required. choices: enhance;normal. Set global DLDP work-mode.
auth_pwd: ${4:null} # not required. Specifies authentication password. The value is a string of 1 to 16 case-sensitive plaintexts or 24/32/48/108/128 case-sensitive encrypted characters. The string excludes a question mark (?).
time_internal: ${5:null} # not required. Specifies the interval for sending Advertisement packets. The value is an integer ranging from 1 to 100, in seconds. The default interval for sending Advertisement packets is 5 seconds.
auth_mode: ${6|md5,simple,sha,hmac-sha256,none|} # not required. choices: md5;simple;sha;hmac-sha256;none. Specifies authentication algorithm of DLDP.
"""
'ce_dldp_interface':
'prefix': "ce_dldp_interface_snippet"
'description': "Manages interface DLDP configuration on HUAWEI CloudEngine switches."
'body': """
ce_dldp_interface:
interface: ${1:undefined} # required. Must be fully qualified interface name, i.e. GE1/0/1, 10GE1/0/1, 40GE1/0/22, 100GE1/0/1.
reset: ${2|enable,disable|} # not required. choices: enable;disable. Specify whether reseting interface DLDP state.
state: ${3|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
enable: ${4|enable,disable|} # not required. choices: enable;disable. Set interface DLDP enable state.
mode_enable: ${5|enable,disable|} # not required. choices: enable;disable. Set DLDP compatible-mode enable state.
local_mac: ${6:null} # not required. Set the source MAC address for DLDP packets sent in the DLDP-compatible mode. The value of MAC address is in H-H-H format. H contains 1 to 4 hexadecimal digits.
"""
'ce_eth_trunk':
'prefix': "ce_eth_trunk_snippet"
'description': "Manages Eth-Trunk interfaces on HUAWEI CloudEngine switches."
'body': """
ce_eth_trunk:
trunk_id: ${1:undefined} # required. Eth-Trunk interface number. The value is an integer. The value range depends on the assign forward eth-trunk mode command. When 256 is specified, the value ranges from 0 to 255. When 512 is specified, the value ranges from 0 to 511. When 1024 is specified, the value ranges from 0 to 1023.
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
force: ${3:false} # not required. When true it forces Eth-Trunk members to match what is declared in the members param. This can be used to remove members.
mode: ${4|manual,lacp-dynamic,lacp-static|} # not required. choices: manual;lacp-dynamic;lacp-static. Specifies the working mode of an Eth-Trunk interface.
members: ${5:null} # not required. List of interfaces that will be managed in a given Eth-Trunk. The interface name must be full name.
min_links: ${6:null} # not required. Specifies the minimum number of Eth-Trunk member links in the Up state. The value is an integer ranging from 1 to the maximum number of interfaces that can be added to a Eth-Trunk interface.
hash_type: ${7|src-dst-ip,src-dst-mac,enhanced,dst-ip,dst-mac,src-ip,src-mac|} # not required. choices: src-dst-ip;src-dst-mac;enhanced;dst-ip;dst-mac;src-ip;src-mac. Hash algorithm used for load balancing among Eth-Trunk member interfaces.
"""
'ce_evpn_bd_vni':
'prefix': "ce_evpn_bd_vni_snippet"
'description': "Manages EVPN VXLAN Network Identifier (VNI) on HUAWEI CloudEngine switches."
'body': """
ce_evpn_bd_vni:
vpn_target_import: ${1:undefined} # required. Add VPN targets to the import VPN target list of a BD EVPN instance. The format is the same as route_distinguisher.
bridge_domain_id: ${2:undefined} # required. Specify an existed bridge domain (BD).The value is an integer ranging from 1 to 16777215.
vpn_target_export: ${3:null} # not required. Add VPN targets to the export VPN target list of a BD EVPN instance. The format is the same as route_distinguisher.
state: ${4|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
route_distinguisher: ${5:null} # not required. Configures a route distinguisher (RD) for a BD EVPN instance. The format of an RD can be as follows,1) 2-byte AS number:4-byte user-defined number, for example, 1:3. An AS number is an integer ranging from 0 to 65535, and a user-defined number is an integer ranging from 0 to 4294967295. The AS and user-defined numbers cannot be both 0s. This means that an RD cannot be 0:0.,2) Integral 4-byte AS number:2-byte user-defined number, for example, 65537:3. An AS number is an integer ranging from 65536 to 4294967295, and a user-defined number is an integer ranging from 0 to 65535.,3) 4-byte AS number in dotted notation:2-byte user-defined number, for example, 0.0:3 or 0.1:0. A 4-byte AS number in dotted notation is in the format of x.y, where x and y are integers ranging from 0 to 65535.,4) A user-defined number is an integer ranging from 0 to 65535. The AS and user-defined numbers cannot be both 0s. This means that an RD cannot be 0.0:0.,5) 32-bit IP address:2-byte user-defined number. For example, 192.168.122.15:1. An IP address ranges from 0.0.0.0 to 255.255.255.255, and a user-defined number is an integer ranging from 0 to 65535.,6) 'auto' specifies the RD that is automatically generated.
vpn_target_both: ${6:null} # not required. Add VPN targets to both the import and export VPN target lists of a BD EVPN instance. The format is the same as route_distinguisher.
evpn: ${7|enable,disable|} # not required. choices: enable;disable. Create or delete an EVPN instance for a VXLAN in BD view.
"""
'ce_evpn_bgp':
'prefix': "ce_evpn_bgp_snippet"
'description': "Manages BGP EVPN configuration on HUAWEI CloudEngine switches."
'body': """
ce_evpn_bgp:
bgp_instance: ${1:undefined} # required. Name of a BGP instance. The value is a string of 1 to 31 case-sensitive characters, spaces not supported.
as_number: ${2:null} # not required. Specifies integral AS number. The value is an integer ranging from 1 to 4294967295.
advertise_l2vpn_evpn: ${3|enable,disable|} # not required. choices: enable;disable. Enable or disable a device to advertise IP routes imported to a VPN instance to its EVPN instance.
advertise_router_type: ${4|arp,irb|} # not required. choices: arp;irb. Configures a device to advertise routes to its BGP EVPN peers.
vpn_name: ${5:null} # not required. Associates a specified VPN instance with the IPv4 address family. The value is a string of 1 to 31 case-sensitive characters, spaces not supported.
peer_group_name: ${6:null} # not required. Specify the name of a peer group that BGP peers need to join. The value is a string of 1 to 47 case-sensitive characters, spaces not supported.
state: ${7|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
peer_enable: ${8|true,false|} # not required. choices: true;false. Enable or disable a BGP device to exchange routes with a specified peer or peer group in the address family view.
peer_address: ${9:null} # not required. Specifies the IPv4 address of a BGP EVPN peer. The value is in dotted decimal notation.
"""
'ce_evpn_bgp_rr':
'prefix': "ce_evpn_bgp_rr_snippet"
'description': "Manages RR for the VXLAN Network on HUAWEI CloudEngine switches."
'body': """
ce_evpn_bgp_rr:
as_number: ${1:null} # required. Specifies the number of the AS, in integer format. The value is an integer that ranges from 1 to 4294967295.
bgp_instance: ${2:null} # not required. Specifies the name of a BGP instance. The value of instance-name can be an integer 1 or a string of 1 to 31.
reflect_client: ${3|enable,disable|} # not required. choices: enable;disable. Configure the local device as the route reflector and the peer or peer group as the client of the route reflector.
peer: ${4:null} # not required. Specifies the IPv4 address or the group name of a peer.
bgp_evpn_enable: ${5|enable,disable|} # not required. choices: enable;disable. Enable or disable the BGP-EVPN address family.
policy_vpn_target: ${6|enable,disable|} # not required. choices: enable;disable. Enable or disable the VPN-Target filtering.
peer_type: ${7|group_name,ipv4_address|} # not required. choices: group_name;ipv4_address. Specify the peer type.
"""
'ce_evpn_global':
'prefix': "ce_evpn_global_snippet"
'description': "Manages global configuration of EVPN on HUAWEI CloudEngine switches."
'body': """
ce_evpn_global:
evpn_overlay_enable: ${1|enable,disable|} # required. choices: enable;disable. Configure EVPN as the VXLAN control plane.
"""
'ce_facts':
'prefix': "ce_facts_snippet"
'description': "Gets facts about HUAWEI CloudEngine switches."
'body': """
ce_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
"""
'ce_file_copy':
'prefix': "ce_file_copy_snippet"
'description': "Copy a file to a remote cloudengine device over SCP on HUAWEI CloudEngine switches."
'body': """
ce_file_copy:
local_file: ${1:undefined} # required. Path to local file. Local directory must exist. The maximum length of I(local_file) is C(4096).
remote_file: ${2:null} # not required. Remote file path of the copy. Remote directories must exist. If omitted, the name of the local file will be used. The maximum length of I(remote_file) is C(4096).
file_system: ${3:flash:} # not required. The remote file system of the device. If omitted, devices that support a I(file_system) parameter will use their default values. File system indicates the storage medium and can be set to as follows, 1) C(flash) is root directory of the flash memory on the master MPU. 2) C(slave#flash) is root directory of the flash memory on the slave MPU. If no slave MPU exists, this drive is unavailable. 3) C(chassis ID/slot number#flash) is root directory of the flash memory on a device in a stack. For example, C(1/5#flash) indicates the flash memory whose chassis ID is 1 and slot number is 5.
"""
'ce_info_center_debug':
'prefix': "ce_info_center_debug_snippet"
'description': "Manages information center debug configuration on HUAWEI CloudEngine switches."
'body': """
ce_info_center_debug:
debug_enable: ${1|no_use,true,false|} # not required. choices: no_use;true;false. Whether a device is enabled to output debugging information.
state: ${2|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
debug_level: ${3|emergencies,alert,critical,error,warning,notification,informational,debugging|} # not required. choices: emergencies;alert;critical;error;warning;notification;informational;debugging. Debug level permitted to output.
channel_id: ${4:null} # not required. Number of a channel. The value is an integer ranging from 0 to 9. The default value is 0.
module_name: ${5:null} # not required. Module name of the rule. The value is a string of 1 to 31 case-insensitive characters. The default value is default. Please use lower-case letter, such as [aaa, acl, arp, bfd].
debug_time_stamp: ${6|date_boot,date_second,date_tenthsecond,date_millisecond,shortdate_second,shortdate_tenthsecond,shortdate_millisecond,formatdate_second,formatdate_tenthsecond,formatdate_millisecond|} # not required. choices: date_boot;date_second;date_tenthsecond;date_millisecond;shortdate_second;shortdate_tenthsecond;shortdate_millisecond;formatdate_second;formatdate_tenthsecond;formatdate_millisecond. Timestamp type of debugging information.
"""
'ce_info_center_global':
'prefix': "ce_info_center_global_snippet"
'description': "Manages outputting logs on HUAWEI CloudEngine switches."
'body': """
ce_info_center_global:
server_ip: ${1:null} # not required. Log server address, IPv4 or IPv6 type. The value is a string of 0 to 255 characters. The value can be an valid IPv4 or IPv6 address.
filter_log_name: ${2:null} # not required. Name of the filtered log. The value is a string of 1 to 63 case-sensitive characters.
facility: ${3|local0,local1,local2,local3,local4,local5,local6,local7|} # not required. choices: local0;local1;local2;local3;local4;local5;local6;local7. Log record tool.
ssl_policy_name: ${4:null} # not required. SSL policy name. The value is a string of 1 to 23 case-sensitive characters.
transport_mode: ${5|tcp,udp|} # not required. choices: tcp;udp. Transport mode. The value is of the enumerated type and case-sensitive.
channel_cfg_name: ${6:console} # not required. Channel name.The value is a string of 1 to 30 case-sensitive characters. The default value is console.
suppress_enable: ${7|true,false|} # not required. choices: true;false. Whether a device is enabled to suppress duplicate statistics. The value is of the Boolean type.
channel_out_direct: ${8|console,monitor,trapbuffer,logbuffer,snmp,logfile|} # not required. choices: console;monitor;trapbuffer;logbuffer;snmp;logfile. Direction of information output.
channel_id: ${9:null} # not required. Number for channel. The value is an integer ranging from 0 to 9. The default value is 0.
filter_feature_name: ${10:null} # not required. Feature name of the filtered log. The value is a string of 1 to 31 case-insensitive characters.
is_default_vpn: ${11:false} # not required. Use the default VPN or not.
server_domain: ${12:null} # not required. Server name. The value is a string of 1 to 255 case-sensitive characters.
level: ${13|emergencies,alert,critical,error,warning,notification,informational,debugging|} # not required. choices: emergencies;alert;critical;error;warning;notification;informational;debugging. Level of logs saved on a log server.
packet_priority: ${14:null} # not required. Set the priority of the syslog packet.The value is an integer ranging from 0 to 7. The default value is 0.
source_ip: ${15:null} # not required. Log source ip address, IPv4 or IPv6 type. The value is a string of 0 to 255. The value can be an valid IPv4 or IPv6 address.
channel_name: ${16:null} # not required. Channel name. The value is a string of 1 to 30 case-sensitive characters.
state: ${17|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
vrf_name: ${18:null} # not required. VPN name on a log server. The value is a string of 1 to 31 case-sensitive characters. The default value is _public_.
logfile_max_size: ${19|4,8,16,32|} # not required. choices: 4;8;16;32. Maximum size (in MB) of a log file. The default value is 32.,The value range for log files is [4, 8, 16, 32], for security files is [1, 4],,and for operation files is [1, 4].
server_port: ${20:null} # not required. Number of a port sending logs.The value is an integer ranging from 1 to 65535. For UDP, the default value is 514. For TCP, the default value is 601. For TSL, the default value is 6514.
timestamp: ${21|UTC,localtime|} # not required. choices: UTC;localtime. Log server timestamp. The value is of the enumerated type and case-sensitive.
info_center_enable: ${22|true,false|} # not required. choices: true;false. Whether the info-center function is enabled. The value is of the Boolean type.
ip_type: ${23|ipv4,ipv6|} # not required. choices: ipv4;ipv6. Log server address type, IPv4 or IPv6.
logfile_max_num: ${24:null} # not required. Maximum number of log files of the same type. The default value is 200.,The value range for log files is[3, 500], for security files is [1, 3],and for operation files is [1, 7].
"""
'ce_info_center_log':
'prefix': "ce_info_center_log_snippet"
'description': "Manages information center log configuration on HUAWEI CloudEngine switches."
'body': """
ce_info_center_log:
log_level: ${1|emergencies,alert,critical,error,warning,notification,informational,debugging|} # not required. choices: emergencies;alert;critical;error;warning;notification;informational;debugging. Specifies a log severity.
log_enable: ${2|no_use,true,false|} # not required. choices: no_use;true;false. Indicates whether log filtering is enabled.
log_buff_size: ${3:null} # not required. Specifies the maximum number of logs in the log buffer. The value is an integer that ranges from 0 to 10240. If logbuffer-size is 0, logs are not displayed.
channel_id: ${4:null} # not required. Specifies a channel ID. The value is an integer ranging from 0 to 9.
state: ${5|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
log_buff_enable: ${6|no_use,true,false|} # not required. choices: no_use;true;false. Enables the Switch to send logs to the log buffer.
log_time_stamp: ${7|date_boot,date_second,date_tenthsecond,date_millisecond,shortdate_second,shortdate_tenthsecond,shortdate_millisecond,formatdate_second,formatdate_tenthsecond,formatdate_millisecond|} # not required. choices: date_boot;date_second;date_tenthsecond;date_millisecond;shortdate_second;shortdate_tenthsecond;shortdate_millisecond;formatdate_second;formatdate_tenthsecond;formatdate_millisecond. Sets the timestamp format of logs.
module_name: ${8:null} # not required. Specifies the name of a module. The value is a module name in registration logs.
"""
'ce_info_center_trap':
'prefix': "ce_info_center_trap_snippet"
'description': "Manages information center trap configuration on HUAWEI CloudEngine switches."
'body': """
ce_info_center_trap:
trap_time_stamp: ${1|date_boot,date_second,date_tenthsecond,date_millisecond,shortdate_second,shortdate_tenthsecond,shortdate_millisecond,formatdate_second,formatdate_tenthsecond,formatdate_millisecond|} # not required. choices: date_boot;date_second;date_tenthsecond;date_millisecond;shortdate_second;shortdate_tenthsecond;shortdate_millisecond;formatdate_second;formatdate_tenthsecond;formatdate_millisecond. Timestamp format of alarm information.
trap_buff_size: ${2:null} # not required. Size of a trap buffer. The value is an integer ranging from 0 to 1024. The default value is 256.
channel_id: ${3:null} # not required. Number of a channel. The value is an integer ranging from 0 to 9. The default value is 0.
state: ${4|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
trap_level: ${5|emergencies,alert,critical,error,warning,notification,informational,debugging|} # not required. choices: emergencies;alert;critical;error;warning;notification;informational;debugging. Trap level permitted to output.
trap_buff_enable: ${6|no_use,true,false|} # not required. choices: no_use;true;false. Whether a trap buffer is enabled to output information.
module_name: ${7:null} # not required. Module name of the rule. The value is a string of 1 to 31 case-insensitive characters. The default value is default. Please use lower-case letter, such as [aaa, acl, arp, bfd].
trap_enable: ${8|no_use,true,false|} # not required. choices: no_use;true;false. Whether a device is enabled to output alarms.
"""
'ce_interface':
'prefix': "ce_interface_snippet"
'description': "Manages physical attributes of interfaces on HUAWEI CloudEngine switches."
'body': """
ce_interface:
state: ${1|present,absent,default|} # required. choices: present;absent;default. Specify desired state of the resource.
admin_state: ${2|up,down|} # not required. choices: up;down. Specifies the interface management status. The value is an enumerated type. up, An interface is in the administrative Up state. down, An interface is in the administrative Down state.
description: ${3:null} # not required. Specifies an interface description. The value is a string of 1 to 242 case-sensitive characters, spaces supported but question marks (?) not supported.
interface: ${4:null} # not required. Full name of interface, i.e. 40GE1/0/10, Tunnel1.
interface_type: ${5|ge,10ge,25ge,4x10ge,40ge,100ge,vlanif,loopback,meth,eth-trunk,nve,tunnel,ethernet,fcoe-port,fabric-port,stack-port,null|} # not required. choices: ge;10ge;25ge;4x10ge;40ge;100ge;vlanif;loopback;meth;eth-trunk;nve;tunnel;ethernet;fcoe-port;fabric-port;stack-port;null. Interface type to be configured from the device.
mode: ${6|layer2,layer3|} # not required. choices: layer2;layer3. Manage Layer 2 or Layer 3 state of the interface.
l2sub: ${7:false} # not required. Specifies whether the interface is a Layer 2 sub-interface.
"""
'ce_interface_ospf':
'prefix': "ce_interface_ospf_snippet"
'description': "Manages configuration of an OSPF interface instanceon HUAWEI CloudEngine switches."
'body': """
ce_interface_ospf:
area: ${1:undefined} # required. Ospf area associated with this ospf process. Valid values are a string, formatted as an IP address (i.e. \"0.0.0.0\") or as an integer between 1 and 4294967295.
process_id: ${2:undefined} # required. Specifies a process ID. The value is an integer ranging from 1 to 4294967295.
interface: ${3:undefined} # required. Full name of interface, i.e. 40GE1/0/10.
cost: ${4:null} # not required. The cost associated with this interface. Valid values are an integer in the range from 1 to 65535.
silent_interface: ${5:false} # not required. Setting to true will prevent this interface from receiving HELLO packets. Valid values are 'true' and 'false'.
auth_mode: ${6|none,null,hmac-sha256,md5,hmac-md5,simple|} # not required. choices: none;null;hmac-sha256;md5;hmac-md5;simple. Specifies the authentication type.
auth_key_id: ${7:null} # not required. Authentication key id when C(auth_mode) is 'hmac-sha256', 'md5' or 'hmac-md5. Valid value is an integer is in the range from 1 to 255.
dead_interval: ${8:null} # not required. Time interval an ospf neighbor waits for a hello packet before tearing down adjacencies. Valid values are an integer in the range from 1 to 235926000.
auth_text_simple: ${9:null} # not required. Specifies a password for simple authentication. The value is a string of 1 to 8 characters.
state: ${10|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
hello_interval: ${11:null} # not required. Time between sending successive hello packets. Valid values are an integer in the range from 1 to 65535.
auth_text_md5: ${12:null} # not required. Specifies a password for MD5, HMAC-MD5, or HMAC-SHA256 authentication. The value is a string of 1 to 255 case-sensitive characters, spaces not supported.
"""
'ce_ip_interface':
'prefix': "ce_ip_interface_snippet"
'description': "Manages L3 attributes for IPv4 and IPv6 interfaces on HUAWEI CloudEngine switches."
'body': """
ce_ip_interface:
interface: ${1:undefined} # required. Full name of interface, i.e. 40GE1/0/22, vlanif10.
state: ${2|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
version: ${3|v4,v6|} # not required. choices: v4;v6. IP address version.
addr: ${4:null} # not required. IPv4 or IPv6 Address.
mask: ${5:null} # not required. Subnet mask for IPv4 or IPv6 Address in decimal format.
ipv4_type: ${6|main,sub|} # not required. choices: main;sub. Specifies an address type. The value is an enumerated type. main, primary IP address. sub, secondary IP address.
"""
'ce_link_status':
'prefix': "ce_link_status_snippet"
'description': "Get interface link status on HUAWEI CloudEngine switches."
'body': """
ce_link_status:
interface: ${1:undefined} # required. For the interface parameter, you can enter C(all) to display information about all interface, an interface type such as C(40GE) to display information about interfaces of the specified type, or full name of an interface such as C(40GE1/0/22) or C(vlanif10) to display information about the specific interface.
"""
'ce_mlag_config':
'prefix': "ce_mlag_config_snippet"
'description': "Manages MLAG configuration on HUAWEI CloudEngine switches."
'body': """
ce_mlag_config:
eth_trunk_id: ${1:null} # not required. Name of the peer-link interface. The value is in the range from 0 to 511.
pseudo_priority: ${2:null} # not required. The priority of a pseudo nickname. The value is an integer that ranges from 128 to 255. The default value is 192. A larger value indicates a higher priority.
ip_address: ${3:null} # not required. IP address bound to the DFS group. The value is in dotted decimal notation.
priority_id: ${4:null} # not required. Priority of a DFS group. The value is an integer that ranges from 1 to 254. The default value is 100.
vpn_instance_name: ${5:null} # not required. Name of the VPN instance bound to the DFS group. The value is a string of 1 to 31 case-sensitive characters without spaces. If the character string is quoted by double quotation marks, the character string can contain spaces. The value _public_ is reserved and cannot be used as the VPN instance name.
peer_link_id: ${6:null} # not required. Number of the peer-link interface. The value is 1.
state: ${7|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
dfs_group_id: ${8:present} # not required. ID of a DFS group. The value is 1.
nickname: ${9:null} # not required. The nickname bound to a DFS group. The value is an integer that ranges from 1 to 65471.
pseudo_nickname: ${10:null} # not required. A pseudo nickname of a DFS group. The value is an integer that ranges from 1 to 65471.
"""
'ce_mlag_interface':
'prefix': "ce_mlag_interface_snippet"
'description': "Manages MLAG interfaces on HUAWEI CloudEngine switches."
'body': """
ce_mlag_interface:
eth_trunk_id: ${1:null} # not required. Name of the local M-LAG interface. The value is ranging from 0 to 511.
mlag_id: ${2:null} # not required. ID of the M-LAG. The value is an integer that ranges from 1 to 2048.
mlag_error_down: ${3|enable,disable|} # not required. choices: enable;disable. Configure the interface on the slave device to enter the Error-Down state.
mlag_system_id: ${4:null} # not required. M-LAG global LACP system MAC address. The value is a string of 0 to 255 characters. The default value is the MAC address of the Ethernet port of MPU.
state: ${5|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
dfs_group_id: ${6:present} # not required. ID of a DFS group.The value is 1.
interface: ${7:null} # not required. Name of the interface that enters the Error-Down state when the peer-link fails. The value is a string of 1 to 63 characters.
mlag_priority_id: ${8:null} # not required. M-LAG global LACP system priority. The value is an integer ranging from 0 to 65535. The default value is 32768.
"""
'ce_mtu':
'prefix': "ce_mtu_snippet"
'description': "Manages MTU settings on HUAWEI CloudEngine switches."
'body': """
ce_mtu:
interface: ${1:null} # not required. Full name of interface, i.e. 40GE1/0/22.
state: ${2|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
jumbo_max: ${3:null} # not required. Maximum frame size. The default value is 9216. The value is an integer and expressed in bytes. The value range is 1536 to 12224 for the CE12800 and 1536 to 12288 for ToR switches.
jumbo_min: ${4:null} # not required. Non-jumbo frame size threshod. The default value is 1518. The value is an integer that ranges from 1518 to jumbo_max, in bytes.
mtu: ${5:null} # not required. MTU for a specific interface. The value is an integer ranging from 46 to 9600, in bytes.
"""
'ce_netconf':
'prefix': "ce_netconf_snippet"
'description': "Run an arbitrary netconf command on HUAWEI CloudEngine switches."
'body': """
ce_netconf:
rpc: ${1|get,edit-config,execute-action,execute-cli|} # required. choices: get;edit-config;execute-action;execute-cli. The type of rpc.
cfg_xml: ${2:undefined} # required. The config xml string.
"""
'ce_netstream_aging':
'prefix': "ce_netstream_aging_snippet"
'description': "Manages timeout mode of NetStream on HUAWEI CloudEngine switches."
'body': """
ce_netstream_aging:
timeout_type: ${1|active,inactive,tcp-session,manual|} # not required. choices: active;inactive;tcp-session;manual. Netstream timeout type.
state: ${2|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
type: ${3|ip,vxlan|} # not required. choices: ip;vxlan. Specifies the packet type of netstream timeout active interval.
manual_slot: ${4:null} # not required. Specifies the slot number of netstream manual timeout.
timeout_interval: ${5:30} # not required. Netstream timeout interval. If is active type the interval is 1-60. If is inactive ,the interval is 5-600.
"""
'ce_netstream_export':
'prefix': "ce_netstream_export_snippet"
'description': "Manages netstream export on HUAWEI CloudEngine switches."
'body': """
ce_netstream_export:
type: ${1|ip,vxlan|} # required. choices: ip;vxlan. Specifies NetStream feature.
bgp_nexthop: ${2|enable,disable|} # not required. choices: enable;disable. Configures the statistics to carry BGP next hop information. Currently, only V9 supports the exported packets carrying BGP next hop information.
host_port: ${3:null} # not required. Specifies the destination UDP port number of the exported packets. The value is an integer that ranges from 1 to 65535.
source_ip: ${4:null} # not required. Specifies source address which can be IPv6 or IPv4 of the exported NetStream packet.
host_ip: ${5:null} # not required. Specifies destination address which can be IPv6 or IPv4 of the exported NetStream packet.
as_option: ${6|origin,peer|} # not required. choices: origin;peer. Specifies the AS number recorded in the statistics as the original or the peer AS number.
state: ${7|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
version: ${8|5,9|} # not required. choices: 5;9. Sets the version of exported packets.
host_vpn: ${9:null} # not required. Specifies the VPN instance of the exported packets carrying flow statistics. Ensure the VPN instance has been created on the device.
"""
'ce_netstream_global':
'prefix': "ce_netstream_global_snippet"
'description': "Manages global parameters of NetStream on HUAWEI CloudEngine switches."
'body': """
ce_netstream_global:
interface: ${1:null} # required. Netstream global interface.
statistics_direction: ${2|inbound,outbound|} # not required. choices: inbound;outbound. Specifies the netstream statistic direction.
index_switch: ${3|16,32|} # not required. choices: 16;32. Specifies the netstream index-switch.
state: ${4|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
sampler_interval: ${5:null} # not required. Specifies the netstream sampler interval, length is 1 - 65535.
statistics_record: ${6:null} # not required. Specifies the flexible netstream statistic record, length is 1 - 32.
sampler_direction: ${7|inbound,outbound|} # not required. choices: inbound;outbound. Specifies the netstream sampler direction.
type: ${8|ip,vxlan|} # not required. choices: ip;vxlan. Specifies the type of netstream global.
"""
'ce_netstream_template':
'prefix': "ce_netstream_template_snippet"
'description': "Manages NetStream template configuration on HUAWEI CloudEngine switches."
'body': """
ce_netstream_template:
type: ${1|ip,vxlan|} # required. choices: ip;vxlan. Configure the type of netstream record.
state: ${2|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
collect_interface: ${3|input,output|} # not required. choices: input;output. Configure the input or output interface that are included in the flexible flow statistics sent to NSC.
record_name: ${4:null} # not required. Configure the name of netstream record. The value is a string of 1 to 32 case-insensitive characters.
description: ${5:null} # not required. Configure the description of netstream record. The value is a string of 1 to 80 case-insensitive characters.
collect_counter: ${6|bytes,packets|} # not required. choices: bytes;packets. Configure the number of packets and bytes that are included in the flexible flow statistics sent to NSC.
match: ${7|destination-address,destination-port,tos,protocol,source-address,source-port|} # not required. choices: destination-address;destination-port;tos;protocol;source-address;source-port. Configure flexible flow statistics template keywords.
"""
'ce_ntp':
'prefix': "ce_ntp_snippet"
'description': "Manages core NTP configuration on HUAWEI CloudEngine switches."
'body': """
ce_ntp:
state: ${1|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
is_preferred: ${2|enable,disable|} # not required. choices: enable;disable. Makes given NTP server or peer the preferred NTP server or peer for the device.
peer: ${3:null} # not required. Network address of NTP peer.
key_id: ${4:null} # not required. Authentication key identifier to use with given NTP server or peer.
vpn_name: ${5:_public_} # not required. Makes the device communicate with the given NTP server or peer over a specific vpn.
server: ${6:null} # not required. Network address of NTP server.
source_int: ${7:null} # not required. Local source interface from which NTP messages are sent. Must be fully qualified interface name, i.e. C(40GE1/0/22), C(vlanif10). Interface types, such as C(10GE), C(40GE), C(100GE), C(Eth-Trunk), C(LoopBack), C(MEth), C(NULL), C(Tunnel), C(Vlanif).
"""
'ce_ntp_auth':
'prefix': "ce_ntp_auth_snippet"
'description': "Manages NTP authentication configuration on HUAWEI CloudEngine switches."
'body': """
ce_ntp_auth:
key_id: ${1:undefined} # required. Authentication key identifier (numeric).
auth_type: ${2|text,encrypt|} # not required. choices: text;encrypt. Whether the given password is in cleartext or has been encrypted. If in cleartext, the device will encrypt it before storing it.
state: ${3|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
auth_pwd: ${4:null} # not required. Plain text with length of 1 to 255, encrypted text with length of 20 to 392.
trusted_key: ${5|enable,disable|} # not required. choices: enable;disable. Whether the given key is required to be supplied by a time source for the device to synchronize to the time source.
auth_mode: ${6|hmac-sha256,md5|} # not required. choices: hmac-sha256;md5. Specify authentication algorithm.
authentication: ${7|enable,disable|} # not required. choices: enable;disable. Configure ntp authentication enable or unconfigure ntp authentication enable.
"""
'ce_ospf':
'prefix': "ce_ospf_snippet"
'description': "Manages configuration of an OSPF instance on HUAWEI CloudEngine switches."
'body': """
ce_ospf:
process_id: ${1:undefined} # required. Specifies a process ID. The value is an integer ranging from 1 to 4294967295.
addr: ${2:null} # not required. Specifies the address of the network segment where the interface resides. The value is in dotted decimal notation.
area: ${3:null} # not required. Specifies the area ID. The area with the area-id being 0 is a backbone area. Valid values are a string, formatted as an IP address (i.e. \"0.0.0.0\") or as an integer between 1 and 4294967295.
max_load_balance: ${4:null} # not required. The maximum number of paths for forward packets over multiple paths. Valid value is an integer in the range from 1 to 64.
mask: ${5:null} # not required. IP network wildcard bits in decimal format between 0 and 32.
auth_mode: ${6|none,hmac-sha256,md5,hmac-md5,simple|} # not required. choices: none;hmac-sha256;md5;hmac-md5;simple. Specifies the authentication type.
auth_key_id: ${7:null} # not required. Authentication key id when C(auth_mode) is 'hmac-sha256', 'md5' or 'hmac-md5. Valid value is an integer is in the range from 1 to 255.
auth_text_simple: ${8:null} # not required. Specifies a password for simple authentication. The value is a string of 1 to 8 characters.
state: ${9|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
nexthop_addr: ${10:null} # not required. IPv4 address for configure next-hop address's weight. Valid values are a string, formatted as an IP address.
auth_text_md5: ${11:null} # not required. Specifies a password for MD5, HMAC-MD5, or HMAC-SHA256 authentication. The value is a string of 1 to 255 case-sensitive characters, spaces not supported.
nexthop_weight: ${12:null} # not required. Indicates the weight of the next hop. The smaller the value is, the higher the preference of the route is. It is an integer that ranges from 1 to 254.
"""
'ce_ospf_vrf':
'prefix': "ce_ospf_vrf_snippet"
'description': "Manages configuration of an OSPF VPN instance on HUAWEI CloudEngine switches."
'body': """
ce_ospf_vrf:
ospf: ${1:null} # required. The ID of the ospf process. Valid values are an integer, 1 - 4294967295, the default value is 1.
description: ${2:null} # not required. Specifies the description information of ospf process.
lsaostartinterval: ${3:null} # not required. Specifies the start interval of originate LSA . Valid value is an integer, in millisecond, from 0 to 1000, the default value is 500.
lsaastartinterval: ${4:null} # not required. Specifies the start interval of arrive LSA when use the intelligent timer. Valid value is an integer, in millisecond, from 0 to 10000, the default value is 500.
lsaointerval: ${5:null} # not required. Specifies the interval of originate LSA . Valid value is an integer, in second, from 0 to 10, the default value is 5.
bandwidth: ${6:null} # not required. Specifies the reference bandwidth used to assign ospf cost. Valid values are an integer, in Mbps, 1 - 2147483648, the default value is 100.
spfintervalmi: ${7:null} # not required. Specifies the interval to calculate SPF when use millisecond level timer. Valid value is an integer, in millisecond, from 1 to 10000.
spfinterval: ${8:null} # not required. Specifies the interval to calculate SPF when use second level timer. Valid value is an integer, in second, from 1 to 10.
lsaointervalflag: ${9:false} # not required. Specifies whether cancel the interval of LSA originate or not. If set the parameter but noe specifies value, the default will be used. true:cancel the interval of LSA originate, the interval is 0. false:do not cancel the interval of LSA originate.
lsaomaxinterval: ${10:null} # not required. Specifies the max interval of originate LSA . Valid value is an integer, in millisecond, from 1 to 10000, the default value is 5000.
lsaalflag: ${11:false} # not required. Specifies the mode of timer to calculate interval of arrive LSA. If set the parameter but not specifies value, the default will be used. If true use general timer. If false use intelligent timer.
lsaamaxinterval: ${12:null} # not required. Specifies the max interval of arrive LSA when use the intelligent timer. Valid value is an integer, in millisecond, from 0 to 10000, the default value is 1000.
lsaoholdinterval: ${13:null} # not required. Specifies the hold interval of originate LSA . Valid value is an integer, in millisecond, from 0 to 5000, the default value is 1000.
spfintervaltype: ${14|intelligent-timer,timer,millisecond|} # not required. choices: intelligent-timer;timer;millisecond. Specifies the mode of timer which used to calculate SPF. If set the parameter but noe specifies value, the default will be used. If is intelligent-timer, then use intelligent timer. If is timer, then use second level timer. If is millisecond, then use millisecond level timer.
lsaainterval: ${15:null} # not required. Specifies the interval of arrive LSA when use the general timer. Valid value is an integer, in millisecond, from 0 to 10000.
spfstartinterval: ${16:null} # not required. Specifies the start interval to calculate SPF when use intelligent timer. Valid value is an integer, in millisecond, from 1 to 1000, the default value is 50.
route_id: ${17:null} # not required. Specifies the ospf private route id,. Valid values are a string, formatted as an IP address (i.e. \"10.1.1.1\") the length is 0 - 20.
state: ${18|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
spfmaxinterval: ${19:null} # not required. Specifies the max interval to calculate SPF when use intelligent timer. Valid value is an integer, in millisecond, from 1 to 20000, the default value is 5000.
spfholdinterval: ${20:null} # not required. Specifies the hold interval to calculate SPF when use intelligent timer. Valid value is an integer, in millisecond, from 1 to 5000, the default value is 200.
lsaaholdinterval: ${21:null} # not required. Specifies the hold interval of arrive LSA when use the intelligent timer. Valid value is an integer, in millisecond, from 0 to 10000, the default value is 500.
vrf: ${22:_public_} # not required. Specifies the vpn instance which use ospf,length is 1 - 31. Valid values are a string.
"""
'ce_reboot':
'prefix': "ce_reboot_snippet"
'description': "Reboot a HUAWEI CloudEngine switches."
'body': """
ce_reboot:
save_config: ${1:false} # not required. Flag indicating whether to save the configuration.
confirm: ${2:false} # not required. Safeguard boolean. Set to true if you're sure you want to reboot.
"""
'ce_rollback':
'prefix': "ce_rollback_snippet"
'description': "Set a checkpoint or rollback to a checkpoint on HUAWEI CloudEngine switches."
'body': """
ce_rollback:
action: ${1|rollback,clear,set,display,commit|} # required. choices: rollback;clear;set;display;commit. The operation of configuration rollback.
commit_id: ${2:undefined} # not required. Specifies the label of the configuration rollback point to which system configurations are expected to roll back. The value is an integer that the system generates automatically.
oldest: ${3:null} # not required. Specifies the number of configuration rollback points. The value is an integer that ranges from 1 to 80.
last: ${4:null} # not required. Specifies the number of configuration rollback points. The value is an integer that ranges from 1 to 80.
filename: ${5:null} # not required. Specifies a configuration file for configuration rollback. The value is a string of 5 to 64 case-sensitive characters in the format of *.zip, *.cfg, or *.dat, spaces not supported.
label: ${6:null} # not required. Specifies a user label for a configuration rollback point. The value is a string of 1 to 256 case-sensitive ASCII characters, spaces not supported. The value must start with a letter and cannot be presented in a single hyphen (-).
"""
'ce_sflow':
'prefix': "ce_sflow_snippet"
'description': "Manages sFlow configuration on HUAWEI CloudEngine switches."
'body': """
ce_sflow:
agent_ip: ${1:null} # not required. Specifies the IPv4/IPv6 address of an sFlow agent.
export_route: ${2|enable,disable|} # not required. choices: enable;disable. Configures the sFlow packets sent by the switch not to carry routing information.
counter_collector: ${3:null} # not required. Indicates the ID list of the counter collector.
rate_limit_slot: ${4:null} # not required. Specifies the slot where the rate of output sFlow packets is limited. If this parameter is not specified, the rate of sFlow packets sent from all cards to the control plane is limited. The value is an integer or a string of characters.
source_ip: ${5:null} # not required. Specifies the source IPv4/IPv6 address of sFlow packets.
collector_datagram_size: ${6:null} # not required. Specifies the maximum length of sFlow packets sent from an sFlow agent to an sFlow collector. The value is an integer, in bytes. It ranges from 1024 to 8100. The default value is 1400.
sample_collector: ${7:null} # not required. Indicates the ID list of the collector.
rate_limit: ${8:null} # not required. Specifies the rate of sFlow packets sent from a card to the control plane. The value is an integer that ranges from 100 to 1500, in pps.
sample_direction: ${9|inbound,outbound,both|} # not required. choices: inbound;outbound;both. Enables flow sampling in the inbound or outbound direction.
collector_meth: ${10|meth,enhanced|} # not required. choices: meth;enhanced. Configures the device to send sFlow packets through service interfaces, enhancing the sFlow packet forwarding capability. The enhanced parameter is optional. No matter whether you configure the enhanced mode, the switch determines to send sFlow packets through service cards or management port based on the routing information on the collector. When the value is meth, the device forwards sFlow packets at the control plane. When the value is enhanced, the device forwards sFlow packets at the forwarding plane to enhance the sFlow packet forwarding capacity.
collector_ip_vpn: ${11:null} # not required. Specifies the name of a VPN instance. The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. The value C(_public_) is reserved and cannot be used as the VPN instance name.
forward_enp_slot: ${12:null} # not required. Enable the Embedded Network Processor (ENP) chip function. The switch uses the ENP chip to perform sFlow sampling, and the maximum sFlow sampling interval is 65535. If you set the sampling interval to be larger than 65535, the switch automatically restores it to 65535. The value is an integer or 'all'.
collector_ip: ${13:null} # not required. Specifies the IPv4/IPv6 address of the sFlow collector.
sflow_interface: ${14:null} # not required. Full name of interface for Flow Sampling or Counter. It must be a physical interface, Eth-Trunk, or Layer 2 subinterface.
sample_length: ${15:null} # not required. Specifies the maximum length of sampled packets. The value is an integer and ranges from 18 to 512, in bytes. The default value is 128.
state: ${16|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
collector_id: ${17|1,2|} # not required. choices: 1;2. Specifies the ID of an sFlow collector. This ID is used when you specify the collector in subsequent sFlow configuration.
sample_rate: ${18:null} # not required. Specifies the flow sampling rate in the format 1/rate. The value is an integer and ranges from 1 to 4294967295. The default value is 8192.
collector_udp_port: ${19:null} # not required. Specifies the UDP destination port number of sFlow packets. The value is an integer that ranges from 1 to 65535. The default value is 6343.
counter_interval: ${20:null} # not required. Indicates the counter sampling interval. The value is an integer that ranges from 10 to 4294967295, in seconds. The default value is 20.
collector_description: ${21:null} # not required. Specifies the description of an sFlow collector. The value is a string of 1 to 255 case-sensitive characters without spaces.
"""
'ce_snmp_community':
'prefix': "ce_snmp_community_snippet"
'description': "Manages SNMP community configuration on HUAWEI CloudEngine switches."
'body': """
ce_snmp_community:
notify_view: ${1:null} # not required. Mib view name for notification.
community_name: ${2:null} # not required. Unique name to identify the community.
community_mib_view: ${3:null} # not required. Mib view name.
read_view: ${4:null} # not required. Mib view name for read.
acl_number: ${5:null} # not required. Access control list number.
group_name: ${6:null} # not required. Unique name to identify the SNMPv3 group.
write_view: ${7:null} # not required. Mib view name for write.
state: ${8|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
security_level: ${9|noAuthNoPriv,authentication,privacy|} # not required. choices: noAuthNoPriv;authentication;privacy. Security level indicating whether to use authentication and encryption.
access_right: ${10|read,write|} # not required. choices: read;write. Access right read or write.
"""
'ce_snmp_contact':
'prefix': "ce_snmp_contact_snippet"
'description': "Manages SNMP contact configuration on HUAWEI CloudEngine switches."
'body': """
ce_snmp_contact:
contact: ${1:null} # required. Contact information.
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
"""
'ce_snmp_location':
'prefix': "ce_snmp_location_snippet"
'description': "Manages SNMP location configuration on HUAWEI CloudEngine switches."
'body': """
ce_snmp_location:
location: ${1:null} # required. Location information.
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
"""
'ce_snmp_target_host':
'prefix': "ce_snmp_target_host_snippet"
'description': "Manages SNMP target host configuration on HUAWEI CloudEngine switches."
'body': """
ce_snmp_target_host:
security_name_v3: ${1:null} # not required. Security Name V3.
recv_port: ${2:null} # not required. UDP Port number used by network management to receive alarm messages.
security_model: ${3|v1,v2c,v3|} # not required. choices: v1;v2c;v3. Security Model.
vpn_name: ${4:null} # not required. VPN instance Name.
address: ${5:null} # not required. Network Address.
security_name: ${6:null} # not required. Security Name.
notify_type: ${7|trap,inform|} # not required. choices: trap;inform. To configure notify type as trap or inform.
connect_port: ${8:null} # not required. Udp port used by SNMP agent to connect the Network management.
version: ${9|none,v1,v2c,v3,v1v2c,v1v3,v2cv3,all|} # not required. choices: none;v1;v2c;v3;v1v2c;v1v3;v2cv3;all. Version(s) Supported by SNMP Engine.
host_name: ${10:null} # not required. Unique name to identify target host entry.
security_level: ${11|noAuthNoPriv,authentication,privacy|} # not required. choices: noAuthNoPriv;authentication;privacy. Security level indicating whether to use authentication and encryption.
interface_name: ${12:null} # not required. Name of the interface to send the trap message.
is_public_net: ${13|no_use,true,false|} # not required. choices: no_use;true;false. To enable or disable Public Net-manager for target Host.
"""
'ce_snmp_traps':
'prefix': "ce_snmp_traps_snippet"
'description': "Manages SNMP traps configuration on HUAWEI CloudEngine switches."
'body': """
ce_snmp_traps:
feature_name: ${1|aaa,arp,bfd,bgp,cfg,configuration,dad,devm,dhcpsnp,dldp,driver,efm,erps,error-down,fcoe,fei,fei_comm,fm,ifnet,info,ipsg,ipv6,isis,l3vpn,lacp,lcs,ldm,ldp,ldt,lldp,mpls_lspm,msdp,mstp,nd,netconf,nqa,nvo3,openflow,ospf,ospfv3,pim,pim-std,qos,radius,rm,rmon,securitytrap,smlktrap,snmp,ssh,stackmng,sysclock,sysom,system,tcp,telnet,trill,trunk,tty,vbst,vfs,virtual-perception,vrrp,vstm,all|} # not required. choices: aaa;arp;bfd;bgp;cfg;configuration;dad;devm;dhcpsnp;dldp;driver;efm;erps;error-down;fcoe;fei;fei_comm;fm;ifnet;info;ipsg;ipv6;isis;l3vpn;lacp;lcs;ldm;ldp;ldt;lldp;mpls_lspm;msdp;mstp;nd;netconf;nqa;nvo3;openflow;ospf;ospfv3;pim;pim-std;qos;radius;rm;rmon;securitytrap;smlktrap;snmp;ssh;stackmng;sysclock;sysom;system;tcp;telnet;trill;trunk;tty;vbst;vfs;virtual-perception;vrrp;vstm;all. Alarm feature name.
interface_type: ${2|Ethernet,Eth-Trunk,Tunnel,NULL,LoopBack,Vlanif,100GE,40GE,MTunnel,10GE,GE,MEth,Vbdif,Nve|} # not required. choices: Ethernet;Eth-Trunk;Tunnel;NULL;LoopBack;Vlanif;100GE;40GE;MTunnel;10GE;GE;MEth;Vbdif;Nve. Interface type.
trap_name: ${3:null} # not required. Alarm trap name.
port_number: ${4:null} # not required. Source port number.
interface_number: ${5:null} # not required. Interface number.
"""
'ce_snmp_user':
'prefix': "ce_snmp_user_snippet"
'description': "Manages SNMP user configuration on HUAWEI CloudEngine switches."
'body': """
ce_snmp_user:
priv_key: ${1:null} # not required. The encryption password. Password length 8-255 characters.
aaa_local_user: ${2:null} # not required. Unique name to identify the local user.
auth_key: ${3:null} # not required. The authentication password. Password length, 8-255 characters.
usm_user_name: ${4:null} # not required. Unique name to identify the USM user.
acl_number: ${5:null} # not required. Access control list number.
auth_protocol: ${6|noAuth,md5,sha|} # not required. choices: noAuth;md5;sha. Authentication protocol.
remote_engine_id: ${7:null} # not required. Remote engine id of the USM user.
priv_protocol: ${8|noPriv,des56,3des168,aes128,aes192,aes256|} # not required. choices: noPriv;des56;3des168;aes128;aes192;aes256. Encryption protocol.
user_group: ${9:null} # not required. Name of the group where user belongs to.
"""
'ce_startup':
'prefix': "ce_startup_snippet"
'description': "Manages a system startup information on HUAWEI CloudEngine switches."
'body': """
ce_startup:
slot: ${1:null} # not required. Position of the device.The value is a string of 1 to 32 characters. The possible value of slot is all, slave-board, or the specific slotID.
action: ${2|display|} # not required. choices: display. Display the startup information.
cfg_file: ${3:present} # not required. Name of the configuration file that is applied for the next startup. The value is a string of 5 to 255 characters.
patch_file: ${4:null} # not required. Name of the patch file that is applied for the next startup.
software_file: ${5:null} # not required. File name of the system software that is applied for the next startup. The value is a string of 5 to 255 characters.
"""
'ce_static_route':
'prefix': "ce_static_route_snippet"
'description': "Manages static route configuration on HUAWEI CloudEngine switches."
'body': """
ce_static_route:
prefix: ${1:undefined} # required. Destination ip address of static route.
aftype: ${2|v4,v6|} # required. choices: v4;v6. Destination ip address family type of static route.
mask: ${3:undefined} # required. Destination ip mask of static route.
description: ${4:null} # not required. Name of the route. Used with the name parameter on the CLI.
pref: ${5:null} # not required. Preference or administrative difference of route (range 1-255).
destvrf: ${6:null} # not required. VPN instance of next hop ip address.
nhp_interface: ${7:null} # not required. Next hop interface full name of static route.
state: ${8|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
next_hop: ${9:null} # not required. Next hop address of static route.
vrf: ${10:null} # not required. VPN instance of destination ip address.
tag: ${11:null} # not required. Route tag value (numeric).
"""
'ce_stp':
'prefix': "ce_stp_snippet"
'description': "Manages STP configuration on HUAWEI CloudEngine switches."
'body': """
ce_stp:
loop_protection: ${1|enable,disable|} # not required. choices: enable;disable. Enable loop protection on the current port.
tc_protection_threshold: ${2:null} # not required. Set the maximum number of TC BPDUs that the MSTP can handle. The value is an integer ranging from 1 to 255. The default value is 1 on the switch.
bpdu_filter: ${3|enable,disable|} # not required. choices: enable;disable. Specify a port as a BPDU filter port.
stp_converge: ${4|fast,normal|} # not required. choices: fast;normal. STP convergence mode. Fast means set STP aging mode to Fast. Normal means set STP aging mode to Normal.
stp_mode: ${5|stp,rstp,mstp|} # not required. choices: stp;rstp;mstp. Set an operation mode for the current MSTP process. The mode can be STP, RSTP, or MSTP.
bpdu_protection: ${6|enable,disable|} # not required. choices: enable;disable. Configure BPDU protection on an edge port. This function prevents network flapping caused by attack packets.
root_protection: ${7|enable,disable|} # not required. choices: enable;disable. Enable root protection on the current port.
state: ${8|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
cost: ${9:null} # not required. Set the path cost of the current port. The default instance is 0.
stp_enable: ${10|enable,disable|} # not required. choices: enable;disable. Enable or disable STP on a switch.
interface: ${11:null} # not required. Interface name. If the value is C(all), will apply configuration to all interfaces. if the value is a special name, only support input the full name.
tc_protection: ${12|enable,disable|} # not required. choices: enable;disable. Configure the TC BPDU protection function for an MSTP process.
edged_port: ${13|enable,disable|} # not required. choices: enable;disable. Set the current port as an edge port.
tc_protection_interval: ${14:null} # not required. Set the time the MSTP device takes to handle the maximum number of TC BPDUs and immediately refresh forwarding entries. The value is an integer ranging from 1 to 600, in seconds.
"""
'ce_switchport':
'prefix': "ce_switchport_snippet"
'description': "Manages Layer 2 switchport interfaces on HUAWEI CloudEngine switches."
'body': """
ce_switchport:
interface: ${1:null} # required. Full name of the interface, i.e. 40GE1/0/22.
native_vlan: ${2:null} # not required. If C(mode=trunk), used as the trunk native VLAN ID, in the range from 1 to 4094.
access_vlan: ${3:null} # not required. If C(mode=access), used as the access VLAN ID, in the range from 1 to 4094.
state: ${4|present,absent,unconfigured|} # not required. choices: present;absent;unconfigured. Manage the state of the resource.
mode: ${5|access,trunk|} # not required. choices: access;trunk. The link type of an interface.
trunk_vlans: ${6:null} # not required. If C(mode=trunk), used as the VLAN range to ADD or REMOVE from the trunk, such as 2-10 or 2,5,10-15, etc.
"""
'ce_vlan':
'prefix': "ce_vlan_snippet"
'description': "Manages VLAN resources and attributes on Huawei CloudEngine switches."
'body': """
ce_vlan:
state: ${1|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
vlan_range: ${2:null} # not required. Range of VLANs such as C(2-10) or C(2,5,10-15), etc.
name: ${3:null} # not required. Name of VLAN, in the range from 1 to 31.
vlan_id: ${4:null} # not required. Single VLAN ID, in the range from 1 to 4094.
description: ${5:null} # not required. Specify VLAN description, in the range from 1 to 80.
"""
'ce_vrf':
'prefix': "ce_vrf_snippet"
'description': "Manages VPN instance on HUAWEI CloudEngine switches."
'body': """
ce_vrf:
vrf: ${1:undefined} # required. VPN instance, the length of vrf name is 1 - 31, i.e. \"test\", but can not be C(_public_).
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
description: ${3:null} # not required. Description of the vrf, the string length is 1 - 242 .
"""
'ce_vrf_af':
'prefix': "ce_vrf_af_snippet"
'description': "Manages VPN instance address family on HUAWEI CloudEngine switches."
'body': """
ce_vrf_af:
vrf: ${1:null} # required. VPN instance.
vpn_target_type: ${2|export_extcommunity,import_extcommunity|} # not required. choices: export_extcommunity;import_extcommunity. VPN instance vpn target type.
vpn_target_state: ${3|present,absent|} # not required. choices: present;absent. Manage the state of the vpn target.
vrf_aftype: ${4|v4,v6|} # not required. choices: v4;v6. VPN instance address family.
state: ${5|present,absent|} # not required. choices: present;absent. Manage the state of the af.
route_distinguisher: ${6:undefined} # not required. VPN instance route distinguisher,the RD used to distinguish same route prefix from different vpn. The RD must be setted before setting vpn_target_value.
evpn: ${7|true,false|} # not required. choices: true;false. Is extend vpn or normal vpn.
vpn_target_value: ${8:undefined} # not required. VPN instance target value. Such as X.X.X.X:number<0-65535> or number<0-65535>:number<0-4294967295> or number<0-65535>.number<0-65535>:number<0-65535> or number<65536-4294967295>:number<0-65535> but not support 0:0 and 0.0:0.
"""
'ce_vrf_interface':
'prefix': "ce_vrf_interface_snippet"
'description': "Manages interface specific VPN configuration on HUAWEI CloudEngine switches."
'body': """
ce_vrf_interface:
vrf: ${1:undefined} # required. VPN instance, the length of vrf name is 1 ~ 31, i.e. \"test\", but can not be C(_public_).
vpn_interface: ${2:undefined} # required. An interface that can binding VPN instance, i.e. 40GE1/0/22, Vlanif10. Must be fully qualified interface name. Interface types, such as 10GE, 40GE, 100GE, LoopBack, MEth, Tunnel, Vlanif....
state: ${3|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
"""
'ce_vrrp':
'prefix': "ce_vrrp_snippet"
'description': "Manages VRRP interfaces on HUAWEI CloudEngine devices."
'body': """
ce_vrrp:
vrrp_type: ${1|normal,member,admin|} # not required. choices: normal;member;admin. Type of a VRRP backup group.
auth_mode: ${2|simple,md5,none|} # not required. choices: simple;md5;none. Authentication type used for VRRP packet exchanges between virtual routers. The values are noAuthentication, simpleTextPassword, md5Authentication. The default value is noAuthentication.
is_plain: ${3:false} # not required. Select the display mode of an authentication key. By default, an authentication key is displayed in ciphertext.
interface: ${4:null} # not required. Name of an interface. The value is a string of 1 to 63 characters.
preempt_timer_delay: ${5:null} # not required. Preemption delay. The value is an integer ranging from 0 to 3600. The default value is 0.
gratuitous_arp_interval: ${6:null} # not required. Interval at which gratuitous ARP packets are sent, in seconds. The value ranges from 30 to 1200.The default value is 300.
auth_key: ${7:null} # not required. This object is set based on the authentication type. When noAuthentication is specified, the value is empty. When simpleTextPassword or md5Authentication is specified, the value is a string of 1 to 8 characters in plaintext and displayed as a blank text for security.
vrid: ${8:present} # not required. VRRP backup group ID. The value is an integer ranging from 1 to 255.
priority: ${9:null} # not required. Configured VRRP priority. The value ranges from 1 to 254. The default value is 100. A larger value indicates a higher priority.
recover_delay: ${10:null} # not required. Delay in recovering after an interface goes Up. The delay is used for interface flapping suppression. The value is an integer ranging from 0 to 3600. The default value is 0 seconds.
state: ${11|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
version: ${12|v2,v3|} # not required. choices: v2;v3. VRRP version. The default version is v2.
virtual_ip: ${13:null} # not required. Virtual IP address. The value is a string of 0 to 255 characters.
admin_interface: ${14:null} # not required. Tracked mVRRP interface name. The value is a string of 1 to 63 characters.
admin_ignore_if_down: ${15:false} # not required. mVRRP ignores an interface Down event.
fast_resume: ${16|enable,disable|} # not required. choices: enable;disable. mVRRP's fast resume mode.
admin_flowdown: ${17:false} # not required. Disable the flowdown function for service VRRP.
holding_multiplier: ${18:null} # not required. The configured holdMultiplier.The value is an integer ranging from 3 to 10. The default value is 3.
admin_vrid: ${19:null} # not required. Tracked mVRRP ID. The value is an integer ranging from 1 to 255.
advertise_interval: ${20:null} # not required. Configured interval between sending advertisements, in milliseconds. Only the master router sends VRRP advertisements. The default value is 1000 milliseconds.
"""
'ce_vxlan_arp':
'prefix': "ce_vxlan_arp_snippet"
'description': "Manages ARP attributes of VXLAN on HUAWEI CloudEngine devices."
'body': """
ce_vxlan_arp:
evn_bgp: ${1|enable,disable|} # not required. choices: enable;disable. Enables EVN BGP.
vbdif_name: ${2:null} # not required. Full name of VBDIF interface, i.e. Vbdif100.
bridge_domain_id: ${3:null} # not required. Specifies a BD(bridge domain) ID. The value is an integer ranging from 1 to 16777215.
state: ${4|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
evn_server: ${5|enable,disable|} # not required. choices: enable;disable. Configures the local device as the router reflector (RR) on the EVN network.
evn_peer_ip: ${6:null} # not required. Specifies the IP address of an EVN BGP peer. The value is in dotted decimal notation.
evn_source_ip: ${7:null} # not required. Specifies the source address of an EVN BGP peer. The value is in dotted decimal notation.
arp_collect_host: ${8|enable,disable|} # not required. choices: enable;disable. Enables EVN BGP or BGP EVPN to collect host information.
arp_suppress: ${9|enable,disable|} # not required. choices: enable;disable. Enables ARP broadcast suppression in a BD.
evn_reflect_client: ${10|enable,disable|} # not required. choices: enable;disable. Configures the local device as the route reflector (RR) and its peer as the client.
host_collect_protocol: ${11|bgp,none|} # not required. choices: bgp;none. Enables EVN BGP or BGP EVPN to advertise host information.
"""
'ce_vxlan_gateway':
'prefix': "ce_vxlan_gateway_snippet"
'description': "Manages gateway for the VXLAN network on HUAWEI CloudEngine devices."
'body': """
ce_vxlan_gateway:
dfs_source_vpn: ${1:null} # not required. Specifies the name of a VPN instance bound to a DFS group. The value is a string of 1 to 31 case-sensitive characters without spaces. If the character string is quoted by double quotation marks, the character string can contain spaces. The value C(_public_) is reserved and cannot be used as the VPN instance name.
dfs_id: ${2:null} # not required. Specifies the ID of a DFS group. The value must be 1.
arp_direct_route: ${3|enable,disable|} # not required. choices: enable;disable. Enable VLINK direct route on VBDIF interface.
dfs_peer_vpn: ${4:null} # not required. Specifies the name of the VPN instance that is associated with all-active gateway peer. The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. The value C(_public_) is reserved and cannot be used as the VPN instance name.
vbdif_name: ${5:null} # not required. Full name of VBDIF interface, i.e. Vbdif100.
vpn_vni: ${6:null} # not required. Specifies a VNI ID. Binds a VXLAN network identifier (VNI) to a virtual private network (VPN) instance. The value is an integer ranging from 1 to 16000000.
vbdif_mac: ${7:null} # not required. Specifies a MAC address for a VBDIF interface. The value is in the format of H-H-H. Each H is a 4-digit hexadecimal number, such as C(00e0) or C(fc01). If an H contains less than four digits, 0s are added ahead. For example, C(e0) is equal to C(00e0). A MAC address cannot be all 0s or 1s or a multicast MAC address.
vbdif_bind_vpn: ${8:null} # not required. Specifies the name of the VPN instance that is associated with the interface. The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. The value C(_public_) is reserved and cannot be used as the VPN instance name.
dfs_source_ip: ${9:null} # not required. Specifies the IPv4 address bound to a DFS group. The value is in dotted decimal notation.
dfs_udp_port: ${10:null} # not required. Specifies the UDP port number of the DFS group. The value is an integer that ranges from 1025 to 65535.
arp_distribute_gateway: ${11|enable,disable|} # not required. choices: enable;disable. Enable the distributed gateway function on VBDIF interface.
state: ${12|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
dfs_all_active: ${13|enable,disable|} # not required. choices: enable;disable. Creates all-active gateways.
vpn_instance: ${14:null} # not required. Specifies the name of a VPN instance. The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. The value C(_public_) is reserved and cannot be used as the VPN instance name.
dfs_peer_ip: ${15:null} # not required. Configure the IP address of an all-active gateway peer. The value is in dotted decimal notation.
"""
'ce_vxlan_global':
'prefix': "ce_vxlan_global_snippet"
'description': "Manages global attributes of VXLAN and bridge domain on HUAWEI CloudEngine devices."
'body': """
ce_vxlan_global:
nvo3_prevent_loops: ${1|enable,disable|} # not required. choices: enable;disable. Loop prevention of VXLAN traffic in non-enhanced mode. When the device works in non-enhanced mode, inter-card forwarding of VXLAN traffic may result in loops.
nvo3_eth_trunk_hash: ${2|enable,disable|} # not required. choices: enable;disable. Eth-Trunk from load balancing VXLAN packets in optimized mode.
tunnel_mode_vxlan: ${3|enable,disable|} # not required. choices: enable;disable. Set the tunnel mode to VXLAN when configuring the VXLAN feature.
nvo3_acl_extend: ${4|enable,disable|} # not required. choices: enable;disable. Enabling or disabling the VXLAN ACL extension function.
bridge_domain_id: ${5:null} # not required. Specifies a bridge domain ID. The value is an integer ranging from 1 to 16777215.
nvo3_gw_enhanced: ${6|l2,l3|} # not required. choices: l2;l3. Configuring the Layer 3 VXLAN Gateway to Work in Non-loopback Mode.
state: ${7|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
nvo3_ecmp_hash: ${8|enable,disable|} # not required. choices: enable;disable. Load balancing of VXLAN packets through ECMP in optimized mode.
nvo3_service_extend: ${9|enable,disable|} # not required. choices: enable;disable. Enabling or disabling the VXLAN service extension function.
"""
'ce_vxlan_tunnel':
'prefix': "ce_vxlan_tunnel_snippet"
'description': "Manages VXLAN tunnel configuration on HUAWEI CloudEngine devices."
'body': """
ce_vxlan_tunnel:
vni_id: ${1:null} # not required. Specifies a VXLAN network identifier (VNI) ID. The value is an integer ranging from 1 to 16000000.
nve_mode: ${2|mode-l2,mode-l3|} # not required. choices: mode-l2;mode-l3. Specifies the working mode of an NVE interface.
source_ip: ${3:null} # not required. Specifies an IP address for a source VTEP. The value is in dotted decimal notation.
bridge_domain_id: ${4:null} # not required. Specifies a bridge domain ID. The value is an integer ranging from 1 to 16777215.
peer_list_ip: ${5:null} # not required. Specifies the IP address of a remote VXLAN tunnel endpoints (VTEP). The value is in dotted decimal notation.
state: ${6|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
nve_name: ${7:null} # not required. Specifies the number of an NVE interface. The value ranges from 1 to 2.
protocol_type: ${8|bgp,null|} # not required. choices: bgp;null. The operation type of routing protocol.
"""
'ce_vxlan_vap':
'prefix': "ce_vxlan_vap_snippet"
'description': "Manages VXLAN virtual access point on HUAWEI CloudEngine Devices."
'body': """
ce_vxlan_vap:
state: ${1|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
pe_vid: ${2:null} # not required. When I(encapsulation) is 'qinq', specifies an inner VLAN ID for double-tagged packets to be received by a Layer 2 sub-interface. The value is an integer ranging from 1 to 4094.
l2_sub_interface: ${3:null} # not required. Specifies an Sub-Interface full name, i.e. \"10GE1/0/41.1\". The value is a string of 1 to 63 case-insensitive characters, spaces supported.
ce_vid: ${4:null} # not required. When I(encapsulation) is 'dot1q', specifies a VLAN ID in the outer VLAN tag. When I(encapsulation) is 'qinq', specifies an outer VLAN ID for double-tagged packets to be received by a Layer 2 sub-interface. The value is an integer ranging from 1 to 4094.
encapsulation: ${5|dot1q,default,untag,qinq,none|} # not required. choices: dot1q;default;untag;qinq;none. Specifies an encapsulation type of packets allowed to pass through a Layer 2 sub-interface.
bind_vlan_id: ${6:null} # not required. Specifies the VLAN binding to a BD(Bridge Domain). The value is an integer ranging ranging from 1 to 4094.
bridge_domain_id: ${7:null} # not required. Specifies a bridge domain ID. The value is an integer ranging from 1 to 16777215.
"""
'circonus_annotation':
'prefix': "circonus_annotation_snippet"
'description': "create an annotation in circonus"
'body': """
circonus_annotation:
category: ${1:undefined} # required. Annotation Category
description: ${2:undefined} # required. Description of annotation
title: ${3:undefined} # required. Title of annotation
api_key: ${4:undefined} # required. Circonus API key
start: ${5:I(now)} # not required. Unix timestamp of event start
duration: ${6:0} # not required. Duration in seconds of annotation
stop: ${7:I(now) + I(duration)} # not required. Unix timestamp of event end
"""
'cisco_spark':
'prefix': "cisco_spark_snippet"
'description': "Send a message to a Cisco Spark Room or Individual."
'body': """
cisco_spark:
personal_token: ${1:undefined} # required. Your personal access token required to validate the Spark API.
message: ${2:undefined} # required. The message you would like to send.
recipient_id: ${3:undefined} # required. The unique identifier associated with the supplied C(recipient_type).
recipient_type: ${4|roomId,toPersonEmail,toPersonId|} # required. choices: roomId;toPersonEmail;toPersonId. The request parameter you would like to send the message to.,Messages can be sent to either a room or individual (by ID or E-Mail).
message_type: ${5|text,markdown|} # not required. choices: text;markdown. Specifies how you would like the message formatted.
"""
'cl_bond':
'prefix': "cl_bond_snippet"
'description': "Configures a bond port on Cumulus Linux"
'body': """
cl_bond:
name: ${1:undefined} # required. Name of the interface.
slaves: ${2:undefined} # required. Bond members.
clag_id: ${3:undefined} # not required. Specify a unique clag_id for every dual connected bond on each peer switch. The value must be between 1 and 65535 and must be the same on both peer switches in order for the bond to be considered dual-connected.
lacp_rate: ${4:1} # not required. The lacp rate.
xmit_hash_policy: ${5:layer3+4} # not required. Transmit load balancing algorithm. As of Cumulus Linux 2.5 only I(layer3+4) policy is supported.
miimon: ${6:100} # not required. The mii link monitoring interval.
mstpctl_portadminedge: ${7|true,false|} # not required. choices: true;false. Enables admin edge port.
mode: ${8:802.3ad} # not required. The bond mode, as of Cumulus Linux 2.5 only LACP bond mode is supported.
lacp_bypass_allow: ${9:undefined} # not required. Enable LACP bypass.
lacp_bypass_all_active: ${10:undefined} # not required. Activate all interfaces for bypass. It is recommended to configure all_active instead of using bypass_priority.
virtual_mac: ${11:undefined} # not required. Define Ethernet mac associated with Cumulus Linux VRR feature.
min_links: ${12:1} # not required. Minimum number of links.
lacp_bypass_period: ${13:undefined} # not required. Period for enabling LACP bypass. Max value is 900.
alias_name: ${14:undefined} # not required. Description of the port.
lacp_bypass_priority: ${15:undefined} # not required. List of ports and priorities. Example I(\"swp1=10, swp2=20\").
addr_method: ${16|dhcp|} # not required. choices: dhcp. Configures the port to use DHCP. To enable this feature use the option I(dhcp).
mstpctl_bpduguard: ${17|true,false|} # not required. choices: true;false. Enables BPDU Guard on a port in vlan-aware mode.
location: ${18:/etc/network/interfaces.d} # not required. Interface directory location.
mtu: ${19:undefined} # not required. Set MTU. Configure Jumbo Frame by setting MTU to I(9000).
pvid: ${20:undefined} # not required. In vlan-aware mode, defines vlan that is the untagged vlan.
ipv4: ${21:undefined} # not required. List of IPv4 addresses to configure on the interface. In the form I(X.X.X.X/YY).
ipv6: ${22:undefined} # not required. List of IPv6 addresses to configure on the interface. In the form I(X:X:X::X/YYY).
vids: ${23:undefined} # not required. In vlan-aware mode, lists VLANs defined under the interface.
mstpctl_portnetwork: ${24|true,false|} # not required. choices: true;false. Enables bridge assurance in vlan-aware mode.
virtual_ip: ${25:undefined} # not required. Define IPv4 virtual IP used by the Cumulus Linux VRR feature.
"""
'cl_bridge':
'prefix': "cl_bridge_snippet"
'description': "Configures a bridge port on Cumulus Linux"
'body': """
cl_bridge:
name: ${1:undefined} # required. Name of the interface.
ports: ${2:undefined} # required. List of bridge members.
addr_method: ${3|dhcp|} # not required. choices: dhcp. Configures the port to use DHCP. To enable this feature use the option I(dhcp).
virtual_ip: ${4:undefined} # not required. Define IPv4 virtual IP used by the Cumulus Linux VRR feature.
vlan_aware: ${5|yes,no|} # not required. choices: yes;no. Enables vlan-aware mode.
mstpctl_treeprio: ${6:undefined} # not required. Set spanning tree root priority. Must be a multiple of 4096.
virtual_mac: ${7:undefined} # not required. Define Ethernet mac associated with Cumulus Linux VRR feature.
mtu: ${8:undefined} # not required. Set MTU. Configure Jumbo Frame by setting MTU to I(9000).
pvid: ${9:undefined} # not required. In vlan-aware mode, defines vlan that is the untagged vlan.
stp: ${10|yes,no|} # not required. choices: yes;no. Enables spanning tree Protocol. As of Cumulus Linux 2.5 the default bridging mode, only per vlan RSTP or 802.1d is supported. For the vlan aware mode, only common instance STP is supported
location: ${11:/etc/network/interfaces.d} # not required. Interface directory location.
ipv6: ${12:undefined} # not required. List of IPv6 addresses to configure on the interface. In the form I(X:X:X::X/YYY).
vids: ${13:undefined} # not required. In vlan-aware mode, lists VLANs defined under the interface.
alias_name: ${14:undefined} # not required. Description of the port.
ipv4: ${15:undefined} # not required. List of IPv4 addresses to configure on the interface. In the form I(X.X.X.X/YY).
"""
'cl_img_install':
'prefix': "cl_img_install_snippet"
'description': "Install a different Cumulus Linux version."
'body': """
cl_img_install:
src: ${1:undefined} # required. The full path to the Cumulus Linux binary image. Can be a local path, http or https URL. If the code version is in the name of the file, the module will assume this is the version of code you wish to install.
version: ${2:None} # not required. Inform the module of the exact version one is installing. This overrides the automatic check of version in the file name. For example, if the binary file name is called CumulusLinux-2.2.3.bin, and version is set to '2.5.0', then the module will assume it is installing '2.5.0' not '2.2.3'. If version is not included, then the module will assume '2.2.3' is the version to install.
switch_slot: ${3|yes,no|} # not required. choices: yes;no. Switch slots after installing the image. To run the installed code, reboot the switch.
"""
'cl_interface':
'prefix': "cl_interface_snippet"
'description': "Configures a front panel port, loopback or management port on Cumulus Linux."
'body': """
cl_interface:
name: ${1:undefined} # required. Name of the interface.
clagd_sys_mac: ${2:undefined} # not required. Clagd system mac address. Recommended to use the range starting with 44:38:39:ff. Needs to be the same between 2 Clag switches.
ipv6: ${3:undefined} # not required. List of IPv6 addresses to configure on the interface. In the form I(X:X:X::X/YYY).
virtual_mac: ${4:undefined} # not required. Define Ethernet mac associated with Cumulus Linux VRR feature.
alias_name: ${5:undefined} # not required. Description of the port.
mstpctl_portadminedge: ${6:undefined} # not required. Enables admin edge port.
speed: ${7:undefined} # not required. Set speed of the swp(front panel) or management(eth0) interface. speed is in MB.
virtual_ip: ${8:undefined} # not required. Define IPv4 virtual IP used by the Cumulus Linux VRR feature.
addr_method: ${9|loopback,dhcp|} # not required. choices: loopback;dhcp. Address method.
clagd_enable: ${10:undefined} # not required. Enables the clagd daemon. This command should only be applied to the clag peerlink interface.
mstpctl_bpduguard: ${11:undefined} # not required. Enables BPDU Guard on a port in vlan-aware mode.
clagd_priority: ${12:undefined} # not required. Integer that changes the role the switch has in the clag domain. The lower priority switch will assume the primary role. The number can be between 0 and 65535.
mtu: ${13:undefined} # not required. Set MTU. Configure Jumbo Frame by setting MTU to I(9000).
pvid: ${14:undefined} # not required. In vlan-aware mode, defines vlan that is the untagged vlan.
location: ${15:/etc/network/interfaces.d} # not required. Interface directory location
clagd_peer_ip: ${16:undefined} # not required. IP address of the directly connected peer switch interface.
vids: ${17:undefined} # not required. In vlan-aware mode, lists VLANs defined under the interface.
mstpctl_portnetwork: ${18:undefined} # not required. Enables bridge assurance in vlan-aware mode.
ipv4: ${19:undefined} # not required. List of IPv4 addresses to configure on the interface. In the form I(X.X.X.X/YY).
"""
'cl_interface_policy':
'prefix': "cl_interface_policy_snippet"
'description': "Configure interface enforcement policy on Cumulus Linux"
'body': """
cl_interface_policy:
allowed: ${1:undefined} # required. List of ports to run initial run at 10G.
location: ${2:/etc/network/interfaces.d/} # not required. Directory to store interface files.
"""
'cl_license':
'prefix': "cl_license_snippet"
'description': "Install licenses for Cumulus Linux"
'body': """
cl_license:
src: ${1:undefined} # required. The full path to the license. Can be local path or HTTP URL.
force: ${2|true,false|} # not required. choices: true;false. Force installation of a license. Typically not needed. It is recommended to manually run this command via the ansible command. A reload of switchd is not required. Running the force option in a playbook will break the idempotent state machine of the module and cause the switchd notification to kick in all the time, causing a disruption.
"""
'cl_ports':
'prefix': "cl_ports_snippet"
'description': "Configure Cumulus Switch port attributes (ports.conf)"
'body': """
cl_ports:
speed_4_by_10g: ${1:undefined} # not required. List of 40G ports that will be unganged to run as 4 10G ports.
speed_10g: ${2:undefined} # not required. List of ports to run initial run at 10G.
speed_40g: ${3:undefined} # not required. List of ports to run initial run at 40G.
speed_40g_div_4: ${4:undefined} # not required. List of 10G ports that will be ganged to form a 40G port.
"""
'clc_aa_policy':
'prefix': "clc_aa_policy_snippet"
'description': "Create or Delete Anti Affinity Policies at CenturyLink Cloud."
'body': """
clc_aa_policy:
location: ${1:undefined} # required. Datacenter in which the policy lives/should live.
name: ${2:undefined} # required. The name of the Anti Affinity Policy.
state: ${3|present,absent|} # not required. choices: present;absent. Whether to create or delete the policy.
wait: ${4|true,false|} # not required. choices: true;false. Whether to wait for the tasks to finish before returning.
"""
'clc_alert_policy':
'prefix': "clc_alert_policy_snippet"
'description': "Create or Delete Alert Policies at CenturyLink Cloud."
'body': """
clc_alert_policy:
alias: ${1:undefined} # required. The alias of your CLC Account
name: ${2:None} # not required. The name of the alert policy. This is mutually exclusive with id
metric: ${3|cpu,memory,disk|} # not required. choices: cpu;memory;disk. The metric on which to measure the condition that will trigger the alert. This is required for state 'present"
alert_recipients: ${4:None} # not required. A list of recipient email ids to notify the alert. This is required for state 'present"
state: ${5|present,absent|} # not required. choices: present;absent. Whether to create or delete the policy.
threshold: ${6:None} # not required. The threshold that will trigger the alert when the metric equals or exceeds it. This is required for state 'present' This number represents a percentage and must be a value between 5.0 - 95.0 that is a multiple of 5.0
id: ${7:None} # not required. The alert policy id. This is mutually exclusive with name
duration: ${8:None} # not required. The length of time in minutes that the condition must exceed the threshold. This is required for state 'present"
"""
'clc_blueprint_package':
'prefix': "clc_blueprint_package_snippet"
'description': "deploys a blue print package on a set of servers in CenturyLink Cloud."
'body': """
clc_blueprint_package:
server_ids: ${1:undefined} # required. A list of server Ids to deploy the blue print package.
package_id: ${2:undefined} # required. The package id of the blue print.
package_params: ${3:[object Object]} # not required. The dictionary of arguments required to deploy the blue print.
state: ${4|present|} # not required. choices: present. Whether to install or un-install the package. Currently it supports only \"present\" for install action.
wait: ${5|true,false|} # not required. choices: true;false. Whether to wait for the tasks to finish before returning.
"""
'clc_firewall_policy':
'prefix': "clc_firewall_policy_snippet"
'description': "Create/delete/update firewall policies"
'body': """
clc_firewall_policy:
location: ${1:undefined} # required. Target datacenter for the firewall policy
source_account_alias: ${2:undefined} # required. CLC alias for the source account
destination_account_alias: ${3:None} # not required. CLC alias for the destination account
destination: ${4:None} # not required. The list of destination addresses for traffic on the terminating firewall. This is required when state is 'present"
enabled: ${5|true,false|} # not required. choices: true;false. Whether the firewall policy is enabled or disabled
source: ${6:None} # not required. The list of source addresses for traffic on the originating firewall. This is required when state is 'present\"
state: ${7|present,absent|} # not required. choices: present;absent. Whether to create or delete the firewall policy
firewall_policy_id: ${8:None} # not required. Id of the firewall policy. This is required to update or delete an existing firewall policy
ports: ${9|any,icmp,TCP/123,UDP/123,TCP/123-456,UDP/123-456|} # not required. choices: any;icmp;TCP/123;UDP/123;TCP/123-456;UDP/123-456. The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges.
wait: ${10|true,false|} # not required. choices: true;false. Whether to wait for the provisioning tasks to finish before returning.
"""
'clc_group':
'prefix': "clc_group_snippet"
'description': "Create/delete Server Groups at Centurylink Cloud"
'body': """
clc_group:
name: ${1:undefined} # required. The name of the Server Group
state: ${2|present,absent|} # not required. choices: present;absent. Whether to create or delete the group
parent: ${3:undefined} # not required. The parent group of the server group. If parent is not provided, it creates the group at top level.
wait: ${4|true,false|} # not required. choices: true;false. Whether to wait for the tasks to finish before returning.
location: ${5:undefined} # not required. Datacenter to create the group in. If location is not provided, the group gets created in the default datacenter associated with the account
description: ${6:undefined} # not required. A description of the Server Group
"""
'clc_loadbalancer':
'prefix': "clc_loadbalancer_snippet"
'description': "Create, Delete shared loadbalancers in CenturyLink Cloud."
'body': """
clc_loadbalancer:
name: ${1:undefined} # required. The name of the loadbalancer
alias: ${2:undefined} # required. The alias of your CLC Account
location: ${3:undefined} # required. The location of the datacenter where the load balancer resides in
status: ${4|enabled,disabled|} # not required. choices: enabled;disabled. The status of the loadbalancer
method: ${5|leastConnection,roundRobin|} # not required. choices: leastConnection;roundRobin. -The balancing method for the load balancer pool
state: ${6|present,absent,port_absent,nodes_present,nodes_absent|} # not required. choices: present;absent;port_absent;nodes_present;nodes_absent. Whether to create or delete the load balancer pool
nodes: ${7:} # not required. A list of nodes that needs to be added to the load balancer pool
port: ${8|80,443|} # not required. choices: 80;443. Port to configure on the public-facing side of the load balancer pool
persistence: ${9|standard,sticky|} # not required. choices: standard;sticky. The persistence method for the load balancer
description: ${10:None} # not required. A description for the loadbalancer
"""
'clc_modify_server':
'prefix': "clc_modify_server_snippet"
'description': "modify servers in CenturyLink Cloud."
'body': """
clc_modify_server:
server_ids: ${1:undefined} # required. A list of server Ids to modify.
alert_policy_id: ${2:None} # not required. The alert policy id to be associated to the server. This is mutually exclusive with 'alert_policy_name"
anti_affinity_policy_name: ${3:None} # not required. The anti affinity policy name to be set for a hyper scale server. This is mutually exclusive with 'anti_affinity_policy_id"
state: ${4|present,absent|} # not required. choices: present;absent. The state to insure that the provided resources are in.
anti_affinity_policy_id: ${5:None} # not required. The anti affinity policy id to be set for a hyper scale server. This is mutually exclusive with 'anti_affinity_policy_name"
alert_policy_name: ${6:None} # not required. The alert policy name to be associated to the server. This is mutually exclusive with 'alert_policy_id"
memory: ${7:None} # not required. Memory (in GB) to set to the server.
cpu: ${8:None} # not required. How many CPUs to update on the server
wait: ${9|true,false|} # not required. choices: true;false. Whether to wait for the provisioning tasks to finish before returning.
"""
'clc_publicip':
'prefix': "clc_publicip_snippet"
'description': "Add and Delete public ips on servers in CenturyLink Cloud."
'body': """
clc_publicip:
server_ids: ${1:undefined} # required. A list of servers to create public ips on.
state: ${2|present,absent|} # not required. choices: present;absent. Determine whether to create or delete public IPs. If present module will not create a second public ip if one already exists.
protocol: ${3|TCP,UDP,ICMP|} # not required. choices: TCP;UDP;ICMP. The protocol that the public IP will listen for.
ports: ${4:None} # not required. A list of ports to expose. This is required when state is 'present"
wait: ${5|true,false|} # not required. choices: true;false. Whether to wait for the tasks to finish before returning.
"""
'clc_server':
'prefix': "clc_server_snippet"
'description': "Create, Delete, Start and Stop servers in CenturyLink Cloud."
'body': """
clc_server:
cpu_autoscale_policy_id: ${1:None} # not required. The autoscale policy to assign to the server.
anti_affinity_policy_name: ${2:None} # not required. The anti-affinity policy to assign to the server. This is mutually exclusive with 'anti_affinity_policy_id'.
storage_type: ${3|standard,hyperscale|} # not required. choices: standard;hyperscale. The type of storage to attach to the server.
anti_affinity_policy_id: ${4:None} # not required. The anti-affinity policy to assign to the server. This is mutually exclusive with 'anti_affinity_policy_name'.
ttl: ${5:None} # not required. The time to live for the server in seconds. The server will be deleted when this time expires.
count_group: ${6:None} # not required. Required when exact_count is specified. The Server Group use to determine how many severs to deploy.
secondary_dns: ${7:None} # not required. Secondary DNS used by the server.
custom_fields: ${8:} # not required. The list of custom fields to set on the server.
packages: ${9:} # not required. The list of blue print packages to run on the server after its created.
group: ${10:Default Group} # not required. The Server Group to create servers under.
exact_count: ${11:None} # not required. Run in idempotent mode. Will insure that this exact number of servers are running in the provided group, creating and deleting them to reach that count. Requires count_group to be set.
state: ${12|present,absent,started,stopped|} # not required. choices: present;absent;started;stopped. The state to insure that the provided resources are in.
location: ${13:None} # not required. The Datacenter to create servers in.
template: ${14:None} # not required. The template to use for server creation. Will search for a template if a partial string is provided. This is required when state is 'present"
memory: ${15:1} # not required. Memory in GB.
server_ids: ${16:} # not required. Required for started, stopped, and absent states. A list of server Ids to insure are started, stopped, or absent.
type: ${17|standard,hyperscale,bareMetal|} # not required. choices: standard;hyperscale;bareMetal. The type of server to create.
managed_os: ${18|true,false|} # not required. choices: true;false. Whether to create the server as 'Managed' or not.
additional_disks: ${19:} # not required. The list of additional disks for the server
description: ${20:None} # not required. The description to set for the server.
add_public_ip: ${21|false,true|} # not required. choices: false;true. Whether to add a public ip to the server
alert_policy_id: ${22:None} # not required. The alert policy to assign to the server. This is mutually exclusive with 'alert_policy_name'.
alert_policy_name: ${23:None} # not required. The alert policy to assign to the server. This is mutually exclusive with 'alert_policy_id'.
password: ${24:None} # not required. Password for the administrator / root user
ip_address: ${25:None} # not required. The IP Address for the server. One is assigned if not provided.
public_ip_protocol: ${26|TCP,UDP,ICMP|} # not required. choices: TCP;UDP;ICMP. The protocol to use for the public ip if add_public_ip is set to True.
wait: ${27|true,false|} # not required. choices: true;false. Whether to wait for the provisioning tasks to finish before returning.
count: ${28:1} # not required. The number of servers to build (mutually exclusive with exact_count)
name: ${29:None} # not required. A 1 to 6 character identifier to use for the server. This is required when state is 'present"
network_id: ${30:None} # not required. The network UUID on which to create servers.
primary_dns: ${31:None} # not required. Primary DNS used by the server.
alias: ${32:None} # not required. The account alias to provision the servers under.
public_ip_ports: ${33:} # not required. A list of ports to allow on the firewall to the servers public ip, if add_public_ip is set to True.
source_server_password: ${34:None} # not required. The password for the source server if a clone is specified.
os_type: ${35|redHat6_64Bit,centOS6_64Bit,windows2012R2Standard_64Bit,ubuntu14_64Bit|} # not required. choices: redHat6_64Bit;centOS6_64Bit;windows2012R2Standard_64Bit;ubuntu14_64Bit. Only required for bare metal servers. Specifies the OS to provision with the bare metal server.
configuration_id: ${36:None} # not required. Only required for bare metal servers. Specifies the identifier for the specific configuration type of bare metal server to deploy.
cpu: ${37:1} # not required. How many CPUs to provision on the server
"""
'clc_server_snapshot':
'prefix': "clc_server_snapshot_snippet"
'description': "Create, Delete and Restore server snapshots in CenturyLink Cloud."
'body': """
clc_server_snapshot:
server_ids: ${1:undefined} # required. The list of CLC server Ids.
expiration_days: ${2:7} # not required. The number of days to keep the server snapshot before it expires.
state: ${3|present,absent,restore|} # not required. choices: present;absent;restore. The state to insure that the provided resources are in.
wait: ${4|true,false|} # not required. choices: true;false. Whether to wait for the provisioning tasks to finish before returning.
"""
'cloudflare_dns':
'prefix': "cloudflare_dns_snippet"
'description': "manage Cloudflare DNS records"
'body': """
cloudflare_dns:
account_email: ${1:undefined} # required. Account email.
account_api_token: ${2:undefined} # required. Account API token. You can obtain your API key from the bottom of the Cloudflare 'My Account' page, found here: U(https://www.cloudflare.com/a/account)\n
zone: ${3:undefined} # required. The name of the Zone to work with (e.g. \"example.com\"). The Zone must already exist.
solo: ${4:null} # not required. Whether the record should be the only one for that record type and record name. Only use with C(state=present),This will delete all other records with the same record name and type.
weight: ${5:1} # not required. Service weight. Required for C(type=SRV)
proxied: ${6:false} # not required. Proxy through cloudflare network or just use DNS
ttl: ${7:1 (automatic)} # not required. The TTL to give the new record. Must be between 120 and 2,147,483,647 seconds, or 1 for automatic.
port: ${8:null} # not required. Service port. Required for C(type=SRV)
service: ${9:null} # not required. Record service. Required for C(type=SRV)
proto: ${10|tcp,udp|} # not required. choices: tcp;udp. Service protocol. Required for C(type=SRV)
value: ${11:null} # not required. The record value. Required for C(state=present)
priority: ${12:1} # not required. Record priority. Required for C(type=MX) and C(type=SRV)
record: ${13:@} # not required. Record to add. Required if C(state=present). Default is C(@) (e.g. the zone name)
state: ${14|present,absent|} # not required. choices: present;absent. Whether the record(s) should exist or not
timeout: ${15:30} # not required. Timeout for Cloudflare API calls
type: ${16|A,AAAA,CNAME,TXT,SRV,MX,NS,SPF|} # not required. choices: A;AAAA;CNAME;TXT;SRV;MX;NS;SPF. The type of DNS record to create. Required if C(state=present)
"""
'cloudformation':
'prefix': "cloudformation_snippet"
'description': "Create or delete an AWS CloudFormation stack"
'body': """
cloudformation:
stack_name: ${1:undefined} # required. name of the cloudformation stack
template_body: ${2:undefined} # not required. Template body. Use this to pass in the actual body of the Cloudformation template.,If 'state' is 'present' and the stack does not exist yet, either 'template', 'template_body' or 'template_url' must be specified (but only one of them). If 'state' ispresent, the stack does exist, and neither 'template', 'template_body' nor 'template_url' are specified, the previous template will be reused.
template_format: ${3|json,yaml|} # not required. choices: json;yaml. (deprecated) For local templates, allows specification of json or yaml format. Templates are now passed raw to CloudFormation regardless of format. This parameter is ignored since Ansible 2.3.
termination_protection: ${4:undefined} # not required. enable or disable termination protection on the stack. Only works with botocore >= 1.7.18.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
role_arn: ${7:null} # not required. The role that AWS CloudFormation assumes to create the stack. See the AWS CloudFormation Service Role docs U(http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-servicerole.html)
stack_policy: ${8:null} # not required. the path of the cloudformation stack policy. A policy cannot be removed once placed, but it can be modified. (for instance, [allow all updates](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html#d0e9051)
template_parameters: ${9:[object Object]} # not required. a list of hashes of all the template variables for the stack
state: ${10|present,absent|} # not required. choices: present;absent. If state is \"present\", stack will be created. If state is \"present\" and if stack exists and template has changed, it will be updated. If state is \"absent\", stack will be removed.
template: ${11:null} # not required. The local path of the cloudformation template.,This must be the full path to the file, relative to the working directory. If using roles this may look like \"roles/cloudformation/files/cloudformation-example.json\".,If 'state' is 'present' and the stack does not exist yet, either 'template', 'template_body' or 'template_url' must be specified (but only one of them). If 'state' ispresent, the stack does exist, and neither 'template', 'template_body' nor 'template_url' are specified, the previous template will be reused.
create_changeset: ${12:false} # not required. If stack already exists create a changeset instead of directly applying changes. See the AWS Change Sets docs U(http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html). WARNING: if the stack does not exist, it will be created without changeset. If the state is absent, the stack will be deleted immediately with no changeset.
profile: ${13:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
disable_rollback: ${14|true,false|} # not required. choices: true;false. If a stacks fails to form, rollback will remove the stack
notification_arns: ${15:null} # not required. The Simple Notification Service (SNS) topic ARNs to publish stack related events.
tags: ${16:null} # not required. Dictionary of tags to associate with stack and its resources during stack creation. Can be updated later, updating tags removes previous entries.
template_url: ${17:undefined} # not required. Location of file containing the template body. The URL must point to a template (max size 307,200 bytes) located in an S3 bucket in the same region as the stack.,If 'state' is 'present' and the stack does not exist yet, either 'template', 'template_body' or 'template_url' must be specified (but only one of them). If 'state' ispresent, the stack does exist, and neither 'template', 'template_body' nor 'template_url' are specified, the previous template will be reused.
aws_access_key: ${18:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${19:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
changeset_name: ${20:null} # not required. Name given to the changeset when creating a changeset, only used when create_changeset is true. By default a name prefixed with Ansible-STACKNAME is generated based on input parameters. See the AWS Change Sets docs U(http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html)
region: ${21:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
validate_certs: ${22:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'cloudformation_facts':
'prefix': "cloudformation_facts_snippet"
'description': "Obtain facts about an AWS CloudFormation stack"
'body': """
cloudformation_facts:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
all_facts: ${2:false} # not required. Get all stack information for the stack
stack_events: ${3:false} # not required. Get stack events for the stack
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
stack_resources: ${5:false} # not required. Get stack resources for the stack
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
stack_template: ${9:false} # not required. Get stack template body for the stack
stack_policy: ${10:false} # not required. Get stack policy for the stack
region: ${11:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
stack_name: ${12:null} # not required. The name or id of the CloudFormation stack. Gathers facts for all stacks by default.
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'cloudfront_distribution':
'prefix': "cloudfront_distribution_snippet"
'description': "create, update and delete aws cloudfront distributions."
'body': """
cloudfront_distribution:
comment: ${1:undefined} # not required. A comment that describes the cloudfront distribution. If not specified, it defaults to a generic message that it has been created with Ansible, and a datetime stamp.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
purge_custom_error_responses: ${3:false} # not required. Whether to remove any custom error responses that aren't listed in I(custom_error_responses)
e_tag: ${4:undefined} # not required. A unique identifier of a modified or existing distribution. Used in conjunction with I(distribution_id). Is determined automatically if not specified.
tags: ${5:undefined} # not required. Should be input as a dict() of key-value pairs. Note that numeric keys or values must be wrapped in quotes. e.g. \"Priority:\" '1"
purge_tags: ${6|yes,no|} # not required. choices: yes;no. Specifies whether existing tags will be removed before adding new tags. When I(purge_tags=yes), existing tags are removed and I(tags) are added, if specified. If no tags are specified, it removes all existing tags for the distribution. When I(purge_tags=no), existing tags are kept and I(tags) are added, if specified.
caller_reference: ${7:undefined} # not required. A unique identifier for creating and updating cloudfront distributions. Each caller reference must be unique across all distributions. e.g. a caller reference used in a web distribution cannot be reused in a streaming distribution. This parameter can be used instead of I(distribution_id) to reference an existing distribution. If not specified, this defaults to a datetime stamp of the format 'YYYY-MM-DDTHH:MM:SS.ffffff'.
default_root_object: ${8:undefined} # not required. A config element that specifies the path to request when the user requests the origin. e.g. if specified as 'index.html', this maps to www.example.com/index.html when www.example.com is called by the user. This prevents the entire distribution origin from being exposed at the root.
alias: ${9:undefined} # not required. The name of an alias (CNAME) that is used in a distribution. This is used to effectively reference a distribution by its alias as an alias can only be used by one distribution per AWS account. This variable avoids having to provide the I(distribution_id) as well as the I(e_tag), or I(caller_reference) of an existing distribution.
wait_timeout: ${10:1800} # not required. Specifies the duration in seconds to wait for a timeout of a cloudfront create or update. Defaults to 1800 seconds (30 minutes).
purge_aliases: ${11|yes,no|} # not required. choices: yes;no. Specifies whether existing aliases will be removed before adding new aliases. When I(purge_aliases=yes), existing aliases are removed and I(aliases) are added.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
default_origin_domain_name: ${13:undefined} # not required. The domain name to use for an origin if no I(origins) have been specified. Should only be used on a first run of generating a distribution and not on subsequent runs. Should not be used in conjunction with I(distribution_id), I(caller_reference) or I(alias).
ipv6_enabled: ${14|yes,no|} # not required. choices: yes;no. Determines whether IPv6 support is enabled or not.
purge_cache_behaviors: ${15:false} # not required. Whether to remove any cache behaviors that aren't listed in I(cache_behaviors). This switch also allows the reordering of cache_behaviors.
aliases: ${16:undefined} # not required. A I(list[]) of domain name aliases (CNAMEs) as strings to be used for the distribution. Each alias must be unique across all distribution for the AWS account.
aws_secret_key: ${17:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
restrictions: ${18:undefined} # not required. A config element that is a complex object that describes how a distribution should restrict it's content. The restriction object comprises the following attributes I(geo_restriction) I(restriction_type) I(items[])
aws_access_key: ${19:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
logging: ${20:undefined} # not required. A config element that is a complex object that defines logging for the distribution. The logging object comprises the attributes I(enabled) I(include_cookies) I(bucket) I(prefix)
http_version: ${21|http1.1,http2|} # not required. choices: http1.1;http2. The version of the http protocol to use for the distribution.
origins: ${22:undefined} # not required. A config element that is a I(list[]) of complex origin objects to be specified for the distribution. Used for creating and updating distributions. Each origin item comprises the attributes I(id) I(domain_name) (defaults to default_origin_domain_name if not specified) I(origin_path) (defaults to default_origin_path if not specified) I(custom_headers[]) I(header_name) I(header_value) I(s3_origin_access_identity_enabled) I(custom_origin_config) I(http_port) I(https_port) I(origin_protocol_policy) I(origin_ssl_protocols[]) I(origin_read_timeout) I(origin_keepalive_timeout)
web_acl_id: ${23:undefined} # not required. The id of a Web Application Firewall (WAF) Access Control List (ACL).
viewer_certificate: ${24:undefined} # not required. A config element that is a complex object that specifies the encryption details of the distribution. Comprises the following attributes I(cloudfront_default_certificate) I(iam_certificate_id) I(acm_certificate_arn) I(ssl_support_method) I(minimum_protocol_version) I(certificate) I(certificate_source)
price_class: ${25|PriceClass_100,PriceClass_200,PriceClass_All|} # not required. choices: PriceClass_100;PriceClass_200;PriceClass_All. A string that specifies the pricing class of the distribution. As per U(https://aws.amazon.com/cloudfront/pricing/) I(price_class=PriceClass_100) consists of the areas United States Canada Europe I(price_class=PriceClass_200) consists of the areas United States Canada Europe Hong Kong, Philippines, S. Korea, Singapore & Taiwan Japan India I(price_class=PriceClass_All) consists of the areas United States Canada Europe Hong Kong, Philippines, S. Korea, Singapore & Taiwan Japan India South America Australia
region: ${26:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
purge_origins: ${27:false} # not required. Whether to remove any origins that aren't listed in I(origins)
default_cache_behavior: ${28:undefined} # not required. A config element that is a complex object specifying the default cache behavior of the distribution. If not specified, the I(target_origin_id) is defined as the I(target_origin_id) of the first valid I(cache_behavior) in I(cache_behaviors) with defaults. The default cache behavior comprises the attributes I(target_origin_id) I(forwarded_values) I(query_string) I(cookies) I(forward) I(whitelisted_names) I(headers[]) I(query_string_cache_keys[]) I(trusted_signers) I(enabled) I(items[]) I(viewer_protocol_policy) I(min_ttl) I(allowed_methods) I(items[]) I(cached_methods[]) I(smooth_streaming) I(default_ttl) I(max_ttl) I(compress) I(lambda_function_associations[]) I(lambda_function_arn) I(event_type)
distribution_id: ${29:undefined} # not required. The id of the cloudfront distribution. This parameter can be exchanged with I(alias) or I(caller_reference) and is used in conjunction with I(e_tag).
state: ${30|present,absent|} # not required. choices: present;absent. The desired state of the distribution present - creates a new distribution or updates an existing distribution. absent - deletes an existing distribution.
cache_behaviors: ${31:undefined} # not required. A config element that is a I(list[]) of complex cache behavior objects to be specified for the distribution. The order of the list is preserved across runs unless C(purge_cache_behavior) is enabled. Each cache behavior comprises the attributes I(path_pattern) I(target_origin_id) I(forwarded_values) I(query_string) I(cookies) I(forward) I(whitelisted_names) I(headers[]) I(query_string_cache_keys[]) I(trusted_signers) I(enabled) I(items[]) I(viewer_protocol_policy) I(min_ttl) I(allowed_methods) I(items[]) I(cached_methods[]) I(smooth_streaming) I(default_ttl) I(max_ttl) I(compress) I(lambda_function_associations[])
custom_error_responses: ${32:undefined} # not required. A config element that is a I(list[]) of complex custom error responses to be specified for the distribution. This attribute configures custom http error messages returned to the user. Each custom error response object comprises the attributes I(error_code) I(reponse_page_path) I(response_code) I(error_caching_min_ttl)
default_origin_path: ${33:undefined} # not required. The default origin path to specify for an origin if no I(origins) have been specified. Defaults to empty if not specified.
security_token: ${34:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
wait: ${35|yes,no|} # not required. choices: yes;no. Specifies whether the module waits until the distribution has completed processing the creation or update.
validate_certs: ${36:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
enabled: ${37|yes,no|} # not required. choices: yes;no. A boolean value that specifies whether the distribution is enabled or disabled.
"""
'cloudfront_facts':
'prefix': "cloudfront_facts_snippet"
'description': "Obtain facts about an AWS CloudFront distribution"
'body': """
cloudfront_facts:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
list_streaming_distributions: ${2:false} # not required. Get a list of streaming distributions.
origin_access_identity_config: ${3:false} # not required. Get the configuration information about an origin access identity. Requires I(origin_access_identity_id) to be specified.
invalidation: ${4:false} # not required. Get information about an invalidation. Requires I(invalidation_id) to be specified.
domain_name_alias: ${5:undefined} # not required. Can be used instead of I(distribution_id) - uses the aliased CNAME for the cloudfront distribution to get the distribution id where required.
list_invalidations: ${6:false} # not required. Get a list of invalidations. Requires I(distribution_id) or I(domain_name_alias) to be specified.
origin_access_identity_id: ${7:undefined} # not required. The id of the cloudfront origin access identity to get information about.
list_distributions_by_web_acl_id: ${8:false} # not required. Get a list of distributions using web acl id as a filter. Requires I(web_acl_id) to be set.
origin_access_identity: ${9:false} # not required. Get information about an origin access identity. Requires I(origin_access_identity_id) to be specified.
streaming_distribution_config: ${10:false} # not required. Get the configuration information about a specified RTMP distribution. Requires I(distribution_id) or I(domain_name_alias) to be specified.
all_lists: ${11:false} # not required. Get all cloudfront lists that do not require parameters.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
list_distributions: ${13:false} # not required. Get a list of cloudfront distributions.
summary: ${14:false} # not required. Returns a summary of all distributions, streaming distributions and origin_access_identities. This is the default behaviour if no option is selected.
aws_secret_key: ${15:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${16:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${17:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
web_acl_id: ${18:undefined} # not required. Used with I(list_distributions_by_web_acl_id).
region: ${19:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
streaming_distribution: ${20:false} # not required. Get information about a specified RTMP distribution. Requires I(distribution_id) or I(domain_name_alias) to be specified.
distribution_id: ${21:undefined} # not required. The id of the CloudFront distribution. Used with I(distribution), I(distribution_config), I(invalidation), I(streaming_distribution), I(streaming_distribution_config), I(list_invalidations).
distribution_config: ${22:false} # not required. Get the configuration information about a distribution. Requires I(distribution_id) or I(domain_name_alias) to be specified.
invalidation_id: ${23:undefined} # not required. The id of the invalidation to get information about. Used with I(invalidation).
distribution: ${24:false} # not required. Get information about a distribution. Requires I(distribution_id) or I(domain_name_alias) to be specified.
validate_certs: ${25:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
list_origin_access_identities: ${26:false} # not required. Get a list of cloudfront origin access identities. Requires I(origin_access_identity_id) to be set.
"""
'cloudfront_invalidation':
'prefix': "cloudfront_invalidation_snippet"
'description': "create invalidations for aws cloudfront distributions"
'body': """
cloudfront_invalidation:
target_paths: ${1:undefined} # required. A list of paths on the distribution to invalidate. Each path should begin with '/'. Wildcards are allowed. eg. '/foo/bar/*"
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
alias: ${6:undefined} # not required. The alias of the cloudfront distribution to invalidate paths for. Can be specified instead of distribution_id.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
distribution_id: ${9:undefined} # not required. The id of the cloudfront distribution to invalidate paths for. Can be specified insted of the alias.
caller_reference: ${10:current datetime stamp} # not required. A unique reference identifier for the invalidation paths.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'cloudfront_origin_access_identity':
'prefix': "cloudfront_origin_access_identity_snippet"
'description': "create, update and delete origin access identities for a cloudfront distribution."
'body': """
cloudfront_origin_access_identity:
comment: ${1:undefined} # not required. A comment to describe the cloudfront origin access identity.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
origin_access_identity_id: ${7:undefined} # not required. The origin_access_identity_id of the cloudfront distribution.
state: ${8|present,absent|} # not required. choices: present;absent. If the named resource should exist.
profile: ${9:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
caller_reference: ${10:undefined} # not required. A unique identifier to reference the origin access identity by.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'cloudscale_floating_ip':
'prefix': "cloudscale_floating_ip_snippet"
'description': "Manages floating IPs on the cloudscale.ch IaaS service"
'body': """
cloudscale_floating_ip:
reverse_ptr: ${1:undefined} # not required. Reverse PTR entry for this address.,You cannot set a reverse PTR entry for IPv6 floating networks. Reverse PTR entries are only allowed for single addresses.
ip: ${2:undefined} # not required. Floating IP address to change.,Required to assign the IP to a different server or if I(state) is absent.
api_timeout: ${3:30} # not required. Timeout in seconds for calls to the cloudscale.ch API.
server: ${4:undefined} # not required. UUID of the server assigned to this floating IP.,Required unless I(state) is absent.
state: ${5|present,absent|} # not required. choices: present;absent. State of the floating IP.
prefix_length: ${6|56|} # not required. choices: 56. Only valid if I(ip_version) is 6.,Prefix length for the IPv6 network. Currently only a prefix of /56 can be requested. If no I(prefix_length) is present, a single address is created.
api_token: ${7:undefined} # not required. cloudscale.ch API token.,This can also be passed in the CLOUDSCALE_API_TOKEN environment variable.
ip_version: ${8|4,6|} # not required. choices: 4;6. IP protocol version of the floating IP.
"""
'cloudscale_server':
'prefix': "cloudscale_server_snippet"
'description': "Manages servers on the cloudscale.ch IaaS service"
'body': """
cloudscale_server:
volume_size_gb: ${1:10} # not required. Size of the root volume in GB.
uuid: ${2:undefined} # not required. UUID of the server.,Either C(name) or C(uuid) are required. These options are mutually exclusive.
name: ${3:undefined} # not required. Name of the Server.,Either C(name) or C(uuid) are required. These options are mutually exclusive.
use_public_network: ${4:true} # not required. Attach a public network interface to the server.
state: ${5|running,stopped,absent|} # not required. choices: running;stopped;absent. State of the server
image: ${6:undefined} # not required. Image used to create the server.
api_timeout: ${7:30} # not required. Timeout in seconds for calls to the cloudscale.ch API.
user_data: ${8:undefined} # not required. Cloud-init configuration (cloud-config) data to use for the server.
anti_affinity_with: ${9:undefined} # not required. UUID of another server to create an anti-affinity group with.
use_private_network: ${10:false} # not required. Attach a private network interface to the server.
bulk_volume_size_gb: ${11:undefined} # not required. Size of the bulk storage volume in GB.,No bulk storage volume if not set.
use_ipv6: ${12:true} # not required. Enable IPv6 on the public network interface.
api_token: ${13:undefined} # not required. cloudscale.ch API token.,This can also be passed in the CLOUDSCALE_API_TOKEN environment variable.
flavor: ${14:undefined} # not required. Flavor of the server.
ssh_keys: ${15:undefined} # not required. List of SSH public keys.,Use the full content of your .pub file here.
"""
'cloudtrail':
'prefix': "cloudtrail_snippet"
'description': "manage CloudTrail create, delete, update"
'body': """
cloudtrail:
name: ${1:undefined} # required. Name for the CloudTrail.,Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.
state: ${2|present,absent,enabled,disabled|} # required. choices: present;absent;enabled;disabled. Add or remove CloudTrail configuration.,The following states have been preserved for backwards compatibility. C(state=enabled) and C(state=disabled).,enabled=present and disabled=absent.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
enable_log_file_validation: ${4:undefined} # not required. Specifies whether log file integrity validation is enabled.,CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
include_global_events: ${6:true} # not required. Record API calls from global services such as IAM and STS.
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
is_multi_region_trail: ${8:false} # not required. Specify whether the trail belongs only to one region or exists in all regions.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
kms_key_id: ${11:undefined} # not required. Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.,The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.,See U(https://docs.aws.amazon.com/awscloudtrail/latest/userguide/encrypting-cloudtrail-log-files-with-aws-kms.html)
cloudwatch_logs_log_group_arn: ${12:undefined} # not required. A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.,See U(https://docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html),Required when C(cloudwatch_logs_role_arn)
s3_bucket_name: ${13:undefined} # not required. An existing S3 bucket where CloudTrail will deliver log files.,This bucket should exist and have the proper policy.,See U(http://docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_bucket_policy.html),Required when C(state=present)
cloudwatch_logs_role_arn: ${14:undefined} # not required. Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.,See U(https://docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html),Required when C(cloudwatch_logs_log_group_arn)
profile: ${15:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${16:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
sns_topic_name: ${17:undefined} # not required. SNS Topic name to send notifications to when a log file is delivered
s3_key_prefix: ${18:undefined} # not required. S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.
enable_logging: ${19:true} # not required. Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.
tags: ${20:[object Object]} # not required. A hash/dictionary of tags to be applied to the CloudTrail resource.,Remove completely or specify an empty dictionary to remove all tags.
"""
'cloudwatchevent_rule':
'prefix': "cloudwatchevent_rule_snippet"
'description': "Manage CloudWatch Event rules and targets"
'body': """
cloudwatchevent_rule:
name: ${1:undefined} # required. The name of the rule you are creating, updating or deleting. No spaces or special characters allowed (i.e. must match C([\\.\\-_A-Za-z0-9]+))
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
description: ${3:undefined} # not required. A description of the rule
event_pattern: ${4:undefined} # not required. A string pattern (in valid JSON format) that is used to match against incoming events to determine if the rule should be triggered
schedule_expression: ${5:undefined} # not required. A cron or rate expression that defines the schedule the rule will trigger on. For example, C(cron(0 20 * * ? *)), C(rate(5 minutes))
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
targets: ${7:undefined} # not required. A dictionary array of targets to add to or update for the rule, in the form C({ id: [string], arn: [string], role_arn: [string], input: [valid JSON string], input_path: [valid JSONPath string], ecs_parameters: {task_definition_arn: [string], task_count: [int]}}). I(id) [required] is the unique target assignment ID. I(arn) (required) is the Amazon Resource Name associated with the target. I(role_arn) (optional) is The Amazon Resource Name of the IAM role to be used for this target when the rule is triggered. I(input) (optional) is a JSON object that will override the event data when passed to the target. I(input_path) (optional) is a JSONPath string (e.g. C($.detail)) that specifies the part of the event data to be passed to the target. If neither I(input) nor I(input_path) is specified, then the entire event is passed to the target in JSON form. I(task_definition_arn) [optional] is ecs task definition arn. I(task_count) [optional] is ecs task count.
aws_secret_key: ${8:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${9:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
role_arn: ${10:undefined} # not required. The Amazon Resource Name (ARN) of the IAM role associated with the rule
security_token: ${11:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${12:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${13|present,disabled,absent|} # not required. choices: present;disabled;absent. Whether the rule is present (and enabled), disabled, or absent
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'cloudwatchlogs_log_group':
'prefix': "cloudwatchlogs_log_group_snippet"
'description': "create or delete log_group in CloudWatchLogs"
'body': """
cloudwatchlogs_log_group:
log_group_name: ${1:undefined} # required. The name of the log group.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
tags: ${3:undefined} # not required. The key-value pairs to use for the tags.
kms_key_id: ${4:undefined} # not required. The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
overwrite: ${6:false} # not required. Whether an existing log group should be overwritten on create.
retention: ${7:undefined} # not required. The number of days to retain the log events in the specified log group. Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
aws_secret_key: ${8:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${9:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${10:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${11:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${12|present,absent|} # not required. choices: present;absent. Whether the rule is present, absent or get
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'cloudwatchlogs_log_group_facts':
'prefix': "cloudwatchlogs_log_group_facts_snippet"
'description': "get facts about log_group in CloudWatchLogs"
'body': """
cloudwatchlogs_log_group_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
log_group_name: ${6:undefined} # not required. The name or prefix of the log group to filter by.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'cnos_backup':
'prefix': "cnos_backup_snippet"
'description': "Backup the current running or startup configuration to a remote server on devices running Lenovo CNOS"
'body': """
cnos_backup:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
protocol: ${2|SFTP,SCP,FTP,TFTP|} # required. choices: SFTP;SCP;FTP;TFTP. This refers to the protocol used by the network device to interact with the remote server to where to upload the backup configuration. The choices are FTP, SFTP, TFTP, or SCP. Any other protocols will result in error. If this parameter is not specified, there is no default value to be used.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
password: ${4:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
rcserverip: ${5:null} # required. -This specifies the IP Address of the remote server to where the configuration will be backed up.
serverpassword: ${6:null} # required. Specify the password for the server relating to the protocol used.
outputfile: ${7:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
configType: ${8|running-config,startup-config|} # required. choices: running-config;startup-config. This specifies what type of configuration will be backed up. The choices are the running or startup configurations. There is no default value, so it will result in an error if the input is incorrect.
deviceType: ${9|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
serverusername: ${10:null} # required. Specify the username for the server relating to the protocol used.
rcpath: ${11:null} # required. This specifies the full file path where the configuration file will be copied on the remote server. In case the relative path is used as the variable value, the root folder for the user of the server needs to be specified.
enablePassword: ${12:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_bgp':
'prefix': "cnos_bgp_snippet"
'description': "Manage BGP resources and attributes on devices running Lenovo CNOS"
'body': """
cnos_bgp:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
asNum: ${3:null} # required. AS number
bgpArg1: ${4|address-family,bestpath,bgp,cluster-id,confederation,enforce-first-as,fast-external-failover,graceful-restart,graceful-restart-helper,log-neighbor-changes,maxas-limit,neighbor,router-id,shutdown,synchronization,timers,vrf|} # required. choices: address-family;bestpath;bgp;cluster-id;confederation;enforce-first-as;fast-external-failover;graceful-restart;graceful-restart-helper;log-neighbor-changes;maxas-limit;neighbor;router-id;shutdown;synchronization;timers;vrf. This is an overloaded bgp first argument. Usage of this argument can be found is the User Guide referenced above.
host: ${5:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${6|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${7:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
bgpArg8: ${8|Un-reachability Half-life time for the penalty(minutes),backdoor|} # not required. choices: Un-reachability Half-life time for the penalty(minutes);backdoor. This is an overloaded bgp eigth argument. Usage of this argument can be found is the User Guide referenced above.
bgpArg4: ${9|Aggregate prefix,Reachability Half-life time,route-map,Distance for routes external,ebgp or ibgp,IP prefix <network>,IP prefix <network>/<length>,synchronization,Delay value,direct,ospf,static,memory|} # not required. choices: Aggregate prefix;Reachability Half-life time;route-map;Distance for routes external;ebgp or ibgp;IP prefix <network>;IP prefix <network>/<length>;synchronization;Delay value;direct;ospf;static;memory. This is an overloaded bgp fourth argument. Usage of this argument can be found is the User Guide referenced above.
bgpArg5: ${10|as-set,summary-only,Value to start reusing a route,Distance for routes internal,Supported multipath numbers,backdoor,map,route-map|} # not required. choices: as-set;summary-only;Value to start reusing a route;Distance for routes internal;Supported multipath numbers;backdoor;map;route-map. This is an overloaded bgp fifth argument. Usage of this argument can be found is the User Guide referenced above.
bgpArg6: ${11|summary-only,as-set,route-map name,Value to start suppressing a route,Distance for local routes,Network mask,Pointer to route-map entries|} # not required. choices: summary-only;as-set;route-map name;Value to start suppressing a route;Distance for local routes;Network mask;Pointer to route-map entries. This is an overloaded bgp sixth argument. Usage of this argument can be found is the User Guide referenced above.
bgpArg7: ${12|Maximum duration to suppress a stable route(minutes),backdoor,route-map,Name of the route map|} # not required. choices: Maximum duration to suppress a stable route(minutes);backdoor;route-map;Name of the route map. This is an overloaded bgp seventh argument. Usage of this argument can be found is the User Guide referenced above.
bgpArg2: ${13|ipv4 or ipv6,always-compare-med,compare-confed-aspath,compare-routerid,dont-compare-originator-id,tie-break-on-age,as-path,med,identifier,peers|} # not required. choices: ipv4 or ipv6;always-compare-med;compare-confed-aspath;compare-routerid;dont-compare-originator-id;tie-break-on-age;as-path;med;identifier;peers. This is an overloaded bgp second argument. Usage of this argument can be found is the User Guide referenced above.
bgpArg3: ${14|aggregate-address,client-to-client,dampening,distance,maximum-paths,network,nexthop,redistribute,save,synchronization,ignore or multipath-relax,confed or missing-as-worst or non-deterministic or remove-recv-med or remove-send-med|} # not required. choices: aggregate-address;client-to-client;dampening;distance;maximum-paths;network;nexthop;redistribute;save;synchronization;ignore or multipath-relax;confed or missing-as-worst or non-deterministic or remove-recv-med or remove-send-med. This is an overloaded bgp third argument. Usage of this argument can be found is the User Guide referenced above.
enablePassword: ${15:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_command':
'prefix': "cnos_command_snippet"
'description': "Execute a single command on devices running Lenovo CNOS"
'body': """
cnos_command:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
clicommand: ${3:null} # required. This specifies the CLI command as an attribute to this method. The command is passed using double quotes. The variables can be placed directly on to the CLI commands or can be invoked from the vars directory.
host: ${4:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${5|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${6:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
enablePassword: ${7:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_conditional_command':
'prefix': "cnos_conditional_command_snippet"
'description': "Execute a single command based on condition on devices running Lenovo CNOS"
'body': """
cnos_conditional_command:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
clicommand: ${3:null} # required. This specifies the CLI command as an attribute to this method. The command is passed using double quotes. The variables can be placed directly on to the CLI commands or can be invoked from the vars directory.
host: ${4:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
flag: ${5:null} # required. If a task needs to be executed, you have to set the flag the same as it is specified in the inventory for that device.
deviceType: ${6|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${7:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
condition: ${8:null} # required. If you specify condition=false in the inventory file against any device, the command execution is skipped for that device.
enablePassword: ${9:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_conditional_template':
'prefix': "cnos_conditional_template_snippet"
'description': "Manage switch configuration using templates based on condition on devices running Lenovo CNOS"
'body': """
cnos_conditional_template:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
flag: ${4:null} # required. If a task needs to be executed, you have to set the flag the same as it is specified in the inventory for that device.
deviceType: ${5|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
condition: ${6:null} # required. If you specify condition=<flag string> in the inventory file against any device, the template execution is done for that device in case it matches the flag setting for that task.
password: ${7:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
commandfile: ${8:null} # required. This specifies the path to the CNOS command file which needs to be applied. This usually comes from the commands folder. Generally this file is the output of the variables applied on a template file. So this command is preceded by a template module. The command file must contain the Ansible keyword {{ inventory_hostname }} and the condition flag in its filename to ensure that the command file is unique for each switch and condition. If this is omitted, the command file will be overwritten during iteration. For example, commandfile=./commands/clos_leaf_bgp_{{ inventory_hostname }}_LP21_commands.txt
enablePassword: ${9:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_factory':
'prefix': "cnos_factory_snippet"
'description': "Reset the switch's startup configuration to default (factory) on devices running Lenovo CNOS"
'body': """
cnos_factory:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${4|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${5:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
enablePassword: ${6:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_facts':
'prefix': "cnos_facts_snippet"
'description': "Collect facts on devices running Lenovo CNOS"
'body': """
cnos_facts:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${4|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${5:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
enablePassword: ${6:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_image':
'prefix': "cnos_image_snippet"
'description': "Perform firmware upgrade/download from a remote server on devices running Lenovo CNOS"
'body': """
cnos_image:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
protocol: ${2|SFTP,SCP,FTP,TFTP|} # required. choices: SFTP;SCP;FTP;TFTP. This refers to the protocol used by the network device to interact with the remote server from where to download the firmware image. The choices are FTP, SFTP, TFTP, or SCP. Any other protocols will result in error. If this parameter is not specified, there is no default value to be used.
serverip: ${3:null} # required. This specifies the IP Address of the remote server from where the software image will be downloaded.
host: ${4:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
password: ${5:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${6:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
imgpath: ${7:null} # required. This specifies the full file path of the image located on the remote server. In case the relative path is used as the variable value, the root folder for the user of the server needs to be specified.
deviceType: ${8|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
serverusername: ${9:null} # required. Specify the username for the server relating to the protocol used.
imgtype: ${10|all,boot,os,onie|} # required. choices: all;boot;os;onie. This specifies the firmware image type to be downloaded
enablePassword: ${11:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
serverpassword: ${12:null} # not required. Specify the password for the server relating to the protocol used.
"""
'cnos_interface':
'prefix': "cnos_interface_snippet"
'description': "Manage interface configuration on devices running Lenovo CNOS"
'body': """
cnos_interface:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
password: ${2:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${3:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
interfaceOption: ${4|None,ethernet,loopback,mgmt,port-aggregation,vlan|} # required. choices: None;ethernet;loopback;mgmt;port-aggregation;vlan. This specifies the attribute you specify subsequent to interface command
host: ${5:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${6|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
interfaceRange: ${7:null} # required. This specifies the interface range in which the port aggregation is envisaged
interfaceArg1: ${8|aggregation-group,bfd,bridgeport,description,duplex,flowcontrol,ip,ipv6,lacp,lldp,load-interval,mac,mac-address,mac-learn,microburst-detection,mtu,service,service-policy,shutdown,snmp,spanning-tree,speed,storm-control,vlan,vrrp,port-aggregation|} # required. choices: aggregation-group;bfd;bridgeport;description;duplex;flowcontrol;ip;ipv6;lacp;lldp;load-interval;mac;mac-address;mac-learn;microburst-detection;mtu;service;service-policy;shutdown;snmp;spanning-tree;speed;storm-control;vlan;vrrp;port-aggregation. This is an overloaded interface first argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg4: ${9|key-chain,key-id,keyed-md5 or keyed-sha1 or meticulous-keyed-md5 or meticulous-keyed-sha1 or simple,Interval value in milliseconds,Destination IP (Both IPV4 and IPV6),in or out,MAC address,Time-out value in seconds,class-id,request,Specify the IPv4 address,OSPF area ID as a decimal value,OSPF area ID in IP address format,anycast or secondary,ethernet,vlan,MAC (hardware) address in HHHH.HHHH.HHHH format,Load interval delay in seconds,Specify policy input name,input or output,cost,port-priority,BFD minimum receive interval,source-interface|} # not required. choices: key-chain;key-id;keyed-md5 or keyed-sha1 or meticulous-keyed-md5 or meticulous-keyed-sha1 or simple;Interval value in milliseconds;Destination IP (Both IPV4 and IPV6);in or out;MAC address;Time-out value in seconds;class-id;request;Specify the IPv4 address;OSPF area ID as a decimal value;OSPF area ID in IP address format;anycast or secondary;ethernet;vlan;MAC (hardware) address in HHHH.HHHH.HHHH format;Load interval delay in seconds;Specify policy input name;input or output;cost;port-priority;BFD minimum receive interval;source-interface. This is an overloaded interface fourth argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg5: ${10|name of key-chain,key-Id Value,key-chain,key-id,BFD minimum receive interval,Value of Hello Multiplier,admin-down or multihop or non-persistent,Vendor class-identifier name,bootfile-name or host-name or log-server or ntp-server or tftp-server-name,Slot/chassis number,Vlan interface,Specify policy input name,Port path cost or auto,Port priority increments of 32|} # not required. choices: name of key-chain;key-Id Value;key-chain;key-id;BFD minimum receive interval;Value of Hello Multiplier;admin-down or multihop or non-persistent;Vendor class-identifier name;bootfile-name or host-name or log-server or ntp-server or tftp-server-name;Slot/chassis number;Vlan interface;Specify policy input name;Port path cost or auto;Port priority increments of 32. This is an overloaded interface fifth argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg6: ${11|Authentication key string,name of key-chain,key-Id Value,Value of Hello Multiplier,admin-down or non-persistent|} # not required. choices: Authentication key string;name of key-chain;key-Id Value;Value of Hello Multiplier;admin-down or non-persistent. This is an overloaded interface sixth argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg7: ${12|Authentication key string,admin-down|} # not required. choices: Authentication key string;admin-down. This is an overloaded interface seventh argument. Usage of this argument can be found is the User Guide referenced above.
enablePassword: ${13:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
interfaceArg2: ${14|aggregation-group number,access or mode or trunk,description,auto or full or half,receive or send,port-priority,suspend-individual,timeout,receive or transmit or trap-notification,tlv-select,Load interval delay in seconds,counter,Name for the MAC Access List,mac-address in HHHH.HHHH.HHHH format,THRESHOLD Value in unit of buffer cell,<64-9216> MTU in bytes-<64-9216> for L2 packet,<576-9216> for L3 IPv4 packet,<1280-9216> for L3 IPv6 packet,enter the instance id,input or output,copp-system-policy,type,1000 or 10000 or 40000 or auto,broadcast or multicast or unicast,disable or enable or egress-only,Virtual router identifier,destination-ip or destination-mac or destination-port or source-dest-ip or source-dest-mac or source-dest-port or source-interface or source-ip or source-mac or source-port|} # not required. choices: aggregation-group number;access or mode or trunk;description;auto or full or half;receive or send;port-priority;suspend-individual;timeout;receive or transmit or trap-notification;tlv-select;Load interval delay in seconds;counter;Name for the MAC Access List;mac-address in HHHH.HHHH.HHHH format;THRESHOLD Value in unit of buffer cell;<64-9216> MTU in bytes-<64-9216> for L2 packet;<576-9216> for L3 IPv4 packet;<1280-9216> for L3 IPv6 packet;enter the instance id;input or output;copp-system-policy;type;1000 or 10000 or 40000 or auto;broadcast or multicast or unicast;disable or enable or egress-only;Virtual router identifier;destination-ip or destination-mac or destination-port or source-dest-ip or source-dest-mac or source-dest-port or source-interface or source-ip or source-mac or source-port. This is an overloaded interface second argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg3: ${15|active or on or passive,on or off,LACP port priority,long or short,link-aggregation or mac-phy-status or management-address or max-frame-size or port-description or port-protocol-vlan or port-vlan or power-mdi or protocol-identity or system-capabilities or system-description or system-name or vid-management or vlan-name,counter for load interval,policy input name,all or Copp class name to attach,qos,queueing,Enter the allowed traffic level,ipv6|} # not required. choices: active or on or passive;on or off;LACP port priority;long or short;link-aggregation or mac-phy-status or management-address or max-frame-size or port-description or port-protocol-vlan or port-vlan or power-mdi or protocol-identity or system-capabilities or system-description or system-name or vid-management or vlan-name;counter for load interval;policy input name;all or Copp class name to attach;qos;queueing;Enter the allowed traffic level;ipv6. This is an overloaded interface third argument. Usage of this argument can be found is the User Guide referenced above.
"""
'cnos_portchannel':
'prefix': "cnos_portchannel_snippet"
'description': "Manage portchannel (port aggregation) configuration on devices running Lenovo CNOS"
'body': """
cnos_portchannel:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
password: ${2:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${3:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${4:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${5|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
interfaceRange: ${6:null} # required. This specifies the interface range in which the port aggregation is envisaged
interfaceArg1: ${7|aggregation-group,bfd,bridgeport,description,duplex,flowcontrol,ip,ipv6,lacp,lldp,load-interval,mac,mac-address,mac-learn,microburst-detection,mtu,service,service-policy,shutdown,snmp,spanning-tree,speed,storm-control,vlan,vrrp,port-aggregation|} # required. choices: aggregation-group;bfd;bridgeport;description;duplex;flowcontrol;ip;ipv6;lacp;lldp;load-interval;mac;mac-address;mac-learn;microburst-detection;mtu;service;service-policy;shutdown;snmp;spanning-tree;speed;storm-control;vlan;vrrp;port-aggregation. This is an overloaded Port Channel first argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg4: ${8|key-chain,key-id,keyed-md5 or keyed-sha1 or meticulous-keyed-md5 or meticulous-keyed-sha1 or simple,Interval value in milliseconds,Destination IP (Both IPV4 and IPV6),in or out,MAC address,Time-out value in seconds,class-id,request,Specify the IPv4 address,OSPF area ID as a decimal value,OSPF area ID in IP address format,anycast or secondary,ethernet,vlan,MAC (hardware) address in HHHH.HHHH.HHHH format,Load interval delay in seconds,Specify policy input name,input or output,cost,port-priority,BFD minimum receive interval,source-interface|} # not required. choices: key-chain;key-id;keyed-md5 or keyed-sha1 or meticulous-keyed-md5 or meticulous-keyed-sha1 or simple;Interval value in milliseconds;Destination IP (Both IPV4 and IPV6);in or out;MAC address;Time-out value in seconds;class-id;request;Specify the IPv4 address;OSPF area ID as a decimal value;OSPF area ID in IP address format;anycast or secondary;ethernet;vlan;MAC (hardware) address in HHHH.HHHH.HHHH format;Load interval delay in seconds;Specify policy input name;input or output;cost;port-priority;BFD minimum receive interval;source-interface. This is an overloaded Port Channel fourth argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg5: ${9|name of key-chain,key-Id Value,key-chain,key-id,BFD minimum receive interval,Value of Hello Multiplier,admin-down or multihop or non-persistent,Vendor class-identifier name,bootfile-name or host-name or log-server or ntp-server or tftp-server-name,Slot/chassis number,Vlan interface,Specify policy input name,Port path cost or auto,Port priority increments of 32|} # not required. choices: name of key-chain;key-Id Value;key-chain;key-id;BFD minimum receive interval;Value of Hello Multiplier;admin-down or multihop or non-persistent;Vendor class-identifier name;bootfile-name or host-name or log-server or ntp-server or tftp-server-name;Slot/chassis number;Vlan interface;Specify policy input name;Port path cost or auto;Port priority increments of 32. This is an overloaded Port Channel fifth argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg6: ${10|Authentication key string,name of key-chain,key-Id Value,Value of Hello Multiplier,admin-down or non-persistent|} # not required. choices: Authentication key string;name of key-chain;key-Id Value;Value of Hello Multiplier;admin-down or non-persistent. This is an overloaded Port Channel sixth argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg7: ${11|Authentication key string,admin-down|} # not required. choices: Authentication key string;admin-down. This is an overloaded Port Channel seventh argument. Usage of this argument can be found is the User Guide referenced above.
enablePassword: ${12:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
interfaceArg2: ${13|aggregation-group number,access or mode or trunk,description,auto or full or half,receive or send,port-priority,suspend-individual,timeout,receive or transmit or trap-notification,tlv-select,Load interval delay in seconds,counter,Name for the MAC Access List,mac-address in HHHH.HHHH.HHHH format,THRESHOLD Value in unit of buffer cell,<64-9216> MTU in bytes-<64-9216> for L2 packet,<576-9216> for L3 IPv4 packet,<1280-9216> for L3 IPv6 packet,enter the instance id,input or output,copp-system-policy,type,1000 or 10000 or 40000 or auto,broadcast or multicast or unicast,disable or enable or egress-only,Virtual router identifier,destination-ip or destination-mac or destination-port or source-dest-ip or source-dest-mac or source-dest-port or source-interface or source-ip or source-mac or source-port|} # not required. choices: aggregation-group number;access or mode or trunk;description;auto or full or half;receive or send;port-priority;suspend-individual;timeout;receive or transmit or trap-notification;tlv-select;Load interval delay in seconds;counter;Name for the MAC Access List;mac-address in HHHH.HHHH.HHHH format;THRESHOLD Value in unit of buffer cell;<64-9216> MTU in bytes-<64-9216> for L2 packet;<576-9216> for L3 IPv4 packet;<1280-9216> for L3 IPv6 packet;enter the instance id;input or output;copp-system-policy;type;1000 or 10000 or 40000 or auto;broadcast or multicast or unicast;disable or enable or egress-only;Virtual router identifier;destination-ip or destination-mac or destination-port or source-dest-ip or source-dest-mac or source-dest-port or source-interface or source-ip or source-mac or source-port. This is an overloaded Port Channel second argument. Usage of this argument can be found is the User Guide referenced above.
interfaceArg3: ${14|active or on or passive,on or off,LACP port priority,long or short,link-aggregation or mac-phy-status or management-address or max-frame-size or port-description or port-protocol-vlan or port-vlan or power-mdi or protocol-identity or system-capabilities or system-description or system-name or vid-management or vlan-name,counter for load interval,policy input name,all or Copp class name to attach,qos,queueing,Enter the allowed traffic level,ipv6|} # not required. choices: active or on or passive;on or off;LACP port priority;long or short;link-aggregation or mac-phy-status or management-address or max-frame-size or port-description or port-protocol-vlan or port-vlan or power-mdi or protocol-identity or system-capabilities or system-description or system-name or vid-management or vlan-name;counter for load interval;policy input name;all or Copp class name to attach;qos;queueing;Enter the allowed traffic level;ipv6. This is an overloaded Port Channel third argument. Usage of this argument can be found is the User Guide referenced above.
"""
'cnos_reload':
'prefix': "cnos_reload_snippet"
'description': "Perform switch restart on devices running Lenovo CNOS"
'body': """
cnos_reload:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${4|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${5:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
enablePassword: ${6:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_rollback':
'prefix': "cnos_rollback_snippet"
'description': "Roll back the running or startup configuration from a remote server on devices running Lenovo CNOS"
'body': """
cnos_rollback:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
protocol: ${2|SFTP,SCP,FTP,TFTP|} # required. choices: SFTP;SCP;FTP;TFTP. This refers to the protocol used by the network device to interact with the remote server from where to download the backup configuration. The choices are FTP, SFTP, TFTP, or SCP. Any other protocols will result in error. If this parameter is not specified, there is no default value to be used.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
password: ${4:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
rcserverip: ${5:null} # required. This specifies the IP Address of the remote server from where the backup configuration will be downloaded.
serverpassword: ${6:null} # required. Specify the password for the server relating to the protocol used.
outputfile: ${7:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
configType: ${8|running-config,startup-config|} # required. choices: running-config;startup-config. This refers to the type of configuration which will be used for the rolling back process. The choices are the running or startup configurations. There is no default value, so it will result in an error if the input is incorrect.
deviceType: ${9|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
serverusername: ${10:null} # required. Specify the username for the server relating to the protocol used.
rcpath: ${11:null} # required. This specifies the full file path of the configuration file located on the remote server. In case the relative path is used as the variable value, the root folder for the user of the server needs to be specified.
enablePassword: ${12:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_save':
'prefix': "cnos_save_snippet"
'description': "Save the running configuration as the startup configuration on devices running Lenovo CNOS"
'body': """
cnos_save:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${4|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${5:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
enablePassword: ${6:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_showrun':
'prefix': "cnos_showrun_snippet"
'description': "Collect the current running configuration on devices running Lenovo CNOS"
'body': """
cnos_showrun:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${4|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${5:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
enablePassword: ${6:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_template':
'prefix': "cnos_template_snippet"
'description': "Manage switch configuration using templates on devices running Lenovo CNOS"
'body': """
cnos_template:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${4|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${5:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
commandfile: ${6:null} # required. This specifies the path to the CNOS command file which needs to be applied. This usually comes from the commands folder. Generally this file is the output of the variables applied on a template file. So this command is preceded by a template module. Note The command file must contain the Ansible keyword {{ inventory_hostname }} in its filename to ensure that the command file is unique for each switch and condition. If this is omitted, the command file will be overwritten during iteration. For example, commandfile=./commands/clos_leaf_bgp_{{ inventory_hostname }}_commands.txt
enablePassword: ${7:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_vlag':
'prefix': "cnos_vlag_snippet"
'description': "Manage VLAG resources and attributes on devices running Lenovo CNOS"
'body': """
cnos_vlag:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
vlagArg1: ${3|enable,auto-recovery,config-consistency,isl,mac-address-table,peer-gateway,priority,startup-delay,tier-id,vrrp,instance,hlthchk|} # required. choices: enable;auto-recovery;config-consistency;isl;mac-address-table;peer-gateway;priority;startup-delay;tier-id;vrrp;instance;hlthchk. This is an overloaded vlag first argument. Usage of this argument can be found is the User Guide referenced above.
host: ${4:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
deviceType: ${5|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${6:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
vlagArg2: ${7|Interval in seconds,disable or strict,Port Aggregation Number,VLAG priority,Delay time in seconds,VLAG tier-id value,VLAG instance number,keepalive-attempts,keepalive-interval,retry-interval,peer-ip|} # not required. choices: Interval in seconds;disable or strict;Port Aggregation Number;VLAG priority;Delay time in seconds;VLAG tier-id value;VLAG instance number;keepalive-attempts;keepalive-interval;retry-interval;peer-ip. This is an overloaded vlag second argument. Usage of this argument can be found is the User Guide referenced above.
vlagArg3: ${8|enable or port-aggregation,Number of keepalive attempts,Interval in seconds,Interval in seconds,VLAG health check peer IP4 address|} # not required. choices: enable or port-aggregation;Number of keepalive attempts;Interval in seconds;Interval in seconds;VLAG health check peer IP4 address. This is an overloaded vlag third argument. Usage of this argument can be found is the User Guide referenced above.
vlagArg4: ${9|Port Aggregation Number,default or management|} # not required. choices: Port Aggregation Number;default or management. This is an overloaded vlag fourth argument. Usage of this argument can be found is the User Guide referenced above.
enablePassword: ${10:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'cnos_vlan':
'prefix': "cnos_vlan_snippet"
'description': "Manage VLAN resources and attributes on devices running Lenovo CNOS"
'body': """
cnos_vlan:
username: ${1:null} # required. Configures the username used to authenticate the connection to the remote device. The value of the username parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
outputfile: ${2:null} # required. This specifies the file path where the output of each command execution is saved. Each command that is specified in the merged template file and each response from the device are saved here. Usually the location is the results folder, but you can choose another location based on your write permission.
host: ${3:null} # required. This is the variable used to search the hosts file at /etc/ansible/hosts and identify the IP address of the device on which the template is going to be applied. Usually the Ansible keyword {{ inventory_hostname }} is specified in the playbook as an abstraction of the group of network elements that need to be configured.
vlanArg1: ${4|access-map,dot1q,filter,<1-3999> VLAN ID 1-3999 or range|} # required. choices: access-map;dot1q;filter;<1-3999> VLAN ID 1-3999 or range. This is an overloaded vlan first argument. Usage of this argument can be found is the User Guide referenced above.
deviceType: ${5|g8272_cnos,g8296_cnos,g8332_cnos,NE1072T,NE1032,NE1032T,NE10032,NE2572|} # required. choices: g8272_cnos;g8296_cnos;g8332_cnos;NE1072T;NE1032;NE1032T;NE10032;NE2572. This specifies the type of device where the method is executed. The choices NE1072T,NE1032,NE1032T,NE10032, NE2572 are added since version 2.4
password: ${6:null} # required. Configures the password used to authenticate the connection to the remote device. The value of the password parameter is used to authenticate the SSH session. While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
vlanArg5: ${7|access-list name,Slot/chassis number,Port Aggregation Number|} # not required. choices: access-list name;Slot/chassis number;Port Aggregation Number. This is an overloaded vlan fifth argument. Usage of this argument can be found is the User Guide referenced above.
vlanArg4: ${8|drop or forward or redirect,ip or mac,Interval in seconds,ethernet,port-aggregation,Querier IP address,Querier Timeout in seconds,Query Interval in seconds,Query Max Response Time in seconds,Robustness Variable value,Number of queries sent at startup,Query Interval at startup|} # not required. choices: drop or forward or redirect;ip or mac;Interval in seconds;ethernet;port-aggregation;Querier IP address;Querier Timeout in seconds;Query Interval in seconds;Query Max Response Time in seconds;Robustness Variable value;Number of queries sent at startup;Query Interval at startup. This is an overloaded vlan fourth argument. Usage of this argument can be found is the User Guide referenced above.
vlanArg3: ${9|action,match,statistics,enter VLAN id or range of vlan,ascii name for the VLAN,ipv4 or ipv6,active or suspend,fast-leave,last-member-query-interval,mrouter,querier,querier-timeout,query-interval,query-max-response-time,report-suppression,robustness-variable,startup-query-count,startup-query-interval,static-group|} # not required. choices: action;match;statistics;enter VLAN id or range of vlan;ascii name for the VLAN;ipv4 or ipv6;active or suspend;fast-leave;last-member-query-interval;mrouter;querier;querier-timeout;query-interval;query-max-response-time;report-suppression;robustness-variable;startup-query-count;startup-query-interval;static-group. This is an overloaded vlan third argument. Usage of this argument can be found is the User Guide referenced above.
vlanArg2: ${10|VLAN Access Map name,egress-only,name,flood,state,ip|} # not required. choices: VLAN Access Map name;egress-only;name;flood;state;ip. This is an overloaded vlan second argument. Usage of this argument can be found is the User Guide referenced above.
enablePassword: ${11:null} # not required. Configures the password used to enter Global Configuration command mode on the switch. If the switch does not request this password, the parameter is ignored.While generally the value should come from the inventory file, you can also specify it as a variable. This parameter is optional. If it is not specified, no default value will be used.
"""
'command':
'prefix': "command_snippet"
'description': "Executes a command on a remote node"
'body': """
command:
free_form: ${1:undefined} # required. The command module takes a free form command to run. There is no parameter actually named 'free form'. See the examples!
warn: ${2:yes} # not required. If command_warnings are on in ansible.cfg, do not warn about this particular line if set to C(no).
creates: ${3:undefined} # not required. A filename or (since 2.0) glob pattern, when it already exists, this step will B(not) be run.
chdir: ${4:undefined} # not required. Change into this directory before running the command.
stdin: ${5:null} # not required. Set the stdin of the command directly to the specified value.
removes: ${6:undefined} # not required. A filename or (since 2.0) glob pattern, when it does not exist, this step will B(not) be run.
"""
'composer':
'prefix': "composer_snippet"
'description': "Dependency Manager for PHP"
'body': """
composer:
executable: ${1:undefined} # not required. Path to PHP Executable on the remote host, if PHP is not in PATH.
no_scripts: ${2|true,false|} # not required. choices: true;false. Skips the execution of all scripts defined in composer.json (see --no-scripts).
prefer_source: ${3|true,false|} # not required. choices: true;false. Forces installation from package sources when possible (see --prefer-source).
prefer_dist: ${4|true,false|} # not required. choices: true;false. Forces installation from package dist even for dev versions (see --prefer-dist).
working_dir: ${5:undefined} # not required. Directory of your project (see --working-dir). This is required when the command is not run globally.,Will be ignored if C(global_command=true).
global_command: ${6|true,false|} # not required. choices: true;false. Runs the specified command globally.
command: ${7:install} # not required. Composer command like \"install\", \"update\" and so on.
arguments: ${8:undefined} # not required. Composer arguments like required package, version and so on.
ignore_platform_reqs: ${9|true,false|} # not required. choices: true;false. Ignore php, hhvm, lib-* and ext-* requirements and force the installation even if the local machine does not fulfill these.
no_dev: ${10|true,false|} # not required. choices: true;false. Disables installation of require-dev packages (see --no-dev).
no_plugins: ${11|true,false|} # not required. choices: true;false. Disables all plugins ( see --no-plugins ).
optimize_autoloader: ${12|true,false|} # not required. choices: true;false. Optimize autoloader during autoloader dump (see --optimize-autoloader).,Convert PSR-0/4 autoloading to classmap to get a faster autoloader.,Recommended especially for production, but can take a bit of time to run.
"""
'consul':
'prefix': "consul_snippet"
'description': "Add, modify & delete services within a consul cluster."
'body': """
consul:
state: ${1|present,absent|} # required. choices: present;absent. register or deregister the consul service, defaults to present
service_address: ${2:None} # not required. the address to advertise that the service will be listening on. This value will be passed as the I(Address) parameter to Consul's U(/v1/agent/service/register) API method, so refer to the Consul API documentation for further details.
http: ${3:None} # not required. checks can be registered with an http endpoint. This means that consul will check that the http endpoint returns a successful http status. Interval must also be provided with this option.
tags: ${4:None} # not required. a list of tags that will be attached to the service registration.
check_name: ${5:None} # not required. a name for the service check, defaults to the check id. required if standalone, ignored if part of service definition.
service_name: ${6:undefined} # not required. Unique name for the service on a node, must be unique per node, required if registering a service. May be omitted if registering a node level check
host: ${7:localhost} # not required. host of the consul agent defaults to localhost
ttl: ${8:None} # not required. checks can be registered with a ttl instead of a script and interval this means that the service will check in with the agent before the ttl expires. If it doesn't the check will be considered failed. Required if registering a check and the script an interval are missing Similar to the interval this is a number with a s or m suffix to signify the units of seconds or minutes e.g 15s or 1m. If no suffix is supplied, m will be used by default e.g. 1 will be 1m
port: ${9:8500} # not required. the port on which the consul agent is running
script: ${10:None} # not required. the script/command that will be run periodically to check the health of the service. Scripts require an interval and vise versa
check_id: ${11:None} # not required. an ID for the service check, defaults to the check name, ignored if part of a service definition.
service_port: ${12:None} # not required. the port on which the service is listening. Can optionally be supplied for registration of a service, i.e. if service_name or service_id is set
notes: ${13:None} # not required. Notes to attach to check when registering it.
interval: ${14:None} # not required. the interval at which the service check will be run. This is a number with a s or m suffix to signify the units of seconds or minutes e.g 15s or 1m. If no suffix is supplied, m will be used by default e.g. 1 will be 1m. Required if the script param is specified.
token: ${15:None} # not required. the token key indentifying an ACL rule set. May be required to register services.
timeout: ${16:None} # not required. A custom HTTP check timeout. The consul default is 10 seconds. Similar to the interval this is a number with a s or m suffix to signify the units of seconds or minutes, e.g. 15s or 1m.
service_id: ${17:service_name if supplied} # not required. the ID for the service, must be unique per node, defaults to the service name if the service name is supplied
scheme: ${18:http} # not required. the protocol scheme on which the consul agent is running
validate_certs: ${19:true} # not required. whether to verify the tls certificate of the consul agent
"""
'consul_acl':
'prefix': "consul_acl_snippet"
'description': "Manipulate Consul ACL keys and rules"
'body': """
consul_acl:
name: ${1:undefined} # not required. the name that should be associated with the acl key, this is opaque to Consul
rules: ${2:undefined} # not required. a list of the rules that should be associated with a given token
state: ${3|present,absent|} # not required. choices: present;absent. whether the ACL pair should be present or absent
token_type: ${4|client,management|} # not required. choices: client;management. the type of token that should be created, either management or client
token: ${5:undefined} # not required. the token key indentifying an ACL rule set. If generated by consul this will be a UUID
mgmt_token: ${6:undefined} # not required. a management token is required to manipulate the acl lists
host: ${7:localhost} # not required. host of the consul agent defaults to localhost
scheme: ${8:http} # not required. the protocol scheme on which the consul agent is running
validate_certs: ${9:true} # not required. whether to verify the tls certificate of the consul agent
port: ${10:8500} # not required. the port on which the consul agent is running
"""
'consul_kv':
'prefix': "consul_kv_snippet"
'description': "Manipulate entries in the key/value store of a consul cluster"
'body': """
consul_kv:
value: ${1:undefined} # required. The value should be associated with the given key, required if C(state) is C(present).
key: ${2:undefined} # required. The key at which the value should be stored.
cas: ${3:undefined} # not required. Used when acquiring a lock with a session. If the C(cas) is C(0), then Consul will only put the key if it does not already exist. If the C(cas) value is non-zero, then the key is only set if the index matches the ModifyIndex of that key.
recurse: ${4:no} # not required. If the key represents a prefix, each entry with the prefix can be retrieved by setting this to C(yes).
token: ${5:undefined} # not required. The token key indentifying an ACL rule set that controls access to the key value pair
state: ${6|absent,acquire,present,release|} # not required. choices: absent;acquire;present;release. The action to take with the supplied key and value. If the state is 'present', the key contents will be set to the value supplied, 'changed' will be set to true only if the value was different to the current contents. The state 'absent' will remove the key/value pair, again 'changed' will be set to true only if the key actually existed prior to the removal. An attempt can be made to obtain or free the lock associated with a key/value pair with the states 'acquire' or 'release' respectively. a valid session must be supplied to make the attempt changed will be true if the attempt is successful, false otherwise.
session: ${7:undefined} # not required. The session that should be used to acquire or release a lock associated with a key/value pair.
flags: ${8:undefined} # not required. Opaque integer value that can be passed when setting a value.
host: ${9:localhost} # not required. Host of the consul agent.
scheme: ${10:http} # not required. The protocol scheme on which the consul agent is running.
validate_certs: ${11:yes} # not required. Whether to verify the tls certificate of the consul agent.
port: ${12:8500} # not required. The port on which the consul agent is running.
"""
'consul_session':
'prefix': "consul_session_snippet"
'description': "Manipulate consul sessions"
'body': """
consul_session:
node: ${1:undefined} # not required. The name of the node that with which the session will be associated. by default this is the name of the agent.
datacenter: ${2:undefined} # not required. The name of the datacenter in which the session exists or should be created.
name: ${3:undefined} # not required. The name that should be associated with the session. This is opaque to Consul and not required.
state: ${4|absent,info,list,node,present|} # not required. choices: absent;info;list;node;present. Whether the session should be present i.e. created if it doesn't exist, or absent, removed if present. If created, the ID for the session is returned in the output. If absent, the name or ID is required to remove the session. Info for a single session, all the sessions for a node or all available sessions can be retrieved by specifying info, node or list for the state; for node or info, the node name or session id is required as parameter.
checks: ${5:undefined} # not required. A list of checks that will be used to verify the session health. If all the checks fail, the session will be invalidated and any locks associated with the session will be release and can be acquired once the associated lock delay has expired.
delay: ${6:15} # not required. The optional lock delay that can be attached to the session when it is created. Locks for invalidated sessions ar blocked from being acquired until this delay has expired. Durations are in seconds.
host: ${7:localhost} # not required. The host of the consul agent defaults to localhost.
behavior: ${8|delete,release|} # not required. choices: delete;release. The optional behavior that can be attached to the session when it is created. This controls the behavior when a session is invalidated.
scheme: ${9:http} # not required. The protocol scheme on which the consul agent is running.
validate_certs: ${10:true} # not required. Whether to verify the tls certificate of the consul agent.
port: ${11:8500} # not required. The port on which the consul agent is running.
"""
'copy':
'prefix': "copy_snippet"
'description': "Copies files to remote locations"
'body': """
copy:
dest: ${1:undefined} # required. Remote absolute path where the file should be copied to. If I(src) is a directory, this must be a directory too. If I(dest) is a nonexistent path and if either I(dest) ends with \"/\" or I(src) is a directory, I(dest) is created. If I(src) and I(dest) are files, the parent directory of I(dest) isn't created: the task fails if it doesn't already exist.
src: ${2:undefined} # not required. Local path to a file to copy to the remote server; can be absolute or relative. If path is a directory, it is copied recursively. In this case, if path ends with \"/\", only inside contents of that directory are copied to destination. Otherwise, if it does not end with \"/\", the directory itself with all contents is copied. This behavior is similar to Rsync.
directory_mode: ${3:undefined} # not required. When doing a recursive copy set the mode for the directories. If this is not set we will use the system defaults. The mode is only set on directories which are newly created, and will not affect those that already existed.
force: ${4:yes} # not required. the default is C(yes), which will replace the remote file when contents are different than the source. If C(no), the file will only be transferred if the destination does not exist.
remote_src: ${5:no} # not required. If C(no), it will search for I(src) at originating/master machine.,If C(yes) it will go to the remote/target machine for the I(src). Default is C(no).,Currently I(remote_src) does not support recursive copying.
checksum: ${6:undefined} # not required. SHA1 checksum of the file being transferred. Used to valdiate that the copy of the file was successful.,If this is not provided, ansible will use the local calculated checksum of the src file.
seuser: ${7:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
decrypt: ${8:Yes} # not required. This option controls the autodecryption of source files using vault.
setype: ${9:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
group: ${10:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
content: ${11:undefined} # not required. When used instead of I(src), sets the contents of a file directly to the specified value. For anything advanced or with formatting also look at the template module.
unsafe_writes: ${12:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
serole: ${13:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
mode: ${14:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
selevel: ${15:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
owner: ${16:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
follow: ${17:no} # not required. This flag indicates that filesystem links in the destination, if they exist, should be followed.
validate: ${18:None} # not required. The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
attributes: ${19:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
backup: ${20:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
local_follow: ${21:yes} # not required. This flag indicates that filesystem links in the source tree, if they exist, should be followed.
"""
'cpanm':
'prefix': "cpanm_snippet"
'description': "Manages Perl library dependencies."
'body': """
cpanm:
executable: ${1:null} # not required. Override the path to the cpanm executable
name: ${2:null} # not required. The name of the Perl library to install. You may use the \"full distribution path\", e.g. MIYAGAWA/Plack-0.99_05.tar.gz
installdeps: ${3:false} # not required. Only install dependencies
system_lib: ${4:false} # not required. Use this if you want to install modules to the system perl include path. You must be root or have \"passwordless\" sudo for this to work.,This uses the cpanm commandline option '--sudo', which has nothing to do with ansible privilege escalation.
mirror_only: ${5:false} # not required. Use the mirror's index file instead of the CPAN Meta DB
from_path: ${6:null} # not required. The local directory from where to install
version: ${7:false} # not required. minimum version of perl module to consider acceptable
mirror: ${8:false} # not required. Specifies the base URL for the CPAN mirror to use
locallib: ${9:false} # not required. Specify the install base to install modules
notest: ${10:false} # not required. Do not run unit tests
"""
'cron':
'prefix': "cron_snippet"
'description': "Manage cron.d and crontab entries"
'body': """
cron:
cron_file: ${1:undefined} # not required. If specified, uses this file instead of an individual user's crontab. If this is a relative path, it is interpreted with respect to /etc/cron.d. (If it is absolute, it will typically be /etc/crontab). Many linux distros expect (and some require) the filename portion to consist solely of upper- and lower-case letters, digits, underscores, and hyphens. To use the C(cron_file) parameter you must specify the C(user) as well.
month: ${2:*} # not required. Month of the year the job should run ( 1-12, *, */2, etc )
disabled: ${3:no} # not required. If the job should be disabled (commented out) in the crontab.,Only has effect if C(state=present).
job: ${4:undefined} # not required. The command to execute or, if env is set, the value of environment variable. The command should not contain line breaks. Required if state=present.
special_time: ${5|reboot,yearly,annually,monthly,weekly,daily,hourly|} # not required. choices: reboot;yearly;annually;monthly;weekly;daily;hourly. Special time specification nickname.
user: ${6:root} # not required. The specific user whose crontab should be modified.
insertafter: ${7:undefined} # not required. Used with C(state=present) and C(env). If specified, the environment variable will be inserted after the declaration of specified environment variable.
insertbefore: ${8:undefined} # not required. Used with C(state=present) and C(env). If specified, the environment variable will be inserted before the declaration of specified environment variable.
day: ${9:*} # not required. Day of the month the job should run ( 1-31, *, */2, etc )
minute: ${10:*} # not required. Minute when the job should run ( 0-59, *, */2, etc )
name: ${11:undefined} # not required. Description of a crontab entry or, if env is set, the name of environment variable. Required if state=absent. Note that if name is not set and state=present, then a new crontab entry will always be created, regardless of existing ones.
hour: ${12:*} # not required. Hour when the job should run ( 0-23, *, */2, etc )
reboot: ${13:no} # not required. If the job should be run at reboot. This option is deprecated. Users should use special_time.
state: ${14|absent,present|} # not required. choices: absent;present. Whether to ensure the job or environment variable is present or absent.
weekday: ${15:*} # not required. Day of the week that the job should run ( 0-6 for Sunday-Saturday, *, etc )
env: ${16:no} # not required. If set, manages a crontab's environment variable. New variables are added on top of crontab. \"name\" and \"value\" parameters are the name and the value of environment variable.
backup: ${17:no} # not required. If set, create a backup of the crontab before it is modified. The location of the backup is returned in the C(backup_file) variable by this module.
"""
'cronvar':
'prefix': "cronvar_snippet"
'description': "Manage variables in crontabs"
'body': """
cronvar:
name: ${1:undefined} # required. Name of the crontab variable.
insertbefore: ${2:undefined} # not required. Used with C(state=present). If specified, the variable will be inserted just before the variable specified.
cron_file: ${3:undefined} # not required. If specified, uses this file instead of an individual user's crontab. Without a leading /, this is assumed to be in /etc/cron.d. With a leading /, this is taken as absolute.
value: ${4:undefined} # not required. The value to set this variable to.,Required if C(state=present).
state: ${5|absent,present|} # not required. choices: absent;present. Whether to ensure that the variable is present or absent.
user: ${6:root} # not required. The specific user whose crontab should be modified.
insertafter: ${7:undefined} # not required. If specified, the variable will be inserted after the variable specified.,Used with C(state=present).
backup: ${8:no} # not required. If set, create a backup of the crontab before it is modified. The location of the backup is returned in the C(backup) variable by this module.
"""
'crypttab':
'prefix': "crypttab_snippet"
'description': "Encrypted Linux block devices"
'body': """
crypttab:
state: ${1|absent,opts_absent,opts_present,present|} # required. choices: absent;opts_absent;opts_present;present. Use I(present) to add a line to C(/etc/crypttab) or update it's definition if already present. Use I(absent) to remove a line with matching I(name). Use I(opts_present) to add options to those already present; options with different values will be updated. Use I(opts_absent) to remove options from the existing set.
name: ${2:undefined} # required. Name of the encrypted block device as it appears in the C(/etc/crypttab) file, or optionally prefixed with C(/dev/mapper/), as it appears in the filesystem. I(/dev/mapper/) will be stripped from I(name).
backing_device: ${3:undefined} # not required. Path to the underlying block device or file, or the UUID of a block-device prefixed with I(UUID=).
path: ${4:/etc/crypttab} # not required. Path to file to use instead of C(/etc/crypttab). This might be useful in a chroot environment.
password: ${5:none} # not required. Encryption password, the path to a file containing the password, or C(none) or C(-) if the password should be entered at boot.
opts: ${6:undefined} # not required. A comma-delimited list of options. See C(crypttab(5) ) for details.
"""
'cs_account':
'prefix': "cs_account_snippet"
'description': "Manages accounts on Apache CloudStack based clouds."
'body': """
cs_account:
name: ${1:undefined} # required. Name of account.
username: ${2:null} # not required. Username of the user to be created if account did not exist.,Required on C(state=present).
first_name: ${3:null} # not required. First name of the user to be created if account did not exist.,Required on C(state=present).
last_name: ${4:null} # not required. Last name of the user to be created if account did not exist.,Required on C(state=present).
account_type: ${5|user,root_admin,domain_admin|} # not required. choices: user;root_admin;domain_admin. Type of the account.
api_http_method: ${6|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
password: ${7:null} # not required. Password of the user to be created if account did not exist.,Required on C(state=present).
api_timeout: ${8:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
domain: ${9:ROOT} # not required. Domain the account is related to.
api_region: ${10:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
api_key: ${11:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
state: ${12|present,absent,enabled,disabled,locked,unlocked|} # not required. choices: present;absent;enabled;disabled;locked;unlocked. State of the account.,C(unlocked) is an alias for C(enabled).
api_secret: ${13:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
timezone: ${14:null} # not required. Timezone of the user to be created if account did not exist.
poll_async: ${15:true} # not required. Poll async jobs until job has finished.
network_domain: ${16:null} # not required. Network domain of the account.
email: ${17:null} # not required. Email of the user to be created if account did not exist.,Required on C(state=present).
api_url: ${18:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_affinitygroup':
'prefix': "cs_affinitygroup_snippet"
'description': "Manages affinity groups on Apache CloudStack based clouds."
'body': """
cs_affinitygroup:
name: ${1:undefined} # required. Name of the affinity group.
account: ${2:null} # not required. Account the affinity group is related to.
poll_async: ${3:true} # not required. Poll async jobs until job has finished.
api_http_method: ${4|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
domain: ${7:null} # not required. Domain the affinity group is related to.
affinity_type: ${8:null} # not required. Type of the affinity group. If not specified, first found affinity type is used.
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${10:null} # not required. Name of the project the affinity group is related to.
state: ${11|present,absent|} # not required. choices: present;absent. State of the affinity group.
api_url: ${12:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_key: ${13:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
description: ${14:null} # not required. Description of the affinity group.
"""
'cs_cluster':
'prefix': "cs_cluster_snippet"
'description': "Manages host clusters on Apache CloudStack based clouds."
'body': """
cs_cluster:
name: ${1:undefined} # required. name of the cluster.
username: ${2:null} # not required. Username for the cluster.
guest_vswitch_type: ${3|vmwaresvs,vmwaredvs|} # not required. choices: vmwaresvs;vmwaredvs. Type of virtual switch used for guest traffic in the cluster.,Allowed values are, vmwaresvs (for VMware standard vSwitch) and vmwaredvs (for VMware distributed vSwitch)
ovm3_cluster: ${4:null} # not required. Ovm3 native OCFS2 clustering enabled for cluster.
ovm3_pool: ${5:null} # not required. Ovm3 native pooling enabled for cluster.
api_http_method: ${6|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${7:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${8:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
api_url: ${10:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
pod: ${11:null} # not required. Name of the pod in which the cluster belongs to.
hypervisor: ${12|KVM,VMware,BareMetal,XenServer,LXC,HyperV,UCS,OVM|} # not required. choices: KVM;VMware;BareMetal;XenServer;LXC;HyperV;UCS;OVM. Name the hypervisor to be used.,Required if C(state=present).
guest_vswitch_name: ${13:null} # not required. Name of virtual switch used for guest traffic in the cluster.,This would override zone wide traffic label setting.
vms_username: ${14:null} # not required. Username for the VSM associated with this cluster.
password: ${15:null} # not required. Password for the cluster.
public_vswitch_type: ${16|vmwaresvs,vmwaredvs|} # not required. choices: vmwaresvs;vmwaredvs. Type of virtual switch used for public traffic in the cluster.,Allowed values are, vmwaresvs (for VMware standard vSwitch) and vmwaredvs (for VMware distributed vSwitch)
zone: ${17:null} # not required. Name of the zone in which the cluster belongs to.,If not set, default zone is used.
url: ${18:null} # not required. URL for the cluster
cluster_type: ${19|CloudManaged,ExternalManaged|} # not required. choices: CloudManaged;ExternalManaged. Type of the cluster.,Required if C(state=present)
ovm3_vip: ${20:null} # not required. Ovm3 vip to use for pool (and cluster).
vms_ip_address: ${21:null} # not required. IP address of the VSM associated with this cluster.
state: ${22|present,absent,disabled,enabled|} # not required. choices: present;absent;disabled;enabled. State of the cluster.
public_vswitch_name: ${23:null} # not required. Name of virtual switch used for public traffic in the cluster.,This would override zone wide traffic label setting.
api_key: ${24:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
vms_password: ${25:null} # not required. Password for the VSM associated with this cluster.
"""
'cs_configuration':
'prefix': "cs_configuration_snippet"
'description': "Manages configuration on Apache CloudStack based clouds."
'body': """
cs_configuration:
name: ${1:undefined} # required. Name of the configuration.
value: ${2:undefined} # required. Value of the configuration.
domain: ${3:ROOT} # not required. Domain the account is related to.,Only considered if C(account) is used.
api_http_method: ${4|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
cluster: ${7:null} # not required. Ensure the value for corresponding cluster.
api_url: ${8:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
account: ${9:null} # not required. Ensure the value for corresponding account.
zone: ${10:null} # not required. Ensure the value for corresponding zone.
storage: ${11:null} # not required. Ensure the value for corresponding storage pool.
api_region: ${12:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
api_key: ${13:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_domain':
'prefix': "cs_domain_snippet"
'description': "Manages domains on Apache CloudStack based clouds."
'body': """
cs_domain:
path: ${1:undefined} # required. Path of the domain.,Prefix C(ROOT/) or C(/ROOT/) in path is optional.
api_key: ${2:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
poll_async: ${3:true} # not required. Poll async jobs until job has finished.
api_url: ${4:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${6:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${7:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
clean_up: ${8:false} # not required. Clean up all domain resources like child domains and accounts.,Considered on C(state=absent).
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
state: ${10|present,absent|} # not required. choices: present;absent. State of the domain.
network_domain: ${11:undefined} # not required. Network domain for networks in the domain.
"""
'cs_facts':
'prefix': "cs_facts_snippet"
'description': "Gather facts on instances of Apache CloudStack based clouds."
'body': """
cs_facts:
filter: ${1|cloudstack_service_offering,cloudstack_availability_zone,cloudstack_public_hostname,cloudstack_public_ipv4,cloudstack_local_hostname,cloudstack_local_ipv4,cloudstack_instance_id,cloudstack_user_data|} # not required. choices: cloudstack_service_offering;cloudstack_availability_zone;cloudstack_public_hostname;cloudstack_public_ipv4;cloudstack_local_hostname;cloudstack_local_ipv4;cloudstack_instance_id;cloudstack_user_data. Filter for a specific fact.
meta_data_host: ${2:undefined} # not required. Host or IP of the meta data API service.,If not set, determination by parsing the dhcp lease file.
"""
'cs_firewall':
'prefix': "cs_firewall_snippet"
'description': "Manages firewall rules on Apache CloudStack based clouds."
'body': """
cs_firewall:
icmp_code: ${1:undefined} # not required. Error code for this icmp message.,Considered if C(protocol=icmp).
domain: ${2:undefined} # not required. Domain the firewall rule is related to.
api_timeout: ${3:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
protocol: ${4|tcp,udp,icmp,all|} # not required. choices: tcp;udp;icmp;all. Protocol of the firewall rule.,C(all) is only available if C(type=egress).
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${6:undefined} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,To delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${7:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
end_port: ${8:undefined} # not required. End port for this rule. Considered if C(protocol=tcp) or C(protocol=udp).,If not specified, equal C(start_port).
start_port: ${9:undefined} # not required. Start port for this rule.,Considered if C(protocol=tcp) or C(protocol=udp).
icmp_type: ${10:undefined} # not required. Type of the icmp message being sent.,Considered if C(protocol=icmp).
ip_address: ${11:undefined} # not required. Public IP address the ingress rule is assigned to.,Required if C(type=ingress).
api_url: ${12:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
account: ${13:undefined} # not required. Account the firewall rule is related to.
poll_async: ${14:true} # not required. Poll async jobs until job has finished.
network: ${15:undefined} # not required. Network the egress rule is related to.,Required if C(type=egress).
zone: ${16:undefined} # not required. Name of the zone in which the virtual machine is in.,If not set, default zone is used.
cidrs: ${17:0.0.0.0/0} # not required. List of CIDRs (full notation) to be used for firewall rule.,Since version 2.5, it is a list of CIDR.
api_region: ${18:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${19:undefined} # not required. Name of the project the firewall rule is related to.
state: ${20|present,absent|} # not required. choices: present;absent. State of the firewall rule.
api_key: ${21:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
type: ${22|ingress,egress|} # not required. choices: ingress;egress. Type of the firewall rule.
"""
'cs_host':
'prefix': "cs_host_snippet"
'description': "Manages hosts on Apache CloudStack based clouds."
'body': """
cs_host:
name: ${1:undefined} # required. Name of the host.
username: ${2:undefined} # not required. Username for the host.,Required if C(state=present) and host does not yet exist.
api_key: ${3:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
zone: ${4:undefined} # not required. Name of the zone in which the host should be deployed.,If not set, default zone is used.
host_tags: ${5:undefined} # not required. Tags of the host.
url: ${6:undefined} # not required. Url of the host used to create a host.,If not provided, C(http://) and param C(name) is used as url.,Only considered if C(state=present) and host does not yet exist.
hypervisor: ${7|KVM,VMware,BareMetal,XenServer,LXC,HyperV,UCS,OVM,Simulator|} # not required. choices: KVM;VMware;BareMetal;XenServer;LXC;HyperV;UCS;OVM;Simulator. Name of the cluster.,Required if C(state=present) and host does not yet exist.
api_timeout: ${8:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
cluster: ${10:undefined} # not required. Name of the cluster.
state: ${11|present,absent|} # not required. choices: present;absent. State of the host.
api_http_method: ${12|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${13:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
pod: ${14:undefined} # not required. Name of the pod.,Required if C(state=present) and host does not yet exist.
password: ${15:undefined} # not required. Password for the host.,Required if C(state=present) and host does not yet exist.
allocation_state: ${16|enabled,disabled|} # not required. choices: enabled;disabled. Allocation state of the host.
api_url: ${17:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_instance':
'prefix': "cs_instance_snippet"
'description': "Manages instances and virtual machines on Apache CloudStack based clouds."
'body': """
cs_instance:
domain: ${1:undefined} # not required. Domain the instance is related to.
api_timeout: ${2:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
force: ${3:false} # not required. Force stop/start the instance if required to apply changes, otherwise a running instance will not be changed.
disk_offering: ${4:undefined} # not required. Name of the disk offering to be used.
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${6:undefined} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,If you want to delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${7:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
keyboard: ${8|de,de-ch,es,fi,fr,fr-be,fr-ch,is,it,jp,nl-be,false,pt,uk,us|} # not required. choices: de;de-ch;es;fi;fr;fr-be;fr-ch;is;it;jp;nl-be;false;pt;uk;us. Keyboard device type for the instance.
user_data: ${9:undefined} # not required. Optional data (ASCII) that can be sent to the instance upon a successful deployment.,The data will be automatically base64 encoded.,Consider switching to HTTP_POST by using C(CLOUDSTACK_METHOD=post) to increase the HTTP_GET size limit of 2KB to 32 KB.
root_disk_size: ${10:undefined} # not required. Root disk size in GByte required if deploying instance with KVM hypervisor and want resize the root disk size at startup (need CloudStack >= 4.4, cloud-initramfs-growroot installed and enabled in the template)
ssh_key: ${11:undefined} # not required. Name of the SSH key to be deployed on the new instance.
cpu_speed: ${12:undefined} # not required. The clock speed/shares allocated to the instance, used with custom service offerings
ip6_address: ${13:undefined} # not required. IPv6 address for default instance's network.
service_offering: ${14:undefined} # not required. Name or id of the service offering of the new instance.,If not set, first found service offering is used.
ip_address: ${15:undefined} # not required. IPv4 address for default instance's network during creation.
networks: ${16:undefined} # not required. List of networks to use for the new instance.
security_groups: ${17:undefined} # not required. List of security groups the instance to be applied to.
display_name: ${18:undefined} # not required. Custom display name of the instances.,Display name will be set to C(name) if not specified.,Either C(name) or C(display_name) is required.
account: ${19:undefined} # not required. Account the instance is related to.
api_key: ${20:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
group: ${21:undefined} # not required. Group in where the new instance should be in.
name: ${22:undefined} # not required. Host name of the instance. C(name) can only contain ASCII letters.,Name will be generated (UUID) by CloudStack if not specified and can not be changed afterwards.,Either C(name) or C(display_name) is required.
zone: ${23:undefined} # not required. Name of the zone in which the instance should be deployed.,If not set, default zone is used.
hypervisor: ${24|KVM,VMware,BareMetal,XenServer,LXC,HyperV,UCS,OVM,Simulator|} # not required. choices: KVM;VMware;BareMetal;XenServer;LXC;HyperV;UCS;OVM;Simulator. Name the hypervisor to be used for creating the new instance.,Relevant when using C(state=present), but only considered if not set on ISO/template.,If not set or found on ISO/template, first found hypervisor will be used.
ip_to_networks: ${25:undefined} # not required. List of mappings in the form {'network': NetworkName, 'ip': 1.2.3.4},Mutually exclusive with C(networks) option.
disk_size: ${26:undefined} # not required. Disk size in GByte required if deploying instance from ISO.
project: ${27:undefined} # not required. Name of the project the instance to be deployed in.
api_url: ${28:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
state: ${29|deployed,started,stopped,restarted,restored,destroyed,expunged,present,absent|} # not required. choices: deployed;started;stopped;restarted;restored;destroyed;expunged;present;absent. State of the instance.
api_region: ${30:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
affinity_groups: ${31:undefined} # not required. Affinity groups names to be applied to the new instance.
template: ${32:undefined} # not required. Name or id of the template to be used for creating the new instance.,Required when using C(state=present).,Mutually exclusive with C(ISO) option.
memory: ${33:undefined} # not required. The memory allocated to the instance, used with custom service offerings
iso: ${34:undefined} # not required. Name or id of the ISO to be used for creating the new instance.,Required when using C(state=present).,Mutually exclusive with C(template) option.
poll_async: ${35:true} # not required. Poll async jobs until job has finished.
template_filter: ${36|featured,self,selfexecutable,sharedexecutable,executable,community|} # not required. choices: featured;self;selfexecutable;sharedexecutable;executable;community. Name of the filter used to search for the template or iso.,Used for params C(iso) or C(template) on C(state=present).
cpu: ${37:undefined} # not required. The number of CPUs to allocate to the instance, used with custom service offerings
"""
'cs_instance_facts':
'prefix': "cs_instance_facts_snippet"
'description': "Gathering facts from the API of instances from Apache CloudStack based clouds."
'body': """
cs_instance_facts:
name: ${1:undefined} # required. Name or display name of the instance.
account: ${2:undefined} # not required. Account the instance is related to.
api_url: ${3:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${4|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
domain: ${7:undefined} # not required. Domain the instance is related to.
api_region: ${8:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${9:undefined} # not required. Project the instance is related to.
api_key: ${10:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_instance_nic':
'prefix': "cs_instance_nic_snippet"
'description': "Manages NICs of an instance on Apache CloudStack based clouds."
'body': """
cs_instance_nic:
network: ${1:undefined} # required. Name of the network.
vm: ${2:undefined} # required. Name of instance.
account: ${3:null} # not required. Account the instance is related to.
api_timeout: ${4:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
poll_async: ${5:true} # not required. Poll async jobs until job has finished.
zone: ${6:null} # not required. Name of the zone in which the instance is deployed in.,If not set, default zone is used.
api_secret: ${7:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${8|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
domain: ${9:null} # not required. Domain the instance is related to.
project: ${10:null} # not required. Name of the project the instance is deployed in.
state: ${11|present,absent|} # not required. choices: present;absent. State of the nic.
api_region: ${12:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
vpc: ${13:null} # not required. Name of the VPC the C(vm) is related to.
api_key: ${14:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
ip_address: ${15:null} # not required. IP address to be used for the nic.
api_url: ${16:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_instance_nic_secondaryip':
'prefix': "cs_instance_nic_secondaryip_snippet"
'description': "Manages secondary IPs of an instance on Apache CloudStack based clouds."
'body': """
cs_instance_nic_secondaryip:
vm: ${1:undefined} # required. Name of instance.
vm_guest_ip: ${2:undefined} # not required. Secondary IP address to be added to the instance nic.,If not set, the API always returns a new IP address and idempotency is not given.
account: ${3:undefined} # not required. Account the instance is related to.
api_timeout: ${4:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
poll_async: ${5:true} # not required. Poll async jobs until job has finished.
network: ${6:undefined} # not required. Name of the network.,Required to find the NIC if instance has multiple networks assigned.
zone: ${7:undefined} # not required. Name of the zone in which the instance is deployed in.,If not set, default zone is used.
api_secret: ${8:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${9|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
domain: ${10:undefined} # not required. Domain the instance is related to.
project: ${11:undefined} # not required. Name of the project the instance is deployed in.
state: ${12|present,absent|} # not required. choices: present;absent. State of the ipaddress.
api_region: ${13:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
vpc: ${14:undefined} # not required. Name of the VPC the C(vm) is related to.
api_key: ${15:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${16:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_instancegroup':
'prefix': "cs_instancegroup_snippet"
'description': "Manages instance groups on Apache CloudStack based clouds."
'body': """
cs_instancegroup:
name: ${1:undefined} # required. Name of the instance group.
account: ${2:null} # not required. Account the instance group is related to.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${4:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${5:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
domain: ${6:null} # not required. Domain the instance group is related to.
api_region: ${7:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${8:null} # not required. Project the instance group is related to.
state: ${9|present,absent|} # not required. choices: present;absent. State of the instance group.
api_key: ${10:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${11:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_ip_address':
'prefix': "cs_ip_address_snippet"
'description': "Manages public IP address associations on Apache CloudStack based clouds."
'body': """
cs_ip_address:
account: ${1:undefined} # not required. Account the IP address is related to.
api_timeout: ${2:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
poll_async: ${3:true} # not required. Poll async jobs until job has finished.
network: ${4:undefined} # not required. Network the IP address is related to.
zone: ${5:undefined} # not required. Name of the zone in which the IP address is in.,If not set, default zone is used.
api_secret: ${6:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${7|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
domain: ${8:undefined} # not required. Domain the IP address is related to.
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${10:undefined} # not required. Name of the project the IP address is related to.
state: ${11|present,absent|} # not required. choices: present;absent. State of the IP address.
vpc: ${12:undefined} # not required. VPC the IP address is related to.
api_key: ${13:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
ip_address: ${14:undefined} # not required. Public IP address.,Required if C(state=absent)
api_url: ${15:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_iso':
'prefix': "cs_iso_snippet"
'description': "Manages ISO images on Apache CloudStack based clouds."
'body': """
cs_iso:
name: ${1:undefined} # required. Name of the ISO.
is_featured: ${2:null} # not required. Register the ISO to be featured. Only used if C(state) is present.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${4:null} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,To delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
iso_filter: ${7|featured,self,selfexecutable,sharedexecutable,executable,community|} # not required. choices: featured;self;selfexecutable;sharedexecutable;executable;community. Name of the filter used to search for the ISO.
api_region: ${8:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
domain: ${9:null} # not required. Domain the ISO is related to.
is_public: ${10:null} # not required. Register the ISO to be publicly available to all users. Only used if C(state) is present.
api_url: ${11:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
display_text: ${12:null} # not required. Display text of the ISO.,If not specified, C(name) will be used.
account: ${13:null} # not required. Account the ISO is related to.
poll_async: ${14:true} # not required. Poll async jobs until job has finished.
zone: ${15:null} # not required. Name of the zone you wish the ISO to be registered or deleted from.,If not specified, first zone found will be used.
url: ${16:null} # not required. URL where the ISO can be downloaded from. Required if C(state) is present.
checksum: ${17:null} # not required. The MD5 checksum value of this ISO. If set, we search by checksum instead of name.
is_dynamically_scalable: ${18:null} # not required. Register the ISO having XS/VMWare tools installed inorder to support dynamic scaling of VM cpu/memory. Only used if C(state) is present.
cross_zones: ${19:false} # not required. Whether the ISO should be synced or removed across zones.,Mutually exclusive with C(zone).
project: ${20:null} # not required. Name of the project the ISO to be registered in.
bootable: ${21:null} # not required. Register the ISO to be bootable. Only used if C(state) is present.
state: ${22|present,absent|} # not required. choices: present;absent. State of the ISO.
is_ready: ${23:false} # not required. This flag is used for searching existing ISOs. If set to C(true), it will only list ISO ready for deployment e.g. successfully downloaded and installed. Recommended to set it to C(false).
os_type: ${24:null} # not required. Name of the OS that best represents the OS of this ISO. If the iso is bootable this parameter needs to be passed. Required if C(state) is present.
api_key: ${25:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_loadbalancer_rule':
'prefix': "cs_loadbalancer_rule_snippet"
'description': "Manages load balancer rules on Apache CloudStack based clouds."
'body': """
cs_loadbalancer_rule:
name: ${1:undefined} # required. The name of the load balancer rule.
public_port: ${2:null} # required. The public port from where the network traffic will be load balanced from.,Required when using C(state=present).,Can not be changed once the rule exists due API limitation.
state: ${3|present,absent|} # required. choices: present;absent. State of the rule.
ip_address: ${4:undefined} # required. Public IP address from where the network traffic will be load balanced from.
domain: ${5:null} # not required. Domain the rule is related to.
api_key: ${6:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
protocol: ${7:null} # not required. The protocol to be used on the load balancer
algorithm: ${8|source,roundrobin,leastconn|} # not required. choices: source;roundrobin;leastconn. Load balancer algorithm,Required when using C(state=present).
open_firewall: ${9:false} # not required. Whether the firewall rule for public port should be created, while creating the new rule.,Use M(cs_firewall) for managing firewall rules.
api_timeout: ${10:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
account: ${11:null} # not required. Account the rule is related to.
api_region: ${12:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${13:null} # not required. Name of the project the load balancer IP address is related to.
private_port: ${14:null} # not required. The private port of the private ip address/virtual machine where the network traffic will be load balanced to.,Required when using C(state=present).,Can not be changed once the rule exists due API limitation.
api_http_method: ${15|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${16:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${17:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
cidr: ${18:null} # not required. CIDR (full notation) to be used for firewall rule if required.
zone: ${19:null} # not required. Name of the zone in which the rule should be created.,If not set, default zone is used.
description: ${20:null} # not required. The description of the load balancer rule.
"""
'cs_loadbalancer_rule_member':
'prefix': "cs_loadbalancer_rule_member_snippet"
'description': "Manages load balancer rule members on Apache CloudStack based clouds."
'body': """
cs_loadbalancer_rule_member:
name: ${1:undefined} # required. The name of the load balancer rule.
vms: ${2:undefined} # required. List of VMs to assign to or remove from the rule.
domain: ${3:null} # not required. Domain the rule is related to.
zone: ${4:null} # not required. Name of the zone in which the rule should be located.,If not set, default zone is used.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
account: ${7:null} # not required. Account the rule is related to.
api_region: ${8:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${9:null} # not required. Name of the project the firewall rule is related to.
state: ${10|present,absent|} # not required. choices: present;absent. Should the VMs be present or absent from the rule.
api_http_method: ${11|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_key: ${12:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
ip_address: ${13:null} # not required. Public IP address from where the network traffic will be load balanced from.,Only needed to find the rule if C(name) is not unique.
api_url: ${14:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_network':
'prefix': "cs_network_snippet"
'description': "Manages networks on Apache CloudStack based clouds."
'body': """
cs_network:
name: ${1:undefined} # required. Name (case sensitive) of the network.
domain: ${2:undefined} # not required. Domain the network is related to.
api_timeout: ${3:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
end_ipv6: ${4:undefined} # not required. The ending IPv6 address of the network belongs to.,If not specified, value of C(start_ipv6) is used.,Only considered on create.
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${6:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
vlan: ${7:undefined} # not required. The ID or VID of the network.
clean_up: ${8:false} # not required. Cleanup old network elements.,Only considered on C(state=restarted).
netmask: ${9:undefined} # not required. The netmask of the network.,Required for shared networks and isolated networks when it belongs to a VPC.,Only considered on create.
network_offering: ${10:undefined} # not required. Name of the offering for the network.,Required if C(state=present).
vpc: ${11:undefined} # not required. Name of the VPC of the network.
start_ip: ${12:undefined} # not required. The beginning IPv4 address of the network belongs to.,Only considered on create.
acl: ${13:undefined} # not required. The name of the access control list for the VPC network tier.
gateway: ${14:undefined} # not required. The gateway of the network.,Required for shared networks and isolated networks when it belongs to a VPC.,Only considered on create.
gateway_ipv6: ${15:undefined} # not required. The gateway of the IPv6 network.,Required for shared networks.,Only considered on create.
api_url: ${16:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
display_text: ${17:undefined} # not required. Display text of the network.,If not specified, C(name) will be used as C(display_text).
isolated_pvlan: ${18:undefined} # not required. The isolated private VLAN for this network.
account: ${19:undefined} # not required. Account the network is related to.
subdomain_access: ${20:undefined} # not required. Defines whether to allow subdomains to use networks dedicated to their parent domain(s).,Should be used with C(acl_type=domain).,Only considered on create.
poll_async: ${21:true} # not required. Poll async jobs until job has finished.
zone: ${22:undefined} # not required. Name of the zone in which the network should be deployed.,If not set, default zone is used.
acl_type: ${23|account,domain|} # not required. choices: account;domain. Access control type for the VPC network tier.,Only considered on create.
api_region: ${24:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
start_ipv6: ${25:undefined} # not required. The beginning IPv6 address of the network belongs to.,Only considered on create.
cidr_ipv6: ${26:undefined} # not required. CIDR of IPv6 network, must be at least /64.,Only considered on create.
project: ${27:undefined} # not required. Name of the project the network to be deployed in.
api_key: ${28:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
state: ${29|present,absent,restarted|} # not required. choices: present;absent;restarted. State of the network.
end_ip: ${30:undefined} # not required. The ending IPv4 address of the network belongs to.,If not specified, value of C(start_ip) is used.,Only considered on create.
network_domain: ${31:undefined} # not required. The network domain.
"""
'cs_network_acl':
'prefix': "cs_network_acl_snippet"
'description': "Manages network access control lists (ACL) on Apache CloudStack based clouds."
'body': """
cs_network_acl:
name: ${1:undefined} # required. Name of the network ACL.
vpc: ${2:undefined} # required. VPC the network ACL is related to.
account: ${3:null} # not required. Account the network ACL rule is related to.
api_timeout: ${4:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
poll_async: ${5:true} # not required. Poll async jobs until job has finished.
zone: ${6:null} # not required. Name of the zone the VPC is related to.,If not set, default zone is used.
api_secret: ${7:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${8|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
domain: ${9:null} # not required. Domain the network ACL rule is related to.
api_region: ${10:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${11:null} # not required. Name of the project the network ACL is related to.
state: ${12|present,absent|} # not required. choices: present;absent. State of the network ACL.
api_url: ${13:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_key: ${14:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
description: ${15:null} # not required. Description of the network ACL.,If not set, identical to C(name).
"""
'cs_network_acl_rule':
'prefix': "cs_network_acl_rule_snippet"
'description': "Manages network access control list (ACL) rules on Apache CloudStack based clouds."
'body': """
cs_network_acl_rule:
vpc: ${1:undefined} # required. VPC the network ACL is related to.
network_acl: ${2:undefined} # required. Name of the network ACL.
rule_position: ${3:undefined} # required. CIDR of the rule.
icmp_code: ${4:null} # not required. Error code for this icmp message.,Considered if C(protocol=icmp).
domain: ${5:null} # not required. Domain the VPC is related to.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
start_port: ${7:null} # not required. Start port for this rule.,Considered if C(protocol=tcp) or C(protocol=udp).
api_http_method: ${8|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${9:null} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,If you want to delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${10:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
end_port: ${11:null} # not required. End port for this rule.,Considered if C(protocol=tcp) or C(protocol=udp).,If not specified, equal C(start_port).
api_region: ${12:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
action_policy: ${13|allow,deny|} # not required. choices: allow;deny. Action policy of the rule.
protocol: ${14|tcp,udp,icmp,all,by_number|} # not required. choices: tcp;udp;icmp;all;by_number. Protocol of the rule
cidr: ${15:0.0.0.0/0} # not required. CIDR of the rule.
icmp_type: ${16:null} # not required. Type of the icmp message being sent.,Considered if C(protocol=icmp).
account: ${17:null} # not required. Account the VPC is related to.
poll_async: ${18:true} # not required. Poll async jobs until job has finished.
api_url: ${19:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
zone: ${20:null} # not required. Name of the zone the VPC related to.,If not set, default zone is used.
protocol_number: ${21:null} # not required. Protocol number from 1 to 256 required if C(protocol=by_number).
project: ${22:null} # not required. Name of the project the VPC is related to.
state: ${23|present,absent|} # not required. choices: present;absent. State of the network ACL rule.
traffic_type: ${24|ingress,egress|} # not required. choices: ingress;egress. Traffic type of the rule.
api_key: ${25:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_network_offering':
'prefix': "cs_network_offering_snippet"
'description': "Manages network offerings on Apache CloudStack based clouds."
'body': """
cs_network_offering:
name: ${1:undefined} # required. The name of the network offering.
keepalive_enabled: ${2|true,false|} # not required. choices: true;false. If true keepalive will be turned on in the loadbalancer.,At the time of writing this has only an effect on haproxy.,the mode http and httpclose options are unset in the haproxy conf file.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
specify_vlan: ${4|true,false|} # not required. choices: true;false. Whether the network offering supports vlans or not.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
egress_default_policy: ${7|allow,deny|} # not required. choices: allow;deny. Whether the default egress policy is allow or to deny.
specify_ip_ranges: ${8|true,false|} # not required. choices: true;false. Wheter the network offering supports specifying IP ranges.,Defaulted to C(no) by the API if not specified.
service_capabilities: ${9:undefined} # not required. Desired service capabilities as part of network offering.
api_url: ${10:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
service_offering: ${11:undefined} # not required. The service offering name or ID used by virtual router provider.
supported_services: ${12|Dns,PortForwarding,Dhcp,SourceNat,UserData,Firewall,StaticNat,Vpn,Lb|} # not required. choices: Dns;PortForwarding;Dhcp;SourceNat;UserData;Firewall;StaticNat;Vpn;Lb. Services supported by the network offering.,One or more of the choices.
conserve_mode: ${13|true,false|} # not required. choices: true;false. Whether the network offering has IP conserve mode enabled.
availability: ${14:undefined} # not required. The availability of network offering. Default value is Optional
guest_ip_type: ${15|Shared,Isolated|} # not required. choices: Shared;Isolated. Guest type of the network offering.
max_connections: ${16:undefined} # not required. Maximum number of concurrent connections supported by the network offering.
display_text: ${17:undefined} # not required. Display text of the network offerings.
api_key: ${18:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
persistent: ${19:undefined} # not required. True if network offering supports persistent networks,defaulted to false if not specified
state: ${20|enabled,present,disabled,absent|} # not required. choices: enabled;present;disabled;absent. State of the network offering.
api_region: ${21:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
details: ${22|internallbprovider,publiclbprovider|} # not required. choices: internallbprovider;publiclbprovider. Network offering details in key/value pairs.,with service provider as a value
network_rate: ${23:undefined} # not required. Data transfer rate in megabits per second allowed.
traffic_type: ${24:Guest} # not required. The traffic type for the network offering.
service_provider: ${25:undefined} # not required. Provider to service mapping.,If not specified, the provider for the service will be mapped to the default provider on the physical network.
"""
'cs_nic':
'prefix': "cs_nic_snippet"
'description': "Manages NICs and secondary IPs of an instance on Apache CloudStack based clouds"
'body': """
cs_nic:
vm: ${1:undefined} # required. Name of instance.
vm_guest_ip: ${2:undefined} # not required. Secondary IP address to be added to the instance nic.,If not set, the API always returns a new IP address and idempotency is not given.
account: ${3:undefined} # not required. Account the instance is related to.
api_timeout: ${4:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
poll_async: ${5:yes} # not required. Poll async jobs until job has finished.
network: ${6:undefined} # not required. Name of the network.,Required to find the NIC if instance has multiple networks assigned.
zone: ${7:undefined} # not required. Name of the zone in which the instance is deployed in.,If not set, default zone is used.
api_secret: ${8:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${9|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
domain: ${10:undefined} # not required. Domain the instance is related to.
project: ${11:undefined} # not required. Name of the project the instance is deployed in.
state: ${12|absent,present|} # not required. choices: absent;present. State of the ipaddress.
api_region: ${13:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
vpc: ${14:undefined} # not required. Name of the VPC the C(vm) is related to.
api_key: ${15:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${16:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_pod':
'prefix': "cs_pod_snippet"
'description': "Manages pods on Apache CloudStack based clouds."
'body': """
cs_pod:
name: ${1:undefined} # required. Name of the pod.
zone: ${2:null} # not required. Name of the zone in which the pod belongs to.,If not set, default zone is used.
api_secret: ${3:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${4:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
netmask: ${5:null} # not required. Netmask for the Pod.,Required on C(state=present)
api_region: ${6:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
gateway: ${7:null} # not required. Gateway for the Pod.,Required on C(state=present)
state: ${8|present,enabled,disabled,absent|} # not required. choices: present;enabled;disabled;absent. State of the pod.
end_ip: ${9:null} # not required. Ending IP address for the Pod.
api_http_method: ${10|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
start_ip: ${11:null} # not required. Starting IP address for the Pod.,Required on C(state=present)
api_key: ${12:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
id: ${13:null} # not required. uuid of the existing pod.
api_url: ${14:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_portforward':
'prefix': "cs_portforward_snippet"
'description': "Manages port forwarding rules on Apache CloudStack based clouds."
'body': """
cs_portforward:
private_port: ${1:undefined} # required. Start private port for this rule.
ip_address: ${2:undefined} # required. Public IP address the rule is assigned to.
public_port: ${3:undefined} # required. Start public port for this rule.
vm_guest_ip: ${4:false} # not required. VM guest NIC secondary IP address for the port forwarding rule.
domain: ${5:undefined} # not required. Domain the C(vm) is related to.
protocol: ${6|tcp,udp|} # not required. choices: tcp;udp. Protocol of the port forwarding rule.
api_http_method: ${7|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${8:undefined} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,To delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${9:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${10:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
vm: ${11:undefined} # not required. Name of virtual machine which we make the port forwarding rule for.,Required if C(state=present).
vpc: ${12:undefined} # not required. Name of the VPC.
private_end_port: ${13:undefined} # not required. End private port for this rule.,If not specified equal C(private_port).
api_url: ${14:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
account: ${15:undefined} # not required. Account the C(vm) is related to.
api_key: ${16:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
poll_async: ${17:true} # not required. Poll async jobs until job has finished.
network: ${18:undefined} # not required. Name of the network.
open_firewall: ${19:false} # not required. Whether the firewall rule for public port should be created, while creating the new rule.,Use M(cs_firewall) for managing firewall rules.
api_region: ${20:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
public_end_port: ${21:undefined} # not required. End public port for this rule.,If not specified equal C(public_port).
project: ${22:undefined} # not required. Name of the project the C(vm) is located in.
state: ${23|present,absent|} # not required. choices: present;absent. State of the port forwarding rule.
zone: ${24:undefined} # not required. Name of the zone in which the virtual machine is in.,If not set, default zone is used.
"""
'cs_project':
'prefix': "cs_project_snippet"
'description': "Manages projects on Apache CloudStack based clouds."
'body': """
cs_project:
name: ${1:undefined} # required. Name of the project.
domain: ${2:null} # not required. Domain the project is related to.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${4:null} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,If you want to delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_url: ${7:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
display_text: ${8:null} # not required. Display text of the project.,If not specified, C(name) will be used as C(display_text).
account: ${9:null} # not required. Account the project is related to.
poll_async: ${10:true} # not required. Poll async jobs until job has finished.
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
state: ${12|present,absent,active,suspended|} # not required. choices: present;absent;active;suspended. State of the project.
api_key: ${13:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_region':
'prefix': "cs_region_snippet"
'description': "Manages regions on Apache CloudStack based clouds."
'body': """
cs_region:
id: ${1:undefined} # required. ID of the region.,Must be an number (int).
endpoint: ${2:null} # not required. Endpoint URL of the region.,Required if C(state=present)
api_url: ${3:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${4|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_region: ${7:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
state: ${8|present,absent|} # not required. choices: present;absent. State of the region.
api_key: ${9:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
name: ${10:null} # not required. Name of the region.,Required if C(state=present)
"""
'cs_resourcelimit':
'prefix': "cs_resourcelimit_snippet"
'description': "Manages resource limits on Apache CloudStack based clouds."
'body': """
cs_resourcelimit:
resource_type: ${1|instance,ip_address,volume,snapshot,template,network,vpc,cpu,memory,primary_storage,secondary_storage|} # required. choices: instance;ip_address;volume;snapshot;template;network;vpc;cpu;memory;primary_storage;secondary_storage. Type of the resource.
domain: ${2:null} # not required. Domain the resource is related to.
api_url: ${3:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${4|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
account: ${7:null} # not required. Account the resource is related to.
api_region: ${8:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${9:null} # not required. Name of the project the resource is related to.
limit: ${10:-1} # not required. Maximum number of the resource.,Default is unlimited C(-1).
api_key: ${11:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_role':
'prefix': "cs_role_snippet"
'description': "Manages user roles on Apache CloudStack based clouds."
'body': """
cs_role:
name: ${1:undefined} # required. Name of the role.
description: ${2:null} # not required. Description of the role.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${4:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${5:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_region: ${6:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
state: ${7|present,absent|} # not required. choices: present;absent. State of the role.
api_url: ${8:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_key: ${9:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
id: ${10:null} # not required. ID of the role.,If provided, C(id) is used as key.
role_type: ${11|User,DomainAdmin,ResourceAdmin,Admin|} # not required. choices: User;DomainAdmin;ResourceAdmin;Admin. Type of the role.,Only considered for creation.
"""
'cs_router':
'prefix': "cs_router_snippet"
'description': "Manages routers on Apache CloudStack based clouds."
'body': """
cs_router:
name: ${1:undefined} # required. Name of the router.
account: ${2:null} # not required. Account the router is related to.
poll_async: ${3:true} # not required. Poll async jobs until job has finished.
zone: ${4:null} # not required. Name of the zone the router is deployed in.,If not set, all zones are used.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
domain: ${7:null} # not required. Domain the router is related to.
api_region: ${8:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${9:null} # not required. Name of the project the router is related to.
state: ${10|present,absent,started,stopped,restarted|} # not required. choices: present;absent;started;stopped;restarted. State of the router.
api_http_method: ${11|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
service_offering: ${12:null} # not required. Name or id of the service offering of the router.
api_key: ${13:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${14:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_securitygroup':
'prefix': "cs_securitygroup_snippet"
'description': "Manages security groups on Apache CloudStack based clouds."
'body': """
cs_securitygroup:
name: ${1:undefined} # required. Name of the security group.
domain: ${2:undefined} # not required. Domain the security group is related to.
description: ${3:undefined} # not required. Description of the security group.
api_http_method: ${4|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${6:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_url: ${7:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
account: ${8:undefined} # not required. Account the security group is related to.
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${10:undefined} # not required. Name of the project the security group to be created in.
state: ${11|present,absent|} # not required. choices: present;absent. State of the security group.
api_key: ${12:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_securitygroup_rule':
'prefix': "cs_securitygroup_rule_snippet"
'description': "Manages security group rules on Apache CloudStack based clouds."
'body': """
cs_securitygroup_rule:
security_group: ${1:undefined} # required. Name of the security group the rule is related to. The security group must be existing.
icmp_code: ${2:undefined} # not required. Error code for this icmp message. Required if C(protocol=icmp).
api_key: ${3:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
protocol: ${4|tcp,udp,icmp,ah,esp,gre|} # not required. choices: tcp;udp;icmp;ah;esp;gre. Protocol of the security group rule.
api_url: ${5:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${6|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
start_port: ${7:undefined} # not required. Start port for this rule. Required if C(protocol=tcp) or C(protocol=udp).
user_security_group: ${8:undefined} # not required. Security group this rule is based of.
end_port: ${9:undefined} # not required. End port for this rule. Required if C(protocol=tcp) or C(protocol=udp), but C(start_port) will be used if not set.
api_region: ${10:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${11:undefined} # not required. Name of the project the security group to be created in.
state: ${12|present,absent|} # not required. choices: present;absent. State of the security group rule.
api_timeout: ${13:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_secret: ${14:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
poll_async: ${15:true} # not required. Poll async jobs until job has finished.
cidr: ${16:0.0.0.0/0} # not required. CIDR (full notation) to be used for security group rule.
icmp_type: ${17:undefined} # not required. Type of the icmp message being sent. Required if C(protocol=icmp).
type: ${18|ingress,egress|} # not required. choices: ingress;egress. Ingress or egress security group rule.
"""
'cs_service_offering':
'prefix': "cs_service_offering_snippet"
'description': "Manages service offerings on Apache CloudStack based clouds."
'body': """
cs_service_offering:
name: ${1:undefined} # required. Name of the service offering.
offer_ha: ${2|true,false|} # not required. choices: true;false. Whether HA is set for the service offering.
cpu_number: ${3:undefined} # not required. The number of CPUs of the service offering.
domain: ${4:undefined} # not required. Domain the service offering is related to.,Public for all domains and subdomains if not set.
api_timeout: ${5:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_http_method: ${6|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
host_tags: ${7:undefined} # not required. The host tagsfor this service offering.
system_vm_type: ${8|domainrouter,consoleproxy,secondarystoragevm|} # not required. choices: domainrouter;consoleproxy;secondarystoragevm. The system VM type.,Required if C(is_system=true).
limit_cpu_usage: ${9|true,false|} # not required. choices: true;false. Restrict the CPU usage to committed service offering.
memory: ${10:undefined} # not required. The total memory of the service offering in MB.
is_system: ${11|true,false|} # not required. choices: true;false. Whether it is a system VM offering or not.
storage_tags: ${12:undefined} # not required. The storage tags for this service offering.
storage_type: ${13|local,shared|} # not required. choices: local;shared. The storage type of the service offering.
is_volatile: ${14|true,false|} # not required. choices: true;false. Whether the virtual machine needs to be volatile or not.,Every reboot of VM the root disk is detached then destroyed and a fresh root disk is created and attached to VM.
api_secret: ${15:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
cpu_speed: ${16:undefined} # not required. The CPU speed of the service offering in MHz.
service_offering_details: ${17:undefined} # not required. Details for planner, used to store specific parameters.
disk_iops_max: ${18:undefined} # not required. Max. iops of the compute offering.
disk_iops_read_rate: ${19:undefined} # not required. IO requests read rate of the disk offering.
display_text: ${20:undefined} # not required. Display text of the service offering.,If not set, C(name) will be used as C(display_text) while creating.
disk_iops_customized: ${21:false} # not required. Whether compute offering iops is custom or not.
provisioning_type: ${22|thin,sparse,fat|} # not required. choices: thin;sparse;fat. Provisioning type used to create volumes.
bytes_read_rate: ${23:undefined} # not required. Bytes read rate of the disk offering.
api_region: ${24:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
deployment_planner: ${25:undefined} # not required. The deployment planner heuristics used to deploy a VM of this offering.,If not set, the value of global config C(vm.deployment.planner) is used.
api_url: ${26:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
state: ${27|present,absent|} # not required. choices: present;absent. State of the service offering.
disk_iops_min: ${28:undefined} # not required. Min. iops of the compute offering.
disk_iops_write_rate: ${29:undefined} # not required. IO requests write rate of the disk offering.
network_rate: ${30:undefined} # not required. Data transfer rate in Mb/s allowed.,Supported only for non-system offering and system offerings having C(system_vm_type=domainrouter).
api_key: ${31:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
hypervisor_snapshot_reserve: ${32:undefined} # not required. Hypervisor snapshot reserve space as a percent of a volume.,Only for managed storage using Xen or VMware.
bytes_write_rate: ${33:undefined} # not required. Bytes write rate of the disk offering.
"""
'cs_snapshot_policy':
'prefix': "cs_snapshot_policy_snippet"
'description': "Manages volume snapshot policies on Apache CloudStack based clouds."
'body': """
cs_snapshot_policy:
volume: ${1:undefined} # not required. Name of the volume.,Either C(volume) or C(vm) is required.
domain: ${2:undefined} # not required. Domain the volume is related to.
api_timeout: ${3:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_url: ${4:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
schedule: ${6:undefined} # not required. Time the snapshot is scheduled. Required if C(state=present).,Format for C(interval_type=HOURLY): C(MM),Format for C(interval_type=DAILY): C(MM:HH),Format for C(interval_type=WEEKLY): C(MM:HH:DD (1-7)),Format for C(interval_type=MONTHLY): C(MM:HH:DD (1-28))
api_secret: ${7:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
interval_type: ${8|hourly,daily,weekly,monthly|} # not required. choices: hourly;daily;weekly;monthly. Interval of the snapshot.
vm: ${9:undefined} # not required. Name of the instance to select the volume from.,Use C(volume_type) if VM has a DATADISK and ROOT volume.,In case of C(volume_type=DATADISK), additionally use C(device_id) if VM has more than one DATADISK volume.,Either C(volume) or C(vm) is required.
volume_type: ${10|DATADISK,ROOT|} # not required. choices: DATADISK;ROOT. Type of the volume.
time_zone: ${11:UTC} # not required. Specifies a timezone for this command.
project: ${12:undefined} # not required. Name of the project the volume is related to.
state: ${13|present,absent|} # not required. choices: present;absent. State of the snapshot policy.
api_region: ${14:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
vpc: ${15:undefined} # not required. Name of the vpc the instance is deployed in.
account: ${16:undefined} # not required. Account the volume is related to.
max_snaps: ${17:8} # not required. Max number of snapshots.
api_key: ${18:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
device_id: ${19:undefined} # not required. ID of the device on a VM the volume is attached to.,This will only be considered if VM has multiple DATADISK volumes.
"""
'cs_sshkeypair':
'prefix': "cs_sshkeypair_snippet"
'description': "Manages SSH keys on Apache CloudStack based clouds."
'body': """
cs_sshkeypair:
name: ${1:undefined} # required. Name of public key.
domain: ${2:null} # not required. Domain the public key is related to.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${4:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${5:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_url: ${6:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
public_key: ${7:null} # not required. String of the public key.
account: ${8:null} # not required. Account the public key is related to.
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${10:null} # not required. Name of the project the public key to be registered in.
state: ${11|present,absent|} # not required. choices: present;absent. State of the public key.
api_key: ${12:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_staticnat':
'prefix': "cs_staticnat_snippet"
'description': "Manages static NATs on Apache CloudStack based clouds."
'body': """
cs_staticnat:
ip_address: ${1:undefined} # required. Public IP address the static NAT is assigned to.
vm_guest_ip: ${2:false} # not required. VM guest NIC secondary IP address for the static NAT.
domain: ${3:null} # not required. Domain the static NAT is related to.
api_timeout: ${4:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
poll_async: ${5:true} # not required. Poll async jobs until job has finished.
network: ${6:null} # not required. Network the IP address is related to.
zone: ${7:null} # not required. Name of the zone in which the virtual machine is in.,If not set, default zone is used.
api_secret: ${8:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${9|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
vm: ${10:null} # not required. Name of virtual machine which we make the static NAT for.,Required if C(state=present).
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${12:null} # not required. Name of the project the static NAT is related to.
state: ${13|present,absent|} # not required. choices: present;absent. State of the static NAT.
vpc: ${14:null} # not required. VPC the network related to.
account: ${15:null} # not required. Account the static NAT is related to.
api_key: ${16:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${17:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_storage_pool':
'prefix': "cs_storage_pool_snippet"
'description': "Manages Primary Storage Pools on Apache CloudStack based clouds."
'body': """
cs_storage_pool:
name: ${1:undefined} # required. Name of the storage pool.
api_timeout: ${2:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
managed: ${3:undefined} # not required. Whether the storage pool should be managed by CloudStack.,Only considere on creation.
zone: ${4:undefined} # not required. Name of the zone in which the host should be deployed.,If not set, default zone is used.
cluster: ${5:undefined} # not required. Name of the cluster.
hypervisor: ${6|KVM,VMware,BareMetal,XenServer,LXC,HyperV,UCS,OVM,Simulator|} # not required. choices: KVM;VMware;BareMetal;XenServer;LXC;HyperV;UCS;OVM;Simulator. Required when creating a zone scoped pool.
api_http_method: ${7|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
storage_tags: ${8:undefined} # not required. Tags associated with this storage pool.
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
capacity_iops: ${10:undefined} # not required. Bytes CloudStack can provision from this storage pool.
state: ${11|present,absent|} # not required. choices: present;absent. State of the storage pool.
capacity_bytes: ${12:undefined} # not required. Bytes CloudStack can provision from this storage pool.
provider: ${13:DefaultPrimary} # not required. Name of the storage provider e.g. SolidFire, SolidFireShared, DefaultPrimary, CloudByte.
api_secret: ${14:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
scope: ${15|cluster,zone|} # not required. choices: cluster;zone. The scope of the storage pool.,Defaults to cluster when C(cluster) is provided, otherwise zone.
pod: ${16:undefined} # not required. Name of the pod.
api_key: ${17:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
allocation_state: ${18|enabled,disabled|} # not required. choices: enabled;disabled. Allocation state of the storage pool.
storage_url: ${19:undefined} # not required. URL of the storage pool.,Required if C(state=present).
api_url: ${20:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_template':
'prefix': "cs_template_snippet"
'description': "Manages templates on Apache CloudStack based clouds."
'body': """
cs_template:
name: ${1:undefined} # required. Name of the template.
is_featured: ${2:false} # not required. Register the template to be featured.,Only used if C(state) is present.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${4:undefined} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,To delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${5:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
format: ${6|QCOW2,RAW,VHD,OVA|} # not required. choices: QCOW2;RAW;VHD;OVA. The format for the template.,Relevant when using C(state=present).
api_timeout: ${7:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
vm: ${8:undefined} # not required. VM name the template will be created from its volume or alternatively from a snapshot.,VM must be in stopped state if created from its volume.,Mutually exclusive with C(url).
api_region: ${9:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
domain: ${10:undefined} # not required. Domain the template, snapshot or VM is related to.
is_extractable: ${11:false} # not required. True if the template or its derivatives are extractable.
is_public: ${12:false} # not required. Register the template to be publicly available to all users.,Only used if C(state) is present.
checksum: ${13:false} # not required. The MD5 checksum value of this template.,If set, we search by checksum instead of name.
requires_hvm: ${14:false} # not required. true if this template requires HVM.
display_text: ${15:undefined} # not required. Display text of the template.
account: ${16:undefined} # not required. Account the template, snapshot or VM is related to.
api_key: ${17:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
poll_async: ${18:true} # not required. Poll async jobs until job has finished.
password_enabled: ${19:false} # not required. True if the template supports the password reset feature.
zone: ${20:undefined} # not required. Name of the zone you wish the template to be registered or deleted from.,If not specified, first found zone will be used.
url: ${21:undefined} # not required. URL of where the template is hosted on C(state=present).,URL to which the template would be extracted on C(state=extracted).,Mutually exclusive with C(vm).
bits: ${22:64} # not required. 32 or 64 bits support.
sshkey_enabled: ${23:false} # not required. True if the template supports the sshkey upload feature.
is_dynamically_scalable: ${24:false} # not required. Register the template having XS/VMWare tools installed in order to support dynamic scaling of VM CPU/memory.,Only used if C(state) is present.
cross_zones: ${25:false} # not required. Whether the template should be synced or removed across zones.,Only used if C(state) is present or absent.
project: ${26:undefined} # not required. Name of the project the template to be registered in.
api_url: ${27:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
state: ${28|present,absent,extracted|} # not required. choices: present;absent;extracted. State of the template.
is_ready: ${29:false} # not required. This flag is used for searching existing templates.,If set to C(true), it will only list template ready for deployment e.g. successfully downloaded and installed.,Recommended to set it to C(false).
details: ${30:undefined} # not required. Template details in key/value pairs.
hypervisor: ${31|KVM,VMware,BareMetal,XenServer,LXC,HyperV,UCS,OVM,Simulator|} # not required. choices: KVM;VMware;BareMetal;XenServer;LXC;HyperV;UCS;OVM;Simulator. Name the hypervisor to be used for creating the new template.,Relevant when using C(state=present).
is_routing: ${32:undefined} # not required. True if the template type is routing i.e., if template is used to deploy router.,Only considered if C(url) is used.
os_type: ${33:undefined} # not required. OS type that best represents the OS of this template.
template_tag: ${34:undefined} # not required. the tag for this template.
template_filter: ${35|featured,self,selfexecutable,sharedexecutable,executable,community|} # not required. choices: featured;self;selfexecutable;sharedexecutable;executable;community. Name of the filter used to search for the template.
snapshot: ${36:undefined} # not required. Name of the snapshot, created from the VM ROOT volume, the template will be created from.,C(vm) is required together with this argument.
mode: ${37|http_download,ftp_upload|} # not required. choices: http_download;ftp_upload. Mode for the template extraction.,Only used if C(state=extracted).
"""
'cs_user':
'prefix': "cs_user_snippet"
'description': "Manages users on Apache CloudStack based clouds."
'body': """
cs_user:
username: ${1:undefined} # required. Username of the user.
keys_registered: ${2:null} # not required. If API keys of the user should be generated.,Note: Keys can not be removed by the API again.
account: ${3:null} # not required. Account the user will be created under.,Required on C(state=present).
last_name: ${4:null} # not required. Last name of the user.,Required on C(state=present).
poll_async: ${5:true} # not required. Poll async jobs until job has finished.
api_url: ${6:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${7|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${8:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${9:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
first_name: ${10:null} # not required. First name of the user.,Required on C(state=present).
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
api_key: ${12:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
state: ${13|present,absent,enabled,disabled,locked,unlocked|} # not required. choices: present;absent;enabled;disabled;locked;unlocked. State of the user.,C(unlocked) is an alias for C(enabled).
domain: ${14:ROOT} # not required. Domain the user is related to.
timezone: ${15:null} # not required. Timezone of the user.
password: ${16:null} # not required. Password of the user to be created.,Required on C(state=present).,Only considered on creation and will not be updated if user exists.
email: ${17:null} # not required. Email of the user.,Required on C(state=present).
"""
'cs_vmsnapshot':
'prefix': "cs_vmsnapshot_snippet"
'description': "Manages VM snapshots on Apache CloudStack based clouds."
'body': """
cs_vmsnapshot:
vm: ${1:undefined} # required. Name of the virtual machine.
name: ${2:undefined} # required. Unique Name of the snapshot. In CloudStack terms display name.
snapshot_memory: ${3:false} # not required. Snapshot memory if set to true.
domain: ${4:undefined} # not required. Domain the VM snapshot is related to.
poll_async: ${5:true} # not required. Poll async jobs until job has finished.
description: ${6:undefined} # not required. Description of the snapshot.
zone: ${7:undefined} # not required. Name of the zone in which the VM is in. If not set, default zone is used.
tags: ${8:undefined} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,To delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${9:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${10:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${12:undefined} # not required. Name of the project the VM is assigned to.
state: ${13|present,absent,revert|} # not required. choices: present;absent;revert. State of the snapshot.
api_http_method: ${14|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
account: ${15:undefined} # not required. Account the VM snapshot is related to.
api_url: ${16:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_key: ${17:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_volume':
'prefix': "cs_volume_snippet"
'description': "Manages volumes on Apache CloudStack based clouds."
'body': """
cs_volume:
name: ${1:undefined} # required. Name of the volume.,C(name) can only contain ASCII letters.
domain: ${2:undefined} # not required. Name of the domain the volume to be deployed in.
force: ${3:false} # not required. Force removal of volume even it is attached to a VM.,Considered on C(state=absnet) only.
disk_offering: ${4:undefined} # not required. Name of the disk offering to be used.,Required one of C(disk_offering), C(snapshot) if volume is not already C(state=present).
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
tags: ${6:undefined} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,To delete all tags, set a empty list e.g. C(tags: []).
api_secret: ${7:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${8:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
account: ${9:undefined} # not required. Account the volume is related to.
shrink_ok: ${10:false} # not required. Whether to allow to shrink the volume.
display_volume: ${11:true} # not required. Whether to display the volume to the end user or not.,Allowed to Root Admins only.
api_url: ${12:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
min_iops: ${13:undefined} # not required. Min iops
size: ${14:undefined} # not required. Size of disk in GB
custom_id: ${15:undefined} # not required. Custom id to the resource.,Allowed to Root Admins only.
poll_async: ${16:true} # not required. Poll async jobs until job has finished.
zone: ${17:undefined} # not required. Name of the zone in which the volume should be deployed.,If not set, default zone is used.
max_iops: ${18:undefined} # not required. Max iops
project: ${19:undefined} # not required. Name of the project the volume to be deployed in.
state: ${20|present,absent,attached,detached|} # not required. choices: present;absent;attached;detached. State of the volume.
api_region: ${21:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
snapshot: ${22:undefined} # not required. The snapshot name for the disk volume.,Required one of C(disk_offering), C(snapshot) if volume is not already C(state=present).
vm: ${23:undefined} # not required. Name of the virtual machine to attach the volume to.
api_key: ${24:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_vpc':
'prefix': "cs_vpc_snippet"
'description': "Manages VPCs on Apache CloudStack based clouds."
'body': """
cs_vpc:
name: ${1:undefined} # required. Name of the VPC.
display_text: ${2:undefined} # not required. Display text of the VPC.,If not set, C(name) will be used for creating.
vpc_offering: ${3:undefined} # not required. Name of the VPC offering.,If not set, default VPC offering is used.
api_key: ${4:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
poll_async: ${5:true} # not required. Poll async jobs until job has finished.
zone: ${6:undefined} # not required. Name of the zone.,If not set, default zone is used.
tags: ${7:undefined} # not required. List of tags. Tags are a list of dictionaries having keys C(key) and C(value).,For deleting all tags, set an empty list e.g. C(tags: []).
api_secret: ${8:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${9|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
clean_up: ${10:undefined} # not required. Whether to redeploy a VPC router or not when C(state=restarted)
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${12:undefined} # not required. Name of the project the VPC is related to.
state: ${13|present,absent,restarted|} # not required. choices: present;absent;restarted. State of the VPC.
api_timeout: ${14:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
domain: ${15:undefined} # not required. Domain the VPC is related to.
account: ${16:undefined} # not required. Account the VPC is related to.
cidr: ${17:undefined} # not required. CIDR of the VPC, e.g. 10.1.0.0/16,All VPC guest networks' CIDRs must be within this CIDR.,Required on C(state=present).
network_domain: ${18:undefined} # not required. Network domain for the VPC.,All networks inside the VPC will belong to this domain.,Only considered while creating the VPC, can not be changed.
api_url: ${19:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_vpc_offering':
'prefix': "cs_vpc_offering_snippet"
'description': "Manages vpc offerings on Apache CloudStack based clouds."
'body': """
cs_vpc_offering:
name: ${1:undefined} # required. The name of the vpc offering
display_text: ${2:undefined} # not required. Display text of the vpc offerings
service_providers: ${3:undefined} # not required. provider to service mapping. If not specified, the provider for the service will be mapped to the default provider on the physical network
poll_async: ${4:true} # not required. Poll async jobs until job has finished.
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${6:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${7:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
state: ${8|enabled,present,disabled,absent|} # not required. choices: enabled;present;disabled;absent. State of the vpc offering.
supported_services: ${9:undefined} # not required. Services supported by the vpc offering
service_capabilities: ${10:undefined} # not required. Desired service capabilities as part of vpc offering.
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
service_offering: ${12:undefined} # not required. The name or ID of the service offering for the VPC router appliance.
api_key: ${13:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${14:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_vpn_connection':
'prefix': "cs_vpn_connection_snippet"
'description': "Manages site-to-site VPN connections on Apache CloudStack based clouds."
'body': """
cs_vpn_connection:
vpn_customer_gateway: ${1:undefined} # required. Name of the VPN customer gateway.
vpc: ${2:undefined} # required. Name of the VPC the VPN connection is related to.
passive: ${3:false} # not required. State of the VPN connection.,Only considered when C(state=present).
domain: ${4:undefined} # not required. Domain the VPN connection is related to.
force: ${5:false} # not required. Activate the VPN gateway if not already activated on C(state=present).,Also see M(cs_vpn_gateway).
api_url: ${6:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${7|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${8:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${9:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
account: ${10:undefined} # not required. Account the VPN connection is related to.
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${12:undefined} # not required. Name of the project the VPN connection is related to.
state: ${13|present,absent|} # not required. choices: present;absent. State of the VPN connection.
poll_async: ${14:true} # not required. Poll async jobs until job has finished.
api_key: ${15:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_vpn_customer_gateway':
'prefix': "cs_vpn_customer_gateway_snippet"
'description': "Manages site-to-site VPN customer gateway configurations on Apache CloudStack based clouds."
'body': """
cs_vpn_customer_gateway:
name: ${1:undefined} # required. Name of the gateway.
domain: ${2:undefined} # not required. Domain the VPN customer gateway is related to.
api_timeout: ${3:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
poll_async: ${4:true} # not required. Poll async jobs until job has finished.
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
ipsec_psk: ${6:undefined} # not required. IPsec Preshared-Key.,Cannot contain newline or double quotes.,Required if C(state=present).
esp_lifetime: ${7:undefined} # not required. Lifetime in seconds of phase 2 VPN connection.,Defaulted to 3600 by the API on creation if not set.
esp_policy: ${8:undefined} # not required. ESP policy in the format e.g. C(aes256-sha1;modp1536).,Required if C(state=present).
cidrs: ${9:undefined} # not required. List of guest CIDRs behind the gateway.,Required if C(state=present).
account: ${10:undefined} # not required. Account the VPN customer gateway is related to.
api_region: ${11:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
gateway: ${12:undefined} # not required. Public IP address of the gateway.,Required if C(state=present).
project: ${13:undefined} # not required. Name of the project the VPN gateway is related to.
state: ${14|present,absent|} # not required. choices: present;absent. State of the VPN customer gateway.
dpd: ${15|true,false|} # not required. choices: true;false. Enable Dead Peer Detection.,Disabled per default by the API on creation if not set.
ike_policy: ${16:undefined} # not required. IKE policy in the format e.g. C(aes256-sha1;modp1536).,Required if C(state=present).
force_encap: ${17|true,false|} # not required. choices: true;false. Force encapsulation for NAT traversal.,Disabled per default by the API on creation if not set.
api_secret: ${18:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_key: ${19:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
ike_lifetime: ${20:undefined} # not required. Lifetime in seconds of phase 1 VPN connection.,Defaulted to 86400 by the API on creation if not set.
api_url: ${21:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_vpn_gateway':
'prefix': "cs_vpn_gateway_snippet"
'description': "Manages site-to-site VPN gateways on Apache CloudStack based clouds."
'body': """
cs_vpn_gateway:
vpc: ${1:undefined} # required. Name of the VPC.
domain: ${2:null} # not required. Domain the VPN gateway is related to.
api_http_method: ${3|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${4:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${5:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
account: ${6:null} # not required. Account the VPN gateway is related to.
poll_async: ${7:true} # not required. Poll async jobs until job has finished.
api_url: ${8:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
zone: ${9:null} # not required. Name of the zone the VPC is related to.,If not set, default zone is used.
api_region: ${10:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
project: ${11:null} # not required. Name of the project the VPN gateway is related to.
state: ${12|present,absent|} # not required. choices: present;absent. State of the VPN gateway.
api_key: ${13:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cs_zone':
'prefix': "cs_zone_snippet"
'description': "Manages zones on Apache CloudStack based clouds."
'body': """
cs_zone:
name: ${1:undefined} # required. Name of the zone.
internal_dns1: ${2:null} # not required. First internal DNS for the zone.,If not set C(dns1) will be used on C(state=present).
domain: ${3:null} # not required. Domain the zone is related to.,Zone is a public zone if not set.
api_key: ${4:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_http_method: ${5|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
state: ${6|present,enabled,disabled,absent|} # not required. choices: present;enabled;disabled;absent. State of the zone.
dns2: ${7:null} # not required. Second DNS for the zone.
dns1: ${8:null} # not required. First DNS for the zone.,Required if C(state=present)
api_timeout: ${9:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
internal_dns2: ${10:null} # not required. Second internal DNS for the zone.
network_type: ${11|basic,advanced|} # not required. choices: basic;advanced. Network type of the zone.
guest_cidr_address: ${12:null} # not required. Guest CIDR address for the zone.
api_region: ${13:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
api_secret: ${14:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${15:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
dhcp_provider: ${16:null} # not required. DHCP provider for the Zone.
network_domain: ${17:null} # not required. Network domain for the zone.
dns2_ipv6: ${18:null} # not required. Second DNS for IPv6 for the zone.
id: ${19:null} # not required. uuid of the existing zone.
dns1_ipv6: ${20:null} # not required. First DNS for IPv6 for the zone.
"""
'cs_zone_facts':
'prefix': "cs_zone_facts_snippet"
'description': "Gathering facts of zones from Apache CloudStack based clouds."
'body': """
cs_zone_facts:
name: ${1:undefined} # required. Name of the zone.
api_http_method: ${2|get,post|} # not required. choices: get;post. HTTP method used to query the API endpoint.,If not given, the C(CLOUDSTACK_METHOD) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is C(get) if not specified.
api_secret: ${3:undefined} # not required. Secret key of the CloudStack API.,If not set, the C(CLOUDSTACK_SECRET) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_timeout: ${4:undefined} # not required. HTTP timeout in seconds.,If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.,Fallback value is 10 seconds if not specified.
api_region: ${5:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,If not given, the C(CLOUDSTACK_REGION) env variable is considered.
api_key: ${6:undefined} # not required. API key of the CloudStack API.,If not given, the C(CLOUDSTACK_KEY) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
api_url: ${7:undefined} # not required. URL of the CloudStack API e.g. https://cloud.example.com/client/api.,If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.,As the last option, the value is taken from the ini config file, also see the notes.
"""
'cv_server_provision':
'prefix': "cv_server_provision_snippet"
'description': "Provision server port by applying or removing template configuration to an Arista CloudVision Portal configlet that is applied to a switch."
'body': """
cv_server_provision:
username: ${1:undefined} # required. The user that will be used to connect to CVP for making API calls.
switch_port: ${2:undefined} # required. The physical port number on the switch that the new server is connected to.
server_name: ${3:undefined} # required. The hostname or identifier for the server that is having it's switch port provisioned.
host: ${4:undefined} # required. The hostname or IP address of the CVP node being connected to.
template: ${5:undefined} # required. A path to a Jinja formatted template file that contains the configuration block that will be applied to the specified switch port. This template will have variable fields replaced by the module before being applied to the switch configuration.
password: ${6:undefined} # required. The password of the user that will be used to connect to CVP for API calls.
switch_name: ${7:undefined} # required. The hostname of the switch is being configured for the server being provisioned.
port_vlan: ${8:None} # not required. The vlan that should be applied to the port for this server. This parameter is dependent on a proper template that supports single vlan provisioning with it. If a port vlan is specified by the template specified does not support this the module will exit out with no changes. If a template is specified that requires a port vlan but no port vlan is specified the module will exit out with no changes.
protocol: ${9|https,http|} # not required. choices: https;http. The protocol to use when making API calls to CVP. CVP defaults to https and newer versions of CVP no longer support http.
port: ${10:None} # not required. The port number to use when making API calls to the CVP node. This will default to the default port for the specified protocol. Port 80 for http and port 443 for https.
auto_run: ${11:false} # not required. Flag that determines whether or not the module will execute the CVP task spawned as a result of changes to a switch configlet. When an add or remove action is taken which results in a change to a switch configlet, CVP will spawn a task that needs to be executed for the configuration to be applied to the switch. If this option is True then the module will determined the task number created by the configuration change, execute it and wait for the task to complete. If the option is False then the task will remain in the Pending state in CVP for a network administrator to review and execute.
action: ${12|show,add,remove|} # not required. choices: show;add;remove. The action for the module to take. The actions are add, which applies the specified template config to port, remove, which defaults the specified interface configuration, and show, which will return the current port configuration with no changes.
"""
'cyberark_authentication':
'prefix': "cyberark_authentication_snippet"
'description': "Module for CyberArk Vault Authentication using PAS Web Services SDK"
'body': """
cyberark_authentication:
username: ${1:undefined} # not required. The name of the user who will logon to the Vault.
use_radius_authentication: ${2:no} # not required. Whether or not users will be authenticated via a RADIUS server. Valid values are true/false.
new_password: ${3:undefined} # not required. The new password of the user. This parameter is optional, and enables you to change a password.
cyberark_session: ${4:undefined} # not required. Dictionary set by a CyberArk authentication containing the different values to perform actions on a logged-on CyberArk session.
state: ${5|present,absent|} # not required. choices: present;absent. Specifies if an authentication logon/logoff and a cyberark_session should be added/removed.
password: ${6:undefined} # not required. The password of the user.
validate_certs: ${7:yes} # not required. If C(false), SSL certificates will not be validated. This should only set to C(false) used on personally controlled sites using self-signed certificates.
use_shared_logon_authentication: ${8:no} # not required. Whether or not Shared Logon Authentication will be used.
api_base_url: ${9:undefined} # not required. A string containing the base URL of the server hosting CyberArk's Privileged Account Security Web Services SDK.
"""
'cyberark_user':
'prefix': "cyberark_user_snippet"
'description': "Module for CyberArk User Management using PAS Web Services SDK"
'body': """
cyberark_user:
username: ${1:undefined} # required. The name of the user who will be queried (for details), added, updated or deleted.
cyberark_session: ${2:undefined} # required. Dictionary set by a CyberArk authentication containing the different values to perform actions on a logged-on CyberArk session, please see M(cyberark_authentication) module for an example of cyberark_session.
first_name: ${3:undefined} # not required. The user first name.
last_name: ${4:undefined} # not required. The user last name.
initial_password: ${5:undefined} # not required. The password that the new user will use to log on the first time. This password must meet the password policy requirements. this parameter is required when state is present -- Add User.
user_type_name: ${6:EPVUser} # not required. The type of user.
new_password: ${7:undefined} # not required. The user updated password. Make sure that this password meets the password policy requirements.
group_name: ${8:undefined} # not required. The name of the group the user will be added to.
disabled: ${9:no} # not required. Whether or not the user will be disabled. Valid values = true/false.
change_password_on_the_next_logon: ${10:no} # not required. Whether or not the user must change their password in their next logon. Valid values = true/false.
state: ${11|present,absent|} # not required. choices: present;absent. Specifies the state needed for the user present for create user, absent for delete user.
expiry_date: ${12:undefined} # not required. The date and time when the user account will expire and become disabled.
location: ${13:undefined} # not required. The Vault Location for the user.
email: ${14:undefined} # not required. The user email address.
"""
'data_pipeline':
'prefix': "data_pipeline_snippet"
'description': "Create and manage AWS Datapipelines"
'body': """
data_pipeline:
name: ${1:undefined} # required. The name of the Datapipeline to create/modify/delete.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
parameters: ${5:undefined} # not required. A list of parameter objects (dicts) in the pipeline definition.
tags: ${6:null} # not required. A dict of key:value pair(s) to add to the pipeline.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${8|present,absent,active,inactive|} # not required. choices: present;absent;active;inactive. The requested state of the pipeline.
objects: ${9:undefined} # not required. A list of pipeline object definitions, each of which is a dict that takes the keys C(id), C(name) and C(fields).
values: ${10:undefined} # not required. A list of parameter values (dicts) in the pipeline definition. Each dict takes the keys C(id) and C(stringValue) both of which are strings.
timeout: ${11:300} # not required. Time in seconds to wait for the pipeline to transition to the requested state, fail otherwise.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
security_token: ${13:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
description: ${15:} # not required. An optional description for the pipeline being created.
"""
'datadog_event':
'prefix': "datadog_event_snippet"
'description': "Posts events to DataDog service"
'body': """
datadog_event:
title: ${1:null} # required. The event title.
text: ${2:null} # required. The body of the event.
app_key: ${3:undefined} # required. Your DataDog app key.
api_key: ${4:null} # required. Your DataDog API key.
date_happened: ${5:now} # not required. POSIX timestamp of the event.,Default value is now.
alert_type: ${6|error,warning,info,success|} # not required. choices: error;warning;info;success. Type of alert.
tags: ${7:null} # not required. Comma separated list of tags to apply to the event.
priority: ${8|normal,low|} # not required. choices: normal;low. The priority of the event.
host: ${9:{{ ansible_hostname }}} # not required. Host name to associate with the event.
aggregation_key: ${10:null} # not required. An arbitrary string to use for aggregation.
validate_certs: ${11|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'datadog_monitor':
'prefix': "datadog_monitor_snippet"
'description': "Manages Datadog monitors"
'body': """
datadog_monitor:
app_key: ${1:undefined} # required. Your DataDog app key.
name: ${2:undefined} # required. The name of the alert.
state: ${3|present,absent,mute,unmute|} # required. choices: present;absent;mute;unmute. The designated state of the monitor.
api_key: ${4:undefined} # required. Your DataDog API key.
notify_audit: ${5:false} # not required. A boolean indicating whether tagged users will be notified on changes to this monitor.
timeout_h: ${6:null} # not required. The number of hours of the monitor not reporting data before it will automatically resolve from a triggered state.
tags: ${7:None} # not required. A list of tags to associate with your monitor when creating or updating. This can help you categorize and filter monitors.
thresholds: ${8:[object Object]} # not required. A dictionary of thresholds by status. This option is only available for service checks and metric alerts. Because each of them can have multiple thresholds, we don't define them directly in the query.\"]
new_host_delay: ${9:null} # not required. A positive integer representing the number of seconds to wait before evaluating the monitor for new hosts. This gives the host time to fully initialize.
query: ${10:null} # not required. The monitor query to notify on with syntax varying depending on what type of monitor you are creating.
message: ${11:null} # not required. A message to include with notifications for this monitor. Email notifications can be sent to specific users by using the same '@username' notation as events. Monitor message template variables can be accessed by using double square brackets, i.e '[[' and ']]'.
id: ${12:null} # not required. The id of the alert. If set, will be used instead of the name to locate the alert.
locked: ${13:false} # not required. A boolean indicating whether changes to this monitor should be restricted to the creator or admins.
no_data_timeframe: ${14:2x timeframe for metric, 2 minutes for service} # not required. The number of minutes before a monitor will notify when data stops reporting. Must be at least 2x the monitor timeframe for metric alerts or 2 minutes for service checks.
silenced: ${15:} # not required. Dictionary of scopes to timestamps or None. Each scope will be muted until the given POSIX timestamp or forever if the value is None.
require_full_window: ${16:null} # not required. A boolean indicating whether this monitor needs a full window of data before it's evaluated. We highly recommend you set this to False for sparse metrics, otherwise some evaluations will be skipped.
notify_no_data: ${17:false} # not required. A boolean indicating whether this monitor will notify when data stops reporting..
renotify_interval: ${18:null} # not required. The number of minutes after the last notification before a monitor will re-notify on the current status. It will only re-notify if it's not resolved.
escalation_message: ${19:null} # not required. A message to include with a re-notification. Supports the '@username' notification we allow elsewhere. Not applicable if renotify_interval is None
type: ${20|metric alert,service check,event alert|} # not required. choices: metric alert;service check;event alert. The type of the monitor.,The 'event alert'is available starting at Ansible 2.1
"""
'dconf':
'prefix': "dconf_snippet"
'description': "Modify and read dconf database"
'body': """
dconf:
key: ${1:undefined} # required. A dconf key to modify or read from the dconf database.
state: ${2|read,present,absent|} # not required. choices: read;present;absent. The action to take upon the key/value.
value: ${3:undefined} # not required. Value to set for the specified dconf key. Value should be specified in GVariant format. Due to complexity of this format, it is best to have a look at existing values in the dconf database. Required for C(state=present).
"""
'debconf':
'prefix': "debconf_snippet"
'description': "Configure a .deb package"
'body': """
debconf:
name: ${1:undefined} # required. Name of package to configure.
value: ${2:undefined} # not required. Value to set the configuration to.
vtype: ${3|boolean,error,multiselect,note,password,seen,select,string,text,title,text|} # not required. choices: boolean;error;multiselect;note;password;seen;select;string;text;title;text. The type of the value supplied.,C(seen) was added in 2.2.
question: ${4:undefined} # not required. A debconf configuration setting.
unseen: ${5:false} # not required. Do not set 'seen' flag when pre-seeding.
"""
'debug':
'prefix': "debug_snippet"
'description': "Print statements during execution"
'body': """
debug:
msg: ${1:Hello world!} # not required. The customized message that is printed. If omitted, prints a generic message.
var: ${2:undefined} # not required. A variable name to debug. Mutually exclusive with the 'msg' option.
verbosity: ${3:0} # not required. A number that controls when the debug is run, if you set to 3 it will only run debug when -vvv or above
"""
'dellos10_command':
'prefix': "dellos10_command_snippet"
'description': "Run commands on remote devices running Dell OS10"
'body': """
dellos10_command:
commands: ${1:undefined} # required. List of commands to send to the remote dellos10 device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should be tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. A dict object containing connection details.
wait_for: ${5:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of I(retries), the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'dellos10_config':
'prefix': "dellos10_config_snippet"
'description': "Manage Dell EMC Networking OS10 configuration sections"
'body': """
dellos10_config:
src: ${1:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines).
config: ${2:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
after: ${3:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${4:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser. This argument is mutually exclusive with I(src).
update: ${5|merge,check|} # not required. choices: merge;check. The I(update) argument controls how the configuration statements are processed on the remote device. Valid choices for the I(update) argument are I(merge) and I(check). When you set this argument to I(merge), the configuration changes merge with the current device running configuration. When you set this argument to I(check) the configuration updates are determined but not actually configured on the remote device.
replace: ${6|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${7:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${8:null} # not required. A dict object containing connection details.
save: ${9|yes,no|} # not required. choices: yes;no. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
backup: ${10:false} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
match: ${11|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${12:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'dellos10_facts':
'prefix': "dellos10_facts_snippet"
'description': "Collect facts from remote devices running Dell EMC Networking OS10"
'body': """
dellos10_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${2:null} # not required. A dict object containing connection details.
"""
'dellos6_command':
'prefix': "dellos6_command_snippet"
'description': "Run commands on remote devices running Dell OS6"
'body': """
dellos6_command:
commands: ${1:undefined} # required. List of commands to send to the remote dellos6 device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should be tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. A dict object containing connection details.
wait_for: ${5:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of I(retries), the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'dellos6_config':
'prefix': "dellos6_config_snippet"
'description': "Manage Dell EMC Networking OS6 configuration sections"
'body': """
dellos6_config:
src: ${1:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines).
config: ${2:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
after: ${3:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${4:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser. This argument is mutually exclusive with I(src).
update: ${5|merge,check|} # not required. choices: merge;check. The I(update) argument controls how the configuration statements are processed on the remote device. Valid choices for the I(update) argument are I(merge) and I(check). When you set this argument to I(merge), the configuration changes merge with the current device running configuration. When you set this argument to I(check) the configuration updates are determined but not actually configured on the remote device.
replace: ${6|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${7:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${8:null} # not required. A dict object containing connection details.
save: ${9|yes,no|} # not required. choices: yes;no. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
backup: ${10:false} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
match: ${11|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${12:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'dellos6_facts':
'prefix': "dellos6_facts_snippet"
'description': "Collect facts from remote devices running Dell EMC Networking OS6"
'body': """
dellos6_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${2:null} # not required. A dict object containing connection details.
"""
'dellos9_command':
'prefix': "dellos9_command_snippet"
'description': "Run commands on remote devices running Dell OS9"
'body': """
dellos9_command:
commands: ${1:undefined} # required. List of commands to send to the remote dellos9 device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should be tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. A dict object containing connection details.
wait_for: ${5:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of I(retries), the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'dellos9_config':
'prefix': "dellos9_config_snippet"
'description': "Manage Dell EMC Networking OS9 configuration sections"
'body': """
dellos9_config:
src: ${1:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines).
config: ${2:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
after: ${3:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${4:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser. This argument is mutually exclusive with I(src).
update: ${5|merge,check|} # not required. choices: merge;check. The I(update) argument controls how the configuration statements are processed on the remote device. Valid choices for the I(update) argument are I(merge) and I(check). When you set this argument to I(merge), the configuration changes merge with the current device running configuration. When you set this argument to I(check) the configuration updates are determined but not actually configured on the remote device.
replace: ${6|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${7:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${8:null} # not required. A dict object containing connection details.
save: ${9|yes,no|} # not required. choices: yes;no. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
backup: ${10:false} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
match: ${11|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${12:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'dellos9_facts':
'prefix': "dellos9_facts_snippet"
'description': "Collect facts from remote devices running Dell EMC Networking OS9"
'body': """
dellos9_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${2:null} # not required. A dict object containing connection details.
"""
'deploy_helper':
'prefix': "deploy_helper_snippet"
'description': "Manages some of the steps common in deploying projects."
'body': """
deploy_helper:
path: ${1:undefined} # required. the root path of the project. Alias I(dest). Returned in the C(deploy_helper.project_path) fact.
unfinished_filename: ${2:DEPLOY_UNFINISHED} # not required. the name of the file that indicates a deploy has not finished. All folders in the releases_path that contain this file will be deleted on C(state=finalize) with clean=True, or C(state=clean). This file is automatically deleted from the I(new_release_path) during C(state=finalize).
keep_releases: ${3:5} # not required. the number of old releases to keep when cleaning. Used in C(finalize) and C(clean). Any unfinished builds will be deleted first, so only correct releases will count. The current version will not count.
current_path: ${4:current} # not required. the name of the symlink that is created when the deploy is finalized. Used in C(finalize) and C(clean). Returned in the C(deploy_helper.current_path) fact.
state: ${5|present,finalize,absent,clean,query|} # not required. choices: present;finalize;absent;clean;query. the state of the project. C(query) will only gather facts, C(present) will create the project I(root) folder, and in it the I(releases) and I(shared) folders, C(finalize) will remove the unfinished_filename file, create a symlink to the newly deployed release and optionally clean old releases, C(clean) will remove failed & old releases, C(absent) will remove the project folder (synonymous to the M(file) module with C(state=absent))
shared_path: ${6:shared} # not required. the name of the folder that will hold the shared resources. This can be relative to C(path) or absolute. If this is set to an empty string, no shared folder will be created. Returned in the C(deploy_helper.shared_path) fact.
releases_path: ${7:releases} # not required. the name of the folder that will hold the releases. This can be relative to C(path) or absolute. Returned in the C(deploy_helper.releases_path) fact.
clean: ${8:true} # not required. Whether to run the clean procedure in case of C(state=finalize).
release: ${9:None} # not required. the release version that is being deployed. Defaults to a timestamp format %Y%m%d%H%M%S (i.e. '20141119223359'). This parameter is optional during C(state=present), but needs to be set explicitly for C(state=finalize). You can use the generated fact C(release={{ deploy_helper.new_release }}).
"""
'digital_ocean':
'prefix': "digital_ocean_snippet"
'description': "Create/delete a droplet/SSH_key in DigitalOcean"
'body': """
digital_ocean:
unique_name: ${1|yes,no|} # not required. choices: yes;no. Bool, require unique hostnames. By default, DigitalOcean allows multiple hosts with the same name. Setting this to \"yes\" allows only one host per name. Useful for idempotence.
virtio: ${2|yes,no|} # not required. choices: yes;no. Bool, turn on virtio driver in droplet for improved network and storage I/O.
region_id: ${3:undefined} # not required. This is the slug of the region you would like your server to be created in.
backups_enabled: ${4|yes,no|} # not required. choices: yes;no. Optional, Boolean, enables backups for your droplet.
user_data: ${5:None} # not required. opaque blob of data which is made available to the droplet
image_id: ${6:undefined} # not required. This is the slug of the image you would like the droplet created with.
wait_timeout: ${7:300} # not required. How long before wait gives up, in seconds.
api_token: ${8:undefined} # not required. DigitalOcean api token.
ssh_pub_key: ${9:undefined} # not required. The public SSH key you want to add to your account.
wait: ${10|yes,no|} # not required. choices: yes;no. Wait for the droplet to be in state 'running' before returning. If wait is \"no\" an ip_address may not be returned.
name: ${11:undefined} # not required. String, this is the name of the droplet - must be formatted by hostname rules, or the name of a SSH key.
size_id: ${12:undefined} # not required. This is the slug of the size you would like the droplet created with.
id: ${13:undefined} # not required. Numeric, the droplet id you want to operate on.
state: ${14|present,active,absent,deleted|} # not required. choices: present;active;absent;deleted. Indicate desired state of the target.
command: ${15|droplet,ssh|} # not required. choices: droplet;ssh. Which target you want to operate on.
ssh_key_ids: ${16:undefined} # not required. Optional, array of SSH key (numeric) ID that you would like to be added to the server.
ipv6: ${17|yes,no|} # not required. choices: yes;no. Optional, Boolean, enable IPv6 for your droplet.
private_networking: ${18|yes,no|} # not required. choices: yes;no. Bool, add an additional, private network interface to droplet for inter-droplet communication.
"""
'digital_ocean_block_storage':
'prefix': "digital_ocean_block_storage_snippet"
'description': "Create/destroy or attach/detach Block Storage volumes in DigitalOcean"
'body': """
digital_ocean_block_storage:
volume_name: ${1:undefined} # required. The name of the Block Storage volume.
region: ${2:undefined} # required. The slug of the region where your Block Storage volume should be located in. If snapshot_id is included, this will be ignored.
state: ${3|present,absent|} # required. choices: present;absent. Indicate desired state of the target.
command: ${4|create,attach|} # required. choices: create;attach. Which operation do you want to perform.
api_token: ${5:undefined} # required. DigitalOcean api token.
droplet_id: ${6:undefined} # not required. The droplet id you want to operate on. Required when command=attach.
description: ${7:undefined} # not required. Description of the Block Storage volume.
snapshot_id: ${8:undefined} # not required. The snapshot id you would like the Block Storage volume created with. If included, region and block_size will be ignored and changed to null.
timeout: ${9:10} # not required. The timeout in seconds used for polling DigitalOcean's API.
block_size: ${10:undefined} # not required. The size of the Block Storage volume in gigabytes. Required when command=create and state=present. If snapshot_id is included, this will be ignored.
"""
'digital_ocean_certificate':
'prefix': "digital_ocean_certificate_snippet"
'description': "Manage certificates in DigitalOcean."
'body': """
digital_ocean_certificate:
oauth_token: ${1:undefined} # required. DigitalOcean OAuth token.
name: ${2:undefined} # required. The name of the certificate.
private_key: ${3:undefined} # not required. A PEM-formatted private key content of SSL Certificate.
leaf_certificate: ${4:undefined} # not required. A PEM-formatted public SSL Certificate.
certificate_chain: ${5:undefined} # not required. The full PEM-formatted trust chain between the certificate authority's certificate and your domain's SSL certificate.
state: ${6|present,absent|} # not required. choices: present;absent. Whether the certificate should be present or absent.
"""
'digital_ocean_domain':
'prefix': "digital_ocean_domain_snippet"
'description': "Create/delete a DNS record in DigitalOcean"
'body': """
digital_ocean_domain:
ip: ${1:undefined} # not required. The IP address to point a domain at.
state: ${2|present,absent|} # not required. choices: present;absent. Indicate desired state of the target.
oauth_token: ${3:undefined} # not required. DigitalOcean api token.
id: ${4:undefined} # not required. Numeric, the droplet id you want to operate on.
name: ${5:undefined} # not required. String, this is the name of the droplet - must be formatted by hostname rules, or the name of a SSH key, or the name of a domain.
"""
'digital_ocean_floating_ip':
'prefix': "digital_ocean_floating_ip_snippet"
'description': "Manage DigitalOcean Floating IPs"
'body': """
digital_ocean_floating_ip:
oauth_token: ${1:undefined} # required. DigitalOcean OAuth token.
ip: ${2:None} # not required. Public IP address of the Floating IP. Used to remove an IP
state: ${3|present,absent|} # not required. choices: present;absent. Indicate desired state of the target.
region: ${4:None} # not required. The region that the Floating IP is reserved to.
droplet_id: ${5:None} # not required. The Droplet that the Floating IP has been assigned to.
"""
'digital_ocean_floating_ip_facts':
'prefix': "digital_ocean_floating_ip_facts_snippet"
'description': "DigitalOcean Floating IPs facts"
'body': """
digital_ocean_floating_ip_facts:
oauth_token: ${1:undefined} # required. DigitalOcean OAuth token.
timeout: ${2:30} # not required. The timeout in seconds used for polling DigitalOcean's API.
"""
'digital_ocean_sshkey':
'prefix': "digital_ocean_sshkey_snippet"
'description': "Manage DigitalOcean SSH keys"
'body': """
digital_ocean_sshkey:
oauth_token: ${1:undefined} # required. DigitalOcean OAuth token.
state: ${2|present,absent|} # not required. choices: present;absent. Indicate desired state of the target.
fingerprint: ${3:None} # not required. This is a unique identifier for the SSH key used to delete a key
ssh_pub_key: ${4:None} # not required. The Public SSH key to add.
name: ${5:None} # not required. The name for the SSH key
"""
'digital_ocean_sshkey_facts':
'prefix': "digital_ocean_sshkey_facts_snippet"
'description': "DigitalOcean SSH keys facts"
'body': """
digital_ocean_sshkey_facts:
oauth_token: ${1:undefined} # required. DigitalOcean API token.
timeout: ${2:30} # not required. The timeout in seconds used for polling DigitalOcean's API.
"""
'digital_ocean_tag':
'prefix': "digital_ocean_tag_snippet"
'description': "Create and remove tag(s) to DigitalOcean resource."
'body': """
digital_ocean_tag:
name: ${1:undefined} # required. The name of the tag. The supported characters for names include alphanumeric characters, dashes, and underscores.
state: ${2|present,absent|} # not required. choices: present;absent. Whether the tag should be present or absent on the resource.
resource_id: ${3:undefined} # not required. The ID of the resource to operate on.,The data type of resource_id is changed from integer to string, from version 2.5.
resource_type: ${4|droplet|} # not required. choices: droplet. The type of resource to operate on. Currently, only tagging of droplets is supported.
api_token: ${5:undefined} # not required. DigitalOcean api token.
"""
'dimensiondata_network':
'prefix': "dimensiondata_network_snippet"
'description': "Create, update, and delete MCP 1.0 & 2.0 networks"
'body': """
dimensiondata_network:
name: ${1:undefined} # required. The name of the network domain to create.
location: ${2:undefined} # required. The target datacenter.
service_plan: ${3|ESSENTIALS,ADVANCED|} # not required. choices: ESSENTIALS;ADVANCED. The service plan, either \"ESSENTIALS\" or \"ADVANCED\".,MCP 2.0 Only.
mcp_user: ${4:undefined} # not required. The username used to authenticate to the CloudControl API.,If not specified, will fall back to C(MCP_USER) from environment variable or C(~/.dimensiondata).
mcp_password: ${5:undefined} # not required. The password used to authenticate to the CloudControl API.,If not specified, will fall back to C(MCP_PASSWORD) from environment variable or C(~/.dimensiondata).,Required if I(mcp_user) is specified.
region: ${6|Regions are defined in Apache libcloud project [libcloud/common/dimensiondata.py],They are also listed in U(https://libcloud.readthedocs.io/en/latest/compute/drivers/dimensiondata.html),Note that the default value \"na\" stands for \"North America\".,The module prepends 'dd-' to the region choice.|} # not required. choices: Regions are defined in Apache libcloud project [libcloud/common/dimensiondata.py];They are also listed in U(https://libcloud.readthedocs.io/en/latest/compute/drivers/dimensiondata.html);Note that the default value \"na\" stands for \"North America\".;The module prepends 'dd-' to the region choice.. The target region.
wait_time: ${7:600} # not required. The maximum amount of time (in seconds) to wait for the task to complete.,Only applicable if I(wait=true).
state: ${8|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
wait_poll_interval: ${9:2} # not required. The amount of time (in seconds) to wait between checks for task completion.,Only applicable if I(wait=true).
wait: ${10:false} # not required. Should we wait for the task to complete before moving onto the next.
validate_certs: ${11:true} # not required. If C(false), SSL certificates will not be validated.,This should only be used on private instances of the CloudControl API that use self-signed certificates.
description: ${12:undefined} # not required. Additional description of the network domain.
"""
'dimensiondata_vlan':
'prefix': "dimensiondata_vlan_snippet"
'description': "Manage a VLAN in a Cloud Control network domain."
'body': """
dimensiondata_vlan:
location: ${1:undefined} # required. The target datacenter.
network_domain: ${2:undefined} # required. The Id or name of the target network domain.
description: ${3:null} # not required. A description of the VLAN.
private_ipv4_base_address: ${4:undefined} # not required. The base address for the VLAN's IPv4 network (e.g. 192.168.1.0).
private_ipv4_prefix_size: ${5:undefined} # not required. The size of the IPv4 address space, e.g 24.,Required, if C(private_ipv4_base_address) is specified.
allow_expand: ${6:false} # not required. Permit expansion of the target VLAN's network if the module parameters specify a larger network than the VLAN currently posesses?,If C(False), the module will fail under these conditions.,This is intended to prevent accidental expansion of a VLAN's network (since this operation is not reversible).
wait_poll_interval: ${7:2} # not required. The amount of time (in seconds) to wait between checks for task completion.,Only applicable if I(wait=true).
mcp_user: ${8:undefined} # not required. The username used to authenticate to the CloudControl API.,If not specified, will fall back to C(MCP_USER) from environment variable or C(~/.dimensiondata).
name: ${9:undefined} # not required. The name of the target VLAN.,Required if C(state) is C(present).
mcp_password: ${10:undefined} # not required. The password used to authenticate to the CloudControl API.,If not specified, will fall back to C(MCP_PASSWORD) from environment variable or C(~/.dimensiondata).,Required if I(mcp_user) is specified.
region: ${11|Regions are defined in Apache libcloud project [libcloud/common/dimensiondata.py],They are also listed in U(https://libcloud.readthedocs.io/en/latest/compute/drivers/dimensiondata.html),Note that the default value \"na\" stands for \"North America\".,The module prepends 'dd-' to the region choice.|} # not required. choices: Regions are defined in Apache libcloud project [libcloud/common/dimensiondata.py];They are also listed in U(https://libcloud.readthedocs.io/en/latest/compute/drivers/dimensiondata.html);Note that the default value \"na\" stands for \"North America\".;The module prepends 'dd-' to the region choice.. The target region.
wait: ${12:false} # not required. Should we wait for the task to complete before moving onto the next.
wait_time: ${13:600} # not required. The maximum amount of time (in seconds) to wait for the task to complete.,Only applicable if I(wait=true).
state: ${14|present,absent,readonly|} # not required. choices: present;absent;readonly. The desired state for the target VLAN.,C(readonly) ensures that the state is only ever read, not modified (the module will fail if the resource does not exist).
validate_certs: ${15:true} # not required. If C(false), SSL certificates will not be validated.,This should only be used on private instances of the CloudControl API that use self-signed certificates.
"""
'django_manage':
'prefix': "django_manage_snippet"
'description': "Manages a Django application."
'body': """
django_manage:
app_path: ${1:undefined} # required. The path to the root of the Django application where B(manage.py) lives.
command: ${2|cleanup,collectstatic,flush,loaddata,migrate,runfcgi,syncdb,test,validate|} # required. choices: cleanup;collectstatic;flush;loaddata;migrate;runfcgi;syncdb;test;validate. The name of the Django management command to run. Built in commands are cleanup, collectstatic, flush, loaddata, migrate, runfcgi, syncdb, test, and validate.,Other commands can be entered, but will fail if they're unknown to Django. Other commands that may prompt for user input should be run with the I(--noinput) flag.
virtualenv: ${3:undefined} # not required. An optional path to a I(virtualenv) installation to use while running the manage application.
settings: ${4:undefined} # not required. The Python path to the application's settings module, such as 'myapp.settings'.
pythonpath: ${5:undefined} # not required. A directory to add to the Python path. Typically used to include the settings module if it is located external to the application directory.
database: ${6:undefined} # not required. The database to target. Used by the 'createcachetable', 'flush', 'loaddata', and 'syncdb' commands.
apps: ${7:undefined} # not required. A list of space-delimited apps to target. Used by the 'test' command.
cache_table: ${8:undefined} # not required. The name of the table used for database-backed caching. Used by the 'createcachetable' command.
merge: ${9:undefined} # not required. Will run out-of-order or missing migrations as they are not rollback migrations, you can only use this parameter with 'migrate' command
skip: ${10:undefined} # not required. Will skip over out-of-order missing migrations, you can only use this parameter with I(migrate)
link: ${11:undefined} # not required. Will create links to the files instead of copying them, you can only use this parameter with 'collectstatic' command
fixtures: ${12:undefined} # not required. A space-delimited list of fixture file names to load in the database. B(Required) by the 'loaddata' command.
failfast: ${13|yes,no|} # not required. choices: yes;no. Fail the command immediately if a test fails. Used by the 'test' command.
"""
'dladm_etherstub':
'prefix': "dladm_etherstub_snippet"
'description': "Manage etherstubs on Solaris/illumos systems."
'body': """
dladm_etherstub:
name: ${1:undefined} # required. Etherstub name.
state: ${2|present,absent|} # not required. choices: present;absent. Create or delete Solaris/illumos etherstub.
temporary: ${3|true,false|} # not required. choices: true;false. Specifies that the etherstub is temporary. Temporary etherstubs do not persist across reboots.
"""
'dladm_iptun':
'prefix': "dladm_iptun_snippet"
'description': "Manage IP tunnel interfaces on Solaris/illumos systems."
'body': """
dladm_iptun:
name: ${1:undefined} # required. IP tunnel interface name.
state: ${2|present,absent|} # not required. choices: present;absent. Create or delete Solaris/illumos VNIC.
temporary: ${3:false} # not required. Specifies that the IP tunnel interface is temporary. Temporary IP tunnel interfaces do not persist across reboots.
local_address: ${4:undefined} # not required. Literat IP address or hostname corresponding to the tunnel source.
type: ${5|ipv4,ipv6,6to4|} # not required. choices: ipv4;ipv6;6to4. Specifies the type of tunnel to be created.
remote_address: ${6:undefined} # not required. Literal IP address or hostname corresponding to the tunnel destination.
"""
'dladm_linkprop':
'prefix': "dladm_linkprop_snippet"
'description': "Manage link properties on Solaris/illumos systems."
'body': """
dladm_linkprop:
link: ${1:undefined} # required. Link interface name.
property: ${2:undefined} # required. Specifies the name of the property we want to manage.
state: ${3|present,absent,reset|} # not required. choices: present;absent;reset. Set or reset the property value.
temporary: ${4:false} # not required. Specifies that lin property configuration is temporary. Temporary link property configuration does not persist across reboots.
value: ${5:undefined} # not required. Specifies the value we want to set for the link property.
"""
'dladm_vlan':
'prefix': "dladm_vlan_snippet"
'description': "Manage VLAN interfaces on Solaris/illumos systems."
'body': """
dladm_vlan:
link: ${1:undefined} # required. VLAN underlying link name.
name: ${2:undefined} # required. VLAN interface name.
state: ${3|present,absent|} # not required. choices: present;absent. Create or delete Solaris/illumos VNIC.
temporary: ${4:false} # not required. Specifies that the VLAN interface is temporary. Temporary VLANs do not persist across reboots.
vlan_id: ${5:false} # not required. VLAN ID value for VLAN interface.
"""
'dladm_vnic':
'prefix': "dladm_vnic_snippet"
'description': "Manage VNICs on Solaris/illumos systems."
'body': """
dladm_vnic:
name: ${1:undefined} # required. VNIC name.
link: ${2:undefined} # required. VNIC underlying link name.
state: ${3|present,absent|} # not required. choices: present;absent. Create or delete Solaris/illumos VNIC.
temporary: ${4|true,false|} # not required. choices: true;false. Specifies that the VNIC is temporary. Temporary VNICs do not persist across reboots.
vlan: ${5:false} # not required. Enable VLAN tagging for this VNIC. The VLAN tag will have id I(vlan).
mac: ${6:false} # not required. Sets the VNIC's MAC address. Must be valid unicast MAC address.
"""
'dnf':
'prefix': "dnf_snippet"
'description': "Manages packages with the I(dnf) package manager"
'body': """
dnf:
name: ${1:null} # required. A list of package names, or package specifier with version, like C(name-1.0) When using state=latest, this can be '*' which means run: dnf -y update. You can also pass a url or a local path to a rpm file.
autoremove: ${2|yes,no|} # not required. choices: yes;no. If C(yes), removes all \"leaf\" packages from the system that were originally installed as dependencies of user-installed packages but which are no longer required by any such package. Should be used alone or when state is I(absent)
list: ${3:null} # not required. Various (non-idempotent) commands for usage with C(/usr/bin/ansible) and I(not) playbooks. See examples.
disable_gpg_check: ${4|yes,no|} # not required. choices: yes;no. Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is I(present) or I(latest).
conf_file: ${5:null} # not required. The remote dnf configuration file to use for the transaction.
state: ${6|present,latest,absent|} # not required. choices: present;latest;absent. Whether to install (C(present), C(latest)), or remove (C(absent)) a package.
disablerepo: ${7:null} # not required. I(Repoid) of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a \",\".
enablerepo: ${8:null} # not required. I(Repoid) of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a \",\".
installroot: ${9:/} # not required. Specifies an alternative installroot, relative to which all packages will be installed.
"""
'dnsimple':
'prefix': "dnsimple_snippet"
'description': "Interface with dnsimple.com (a DNS hosting service)."
'body': """
dnsimple:
solo: ${1:null} # not required. Whether the record should be the only one for that record type and record name. Only use with state=present on a record
domain: ${2:null} # not required. Domain to work with. Can be the domain name (e.g. \"mydomain.com\") or the numeric ID of the domain in DNSimple. If omitted, a list of domains will be returned.,If domain is present but the domain doesn't exist, it will be created.
account_email: ${3:null} # not required. Account email. If omitted, the env variables DNSIMPLE_EMAIL and DNSIMPLE_API_TOKEN will be looked for. If those aren't found, a C(.dnsimple) file will be looked for, see: U(https://github.com/mikemaccana/dnsimple-python#getting-started)\n
record_ids: ${4:null} # not required. List of records to ensure they either exist or don't exist
value: ${5:null} # not required. Record value,Must be specified when trying to ensure a record exists
priority: ${6:null} # not required. Record priority
record: ${7:null} # not required. Record to add, if blank a record for the domain will be created, supports the wildcard (*)
state: ${8|present,absent|} # not required. choices: present;absent. whether the record should exist or not
ttl: ${9:3600 (one hour)} # not required. The TTL to give the new record
type: ${10|A,ALIAS,CNAME,MX,SPF,URL,TXT,NS,SRV,NAPTR,PTR,AAAA,SSHFP,HINFO,POOL|} # not required. choices: A;ALIAS;CNAME;MX;SPF;URL;TXT;NS;SRV;NAPTR;PTR;AAAA;SSHFP;HINFO;POOL. The type of DNS record to create
account_api_token: ${11:null} # not required. Account API token. See I(account_email) for info.
"""
'dnsmadeeasy':
'prefix': "dnsmadeeasy_snippet"
'description': "Interface with dnsmadeeasy.com (a DNS hosting service)."
'body': """
dnsmadeeasy:
domain: ${1:null} # required. Domain to work with. Can be the domain name (e.g. \"mydomain.com\") or the numeric ID of the domain in DNS Made Easy (e.g. \"839989\") for faster resolution
protocol: ${2|TCP,UDP,HTTP,DNS,SMTP,HTTPS|} # required. choices: TCP;UDP;HTTP;DNS;SMTP;HTTPS. Protocol used by the monitor.
autoFailover: ${3|yes,no|} # required. choices: yes;no. If true, fallback to the primary IP address is manual after a failover.,If false, fallback to the primary IP address is automatic after a failover.
sensitivity: ${4|Low,Medium,High|} # required. choices: Low;Medium;High. Number of checks the monitor performs before a failover occurs where Low = 8, Medium = 5,and High = 3.
contactList: ${5:} # required. Name or id of the contact list that the monitor will notify.,The default C('') means the Account Owner.
account_key: ${6:null} # required. Account API Key.
port: ${7:80} # required. Port used by the monitor.
monitor: ${8|yes,no|} # required. choices: yes;no. If C(yes), add or change the monitor. This is applicable only for A records.
failover: ${9|yes,no|} # required. choices: yes;no. If C(yes), add or change the failover. This is applicable only for A records.
maxEmails: ${10:1} # required. Number of emails sent to the contact list by the monitor.
state: ${11|present,absent|} # required. choices: present;absent. whether the record should exist or not
systemDescription: ${12:} # required. Description used by the monitor.
account_secret: ${13:null} # required. Account Secret Key.
httpFqdn: ${14:undefined} # not required. The fully qualified domain name used by the monitor.
record_ttl: ${15:1800} # not required. record's \"Time to live\". Number of seconds the record remains cached in DNS servers.
ip2: ${16:undefined} # not required. Secondary IP address for the failover.,Required if adding or changing the failover.
record_type: ${17|A,AAAA,CNAME,ANAME,HTTPRED,MX,NS,PTR,SRV,TXT|} # not required. choices: A;AAAA;CNAME;ANAME;HTTPRED;MX;NS;PTR;SRV;TXT. Record type.
ip1: ${18:undefined} # not required. Primary IP address for the failover.,Required if adding or changing the monitor or failover.
ip4: ${19:undefined} # not required. Quaternary IP address for the failover.
ip5: ${20:undefined} # not required. Quinary IP address for the failover.
record_name: ${21:null} # not required. Record name to get/create/delete/update. If record_name is not specified; all records for the domain will be returned in \"result\" regardless of the state argument.
ip3: ${22:undefined} # not required. Tertiary IP address for the failover.
httpQueryString: ${23:undefined} # not required. The string in the httpFile that the monitor queries for HTTP or HTTPS.
record_value: ${24:null} # not required. Record value. HTTPRED: <redirection URL>, MX: <priority> <target name>, NS: <name server>, PTR: <target name>, SRV: <priority> <weight> <port> <target name>, TXT: <text value>\"\n,If record_value is not specified; no changes will be made and the record will be returned in 'result' (in other words, this module can be used to fetch a record's current id, type, and ttl)\n
httpFile: ${25:undefined} # not required. The file at the Fqdn that the monitor queries for HTTP or HTTPS.
validate_certs: ${26|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'docker':
'prefix': "docker_snippet"
'description': "manage docker containers"
'body': """
docker:
image: ${1:undefined} # required. Container image used to match and launch containers.
publish_all_ports: ${2:no} # not required. Publish all exposed ports to the host interfaces.
tty: ${3:no} # not required. Allocate a pseudo-tty within the container.
log_opt: ${4:undefined} # not required. Additional options to pass to the logging driver selected above. See Docker `log-driver <https://docs.docker.com/reference/logging/overview/>` documentation for more information. Requires docker >=1.7.0.
insecure_registry: ${5:no} # not required. Use insecure private registry by HTTP instead of HTTPS.,Needed for docker-py >= 0.5.0.
links: ${6:undefined} # not required. List of other containers to link within this container with an optional.,alias. Use docker CLI-style syntax: C(redis:myredis).
memory_limit: ${7:0} # not required. RAM allocated to the container as a number of bytes or as a human-readable string like \"512MB\".,Leave as \"0\" to specify no limit.
docker_url: ${8:${DOCKER_HOST} or unix://var/run/docker.sock} # not required. URL of the host running the docker daemon. This will default to the env var DOCKER_HOST if unspecified.
labels: ${9:undefined} # not required. Set container labels.,Requires docker >= 1.6 and docker-py >= 1.2.0.
pid: ${10:undefined} # not required. Set the PID namespace mode for the container (currently only supports 'host').,Requires docker-py >= 1.0.0 and docker >= 1.5.0
docker_api_version: ${11:docker-py default remote API version} # not required. Remote API version to use. This defaults to the current default as specified by docker-py.
stop_timeout: ${12:10} # not required. How many seconds to wait for the container to stop before killing it.
tls_client_key: ${13:${DOCKER_CERT_PATH}/key.pem} # not required. Path to the PEM-encoded key used to authenticate docker client. If specified tls_client_cert must be valid
privileged: ${14:no} # not required. Whether the container should run in privileged mode or not.
env_file: ${15:undefined} # not required. Pass in a path to a file with environment variable (FOO=BAR). If a key value is present in both explicitly presented (i.e. as 'env') and in the environment file, the explicit value will override. Requires docker-py >= 1.4.0.
read_only: ${16:undefined} # not required. Mount the container's root filesystem as read only.
use_tls: ${17|encrypt,false,verify|} # not required. choices: encrypt;false;verify. Whether to use tls to connect to the docker server. \"no\" means not to use tls (and ignore any other tls related parameters). \"encrypt\" means to use tls to encrypt the connection to the server. \"verify\" means to also verify that the server's certificate is valid for the server (this both verifies the certificate against the CA and that the certificate was issued for that host. If this is unspecified, tls will only be used if one of the other tls options require it.
password: ${18:undefined} # not required. Remote API password.
hostname: ${19:undefined} # not required. Container hostname.
lxc_conf: ${20:undefined} # not required. LXC configuration parameters, such as C(lxc.aa_profile:unconfined).
tls_ca_cert: ${21:${DOCKER_CERT_PATH}/ca.pem} # not required. Path to a PEM-encoded certificate authority to secure the Docker connection. This has no effect if use_tls is encrypt.
state: ${22|absent,killed,present,reloaded,restarted,started,stopped|} # not required. choices: absent;killed;present;reloaded;restarted;started;stopped. Assert the container's desired state. \"present\" only asserts that the matching containers exist. \"started\" asserts that the matching containers both exist and are running, but takes no action if any configuration has changed. \"reloaded\" (added in Ansible 1.9) asserts that all matching containers are running and restarts any that have any images or configuration out of date. \"restarted\" unconditionally restarts (or starts) the matching containers. \"stopped\" and '\"killed\" stop and kill all matching containers. \"absent\" stops and then' removes any matching containers.
tls_client_cert: ${23:${DOCKER_CERT_PATH}/cert.pem} # not required. Path to the PEM-encoded certificate used to authenticate docker client. If specified tls_client_key must be valid
entrypoint: ${24:undefined} # not required. Corresponds to C(--entrypoint) option of C(docker run) command and C(ENTRYPOINT) directive of Dockerfile.,Used to match and launch containers.
env: ${25:undefined} # not required. Pass a dict of environment variables to the container.
volumes_from: ${26:undefined} # not required. List of names of containers to mount volumes from.
net: ${27:no} # not required. Network mode for the launched container: bridge, none, container:<name|id>,or host.,Requires docker >= 0.11.
email: ${28:undefined} # not required. Remote API email.
username: ${29:undefined} # not required. Remote API username.
docker_user: ${30:undefined} # not required. Username or UID to use within the container
log_driver: ${31|awslogs,fluentd,gelf,journald,json-file,none,syslog|} # not required. choices: awslogs;fluentd;gelf;journald;json-file;none;syslog. You can specify a different logging driver for the container than for the daemon.,C(awslogs) - (added in 2.1) Awslogs logging driver for Docker. Writes log messages to AWS Cloudwatch Logs.,C(fluentd) - Fluentd logging driver for Docker. Writes log messages to \"fluentd\" (forward input).,C(gelf) - Graylog Extended Log Format (GELF) logging driver for Docker. Writes log messages to a GELF endpoint likeGraylog or Logstash.,C(journald) - Journald logging driver for Docker. Writes log messages to \"journald\".,C(json-file) - Default logging driver for Docker. Writes JSON messages to file. docker logs command is available only for this logging driver.,C(none) - disables any logging for the container.,C(syslog) - Syslog logging driver for Docker. Writes log messages to syslog. docker logs command is not available for this logging driver.,Requires docker >= 1.6.0.
expose: ${32:undefined} # not required. List of additional container ports to expose for port mappings or links. If the port is already exposed using EXPOSE in a Dockerfile, you don't need to expose it again.
stdin_open: ${33:no} # not required. Keep stdin open after a container is launched.
tls_hostname: ${34:Taken from docker_url} # not required. A hostname to check matches what's supplied in the docker server's certificate. If unspecified, the hostname is taken from the docker_url.
domainname: ${35:undefined} # not required. Container domain name.
registry: ${36:DockerHub} # not required. Remote registry URL to pull images from.
volumes: ${37:undefined} # not required. List of volumes to mount within the container.,Use docker CLI-style syntax: C(/host:/container[:mode]),You can specify a read mode for the mount with either C(ro) or C(rw). Starting at version 2.1, SELinux hosts can additionally use C(z) or C(Z) mount options to use a shared or private label for the volume.
detach: ${38:yes} # not required. Enable detached mode to leave the container running in background. If disabled, fail unless the process exits cleanly.
cpu_set: ${39:undefined} # not required. CPUs in which to allow execution.,Requires docker-py >= 0.6.0.
pull: ${40|always,missing|} # not required. choices: always;missing. Control when container images are updated from the C(docker_url) registry.,If C(missing), images will be pulled only when missing from the host;,if C(always), the registry will be checked for a newer version of the image each time the task executes.
dns: ${41:undefined} # not required. List of custom DNS servers for the container.
name: ${42:undefined} # not required. Name used to match and uniquely name launched containers. Explicit names are used to uniquely identify a single container or to link among containers. Mutually exclusive with a \"count\" other than \"1\".
signal: ${43:KILL} # not required. With the state \"killed\", you can alter the signal sent to the container.
cap_add: ${44:no} # not required. Add capabilities for the container.,Requires docker-py >= 0.5.0.
restart_policy: ${45|always,false,on-failure,unless-stopped|} # not required. choices: always;false;on-failure;unless-stopped. Container restart policy.,The 'unless-stopped' choice is only available starting in Ansible 2.1 and for Docker 1.9 and above.
count: ${46:1} # not required. Number of matching containers that should be in the desired state.
devices: ${47:undefined} # not required. List of host devices to expose to container.
extra_hosts: ${48:undefined} # not required. Dict of custom host-to-IP mappings to be defined in the container
command: ${49:undefined} # not required. Command used to match and launch containers.
restart_policy_retry: ${50:0} # not required. Maximum number of times to restart a container.,Leave as \"0\" for unlimited retries.
timeout: ${51:60} # not required. Docker daemon response timeout in seconds.
cap_drop: ${52:no} # not required. Drop capabilities for the container.,Requires docker-py >= 0.5.0.
ports: ${53:undefined} # not required. List containing private to public port mapping specification. Use docker 'CLI-style syntax: C(8000), C(9000:8000), or C(0.0.0.0:9000:8000)' where 8000 is a container port, 9000 is a host port, and 0.0.0.0 is - a host interface. The container ports need to be exposed either in the Dockerfile or via the C(expose) option.
ulimits: ${54:undefined} # not required. ulimits, list ulimits with name, soft and optionally hard limit separated by colons. e.g. C(nofile:1024:2048),Requires docker-py >= 1.2.0 and docker >= 1.6.0
cpu_shares: ${55:0} # not required. CPU shares (relative weight).,Requires docker-py >= 0.6.0.
"""
'docker_container':
'prefix': "docker_container_snippet"
'description': "manage docker containers"
'body': """
docker_container:
name: ${1:undefined} # required. Assign a name to a new container or match an existing container.,When identifying an existing container name may be a name or a long or short container ID.
tty: ${2:false} # not required. Allocate a pseudo-TTY.
dns_servers: ${3:null} # not required. List of custom DNS servers.
image: ${4:null} # not required. Repository path and tag used to create the container. If an image is not found or pull is true, the image will be pulled from the registry. If no tag is included, 'latest' will be used.
labels: ${5:null} # not required. Dictionary of key value pairs.
docker_host: ${6:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
cpuset_cpus: ${7:null} # not required. CPUs in which to allow execution C(1,3) or C(1-3).
force_kill: ${8:false} # not required. Use the kill command when stopping a running container.
pid_mode: ${9:null} # not required. Set the PID namespace mode for the container. Currently only supports 'host'.
networks: ${10:null} # not required. List of networks the container belongs to.,Each network is a dict with keys C(name), C(ipv4_address), C(ipv6_address), C(links), C(aliases).,For each network C(name) is required, all other keys are optional.,If included, C(links) or C(aliases) are lists.,For examples of the data structure and usage see EXAMPLES below.,To remove a container from one or more networks, use the C(purge_networks) option.
cpu_period: ${11:0} # not required. Limit CPU CFS (Completely Fair Scheduler) period
detach: ${12:true} # not required. Enable detached mode to leave the container running in background. If disabled, the task will reflect the status of the container run (failed if the command failed).
oom_score_adj: ${13:0} # not required. An integer value containing the score given to the container in order to tune OOM killer preferences.
state: ${14|absent,present,stopped,started|} # not required. choices: absent;present;stopped;started. I(absent) - A container matching the specified name will be stopped and removed. Use force_kill to kill the container rather than stopping it. Use keep_volumes to retain volumes associated with the removed container.,I(present) - Asserts the existence of a container matching the name and any provided configuration parameters. If no container matches the name, a container will be created. If a container matches the name but the provided configuration does not match, the container will be updated, if it can be. If it cannot be updated, it will be removed and re-created with the requested config. Image version will be taken into account when comparing configuration. To ignore image version use the ignore_image option. Use the recreate option to force the re-creation of the matching container. Use force_kill to kill the container rather than stopping it. Use keep_volumes to retain volumes associated with a removed container.,I(started) - Asserts there is a running container matching the name and any provided configuration. If no container matches the name, a container will be created and started. If a container matching the name is found but the configuration does not match, the container will be updated, if it can be. If it cannot be updated, it will be removed and a new container will be created with the requested configuration and started. Image version will be taken into account when comparing configuration. To ignore image version use the ignore_image option. Use recreate to always re-create a matching container, even if it is running. Use restart to force a matching container to be stopped and restarted. Use force_kill to kill a container rather than stopping it. Use keep_volumes to retain volumes associated with a removed container.,I(stopped) - Asserts that the container is first I(present), and then if the container is running moves it to a stopped state. Use force_kill to kill a container rather than stopping it.
capabilities: ${15:null} # not required. List of capabilities to add to the container.
memory_swap: ${16:0} # not required. Total memory limit (memory + swap, format:<number>[<unit>]). Number is a positive integer. Unit can be one of b, k, m, or g.
mac_address: ${17:null} # not required. Container MAC address (e.g. 92:d0:c6:0a:29:33)
volumes_from: ${18:null} # not required. List of container names or Ids to get volumes from.
log_options: ${19:null} # not required. Dictionary of options specific to the chosen log_driver. See https://docs.docker.com/engine/admin/logging/overview/ for details.
cert_path: ${20:null} # not required. Path to the client's TLS certificate file.
recreate: ${21:false} # not required. Use with present and started states to force the re-creation of an existing container.
memory: ${22:0} # not required. Memory limit (format: <number>[<unit>]). Number is a positive integer. Unit can be one of b, k, m, or g
memory_swappiness: ${23:0} # not required. Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100.
network_mode: ${24|bridge,container:<name|id>,host,none|} # not required. choices: bridge;container:<name|id>;host;none. Connect the container to a network.
tmpfs: ${25:null} # not required. Mount a tmpfs directory
published_ports: ${26:null} # not required. List of ports to publish from the container to the host.,Use docker CLI syntax: C(8000), C(9000:8000), or C(0.0.0.0:9000:8000), where 8000 is a container port, 9000 is a host port, and 0.0.0.0 is a host interface.,Container ports must be exposed either in the Dockerfile or via the C(expose) option.,A value of all will publish all exposed container ports to random host ports, ignoring any other mappings.,If C(networks) parameter is provided, will inspect each network to see if there exists a bridge network with optional parameter com.docker.network.bridge.host_binding_ipv4. If such a network is found, then published ports where no host IP address is specified will be bound to the host IP pointed to by com.docker.network.bridge.host_binding_ipv4. Note that the first bridge network with a com.docker.network.bridge.host_binding_ipv4 value encountered in the list of C(networks) is the one that will be used.
restart: ${27:false} # not required. Use with started state to force a matching container to be stopped and restarted.
pull: ${28:false} # not required. If true, always pull the latest version of an image. Otherwise, will only pull an image when missing.
stop_signal: ${29:null} # not required. Override default signal used to stop the container.
devices: ${30:null} # not required. List of host device bindings to add to the container. Each binding is a mapping expressed in the format: <path_on_host>:<path_in_container>:<cgroup_permissions>
uts: ${31:null} # not required. Set the UTS namespace mode for the container.
tls_verify: ${32:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
blkio_weight: ${33:null} # not required. Block IO (relative weight), between 10 and 1000.
timeout: ${34:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
stop_timeout: ${35:null} # not required. Number of seconds to wait for the container to stop before sending SIGKILL.
ulimits: ${36:null} # not required. List of ulimit options. A ulimit is specified as C(nofile:262144:262144)
interactive: ${37:false} # not required. Keep stdin open after a container is launched, even if not attached.
links: ${38:null} # not required. List of name aliases for linked containers in the format C(container_name:alias)
domainname: ${39:null} # not required. Container domainname.
ssl_version: ${40:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
command: ${41:null} # not required. Command to execute when the container starts. A command may be either a string or a list. Prior to version 2.4, strings were split on commas.
paused: ${42:false} # not required. Use with the started state to pause running processes inside the container.
cacert_path: ${43:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
dns_search_domains: ${44:null} # not required. List of custom DNS search domains.
security_opts: ${45:null} # not required. List of security options in the form of C(\"label:user:User\")
env_file: ${46:null} # not required. Path to a file containing environment variables I(FOO=BAR).,If variable also present in C(env), then C(env) value will override.,Requires docker-py >= 1.4.0.
cpu_quota: ${47:0} # not required. Limit CPU CFS (Completely Fair Scheduler) quota
read_only: ${48:false} # not required. Mount the container's root file system as read-only.
cpuset_mems: ${49:null} # not required. Memory nodes (MEMs) in which to allow execution C(0-3) or C(0,1)
hostname: ${50:null} # not required. Container hostname.
working_dir: ${51:null} # not required. Path to the working directory.
cleanup: ${52:false} # not required. Use with I(detach=false) to remove the container after successful execution.
entrypoint: ${53:null} # not required. Command that overwrites the default ENTRYPOINT of the image.
key_path: ${54:null} # not required. Path to the client's TLS key file.
env: ${55:null} # not required. Dictionary of key,value pairs.
keep_volumes: ${56:true} # not required. Retain volumes associated with a removed container.
ipc_mode: ${57:null} # not required. Set the IPC mode for the container. Can be one of 'container:<name|id>' to reuse another container's IPC namespace or 'host' to use the host's IPC namespace within the container.
privileged: ${58:false} # not required. Give extended privileges to the container.
api_version: ${59:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
exposed_ports: ${60:null} # not required. List of additional container ports which informs Docker that the container listens on the specified network ports at runtime. If the port is already exposed using EXPOSE in a Dockerfile, it does not need to be exposed again.
trust_image_content: ${61:false} # not required. If true, skip image verification.
auto_remove: ${62:false} # not required. enable auto-removal of the container on daemon side when the container's process exits
log_driver: ${63|none,json-file,syslog,journald,gelf,fluentd,awslogs,splunk|} # not required. choices: none;json-file;syslog;journald;gelf;fluentd;awslogs;splunk. Specify the logging driver. Docker uses json-file by default.
oom_killer: ${64:false} # not required. Whether or not to disable OOM Killer for the container.
shm_size: ${65:null} # not required. Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`. Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes).,Omitting the unit defaults to bytes. If you omit the size entirely, the system uses `64m`.
kill_signal: ${66:null} # not required. Override default signal used to kill a running container.
tls_hostname: ${67:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
volume_driver: ${68:none} # not required. The container volume driver.
user: ${69:null} # not required. Sets the username or UID used and optionally the groupname or GID for the specified command.,Can be [ user | user:group | uid | uid:gid | user:gid | uid:group ]
groups: ${70:null} # not required. List of additional group names and/or IDs that the container process will run as.
userns_mode: ${71:null} # not required. User namespace to use
purge_networks: ${72:false} # not required. Remove the container from ALL networks not included in C(networks) parameter.,Any default networks such as I(bridge), if not found in C(networks), will be removed as well.
tls: ${73:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
ignore_image: ${74:false} # not required. When C(state) is I(present) or I(started) the module compares the configuration of an existing container to requested configuration. The evaluation includes the image version. If the image version in the registry does not match the container, the container will be recreated. Stop this behavior by setting C(ignore_image) to I(True).
restart_policy: ${75|always,false,on-failure,unless-stopped|} # not required. choices: always;false;on-failure;unless-stopped. Container restart policy. Place quotes around I(no) option.
kernel_memory: ${76:0} # not required. Kernel memory limit (format: <number>[<unit>]). Number is a positive integer. Unit can be one of b, k, m, or g. Minimum is 4M.
etc_hosts: ${77:null} # not required. Dict of host-to-IP mappings, where each host name is a key in the dictionary. Each host name will be added to the container's /etc/hosts file.
sysctls: ${78:null} # not required. Dictionary of key,value pairs.
memory_reservation: ${79:0} # not required. Memory soft limit (format: <number>[<unit>]). Number is a positive integer. Unit can be one of b, k, m, or g
volumes: ${80:null} # not required. List of volumes to mount within the container.,Use docker CLI-style syntax: C(/host:/container[:mode]),You can specify a read mode for the mount with either C(ro) or C(rw).,SELinux hosts can additionally use C(z) or C(Z) to use a shared or private label for the volume.
cpu_shares: ${81:null} # not required. CPU shares (relative weight).
restart_retries: ${82:0} # not required. Use with restart policy to control maximum number of restart attempts.
"""
'docker_image':
'prefix': "docker_image_snippet"
'description': "Manage docker images."
'body': """
docker_image:
name: ${1:undefined} # required. Image name. Name format will be one of: name, repository/name, registry_server:port/name. When pushing or pulling an image the name can optionally include the tag by appending ':tag_name'.
archive_path: ${2:undefined} # not required. Use with state C(present) to archive an image to a .tar file.
cacert_path: ${3:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
force: ${4:false} # not required. Use with state I(absent) to un-tag and remove all images matching the specified name. Use with state C(present) to build, load or pull an image when the image already exists.
timeout: ${5:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
repository: ${6:undefined} # not required. Full path to a repository. Use with state C(present) to tag the image into the repository. Expects format I(repository:tag). If no tag is provided, will use the value of the C(tag) parameter or I(latest).
tls_hostname: ${7:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
docker_host: ${8:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
tag: ${9:latest} # not required. Used to select an image when pulling. Will be added to the image when pushing, tagging or building. Defaults to I(latest).,If C(name) parameter format is I(name:tag), then tag value from C(name) will take precedence.
cert_path: ${10:null} # not required. Path to the client's TLS certificate file.
path: ${11:undefined} # not required. Use with state 'present' to build an image. Will be the path to a directory containing the context and Dockerfile for building an image.
tls: ${12:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
pull: ${13:true} # not required. When building an image downloads any updates to the FROM image in Dockerfile.
nocache: ${14:false} # not required. Do not use cache when building an image.
container_limits: ${15:undefined} # not required. A dictionary of limits applied to each container created by the build process.
http_timeout: ${16:undefined} # not required. Timeout for HTTP requests during the image build operation. Provide a positive integer value for the number of seconds.
ssl_version: ${17:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
load_path: ${18:undefined} # not required. Use with state C(present) to load an image from a .tar file.
use_tls: ${19|false,encrypt,verify|} # not required. choices: false;encrypt;verify. DEPRECATED. Whether to use tls to connect to the docker server. Set to C(no) when TLS will not be used. Set to C(encrypt) to use TLS. And set to C(verify) to use TLS and verify that the server's certificate is valid for the server. NOTE: If you specify this option, it will set the value of the tls or tls_verify parameters.
state: ${20|absent,present,build|} # not required. choices: absent;present;build. Make assertions about the state of an image.,When C(absent) an image will be removed. Use the force option to un-tag and remove all images matching the provided name.,When C(present) check if an image exists using the provided name and tag. If the image is not found or the force option is used, the image will either be pulled, built or loaded. By default the image will be pulled from Docker Hub. To build the image, provide a path value set to a directory containing a context and Dockerfile. To load an image, specify load_path to provide a path to an archive file. To tag an image to a repository, provide a repository path. If the name contains a repository path, it will be pushed.,NOTE: C(build) is DEPRECATED and will be removed in release 2.3. Specifying C(build) will behave the same as C(present).
tls_verify: ${21:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
key_path: ${22:null} # not required. Path to the client's TLS key file.
buildargs: ${23:undefined} # not required. Provide a dictionary of C(key:value) build arguments that map to Dockerfile ARG directive.,Docker expects the value to be a string. For convenience any non-string values will be converted to strings.,Requires Docker API >= 1.21 and docker-py >= 1.7.0.
push: ${24:false} # not required. Push the image to the registry. Specify the registry as part of the I(name) or I(repository) parameter.
rm: ${25:true} # not required. Remove intermediate containers after build.
dockerfile: ${26:Dockerfile} # not required. Use with state C(present) to provide an alternate name for the Dockerfile to use when building an image.
api_version: ${27:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
"""
'docker_image_facts':
'prefix': "docker_image_facts_snippet"
'description': "Inspect docker images"
'body': """
docker_image_facts:
name: ${1:null} # required. An image name or a list of image names. Name format will be name[:tag] or repository/name[:tag], where tag is optional. If a tag is not provided, 'latest' will be used.
tls: ${2:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
cacert_path: ${3:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
ssl_version: ${4:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
tls_hostname: ${5:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
docker_host: ${6:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
tls_verify: ${7:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
key_path: ${8:null} # not required. Path to the client's TLS key file.
timeout: ${9:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
cert_path: ${10:null} # not required. Path to the client's TLS certificate file.
api_version: ${11:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
"""
'docker_login':
'prefix': "docker_login_snippet"
'description': "Log into a Docker registry."
'body': """
docker_login:
username: ${1:undefined} # required. The username for the registry account
password: ${2:undefined} # required. The plaintext password for the registry account
cacert_path: ${3:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
tls_hostname: ${4:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
docker_host: ${5:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
tls_verify: ${6:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
cert_path: ${7:null} # not required. Path to the client's TLS certificate file.
tls: ${8:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
config_path: ${9:~/.docker/config.json} # not required. Custom path to the Docker CLI configuration file.
ssl_version: ${10:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
state: ${11|present,absent|} # not required. choices: present;absent. This controls the current state of the user. C(present) will login in a user, C(absent) will log them out.,To logout you only need the registry server, which defaults to DockerHub.,Before 2.1 you could ONLY log in.,docker does not support 'logout' with a custom config file.
key_path: ${12:null} # not required. Path to the client's TLS key file.
timeout: ${13:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
registry_url: ${14:https://index.docker.io/v1/} # not required. The registry URL.
email: ${15:None} # not required. The email address for the registry account. NOTE: private registries may not require this, but Docker Hub requires it.
api_version: ${16:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
reauthorize: ${17|yes,no|} # not required. choices: yes;no. Refresh exiting authentication found in the configuration file.
"""
'docker_network':
'prefix': "docker_network_snippet"
'description': "Manage Docker networks"
'body': """
docker_network:
name: ${1:undefined} # required. Name of the network to operate on.
tls: ${2:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
cacert_path: ${3:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
force: ${4:false} # not required. With state I(absent) forces disconnecting all containers from the network prior to deleting the network. With state I(present) will disconnect all containers, delete the network and re-create the network. This option is required if you have changed the IPAM or driver options and want an existing network to be updated to use the new options.
tls_verify: ${5:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
ssl_version: ${6:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
driver: ${7:bridge} # not required. Specify the type of network. Docker provides bridge and overlay drivers, but 3rd party drivers can also be used.
docker_host: ${8:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
ipam_options: ${9:null} # not required. Dictionary of IPAM options.
tls_hostname: ${10:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
state: ${11|absent,present|} # not required. choices: absent;present. I(absent) deletes the network. If a network has connected containers, it cannot be deleted. Use the C(force) option to disconnect all containers and delete the network.,I(present) creates the network, if it does not already exist with the specified parameters, and connects the list of containers provided via the connected parameter. Containers not on the list will be disconnected. An empty list will leave no containers connected to the network. Use the C(appends) option to leave existing containers connected. Use the C(force) options to force re-creation of the network.
driver_options: ${12:null} # not required. Dictionary of network settings. Consult docker docs for valid options and values.
connected: ${13:null} # not required. List of container names or container IDs to connect to a network.
key_path: ${14:null} # not required. Path to the client's TLS key file.
timeout: ${15:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
cert_path: ${16:null} # not required. Path to the client's TLS certificate file.
ipam_driver: ${17:null} # not required. Specify an IPAM driver.
appends: ${18:false} # not required. By default the connected list is canonical, meaning containers not on the list are removed from the network. Use C(appends) to leave existing containers connected.
api_version: ${19:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
"""
'docker_secret':
'prefix': "docker_secret_snippet"
'description': "Manage docker secrets."
'body': """
docker_secret:
name: ${1:undefined} # required. The name of the secret.
tls: ${2:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
cacert_path: ${3:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
force: ${4:false} # not required. Boolean. Use with state C(present) to always remove and recreate an existing secret.,If I(true), an existing secret will be replaced, even if it has not changed.
labels: ${5:undefined} # not required. A map of key:value meta data, where both the I(key) and I(value) are expected to be a string.,If new meta data is provided, or existing meta data is modified, the secret will be updated by removing it and creating it again.
ssl_version: ${6:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
docker_host: ${7:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
tls_hostname: ${8:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
state: ${9|absent,present|} # not required. choices: absent;present. Set to C(present), if the secret should exist, and C(absent), if it should not.
tls_verify: ${10:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
key_path: ${11:null} # not required. Path to the client's TLS key file.
timeout: ${12:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
cert_path: ${13:null} # not required. Path to the client's TLS certificate file.
data: ${14:undefined} # not required. String. The value of the secret. Required when state is C(present).
api_version: ${15:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
"""
'docker_service':
'prefix': "docker_service_snippet"
'description': "Manage docker services and containers."
'body': """
docker_service:
files: ${1:undefined} # not required. List of file names relative to C(project_src). Overrides docker-compose.yml or docker-compose.yaml.,Files are loaded and merged in the order given.
project_name: ${2:undefined} # not required. Provide a project name. If not provided, the project name is taken from the basename of C(project_src).,Required when no C(definition) is provided.
project_src: ${3:undefined} # not required. Path to a directory containing a docker-compose.yml or docker-compose.yaml file.,Mutually exclusive with C(definition).,Required when no C(definition) is provided.
hostname_check: ${4:false} # not required. Whether or not to check the Docker daemon's hostname against the name provided in the client certificate.
recreate: ${5|always,never,smart|} # not required. choices: always;never;smart. By default containers will be recreated when their configuration differs from the service definition.,Setting to I(never) ignores configuration differences and leaves existing containers unchanged.,Setting to I(always) forces recreation of all existing containers.
tls_hostname: ${6:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
docker_host: ${7:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
dependencies: ${8:true} # not required. When C(state) is I(present) specify whether or not to include linked services.
remove_images: ${9:null} # not required. Use with state I(absent) to remove the all images or only local images.
services: ${10:undefined} # not required. When C(state) is I(present) run I(docker-compose up) on a subset of services.
cert_path: ${11:null} # not required. Path to the client's TLS certificate file.
pull: ${12:false} # not required. Use with state I(present) to always pull images prior to starting the application.,Same as running docker-compose pull.,When a new image is pulled, services using the image will be recreated unless C(recreate) is I(never).
tls: ${13:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
definition: ${14:undefined} # not required. Provide docker-compose yaml describing one or more services, networks and volumes.,Mutually exclusive with C(project_src) and C(files).
scale: ${15:undefined} # not required. When C(state) is I(present) scale services. Provide a dictionary of key/value pairs where the key is the name of the service and the value is an integer count for the number of containers.
nocache: ${16:false} # not required. Use with the build option to ignore the cache during the image build process.
restarted: ${17:false} # not required. Use with state I(present) to restart all containers.
ssl_version: ${18:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
state: ${19|absent,present|} # not required. choices: absent;present. Desired state of the project.,Specifying I(present) is the same as running I(docker-compose up).,Specifying I(absent) is the same as running I(docker-compose down).
api_version: ${20:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
remove_volumes: ${21:false} # not required. Use with state I(absent) to remove data volumes.
tls_verify: ${22:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
stopped: ${23:false} # not required. Use with state I(present) to leave the containers in an exited or non-running state.
build: ${24:false} # not required. Use with state I(present) to always build images prior to starting the application.,Same as running docker-compose build with the pull option.,Images will only be rebuilt if Docker detects a change in the Dockerfile or build directory contents.,Use the C(nocache) option to ignore the image cache when performing the build.,If an existing image is replaced, services using the image will be recreated unless C(recreate) is I(never).
timeout: ${25:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
debug: ${26:false} # not required. Include I(actions) in the return values.
cacert_path: ${27:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
key_path: ${28:null} # not required. Path to the client's TLS key file.
"""
'docker_volume':
'prefix': "docker_volume_snippet"
'description': "Manage Docker volumes"
'body': """
docker_volume:
name: ${1:undefined} # required. Name of the volume to operate on.
cacert_path: ${2:null} # not required. Use a CA certificate when performing server verification by providing the path to a CA certificate file.
force: ${3:no} # not required. With state C(present) causes the volume to be deleted and recreated if the volume already exist and the driver, driver options or labels differ. This will cause any data in the existing volume to be lost.
labels: ${4:undefined} # not required. List of labels to set for the volume
driver: ${5:local} # not required. Specify the type of volume. Docker provides the C(local) driver, but 3rd party drivers can also be used.
tls_hostname: ${6:localhost} # not required. When verifying the authenticity of the Docker Host server, provide the expected name of the server.
docker_host: ${7:unix://var/run/docker.sock} # not required. The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
driver_options: ${8:undefined} # not required. Dictionary of volume settings. Consult docker docs for valid options and values: U(https://docs.docker.com/engine/reference/commandline/volume_create/#driver-specific-options)
cert_path: ${9:null} # not required. Path to the client's TLS certificate file.
tls: ${10:false} # not required. Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
ssl_version: ${11:1.0} # not required. Provide a valid SSL version number. Default value determined by docker-py, currently 1.0.
state: ${12|absent,present|} # not required. choices: absent;present. C(absent) deletes the volume.,C(present) creates the volume, if it does not already exist.
tls_verify: ${13:false} # not required. Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
key_path: ${14:null} # not required. Path to the client's TLS key file.
timeout: ${15:60} # not required. The maximum amount of time in seconds to wait on a response from the API.
api_version: ${16:default provided by docker-py} # not required. The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
"""
'dpkg_selections':
'prefix': "dpkg_selections_snippet"
'description': "Dpkg package selection selections"
'body': """
dpkg_selections:
selection: ${1|install,hold,deinstall,purge|} # required. choices: install;hold;deinstall;purge. The selection state to set the package to.
name: ${2:undefined} # required. Name of the package
"""
'dynamodb_table':
'prefix': "dynamodb_table_snippet"
'description': "Create, update or delete AWS Dynamo DB tables."
'body': """
dynamodb_table:
name: ${1:undefined} # required. Name of the table.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
read_capacity: ${4:1} # not required. Read throughput capacity (units) to provision.
hash_key_name: ${5:null} # not required. Name of the hash key.,Required when C(state=present).
range_key_type: ${6|STRING,NUMBER,BINARY|} # not required. choices: STRING;NUMBER;BINARY. Type of the range key.
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${8:null} # not required. a hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag; '{\"key\":\"value\"}' and '{\"key\":\"value\",\"key\":\"value\"}"
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
write_capacity: ${10:1} # not required. Write throughput capacity (units) to provision.
indexes: ${11:} # not required. list of dictionaries describing indexes to add to the table. global indexes can be updated. local indexes don't support updates or have throughput.,required options: ['name', 'type', 'hash_key_name'],valid types: ['all', 'global_all', 'global_include', 'global_keys_only', 'include', 'keys_only'],other options: ['hash_key_type', 'range_key_name', 'range_key_type', 'includes', 'read_capacity', 'write_capacity']
range_key_name: ${12:null} # not required. Name of the range key.
state: ${13|present,absent|} # not required. choices: present;absent. Create or delete the table
wait_for_active_timeout: ${14:60} # not required. how long before wait gives up, in seconds. only used when tags is set
ec2_url: ${15:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_access_key: ${16:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
validate_certs: ${17:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
hash_key_type: ${18|STRING,NUMBER,BINARY|} # not required. choices: STRING;NUMBER;BINARY. Type of the hash key.
"""
'dynamodb_ttl':
'prefix': "dynamodb_ttl_snippet"
'description': "set TTL for a given DynamoDB table."
'body': """
dynamodb_ttl:
attribute_name: ${1:undefined} # required. the name of the Time to Live attribute used to store the expiration time for items in the table,this appears to be required by the API even when disabling TTL.
table_name: ${2:undefined} # required. name of the DynamoDB table to work on
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${8|enable,disable|} # not required. choices: enable;disable. state to set DynamoDB table to
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'easy_install':
'prefix': "easy_install_snippet"
'description': "Installs Python libraries"
'body': """
easy_install:
name: ${1:null} # required. A Python library name
virtualenv: ${2:null} # not required. an optional I(virtualenv) directory path to install into. If the I(virtualenv) does not exist, it is created automatically
virtualenv_site_packages: ${3|yes,no|} # not required. choices: yes;no. Whether the virtual environment will inherit packages from the global site-packages directory. Note that if this setting is changed on an already existing virtual environment it will not have any effect, the environment must be deleted and newly created.
virtualenv_command: ${4:virtualenv} # not required. The command to create the virtual environment with. For example C(pyvenv), C(virtualenv), C(virtualenv2).
state: ${5|present,latest|} # not required. choices: present;latest. The desired state of the library. C(latest) ensures that the latest version is installed.
executable: ${6:null} # not required. The explicit executable or a pathname to the executable to be used to run easy_install for a specific version of Python installed in the system. For example C(easy_install-3.3), if there are both Python 2.7 and 3.3 installations in the system and you want to run easy_install for the Python 3.3 installation.
"""
'ec2':
'prefix': "ec2_snippet"
'description': "create, terminate, start or stop an instance in ec2"
'body': """
ec2:
image: ${1:null} # required. I(ami) ID to use for the instance
instance_type: ${2:null} # required. instance type to use for the instance, see U(http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)
kernel: ${3:null} # not required. kernel I(eki) to use for the instance
monitoring: ${4|yes,no|} # not required. choices: yes;no. enable detailed monitoring (CloudWatch) for instance
user_data: ${5:null} # not required. opaque blob of data which is made available to the ec2 instance
termination_protection: ${6|yes,no|} # not required. choices: yes;no. Enable or Disable the Termination Protection
private_ip: ${7:null} # not required. the private ip address to assign the instance (from the vpc subnet)
spot_type: ${8|one-time,persistent|} # not required. choices: one-time;persistent. Type of spot request; one of \"one-time\" or \"persistent\". Defaults to \"one-time\" if not supplied.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
id: ${10:null} # not required. identifier for this instance or set of instances, so that the module will be idempotent with respect to EC2 instances. This identifier is valid for at least 24 hours after the termination of the instance, and should not be reused for another call later on. For details, see the description of client token at U(http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html).
source_dest_check: ${11|yes,no|} # not required. choices: yes;no. Enable or Disable the Source/Destination checks (for NAT instances and Virtual Routers)
aws_secret_key: ${12:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
spot_wait_timeout: ${13:600} # not required. how long to wait for the spot instance request to be fulfilled
group: ${14:null} # not required. security group (or list of groups) to use with the instance
zone: ${15:null} # not required. AWS availability zone in which to launch the instance
exact_count: ${16:null} # not required. An integer value which indicates how many instances that match the 'count_tag' parameter should be running. Instances are either created or terminated based on this value.
ebs_optimized: ${17:false} # not required. whether instance is using optimized EBS volumes, see U(http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html)
state: ${18|present,absent,running,restarted,stopped|} # not required. choices: present;absent;running;restarted;stopped. create, terminate, start, stop or restart instances. The state 'restarted' was added in 2.2
placement_group: ${19:null} # not required. placement group for the instance when using EC2 Clustered Compute
key_name: ${20:null} # not required. key pair to use on the instance
ramdisk: ${21:null} # not required. ramdisk I(eri) to use for the instance
count_tag: ${22:null} # not required. Used with 'exact_count' to determine how many nodes based on a specific tag criteria should be running. This can be expressed in multiple ways and is shown in the EXAMPLES section. For instance, one can request 25 servers that are tagged with \"class=webserver\". The specified tag must already exist or be passed in as the 'instance_tags' option.
spot_launch_group: ${23:null} # not required. Launch group for spot request, see U(http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-spot-instances-work.html#spot-launch-group)
vpc_subnet_id: ${24:null} # not required. the subnet ID in which to launch the instance (VPC)
instance_ids: ${25:null} # not required. list of instance ids, currently used for states: absent, running, stopped
tenancy: ${26|default,dedicated|} # not required. choices: default;dedicated. An instance with a tenancy of \"dedicated\" runs on single-tenant hardware and can only be launched into a VPC. Note that to use dedicated tenancy you MUST specify a vpc_subnet_id as well. Dedicated tenancy is not available for EC2 \"micro\" instances.
profile: ${27:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
assign_public_ip: ${28|yes,no|} # not required. choices: yes;no. when provisioning within vpc, assign a public IP address. Boto library must be 2.13.0+
spot_price: ${29:null} # not required. Maximum spot price to bid, If not set a regular on-demand instance is requested. A spot request is made with this maximum bid. When it is filled, the instance is started.
wait: ${30|yes,no|} # not required. choices: yes;no. wait for the instance to reach its desired state before returning. Does not wait for SSH, see 'wait_for' example for details.
count: ${31:1} # not required. number of instances to launch
aws_access_key: ${32:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${33:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
instance_profile_name: ${34:null} # not required. Name of the IAM instance profile to use. Boto library must be 2.5.0+
region: ${35:null} # not required. The AWS region to use. Must be specified if ec2_url is not used. If not specified then the value of the EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
network_interfaces: ${36:null} # not required. A list of existing network interfaces to attach to the instance at launch. When specifying existing network interfaces, none of the assign_public_ip, private_ip, vpc_subnet_id, group, or group_id parameters may be used. (Those parameters are for creating a new network interface at launch.)
instance_initiated_shutdown_behavior: ${37|stop,terminate|} # not required. choices: stop;terminate. Set whether AWS will Stop or Terminate an instance on shutdown. This parameter is ignored when using instance-store images (which require termination on shutdown).
wait_timeout: ${38:300} # not required. how long before wait gives up, in seconds
volumes: ${39:null} # not required. a list of hash/dictionaries of volumes to add to the new instance; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are - device_name (str; required), delete_on_termination (bool; False), device_type (deprecated), ephemeral (str), encrypted (bool; False), snapshot (str), volume_type (str), iops (int) - device_type is deprecated use volume_type, iops must be set when volume_type='io1', ephemeral and snapshot are mutually exclusive.
instance_tags: ${40:null} # not required. a hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag; '{\"key\":\"value\"}' and '{\"key\":\"value\",\"key\":\"value\"}"
group_id: ${41:null} # not required. security group id (or list of ids) to use with the instance
validate_certs: ${42:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_ami':
'prefix': "ec2_ami_snippet"
'description': "create or destroy an image in ec2"
'body': """
ec2_ami:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
image_location: ${2:undefined} # not required. The s3 location of an image to use for the AMI.
description: ${3:undefined} # not required. Human-readable string describing the contents and purpose of the AMI.
tags: ${4:undefined} # not required. A dictionary of tags to add to the new image; '{\"key\":\"value\"}' and '{\"key\":\"value\",\"key\":\"value\"}"
enhanced_networking: ${5:undefined} # not required. A boolean representing whether enhanced networking with ENA is enabled or not.
purge_tags: ${6:no} # not required. Whether to remove existing tags that aren't passed in the C(tags) parameter
launch_permissions: ${7:undefined} # not required. Users and groups that should be able to launch the AMI. Expects dictionary with a key of user_ids and/or group_names. user_ids should be a list of account ids. group_name should be a list of groups, \"all\" is the only acceptable value currently.,You must pass all desired launch permissions if you wish to modify existing launch permissions (passing just groups will remove all users)
ramdisk_id: ${8:undefined} # not required. The ID of the RAM disk.
image_id: ${9:undefined} # not required. Image ID to be deregistered.
no_reboot: ${10|yes,no|} # not required. choices: yes;no. Flag indicating that the bundling process should not attempt to shutdown the instance before bundling. If this flag is True, the responsibility of maintaining file system integrity is left to the owner of the instance.
wait_timeout: ${11:900} # not required. How long before wait gives up, in seconds.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
wait: ${13|yes,no|} # not required. choices: yes;no. Wait for the AMI to be in state 'available' before returning.
aws_secret_key: ${14:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${15:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${16:undefined} # not required. The name of the new AMI.
security_token: ${17:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
delete_snapshot: ${18|yes,no|} # not required. choices: yes;no. Delete snapshots when deregistering the AMI.
billing_products: ${19:undefined} # not required. A list of valid billing codes. To be used with valid accounts by aws marketplace vendors.
region: ${20:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
instance_id: ${21:undefined} # not required. Instance ID to create the AMI from.
kernel_id: ${22:undefined} # not required. The target kernel id of the image to register.
state: ${23|absent,present|} # not required. choices: absent;present. Register or deregister an AMI.
architecture: ${24:undefined} # not required. The target architecture of the image to register
device_mapping: ${25:undefined} # not required. List of device hashes/dictionaries with custom configurations (same block-device-mapping parameters).,Valid properties include: device_name, volume_type, size/volume_size (in GB), delete_on_termination (boolean), no_device (boolean), snapshot_id, iops (for io1 volume_type), encrypted\n
validate_certs: ${26:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
virtualization_type: ${27:undefined} # not required. The virtualization type of the image to register.
sriov_net_support: ${28:undefined} # not required. Set to simple to enable enhanced networking with the Intel 82599 Virtual Function interface for the AMI and any instances that you launch from the AMI.
root_device_name: ${29:undefined} # not required. The root device name of the image to register.
"""
'ec2_ami_copy':
'prefix': "ec2_ami_copy_snippet"
'description': "copies AMI between AWS regions, return new image id"
'body': """
ec2_ami_copy:
source_image_id: ${1:undefined} # required. The ID of the AMI in source region that should be copied.
source_region: ${2:undefined} # required. The source region the AMI should be copied from.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${6:default} # not required. The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${8:null} # not required. A hash/dictionary of tags to add to the new copied AMI; '{\"key\":\"value\"}' and '{\"key\":\"value\",\"key\":\"value\"}"
encrypted: ${9:null} # not required. Whether or not the destination snapshots of the copied AMI should be encrypted.
description: ${10:null} # not required. An optional human-readable string describing the contents and purpose of the new AMI.
kms_key_id: ${11:null} # not required. KMS key id used to encrypt image. If not specified, uses default EBS Customer Master Key (CMK) for your account.
wait_timeout: ${12:1200} # not required. How long before wait gives up, in seconds. (As of 2.3 this option is deprecated. See boto3 Waiters)
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${15:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
wait: ${16|yes,no|} # not required. choices: yes;no. Wait for the copied AMI to be in state 'available' before returning.
"""
'ec2_ami_facts':
'prefix': "ec2_ami_facts_snippet"
'description': "Gather facts about ec2 AMIs"
'body': """
ec2_ami_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
owners: ${3:undefined} # not required. Filter the images by the owner. Valid options are an AWS account ID, self,,or an AWS owner alias ( amazon | aws-marketplace | microsoft ).
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
executable_users: ${5:undefined} # not required. Filter images by users with explicit launch permissions. Valid options are an AWS account ID, self, or all (public AMIs).
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
image_ids: ${8:undefined} # not required. One or more image IDs.
describe_image_attributes: ${9|yes,no|} # not required. choices: yes;no. Describe attributes (like launchPermission) of the images found.
filters: ${10:undefined} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value.,See U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html) for possible filters.,Filter names and values are case sensitive.
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${12:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_ami_find':
'prefix': "ec2_ami_find_snippet"
'description': "Searches for AMIs to obtain the AMI ID and other information"
'body': """
ec2_ami_find:
region: ${1:undefined} # required. The AWS region to use.
sort: ${2|name,description,tag,architecture,block_device_mapping,creationDate,hypervisor,is_public,location,owner_id,platform,root_device_name,root_device_type,state,virtualization_type|} # not required. choices: name;description;tag;architecture;block_device_mapping;creationDate;hypervisor;is_public;location;owner_id;platform;root_device_name;root_device_type;state;virtualization_type. Optional attribute which with to sort the results.,If specifying 'tag', the 'tag_name' parameter is required.,Starting at version 2.1, additional sort choices of architecture, block_device_mapping, creationDate, hypervisor, is_public, location, owner_id, platform, root_device_name, root_device_type, state, and virtualization_type are supported.
no_result_action: ${3|success,fail|} # not required. choices: success;fail. What to do when no results are found.,'success' reports success and returns an empty array,'fail' causes the module to report failure
sort_end: ${4:null} # not required. Which result to end with (when sorting).,Corresponds to Python slice notation.
root_device_type: ${5:null} # not required. Root device type to match (e.g. ebs, instance-store).
sort_order: ${6|ascending,descending|} # not required. choices: ascending;descending. Order in which to sort results.,Only used when the 'sort' parameter is specified.
profile: ${7:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
owner: ${9:null} # not required. Search AMIs owned by the specified owner,Can specify an AWS account ID, or one of the special IDs 'self', 'amazon' or 'aws-marketplace',If not specified, all EC2 AMIs in the specified region will be searched.,You can include wildcards in many of the search options. An asterisk (*) matches zero or more characters, and a question mark (?) matches exactly one character. You can escape special characters using a backslash (\\) before the character. For example, a value of \\*amazon\\?\\\\ searches for the literal string *amazon?\\.
is_public: ${10|yes,no|} # not required. choices: yes;no. Whether or not the image(s) are public.
product_code: ${11:null} # not required. Marketplace product code to match.
aws_secret_key: ${12:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${13:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
ami_id: ${14:null} # not required. An AMI ID to match.
name: ${15:null} # not required. An AMI name to match.
security_token: ${16:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
ami_tags: ${17:null} # not required. A hash/dictionary of tags to match for the AMI.
hypervisor: ${18:null} # not required. A hypervisor type type to match (e.g. xen).
sort_tag: ${19:null} # not required. Tag name with which to sort results.,Required when specifying 'sort=tag'.
platform: ${20:null} # not required. Platform type to match.
state: ${21:available} # not required. AMI state to match.
sort_start: ${22:null} # not required. Which result to start with (when sorting).,Corresponds to Python slice notation.
architecture: ${23:null} # not required. An architecture type to match (e.g. x86_64).
validate_certs: ${24:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
virtualization_type: ${25:null} # not required. Virtualization type to match (e.g. hvm).
"""
'ec2_ami_search':
'prefix': "ec2_ami_search_snippet"
'description': "Retrieve AWS AMI information for a given operating system."
'body': """
ec2_ami_search:
release: ${1:undefined} # required. short name of the release (e.g., C(precise))
distro: ${2|ubuntu|} # required. choices: ubuntu. Linux distribution (e.g., C(ubuntu))
stream: ${3|server,desktop|} # not required. choices: server;desktop. Type of release.
virt: ${4|paravirtual,hvm|} # not required. choices: paravirtual;hvm. virutalization type
region: ${5|ap-northeast-1,ap-southeast-1,ap-northeast-2,ap-southeast-2,ca-central-1,eu-central-1,eu-west-1,eu-west-2,sa-east-1,us-east-1,us-east-2,us-west-1,us-west-2,us-gov-west-1|} # not required. choices: ap-northeast-1;ap-southeast-1;ap-northeast-2;ap-southeast-2;ca-central-1;eu-central-1;eu-west-1;eu-west-2;sa-east-1;us-east-1;us-east-2;us-west-1;us-west-2;us-gov-west-1. EC2 region
arch: ${6|i386,amd64|} # not required. choices: i386;amd64. CPU architecture
store: ${7|ebs,ebs-io1,ebs-ssd,instance-store|} # not required. choices: ebs;ebs-io1;ebs-ssd;instance-store. Back-end store for instance
"""
'ec2_asg':
'prefix': "ec2_asg_snippet"
'description': "Create or delete AWS Autoscaling Groups"
'body': """
ec2_asg:
launch_config_name: ${1:undefined} # required. Name of the Launch configuration to use for the group. See the ec2_lc module for managing these. If unspecified then the current group value will be used.
name: ${2:undefined} # required. Unique name for group to be created or deleted
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
target_group_arns: ${5:undefined} # not required. List of target group ARNs to use for the group. Use for application load balancers.
default_cooldown: ${6:300 seconds} # not required. The number of seconds after a scaling activity completes before another can begin.
tags: ${7:None} # not required. A list of tags to add to the Auto Scale Group. Optional key is 'propagate_at_launch', which defaults to true.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
min_size: ${9:undefined} # not required. Minimum number of instances in group, if unspecified then the current group value will be used.
wait_timeout: ${10:300} # not required. how long before wait instances to become viable when replaced. Used in conjunction with instance_ids option.
health_check_period: ${11:500 seconds} # not required. Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
load_balancers: ${13:undefined} # not required. List of ELB names to use for the group. Use for classic load balancers.
aws_secret_key: ${14:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
lc_check: ${15:true} # not required. Check to make sure instances that are being replaced with replace_instances do not already have the current launch_config.
availability_zones: ${16:undefined} # not required. List of availability zone names in which to create the group. Defaults to all the availability zones in the region if vpc_zone_identifier is not set.
replace_batch_size: ${17:1} # not required. Number of instances you'd like to replace at a time. Used with replace_all_instances.
vpc_zone_identifier: ${18:None} # not required. List of VPC subnets to use
replace_all_instances: ${19:false} # not required. In a rolling fashion, replace all instances with an old launch configuration with one from the current launch configuration.
validate_certs: ${20:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${21:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
suspend_processes: ${22|Launch,Terminate,HealthCheck,ReplaceUnhealthy,AZRebalance,AlarmNotification,ScheduledActions,AddToLoadBalancer|} # not required. choices: Launch;Terminate;HealthCheck;ReplaceUnhealthy;AZRebalance;AlarmNotification;ScheduledActions;AddToLoadBalancer. A list of scaling processes to suspend.
termination_policies: ${23|OldestInstance,NewestInstance,OldestLaunchConfiguration,ClosestToNextInstanceHour,Default|} # not required. choices: OldestInstance;NewestInstance;OldestLaunchConfiguration;ClosestToNextInstanceHour;Default. An ordered list of criteria used for selecting instances to be removed from the Auto Scaling group when reducing capacity.,For 'Default', when used to create a new autoscaling group, the \"Default\"i value is used. When used to change an existent autoscaling group, the current termination policies are maintained.
replace_instances: ${24:None} # not required. List of instance_ids belonging to the named ASG that you would like to terminate and be replaced with instances matching the current launch configuration.
desired_capacity: ${25:undefined} # not required. Desired number of instances in group, if unspecified then the current group value will be used.
state: ${26|present,absent|} # not required. choices: present;absent. register or deregister the instance
health_check_type: ${27|EC2,ELB|} # not required. choices: EC2;ELB. The service you want the health status from, Amazon EC2 or Elastic Load Balancer.
max_size: ${28:undefined} # not required. Maximum number of instances in group, if unspecified then the current group value will be used.
placement_group: ${29:None} # not required. Physical location of your cluster placement group created in Amazon EC2.
notification_topic: ${30:None} # not required. A SNS topic ARN to send auto scaling notifications to.
notification_types: ${31:autoscaling:EC2_INSTANCE_LAUNCH,autoscaling:EC2_INSTANCE_LAUNCH_ERROR,autoscaling:EC2_INSTANCE_TERMINATE,autoscaling:EC2_INSTANCE_TERMINATE_ERROR} # not required. A list of auto scaling events to trigger notifications on.
wait_for_instances: ${32:true} # not required. Wait for the ASG instances to be in a ready state before exiting. If instances are behind an ELB, it will wait until the ELB determines all instances have a lifecycle_state of \"InService\" and a health_status of \"Healthy\".
"""
'ec2_asg_facts':
'prefix': "ec2_asg_facts_snippet"
'description': "Gather facts about ec2 Auto Scaling Groups (ASGs) in AWS"
'body': """
ec2_asg_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:undefined} # not required. The prefix or name of the auto scaling group(s) you are searching for.,Note: This is a regular expression match with implicit '^' (beginning of string). Append '$' for a complete name match.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:undefined} # not required. A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the auto scaling group(s) you are searching for.\n
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_asg_lifecycle_hook':
'prefix': "ec2_asg_lifecycle_hook_snippet"
'description': "Create, delete or update AWS ASG Lifecycle Hooks."
'body': """
ec2_asg_lifecycle_hook:
lifecycle_hook_name: ${1:undefined} # required. The name of the lifecycle hook.
autoscaling_group_name: ${2:undefined} # required. The name of the Auto Scaling group to which you want to assign the lifecycle hook.
transition: ${3|autoscaling:EC2_INSTANCE_TERMINATING,autoscaling:EC2_INSTANCE_LAUNCHING|} # required. choices: autoscaling:EC2_INSTANCE_TERMINATING;autoscaling:EC2_INSTANCE_LAUNCHING. The instance state to which you want to attach the lifecycle hook.
aws_secret_key: ${4:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${6:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
role_arn: ${7:undefined} # not required. The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
heartbeat_timeout: ${11:3600 (1 hour)} # not required. The amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the default action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat.
state: ${12|present,absent|} # not required. choices: present;absent. Create or delete Lifecycle Hook. Present updates existing one or creates if not found.
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
notification_target_arn: ${14:undefined} # not required. The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook. This target can be either an SQS queue or an SNS topic. If you specify an empty string, this overrides the current ARN.
default_result: ${15|ABANDON,CONTINUE|} # not required. choices: ABANDON;CONTINUE. Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs. This parameter can be either CONTINUE or ABANDON.
notification_meta_data: ${16:undefined} # not required. Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.
"""
'ec2_customer_gateway':
'prefix': "ec2_customer_gateway_snippet"
'description': "Manage an AWS customer gateway"
'body': """
ec2_customer_gateway:
name: ${1:undefined} # required. Name of the customer gateway.
ip_address: ${2:undefined} # required. Internet-routable IP address for customers gateway, must be a static address.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${7:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
state: ${10|present,absent|} # not required. choices: present;absent. Create or terminate the Customer Gateway.
routing: ${11|static,dynamic|} # not required. choices: static;dynamic. The type of routing.
bgp_asn: ${12:null} # not required. Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
"""
'ec2_customer_gateway_facts':
'prefix': "ec2_customer_gateway_facts_snippet"
'description': "Gather facts about customer gateways in AWS"
'body': """
ec2_customer_gateway_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
customer_gateway_ids: ${5:None} # not required. Get details of a specific customer gateways using customer gateway ID/IDs. This value should be provided as a list.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${7:None} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html) for possible filters.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_eip':
'prefix': "ec2_eip_snippet"
'description': "manages EC2 elastic IP (EIP) addresses."
'body': """
ec2_eip:
release_on_disassociation: ${1:false} # not required. whether or not to automatically release the EIP when it is disassociated
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
reuse_existing_ip_allowed: ${5:false} # not required. Reuse an EIP that is not associated to a device (when available), instead of allocating a new one.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
allow_reassociation: ${7:false} # not required. Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface.
public_ip: ${8:undefined} # not required. The IP address of a previously allocated EIP.,If present and device is specified, the EIP is associated with the device.,If absent and device is specified, the EIP is disassociated from the device.
state: ${9|present,absent|} # not required. choices: present;absent. If present, allocate an EIP or associate an existing EIP with a device.,If absent, disassociate the EIP from the device and optionally release it.
in_vpc: ${10:false} # not required. Allocate an EIP inside a VPC or not. Required if specifying an ENI.
profile: ${11:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
private_ip_address: ${13:None} # not required. The primary or secondary private IP address to associate with the Elastic IP address.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
device_id: ${15:undefined} # not required. The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id.
"""
'ec2_elb':
'prefix': "ec2_elb_snippet"
'description': "De-registers or registers instances from EC2 ELBs"
'body': """
ec2_elb:
instance_id: ${1:undefined} # required. EC2 Instance ID
state: ${2|present,absent|} # required. choices: present;absent. register or deregister the instance
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
wait_timeout: ${4:0} # not required. Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
wait: ${6|yes,no|} # not required. choices: yes;no. Wait for instance registration or deregistration to complete successfully before returning.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_elbs: ${11:None} # not required. List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
validate_certs: ${12|yes,no|} # not required. choices: yes;no. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
enable_availability_zone: ${13|yes,no|} # not required. choices: yes;no. Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
"""
'ec2_elb_facts':
'prefix': "ec2_elb_facts_snippet"
'description': "Gather facts about EC2 Elastic Load Balancers in AWS"
'body': """
ec2_elb_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
names: ${6:null} # not required. List of ELB names to gather facts about. Pass this option to gather facts about a set of ELBs, otherwise, all ELBs are returned.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_elb_lb':
'prefix': "ec2_elb_lb_snippet"
'description': "Creates or destroys Amazon ELB."
'body': """
ec2_elb_lb:
name: ${1:undefined} # required. The name of the ELB
state: ${2|present,absent|} # required. choices: present;absent. Create or destroy the ELB
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
subnets: ${4:None} # not required. A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
health_check: ${5:None} # not required. An associative array of health check configuration settings (see example)
tags: ${6:undefined} # not required. An associative array of tags. To delete all tags, supply an empty dict.
purge_subnets: ${7:false} # not required. Purge existing subnet on ELB that are not found in subnets
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
instance_ids: ${9:false} # not required. List of instance ids to attach to this ELB
zones: ${10:undefined} # not required. List of availability zones to enable on this ELB
idle_timeout: ${11:undefined} # not required. ELB connections from clients and to servers are timed out after this amount of time
wait_timeout: ${12:60} # not required. Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
cross_az_load_balancing: ${14|yes,no|} # not required. choices: yes;no. Distribute load across all configured Availability Zones
security_group_ids: ${15:None} # not required. A list of security groups to apply to the elb
purge_zones: ${16:false} # not required. Purge existing availability zones on ELB that are not found in zones
wait: ${17|yes,no|} # not required. choices: yes;no. When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
aws_secret_key: ${18:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
purge_instance_ids: ${19:false} # not required. Purge existing instance ids on ELB that are not found in instance_ids
connection_draining_timeout: ${20:undefined} # not required. Wait a specified timeout allowing connections to drain before terminating an instance
security_token: ${21:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${22:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
listeners: ${23:undefined} # not required. List of ports/protocols for this ELB to listen on (see example)
access_logs: ${24:None} # not required. An associative array of access logs configuration settings (see example)
security_group_names: ${25:None} # not required. A list of security group names to apply to the elb
purge_listeners: ${26:true} # not required. Purge existing listeners on ELB that are not found in listeners
scheme: ${27|internal,internet-facing|} # not required. choices: internal;internet-facing. The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
validate_certs: ${28|yes,no|} # not required. choices: yes;no. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
stickiness: ${29:undefined} # not required. An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
"""
'ec2_eni':
'prefix': "ec2_eni_snippet"
'description': "Create and optionally attach an Elastic Network Interface (ENI) to an instance"
'body': """
ec2_eni:
ec2_url: ${1:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
security_groups: ${2:null} # not required. List of security groups associated with the interface. Only used when state=present. Since version 2.2, you can specify security groups by ID or by name or a combination of both. Prior to 2.2, you can specify only by ID.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
secondary_private_ip_addresses: ${4:undefined} # not required. A list of IP addresses to assign as secondary IP addresses to the network interface. This option is mutually exclusive of secondary_private_ip_address_count
subnet_id: ${5:undefined} # not required. ID of subnet in which to create the ENI.
device_index: ${6:0} # not required. The index of the device for the network interface attachment on the instance.
state: ${7|present,absent|} # not required. choices: present;absent. Create or delete ENI
source_dest_check: ${8:undefined} # not required. By default, interfaces perform source/destination checks. NAT instances however need this check to be disabled. You can only specify this flag when the interface is being modified, not on creation.
eni_id: ${9:null} # not required. The ID of the ENI (to modify); if null and state is present, a new eni will be created.
delete_on_termination: ${10:undefined} # not required. Delete the interface when the instance it is attached to is terminated. You can only specify this flag when the interface is being modified, not on creation.
profile: ${11:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
description: ${12:null} # not required. Optional description of the ENI.
purge_secondary_private_ip_addresses: ${13:false} # not required. To be used with I(secondary_private_ip_addresses) to determine whether or not to remove any secondary IP addresses other than those specified. Set secondary_private_ip_addresses to an empty list to purge all secondary addresses.
aws_access_key: ${14:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${15:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${16:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
attached: ${17:true} # not required. Specifies if network interface should be attached or detached from instance. If ommited, attachment status won't change
force_detach: ${18:false} # not required. Force detachment of the interface. This applies either when explicitly detaching the interface by setting instance_id to None or when deleting an interface with state=absent.
instance_id: ${19:null} # not required. Instance ID that you wish to attach ENI to. Since version 2.2, use the 'attached' parameter to attach or detach an ENI. Prior to 2.2, to detach an ENI from an instance, use 'None'.
private_ip_address: ${20:null} # not required. Private IP address.
secondary_private_ip_address_count: ${21:undefined} # not required. The number of secondary IP addresses to assign to the network interface. This option is mutually exclusive of secondary_private_ip_addresses
validate_certs: ${22:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_eni_facts':
'prefix': "ec2_eni_facts_snippet"
'description': "Gather facts about ec2 ENI interfaces in AWS"
'body': """
ec2_eni_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:null} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html) for possible filters.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_metadata_facts':
'prefix': "ec2_metadata_facts_snippet"
'description': "Gathers facts (instance metadata) about remote hosts within ec2"
'body': """
ec2_metadata_facts:
url_password: ${1:undefined} # not required. The password for use in HTTP basic authentication.,If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
force: ${2:false} # not required. If C(yes) do not get a cached copy.
use_proxy: ${3:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url: ${4:undefined} # not required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
force_basic_auth: ${5:false} # not required. Credentials specified with I(url_username) and I(url_password) should be passed in HTTP Header.
http_agent: ${6:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
url_username: ${7:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without I(url_password) for sites that allow empty passwords
validate_certs: ${8:true} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
client_cert: ${9:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
client_key: ${10:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
"""
'ec2_group':
'prefix': "ec2_group_snippet"
'description': "maintain an ec2 VPC security group."
'body': """
ec2_group:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
rules_egress: ${2:undefined} # not required. List of firewall outbound rules to enforce in this group (see example). If none are supplied, a default all-out rule is assumed. If an empty list is supplied, no outbound rules will be enabled. Rule Egress sources list support was added in version 2.4. In version 2.5 support for rule descriptions was added.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:undefined} # not required. Name of the security group.,One of and only one of I(name) or I(group_id) is required.,Required if I(state=present).
purge_rules: ${5:true} # not required. Purge existing rules on security group that are not found in rules
tags: ${6:undefined} # not required. A dictionary of one or more tags to assign to the security group.
rules: ${7:undefined} # not required. List of firewall inbound rules to enforce in this group (see example). If none are supplied, no inbound rules will be enabled. Rules list may include its own name in `group_name`. This allows idempotent loopback additions (e.g. allow group to access itself). Rule sources list support was added in version 2.4. This allows to define multiple sources per source type as well as multiple source types per rule. Prior to 2.4 an individual source is allowed. In version 2.5 support for rule descriptions was added.
purge_tags: ${8|yes,no|} # not required. choices: yes;no. If yes, existing tags will be purged from the resource to match exactly what is defined by I(tags) parameter. If the I(tags) parameter is not set then tags will not be modified.
description: ${9:undefined} # not required. Description of the security group. Required when C(state) is C(present).
state: ${10|present,absent|} # not required. choices: present;absent. Create or delete a security group
profile: ${11:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
vpc_id: ${13:undefined} # not required. ID of the VPC to create the group in.
security_token: ${14:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
group_id: ${15:undefined} # not required. Id of group to delete (works only with absent).,One of and only one of I(name) or I(group_id) is required.
validate_certs: ${16:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${17:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
purge_rules_egress: ${18:true} # not required. Purge existing rules_egress on security group that are not found in rules_egress
"""
'ec2_group_facts':
'prefix': "ec2_group_facts_snippet"
'description': "Gather facts about ec2 security groups in AWS."
'body': """
ec2_group_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:[object Object]} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) for possible filters. Filter names and values are case sensitive. You can also use underscores (_) instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_instance':
'prefix': "ec2_instance_snippet"
'description': "Create & manage EC2 instances"
'body': """
ec2_instance:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
availability_zone: ${2:undefined} # not required. Specify an availability zone to use the default subnet it. Useful if not specifying the I(vpc_subnet_id) parameter.,If no subnet, ENI, or availability zone is provided, the default subnet in the default VPC will be used in the first AZ (alphabetically sorted).
purge_tags: ${3:false} # not required. Delete any tags not specified in the task that are on the instance. This means you have to specify all the desired tags on each task affecting an instance.
image: ${4:undefined} # not required. An image to use for the instance. The ec2_ami_facts module may be used to retrieve images. One of I(image) or I(image_id) are required when instance is not already present.,Complex object containing I(image.id), I(image.ramdisk), and I(image.kernel).,I(image.id) is the AMI ID.,I(image.ramdisk) overrides the AMI's default ramdisk ID.,I(image.kernel) is a string AKI to override the AMI kernel.
vpc_subnet_id: ${5:undefined} # not required. The subnet ID in which to launch the instance (VPC) If none is provided, ec2_instance will chose the default zone of the default VPC
user_data: ${6:undefined} # not required. Opaque blob of data which is made available to the ec2 instance
instance_ids: ${7:undefined} # not required. If you specify one or more instance IDs, only instances that have the specified IDs are returned.
tower_callback: ${8:undefined} # not required. Preconfigured user-data to enable an instance to perform a Tower callback.,Requires parameters I(tower_callback.tower_address), I(tower_callback.job_template_id), and I(tower_callback.host_config_key).,Mutually exclusive with I(user_data).,For Windows instances, to enable remote access via Ansible set I(tower_callback.windows) to true, and optionally set an admin password.,If using 'windows' and 'set_password', callback to Tower will not be performed but the instance will be ready to receive winrm connections from Ansible.
image_id: ${9:undefined} # not required. I(ami) ID to use for the instance. One of I(image) or I(image_id) are required when instance is not already present.,This is an alias for I(image.id).
termination_protection: ${10:undefined} # not required. Whether to enable termination protection. This module will not terminate an instance with termination protection active, it must be turned off first.
tenancy: ${11|dedicated,default|} # not required. choices: dedicated;default. What type of tenancy to allow an instance to use. Default is shared tenancy. Dedicated tenancy will incur additional charges.
launch_template: ${12:undefined} # not required. The EC2 launch template to base instance configuration on.,I(launch_template.id) the ID or the launch template (optional if name is specified),I(launch_template.name) the pretty name of the launch template (optional if id is specified),I(launch_template.version) the specific version of the launch template to use. If unspecified, the template default is chosen.
filters: ${13:[object Object]} # not required. A dict of filters to apply when deciding whether existing instances match and should be altered. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) for possible filters. Filter names and values are case sensitive. By default, instances are filtered for counting by their \"Name\" tag, base AMI, state (running, by default), and subnet ID. Any queryable filter can be used. Good candidates are specific tags, SSH keys, or security groups.
ec2_url: ${14:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
security_groups: ${15:undefined} # not required. A list of security group IDs or names (strings). Mutually exclusive with I(security_group).
wait: ${16:true} # not required. Whether or not to wait for the desired state (use wait_timeout to customize this)
aws_secret_key: ${17:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
instance_role: ${18:undefined} # not required. The ARN or name of an EC2-enabled instance role to be used. If a name is not provided in arn format then the ListInstanceProfiles permission must also be granted. U(https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html) If no full ARN is provided, the role with a matching name will be used from the active AWS account.
aws_access_key: ${19:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
network: ${20:undefined} # not required. Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface.,If specifications for a single network are given, accepted keys are assign_public_ip (bool), private_ip_address (str), ipv6_addresses (list), source_dest_check (bool), description (str), delete_on_termination (bool), device_index (int), groups (list of security group IDs), private_ip_addresses (list), subnet_id (str).,I(network.interfaces) should be a list of ENI IDs (strings) or a list of objects containing the key I(id).,Use the ec2_eni to create ENIs with special settings.
security_token: ${21:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
wait_timeout: ${22:600} # not required. How long to wait (in seconds) for the instance to finish booting/terminating
ebs_optimized: ${23:undefined} # not required. Whether instance is should use optimized EBS volumes, see U(http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html)
cpu_credit_specification: ${24|unlimited,standard|} # not required. choices: unlimited;standard. For T2 series instances, choose whether to allow increased charges to buy CPU credits if the default pool is depleted.,Choose I(unlimited) to enable buying additional CPU credits.
instance_initiated_shutdown_behavior: ${25|stop,terminate|} # not required. choices: stop;terminate. Whether to stop or terminate an instance upon shutdown.
name: ${26:undefined} # not required. The Name tag for the instance.
instance_type: ${27:t2.micro} # not required. Instance type to use for the instance, see U(http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) Only required when instance is not already present
state: ${28|present,terminated,running,started,stopped,restarted,rebooted,absent|} # not required. choices: present;terminated;running;started;stopped;restarted;rebooted;absent. Goal state for the instances
tags: ${29:undefined} # not required. A hash/dictionary of tags to add to the new instance or to add/remove from an existing one.
volumes: ${30:undefined} # not required. A list of block device mappings, by default this will always use the AMI root device so the volumes option is primarily for adding more storage.,A mapping contains the (optional) keys device_name, virtual_name, ebs.device_type, ebs.device_size, ebs.kms_key_id, ebs.iops, and ebs.delete_on_termination.,For more information about each parameter, see U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html)
key_name: ${31:undefined} # not required. Name of the SSH access key to assign to the instance - must exist in the region the instance is created.
security_group: ${32:undefined} # not required. A security group ID or name. Mutually exclusive with I(security_groups).
validate_certs: ${33:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${34:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
detailed_monitoring: ${35:undefined} # not required. Whether to allow detailed cloudwatch metrics to be collected, enabling more detailed alerting.
"""
'ec2_instance_facts':
'prefix': "ec2_instance_facts_snippet"
'description': "Gather facts about ec2 instances in AWS"
'body': """
ec2_instance_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
instance_ids: ${6:undefined} # not required. If you specify one or more instance IDs, only instances that have the specified IDs are returned.
filters: ${7:[object Object]} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) for possible filters. Filter names and values are case sensitive.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_key':
'prefix': "ec2_key_snippet"
'description': "create or delete an ec2 key pair"
'body': """
ec2_key:
name: ${1:undefined} # required. Name of the key pair.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
force: ${3:true} # not required. Force overwrite of already existing key pair if key has changed.
wait_timeout: ${4:300} # not required. How long before wait gives up, in seconds. This option has no effect since version 2.5.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
wait: ${6:false} # not required. Wait for the specified action to complete before returning. This option has no effect since version 2.5.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
key_material: ${11:undefined} # not required. Public key material.
state: ${12|present,absent|} # not required. choices: present;absent. create or delete keypair
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_lc':
'prefix': "ec2_lc_snippet"
'description': "Create or delete AWS Autoscaling Launch Configurations"
'body': """
ec2_lc:
name: ${1:undefined} # required. Unique name for configuration
instance_type: ${2:null} # required. Instance type to use for the instance
state: ${3|present,absent|} # required. choices: present;absent. Register or deregister the instance
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
kernel_id: ${6:undefined} # not required. Kernel id for the EC2 instance
key_name: ${7:undefined} # not required. The SSH key name to be used for access to managed instances
ramdisk_id: ${8:undefined} # not required. A RAM disk id for the instances.
user_data: ${9:undefined} # not required. Opaque blob of data which is made available to the ec2 instance. Mutually exclusive with I(user_data_path).
image_id: ${10:undefined} # not required. The AMI unique identifier to be used for the group
assign_public_ip: ${11:undefined} # not required. Used for Auto Scaling groups that launch instances into an Amazon Virtual Private Cloud. Specifies whether to assign a public IP address to each instance launched in a Amazon VPC.
instance_monitoring: ${12:false} # not required. Specifies whether instances are launched with detailed monitoring.
classic_link_vpc_id: ${13:undefined} # not required. Id of ClassicLink enabled VPC
security_groups: ${14:undefined} # not required. A list of security groups to apply to the instances. Since version 2.4 you can specify either security group names or IDs or a mix. Previous to 2.4, for VPC instances, specify security group IDs and for EC2-Classic, specify either security group names or IDs.
classic_link_vpc_security_groups: ${15:undefined} # not required. A list of security group IDs with which to associate the ClassicLink VPC instances.
aws_secret_key: ${16:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${17:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
spot_price: ${18:undefined} # not required. The spot price you are bidding. Only applies for an autoscaling group with spot instances.
instance_profile_name: ${19:undefined} # not required. The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instances.
user_data_path: ${20:undefined} # not required. Path to the file that contains userdata for the ec2 instances. Mutually exclusive with I(user_data).
region: ${21:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ebs_optimized: ${22:false} # not required. Specifies whether the instance is optimized for EBS I/O (true) or not (false).
ec2_url: ${23:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
instance_id: ${24:undefined} # not required. The Id of a running instance to use as a basis for a launch configuration. Can be used in place of image_id and instance_type.
volumes: ${25:undefined} # not required. A list of volume dicts, each containing device name and optionally ephemeral id or snapshot id. Size and type (and number of iops for io device type) must be specified for a new volume or a root volume, and may be passed for a snapshot volume. For any volume, a volume size less than 1 will be interpreted as a request not to create the volume.
vpc_id: ${26:undefined} # not required. VPC ID, used when resolving security group names to IDs.
validate_certs: ${27:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
placement_tenancy: ${28:default} # not required. Determines whether the instance runs on single-tenant harware or not.
"""
'ec2_lc_facts':
'prefix': "ec2_lc_facts_snippet"
'description': "Gather facts about AWS Autoscaling Launch Configurations"
'body': """
ec2_lc_facts:
sort: ${1|launch_configuration_name,image_id,created_time,instance_type,kernel_id,ramdisk_id,key_name|} # not required. choices: launch_configuration_name;image_id;created_time;instance_type;kernel_id;ramdisk_id;key_name. Optional attribute which with to sort the results.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
sort_end: ${3:null} # not required. Which result to end with (when sorting).,Corresponds to Python slice notation.
name: ${4:} # not required. A name or a list of name to match.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
sort_start: ${8:null} # not required. Which result to start with (when sorting).,Corresponds to Python slice notation.
sort_order: ${9|ascending,descending|} # not required. choices: ascending;descending. Order in which to sort results.,Only used when the 'sort' parameter is specified.
profile: ${10:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${12:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_lc_find':
'prefix': "ec2_lc_find_snippet"
'description': "Find AWS Autoscaling Launch Configurations"
'body': """
ec2_lc_find:
region: ${1:undefined} # required. The AWS region to use.
name_regex: ${2:undefined} # required. A Launch Configuration to match,It'll be compiled as regex
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
sort_order: ${7|ascending,descending|} # not required. choices: ascending;descending. Order in which to sort results.
limit: ${8:null} # not required. How many results to show.,Corresponds to Python slice notation like list[:limit].
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_metric_alarm':
'prefix': "ec2_metric_alarm_snippet"
'description': "Create/update or delete AWS Cloudwatch 'metric alarms'"
'body': """
ec2_metric_alarm:
state: ${1|present,absent|} # required. choices: present;absent. register or deregister the alarm
name: ${2:undefined} # required. Unique name for the alarm
metric: ${3:undefined} # not required. Name of the monitored metric (e.g. CPUUtilization),Metric must already exist
statistic: ${4|SampleCount,Average,Sum,Minimum,Maximum|} # not required. choices: SampleCount;Average;Sum;Minimum;Maximum. Operation applied to the metric,Works in conjunction with period and evaluation_periods to determine the comparison value
period: ${5:undefined} # not required. The time (in seconds) between metric evaluations
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
threshold: ${7:undefined} # not required. Sets the min/max bound for triggering the alarm
unit: ${8|Seconds,Microseconds,Milliseconds,Bytes,Kilobytes,Megabytes,Gigabytes,Terabytes,Bits,Kilobits,Megabits,Gigabits,Terabits,Percent,Count,Bytes/Second,Kilobytes/Second,Megabytes/Second,Gigabytes/Second,Terabytes/Second,Bits/Second,Kilobits/Second,Megabits/Second,Gigabits/Second,Terabits/Second,Count/Second,None|} # not required. choices: Seconds;Microseconds;Milliseconds;Bytes;Kilobytes;Megabytes;Gigabytes;Terabytes;Bits;Kilobits;Megabits;Gigabits;Terabits;Percent;Count;Bytes/Second;Kilobytes/Second;Megabytes/Second;Gigabytes/Second;Terabytes/Second;Bits/Second;Kilobits/Second;Megabits/Second;Gigabits/Second;Terabits/Second;Count/Second;None. The threshold's unit of measurement
aws_secret_key: ${9:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
dimensions: ${10:undefined} # not required. Describes to what the alarm is applied
namespace: ${11:undefined} # not required. Name of the appropriate namespace ('AWS/EC2', 'System/Linux', etc.), which determines the category it will appear under in cloudwatch
insufficient_data_actions: ${12:undefined} # not required. A list of the names of action(s) to take when the alarm is in the 'insufficient_data' status
profile: ${13:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ok_actions: ${14:undefined} # not required. A list of the names of action(s) to take when the alarm is in the 'ok' status
description: ${15:undefined} # not required. A longer description of the alarm
evaluation_periods: ${16:undefined} # not required. The number of times in which the metric is evaluated before final calculation
aws_access_key: ${17:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
comparison: ${18|<=,<,>,>=|} # not required. choices: <=;<;>;>=. Determines how the threshold value is compared
alarm_actions: ${19:undefined} # not required. A list of the names action(s) taken when the alarm is in the 'alarm' status
security_token: ${20:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${21:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
validate_certs: ${22:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_placement_group':
'prefix': "ec2_placement_group_snippet"
'description': "Create or delete an EC2 Placement Group"
'body': """
ec2_placement_group:
name: ${1:undefined} # required. The name for the placement group.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
strategy: ${7|cluster,spread|} # not required. choices: cluster;spread. Placement group strategy. Cluster will cluster instances into a low-latency group in a single Availability Zone, while Spread spreads instances across underlying hardware.
state: ${8|present,absent|} # not required. choices: present;absent. Create or delete placement group.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_placement_group_facts':
'prefix': "ec2_placement_group_facts_snippet"
'description': "List EC2 Placement Group(s) details"
'body': """
ec2_placement_group_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
names: ${6:} # not required. A list of names to filter on. If a listed group does not exist, there will be no corresponding entry in the result; no error will be raised.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_remote_facts':
'prefix': "ec2_remote_facts_snippet"
'description': "Gather facts about ec2 instances in AWS"
'body': """
ec2_remote_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:null} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) for possible filters.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_scaling_policy':
'prefix': "ec2_scaling_policy_snippet"
'description': "Create or delete AWS scaling policies for Autoscaling groups"
'body': """
ec2_scaling_policy:
name: ${1:undefined} # required. Unique name for the scaling policy
asg_name: ${2:undefined} # required. Name of the associated autoscaling group
state: ${3|present,absent|} # required. choices: present;absent. register or deregister the policy
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
adjustment_type: ${5|ChangeInCapacity,ExactCapacity,PercentChangeInCapacity|} # not required. choices: ChangeInCapacity;ExactCapacity;PercentChangeInCapacity. The type of change in capacity of the autoscaling group
min_adjustment_step: ${6:undefined} # not required. Minimum amount of adjustment when policy is triggered
scaling_adjustment: ${7:undefined} # not required. The amount by which the autoscaling group is adjusted by the policy
cooldown: ${8:undefined} # not required. The minimum period of time between which autoscaling actions can take place
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${10:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${11:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${12:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${13:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_snapshot':
'prefix': "ec2_snapshot_snippet"
'description': "creates a snapshot from an existing volume"
'body': """
ec2_snapshot:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
description: ${4:undefined} # not required. description to be applied to the snapshot
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
snapshot_tags: ${6:undefined} # not required. a hash/dictionary of tags to add to the snapshot
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
volume_id: ${8:undefined} # not required. volume from which to take the snapshot
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
device_name: ${10:undefined} # not required. device name of a mounted volume to be snapshotted
instance_id: ${11:undefined} # not required. instance that has the required volume to snapshot mounted
state: ${12|absent,present|} # not required. choices: absent;present. whether to add or create a snapshot
wait_timeout: ${13:0} # not required. how long before wait gives up, in seconds,specify 0 to wait forever
snapshot_id: ${14:undefined} # not required. snapshot id to remove
last_snapshot_min_age: ${15:0} # not required. If the volume's most recent snapshot has started less than `last_snapshot_min_age' minutes ago, a new snapshot will not be created.
validate_certs: ${16:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
wait: ${17|yes,no|} # not required. choices: yes;no. wait for the snapshot to be ready
"""
'ec2_snapshot_copy':
'prefix': "ec2_snapshot_copy_snippet"
'description': "copies an EC2 snapshot and returns the new Snapshot ID."
'body': """
ec2_snapshot_copy:
source_snapshot_id: ${1:undefined} # required. The ID of the Snapshot in source region that should be copied.
source_region: ${2:undefined} # required. The source region the Snapshot should be copied from.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
description: ${4:null} # not required. An optional human-readable string describing purpose of the new Snapshot.
tags: ${5:null} # not required. A hash/dictionary of tags to add to the new Snapshot; '{\"key\":\"value\"}' and '{\"key\":\"value\",\"key\":\"value\"}"
encrypted: ${6:false} # not required. Whether or not the destination Snapshot should be encrypted.
kms_key_id: ${7:null} # not required. KMS key id used to encrypt snapshot. If not specified, defaults to EBS Customer Master Key (CMK) for that account.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
wait: ${9|yes,no|} # not required. choices: yes;no. Wait for the copied Snapshot to be in 'Available' state before returning.
aws_secret_key: ${10:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${11:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${12:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${13:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_snapshot_facts':
'prefix': "ec2_snapshot_facts_snippet"
'description': "Gather facts about ec2 volume snapshots in AWS"
'body': """
ec2_snapshot_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
snapshot_ids: ${6:} # not required. If you specify one or more snapshot IDs, only snapshots that have the specified IDs are returned.
filters: ${7:[object Object]} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSnapshots.html) for possible filters. Filter names and values are case sensitive.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
restorable_by_user_ids: ${9:} # not required. If you specify a list of restorable users, only snapshots with create snapshot permissions for those users are returned.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
owner_ids: ${11:} # not required. If you specify one or more snapshot owners, only snapshots from the specified owners and for which you have access are returned.
"""
'ec2_tag':
'prefix': "ec2_tag_snippet"
'description': "create and remove tag(s) to ec2 resources."
'body': """
ec2_tag:
resource: ${1:null} # required. The EC2 resource id.
tags: ${2:null} # required. a hash/dictionary of tags to add to the resource; '{\"key\":\"value\"}' and '{\"key\":\"value\",\"key\":\"value\"}"
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${8|present,absent,list|} # not required. choices: present;absent;list. Whether the tags should be present or absent on the resource. Use list to interrogate the tags of an instance.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vol':
'prefix': "ec2_vol_snippet"
'description': "create and attach a volume, return volume id and device map"
'body': """
ec2_vol:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:null} # not required. volume Name tag if you wish to attach an existing volume (requires instance)
zone: ${5:null} # not required. zone in which to create the volume, if unset uses the zone the instance is in (if set)
instance: ${6:null} # not required. instance ID if you wish to attach the volume. Since 1.9 you can set to None to detach.
encrypted: ${7:false} # not required. Enable encryption at rest for this volume.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
kms_key_id: ${9:null} # not required. Specify the id of the KMS key to use.
volume_type: ${10:standard} # not required. Type of EBS volume; standard (magnetic), gp2 (SSD), io1 (Provisioned IOPS), st1 (Throughput Optimized HDD), sc1 (Cold HDD). \"Standard\" is the old EBS default and continues to remain the Ansible default for backwards compatibility.
device_name: ${11:null} # not required. device id to override device mapping. Assumes /dev/sdf for Linux/UNIX and /dev/xvdf for Windows.
volume_size: ${12:null} # not required. size of volume (in GB) to create.
state: ${13|absent,present,list|} # not required. choices: absent;present;list. whether to ensure the volume is present or absent, or to list existing volumes (The C(list) option was added in version 1.8).
iops: ${14:100} # not required. the provisioned IOPs you want to associate with this volume (integer).
snapshot: ${15:null} # not required. snapshot ID on which to base the volume
ec2_url: ${16:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
id: ${17:null} # not required. volume id if you wish to attach an existing volume (requires instance) or remove an existing volume
security_token: ${18:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${19|yes,no|} # not required. choices: yes;no. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
delete_on_termination: ${20|yes,no|} # not required. choices: yes;no. When set to \"yes\", the volume will be deleted upon instance termination.
tags: ${21:[object Object]} # not required. tag:value pairs to add to the volume after creation
"""
'ec2_vol_facts':
'prefix': "ec2_vol_facts_snippet"
'description': "Gather facts about ec2 volumes in AWS"
'body': """
ec2_vol_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:null} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html) for possible filters.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc':
'prefix': "ec2_vpc_snippet"
'description': "configure AWS virtual private clouds"
'body': """
ec2_vpc:
state: ${1|present,absent|} # required. choices: present;absent. Create or terminate the VPC.
resource_tags: ${2:undefined} # required. A dictionary array of resource tags of the form C({ tag1: value1, tag2: value2 }). - Tags in this list are used in conjunction with CIDR block to uniquely identify a VPC in lieu of vpc_id. Therefore, if CIDR/Tag combination does not exist, a new VPC will be created. VPC tags not on this list will be ignored. Prior to 1.7, specifying a resource tag was optional.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
subnets: ${4:null} # not required. A dictionary array of subnets to add of the form C({ cidr: ..., az: ... , resource_tags: ... }).,Where C(az) is the desired availability zone of the subnet, optional.,Tags C(resource_tags) use dictionary form C({ \"Environment\":\"Dev\", \"Tier\":\"Web\", ...}), optional.,C(resource_tags) see resource_tags for VPC below. The main difference is subnet tags not specified here will be deleted.,All VPC subnets not in this list will be removed as well.,As of 1.8, if the subnets parameter is not specified, no existing subnets will be modified."
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
route_tables: ${6:null} # not required. A dictionary array of route tables to add of the form: C({ subnets: [172.22.2.0/24, 172.22.3.0/24,], routes: [{ dest: 0.0.0.0/0, gw: igw},], resource_tags: ... }). Where the subnets list is those subnets the route table should be associated with, and the routes list is a list of routes to be in the table. The special keyword for the gw of igw specifies that you should the route should go through the internet gateway attached to the VPC. gw also accepts instance-ids, interface-ids, and vpc-peering-connection-ids in addition igw. resource_tags is optional and uses dictionary form: C({ \"Name\": \"public\", ... }). This module is currently unable to affect the \"main\" route table due to some limitations in boto, so you must explicitly define the associated subnets or they will be attached to the main table implicitly. As of 1.8, if the route_tables parameter is not specified, no existing routes will be modified.\n
dns_support: ${7|yes,no|} # not required. choices: yes;no. Toggles the \"Enable DNS resolution\" flag.
internet_gateway: ${8|yes,no|} # not required. choices: yes;no. Toggle whether there should be an Internet gateway attached to the VPC.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
vpc_id: ${11:null} # not required. A VPC id to terminate when I(state=absent).
instance_tenancy: ${12|default,dedicated|} # not required. choices: default;dedicated. The supported tenancy options for instances launched into the VPC.
wait_timeout: ${13:300} # not required. How long before wait gives up, in seconds.
profile: ${14:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
dns_hostnames: ${15|yes,no|} # not required. choices: yes;no. Toggles the \"Enable DNS hostname support for instances\" flag.
cidr_block: ${16:undefined} # not required. The cidr block representing the VPC, e.g. C(10.0.0.0/16), required when I(state=present).
validate_certs: ${17:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${18:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
wait: ${19|yes,no|} # not required. choices: yes;no. Wait for the VPC to be in state 'available' before returning.
"""
'ec2_vpc_dhcp_option':
'prefix': "ec2_vpc_dhcp_option_snippet"
'description': "Manages DHCP Options, and can ensure the DHCP options for the given VPC match what's requested"
'body': """
ec2_vpc_dhcp_option:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
dns_servers: ${4:None} # not required. A list of hosts to set the DNS servers for the VPC to. (Should be a list of IP addresses rather than host names.)
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:None} # not required. Tags to be applied to a VPC options set if a new one is created, or if the resource_id is provided. (options must match)
ntp_servers: ${7:None} # not required. List of hosts to advertise as NTP servers for the VPC.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
domain_name: ${9:None} # not required. The domain name to set in the DHCP option sets
delete_old: ${10:true} # not required. Whether to delete the old VPC DHCP option set when associating a new one. This is primarily useful for debugging/development purposes when you want to quickly roll back to the old option set. Note that this setting will be ignored, and the old DHCP option set will be preserved, if it is in use by any other VPC. (Otherwise, AWS will return an error.)
state: ${11|absent,present|} # not required. choices: absent;present. create/assign or remove the DHCP options. If state is set to absent, then a DHCP options set matched either by id, or tags and options will be removed if possible.
netbios_node_type: ${12:None} # not required. NetBIOS node type to advertise in the DHCP options. The AWS recommendation is to use 2 (when using netbios name services) http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
vpc_id: ${14:None} # not required. VPC ID to associate with the requested DHCP option set. If no vpc id is provided, and no matching option set is found then a new DHCP option set is created.
inherit_existing: ${15:false} # not required. For any DHCP options not specified in these parameters, whether to inherit them from the options set already applied to vpc_id, or to reset them to be empty.
validate_certs: ${16:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
dhcp_options_id: ${17:None} # not required. The resource_id of an existing DHCP options set. If this is specified, then it will override other settings, except tags (which will be updated to match)
netbios_name_servers: ${18:None} # not required. List of hosts to advertise as NetBIOS servers.
"""
'ec2_vpc_dhcp_option_facts':
'prefix': "ec2_vpc_dhcp_option_facts_snippet"
'description': "Gather facts about dhcp options sets in AWS"
'body': """
ec2_vpc_dhcp_option_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
dhcp_options_ids: ${6:None} # not required. Get details of specific DHCP Option ID,Provide this value as a list
filters: ${7:null} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html) for possible filters.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_egress_igw':
'prefix': "ec2_vpc_egress_igw_snippet"
'description': "Manage an AWS VPC Egress Only Internet gateway"
'body': """
ec2_vpc_egress_igw:
vpc_id: ${1:undefined} # required. The VPC ID for the VPC that this Egress Only Internet Gateway should be attached.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${7|present,absent|} # not required. choices: present;absent. Create or delete the EIGW
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_endpoint':
'prefix': "ec2_vpc_endpoint_snippet"
'description': "Create and delete AWS VPC Endpoints."
'body': """
ec2_vpc_endpoint:
policy_file: ${1:undefined} # not required. The path to the properly json formatted policy file, see U(https://github.com/ansible/ansible/issues/7005#issuecomment-42894813) on how to use it properly. Cannot be used with I(policy).,Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
service: ${5:undefined} # not required. An AWS supported vpc endpoint service. Use the ec2_vpc_endpoint_facts module to describe the supported endpoint services.,Required when creating an endpoint.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${7|present,absent|} # not required. choices: present;absent. present to ensure resource is created.,absent to remove resource
vpc_endpoint_id: ${8:undefined} # not required. One or more vpc endpoint ids to remove from the AWS account
wait_timeout: ${9:320} # not required. Used in conjunction with wait. Number of seconds to wait for status. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
profile: ${10:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
policy: ${12:undefined} # not required. A properly formatted json policy as string, see U(https://github.com/ansible/ansible/issues/7005#issuecomment-42894813). Cannot be used with I(policy_file).,Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
vpc_id: ${13:undefined} # not required. Required when creating a VPC endpoint.
client_token: ${14:undefined} # not required. Optional client token to ensure idempotency
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
route_table_ids: ${16:undefined} # not required. List of one or more route table ids to attach to the endpoint. A route is added to the route table with the destination of the endpoint if provided.
wait: ${17|yes,no|} # not required. choices: yes;no. When specified, will wait for either available status for state present. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
"""
'ec2_vpc_endpoint_facts':
'prefix': "ec2_vpc_endpoint_facts_snippet"
'description': "Retrieves AWS VPC endpoints details using AWS methods."
'body': """
ec2_vpc_endpoint_facts:
query: ${1|services,endpoints|} # required. choices: services;endpoints. Specifies the query action to take. Services returns the supported AWS services that can be specified when creating an endpoint.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
vpc_endpoint_ids: ${7:None} # not required. Get details of specific endpoint IDs,Provide this value as a list
filters: ${8:None} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html) for possible filters.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_igw':
'prefix': "ec2_vpc_igw_snippet"
'description': "Manage an AWS VPC Internet gateway"
'body': """
ec2_vpc_igw:
vpc_id: ${1:null} # required. The VPC ID for the VPC in which to manage the Internet Gateway.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:null} # not required. A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${8|present,absent|} # not required. choices: present;absent. Create or terminate the IGW
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_igw_facts':
'prefix': "ec2_vpc_igw_facts_snippet"
'description': "Gather facts about internet gateways in AWS"
'body': """
ec2_vpc_igw_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
internet_gateway_ids: ${5:None} # not required. Get details of specific Internet Gateway ID. Provide this value as a list.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${7:null} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html) for possible filters.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_nacl':
'prefix': "ec2_vpc_nacl_snippet"
'description': "create and delete Network ACLs."
'body': """
ec2_vpc_nacl:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
subnets: ${2:undefined} # not required. The list of subnets that should be associated with the network ACL.,Must be specified as a list,Each subnet can be specified as subnet ID, or its tagged name.
ingress: ${3:undefined} # not required. List of rules for incoming traffic.,Each rule must be specified as a list.
name: ${4:undefined} # not required. Tagged name identifying a network ACL.,One and only one of the I(name) or I(nacl_id) is required.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:undefined} # not required. Dictionary of tags to look for and apply when creating a network ACL.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
state: ${9|present,absent|} # not required. choices: present;absent. Creates or modifies an existing NACL,Deletes a NACL and reassociates subnets to the default NACL
egress: ${10:undefined} # not required. A list of rules for outgoing traffic.,Each rule must be specified as a list.
profile: ${11:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
vpc_id: ${13:undefined} # not required. VPC id of the requesting VPC.,Required when state present.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
nacl_id: ${15:undefined} # not required. NACL id identifying a network ACL.,One and only one of the I(name) or I(nacl_id) is required.
"""
'ec2_vpc_nacl_facts':
'prefix': "ec2_vpc_nacl_facts_snippet"
'description': "Gather facts about Network ACLs in an AWS VPC"
'body': """
ec2_vpc_nacl_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
nacl_ids: ${6:} # not required. A list of Network ACL IDs to retrieve facts about.
filters: ${7:[object Object]} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html) for possible filters. Filter names and values are case sensitive.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_nat_gateway':
'prefix': "ec2_vpc_nat_gateway_snippet"
'description': "Manage AWS VPC NAT Gateways."
'body': """
ec2_vpc_nat_gateway:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
release_eip: ${4:true} # not required. Deallocate the EIP from the VPC.,Option is only valid with the absent state.,You should use this with the wait option. Since you can not release an address while a delete operation is happening.
nat_gateway_id: ${5:None} # not required. The id AWS dynamically allocates to the NAT Gateway on creation. This is required when the absent option is present.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
allocation_id: ${7:None} # not required. The id of the elastic IP allocation. If this is not passed and the eip_address is not passed. An EIP is generated for this NAT Gateway.
subnet_id: ${8:None} # not required. The id of the subnet to create the NAT Gateway in. This is required with the present option.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
if_exist_do_not_create: ${10:false} # not required. if a NAT Gateway exists already in the subnet_id, then do not create a new one.
eip_address: ${11:undefined} # not required. The elastic IP address of the EIP you want attached to this NAT Gateway. If this is not passed and the allocation_id is not passed, an EIP is generated for this NAT Gateway.
state: ${12|present,absent|} # not required. choices: present;absent. Ensure NAT Gateway is present or absent.
wait_timeout: ${13:300} # not required. How many seconds to wait for an operation to complete before timing out.
ec2_url: ${14:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
client_token: ${15:undefined} # not required. Optional unique token to be used during create to ensure idempotency. When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail.
validate_certs: ${16:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
wait: ${17:false} # not required. Wait for operation to complete before returning.
"""
'ec2_vpc_nat_gateway_facts':
'prefix': "ec2_vpc_nat_gateway_facts_snippet"
'description': "Retrieves AWS VPC Managed Nat Gateway details using AWS methods."
'body': """
ec2_vpc_nat_gateway_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
nat_gateway_ids: ${3:None} # not required. Get details of specific nat gateway IDs
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
aws_access_key: ${6:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
filters: ${7:None} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html) for possible filters.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_net':
'prefix': "ec2_vpc_net_snippet"
'description': "Configure AWS virtual private clouds"
'body': """
ec2_vpc_net:
name: ${1:undefined} # required. The name to give your VPC. This is used in combination with C(cidr_block) to determine if a VPC already exists.
cidr_block: ${2:undefined} # required. The primary CIDR of the VPC. After 2.5 a list of CIDRs can be provided. The first in the list will be used as the primary CIDR and is used in conjunction with the C(name) to ensure idempotence.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
purge_cidrs: ${5|yes,no|} # not required. choices: yes;no. Remove CIDRs that are associated with the VPC and are not specified in C(cidr_block).
dns_support: ${6|yes,no|} # not required. choices: yes;no. Whether to enable AWS DNS support.
tags: ${7:undefined} # not required. The tags you want attached to the VPC. This is independent of the name value, note if you pass a 'Name' key it would override the Name of the VPC if it's different.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_access_key: ${10:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
multi_ok: ${11:false} # not required. By default the module will not create another VPC if there is another VPC with the same name and CIDR block. Specify this as true if you want duplicate VPCs created.
state: ${12|present,absent|} # not required. choices: present;absent. The state of the VPC. Either absent or present.
tenancy: ${13|default,dedicated|} # not required. choices: default;dedicated. Whether to be default or dedicated tenancy. This cannot be changed after the VPC has been created.
dns_hostnames: ${14|yes,no|} # not required. choices: yes;no. Whether to enable AWS hostname support.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${16:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
dhcp_opts_id: ${17:undefined} # not required. the id of the DHCP options to use for this vpc
"""
'ec2_vpc_net_facts':
'prefix': "ec2_vpc_net_facts_snippet"
'description': "Gather facts about ec2 VPCs in AWS"
'body': """
ec2_vpc_net_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
vpc_ids: ${5:undefined} # not required. A list of VPC IDs that exist in your account.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${7:undefined} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html) for possible filters.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_peer':
'prefix': "ec2_vpc_peer_snippet"
'description': "create, delete, accept, and reject VPC peering connections between two VPCs."
'body': """
ec2_vpc_peer:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
peering_id: ${2:undefined} # not required. Peering connection id.
tags: ${3:undefined} # not required. Dictionary of tags to look for and apply when creating a Peering Connection.
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
peer_vpc_id: ${5:undefined} # not required. VPC id of the accepting VPC.
peer_region: ${6:undefined} # not required. Region of the accepting VPC.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
peer_owner_id: ${11:undefined} # not required. The AWS account number for cross account peering.
state: ${12|present,absent,accept,reject|} # not required. choices: present;absent;accept;reject. Create, delete, accept, reject a peering connection.
vpc_id: ${13:undefined} # not required. VPC id of the requesting VPC.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_peering_facts':
'prefix': "ec2_vpc_peering_facts_snippet"
'description': "Retrieves AWS VPC Peering details using AWS methods."
'body': """
ec2_vpc_peering_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
peer_connection_ids: ${6:None} # not required. Get details of specific vpc peer IDs
filters: ${7:None} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html) for possible filters.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_route_table':
'prefix': "ec2_vpc_route_table_snippet"
'description': "Manage route tables for AWS virtual private clouds"
'body': """
ec2_vpc_route_table:
vpc_id: ${1:undefined} # required. VPC ID of the VPC in which to create the route table.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
subnets: ${3:undefined} # not required. An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:undefined} # not required. A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied.\n
purge_tags: ${7:false} # not required. Purge existing tags that are not found in route table
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
purge_subnets: ${9:true} # not required. Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied.
purge_routes: ${10:true} # not required. Purge existing routes that are not found in routes.
route_table_id: ${11:undefined} # not required. The ID of the route table to update or delete.
state: ${12|present,absent|} # not required. choices: present;absent. Create or destroy the VPC route table
lookup: ${13|tag,id|} # not required. choices: tag;id. Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id.
ec2_url: ${14:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
routes: ${15:None} # not required. List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states.
profile: ${16:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
validate_certs: ${17:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
propagating_vgw_ids: ${18:None} # not required. Enable route propagation from virtual gateways specified by ID.
"""
'ec2_vpc_route_table_facts':
'prefix': "ec2_vpc_route_table_facts_snippet"
'description': "Gather facts about ec2 VPC route tables in AWS"
'body': """
ec2_vpc_route_table_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:null} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html) for possible filters.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_subnet':
'prefix': "ec2_vpc_subnet_snippet"
'description': "Manage subnets in AWS virtual private clouds"
'body': """
ec2_vpc_subnet:
vpc_id: ${1:null} # required. VPC ID of the VPC in which to create or delete the subnet.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
az: ${5:null} # not required. The availability zone for the subnet.
ipv6_cidr: ${6:null} # not required. The IPv6 CIDR block for the subnet. The VPC must have a /56 block assigned and this value must be a valid IPv6 /64 that falls in the VPC range.,Required if I(assign_instances_ipv6=true)
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${8:null} # not required. A dict of tags to apply to the subnet. Any tags currently applied to the subnet and not present here will be removed.
purge_tags: ${9:true} # not required. Whether or not to remove tags that do not appear in the I(tags) list. Defaults to true.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${11|present,absent|} # not required. choices: present;absent. Create or remove the subnet
wait_timeout: ${12:300} # not required. Number of seconds to wait for subnet to become available I(wait=True).
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
map_public: ${14:false} # not required. Specify true to indicate that instances launched into the subnet should be assigned public IP address by default.
cidr: ${15:null} # not required. The CIDR block for the subnet. E.g. 192.0.2.0/24.
assign_instances_ipv6: ${16:false} # not required. Specify true to indicate that instances launched into the subnet should be automatically assigned an IPv6 address.
validate_certs: ${17:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
wait: ${18:true} # not required. When specified,I(state=present) module will wait for subnet to be in available state before continuing.
"""
'ec2_vpc_subnet_facts':
'prefix': "ec2_vpc_subnet_facts_snippet"
'description': "Gather facts about ec2 VPC subnets in AWS"
'body': """
ec2_vpc_subnet_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${6:undefined} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html) for possible filters.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
subnet_ids: ${8:undefined} # not required. A list of subnet IDs to gather facts for.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_vgw':
'prefix': "ec2_vpc_vgw_snippet"
'description': "Create and delete AWS VPN Virtual Gateways."
'body': """
ec2_vpc_vgw:
state: ${1|present,absent|} # not required. choices: present;absent. present to ensure resource is created.,absent to remove resource
wait_timeout: ${2:320} # not required. number of seconds to wait for status during vpc attach and detach
name: ${3:undefined} # not required. name of the vgw to be created or deleted
tags: ${4:null} # not required. dictionary of resource tags
vpc_id: ${5:undefined} # not required. the vpc-id of a vpc to attach or detach
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
vpn_gateway_id: ${7:undefined} # not required. vpn gateway id of an existing virtual gateway
type: ${8|ipsec.1|} # not required. choices: ipsec.1. type of the virtual gateway to be created
"""
'ec2_vpc_vgw_facts':
'prefix': "ec2_vpc_vgw_facts_snippet"
'description': "Gather facts about virtual gateways in AWS"
'body': """
ec2_vpc_vgw_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
vpn_gateway_ids: ${4:None} # not required. Get details of a specific Virtual Gateway ID. This value should be provided as a list.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
filters: ${7:None} # not required. A dict of filters to apply. Each dict item consists of a filter key and a filter value. See U(http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html) for possible filters.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ec2_vpc_vpn':
'prefix': "ec2_vpc_vpn_snippet"
'description': "Create, modify, and delete EC2 VPN connections."
'body': """
ec2_vpc_vpn:
connection_type: ${1|ipsec.1|} # not required. choices: ipsec.1. The type of VPN connection.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
customer_gateway_id: ${4:undefined} # not required. The ID of the customer gateway.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:undefined} # not required. Tags to attach to the VPN connection.
purge_tags: ${7:false} # not required. Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
tunnel_options: ${9:undefined} # not required. An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
state: ${10|present,absent|} # not required. choices: present;absent. The desired state of the VPN connection.
profile: ${11:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
validate_certs: ${12:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
purge_routes: ${13:undefined} # not required. Whether or not to delete VPN connections routes that are not specified in the task.
vpn_connection_id: ${14:undefined} # not required. The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
filters: ${15:undefined} # not required. An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
ec2_url: ${16:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
routes: ${17:undefined} # not required. Routes to add to the connection.
vpn_gateway_id: ${18:undefined} # not required. The ID of the virtual private gateway.
static_only: ${19:false} # not required. Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
"""
'ec2_win_password':
'prefix': "ec2_win_password_snippet"
'description': "gets the default administrator password for ec2 windows instances"
'body': """
ec2_win_password:
instance_id: ${1:undefined} # required. The instance id to get the password data from.
key_file: ${2:undefined} # required. Path to the file containing the key pair used on the instance.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
key_passphrase: ${8:null} # not required. The passphrase for the instance key pair. The key must use DES or 3DES encryption for this module to decrypt it. You can use openssl to convert your password protected keys if they do not use DES or 3DES. ex) C(openssl rsa -in current_key -out new_key -des3).
wait_timeout: ${9:120} # not required. Number of seconds to wait before giving up.
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
wait: ${12|yes,no|} # not required. choices: yes;no. Whether or not to wait for the password to be available before returning.
"""
'ecs_attribute':
'prefix': "ecs_attribute_snippet"
'description': "manage ecs attributes"
'body': """
ecs_attribute:
cluster: ${1:undefined} # required. The short name or full Amazon Resource Name (ARN) of the cluster that contains the resource to apply attributes.
ec2_instance_id: ${2:undefined} # required. EC2 instance ID of ECS cluster container instance.
attributes: ${3:undefined} # required. List of attributes.
aws_secret_key: ${4:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${6:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${9|present,absent|} # not required. choices: present;absent. The desired state of the attributes.
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ecs_cluster':
'prefix': "ecs_cluster_snippet"
'description': "create or terminate ecs clusters"
'body': """
ecs_cluster:
name: ${1:undefined} # required. The cluster name
state: ${2|present,absent,has_instances|} # required. choices: present;absent;has_instances. The desired state of the cluster
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
repeat: ${6:undefined} # not required. The number of times to wait for the cluster to have an instance
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
delay: ${9:undefined} # not required. Number of seconds to wait
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ecs_ecr':
'prefix': "ecs_ecr_snippet"
'description': "Manage Elastic Container Registry repositories"
'body': """
ecs_ecr:
name: ${1:undefined} # required. the name of the repository
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
delete_policy: ${3:false} # not required. if yes, remove the policy from the repository
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${5:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${6:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
force_set_policy: ${10:false} # not required. if no, prevents setting a policy that would prevent you from setting another policy in the future.
state: ${11|present,absent|} # not required. choices: present;absent. create or destroy the repository
policy: ${12:undefined} # not required. JSON or dict that represents the new policy
registry_id: ${13:undefined} # not required. AWS account id associated with the registry.,If not specified, the default registry is assumed.
"""
'ecs_service':
'prefix': "ecs_service_snippet"
'description': "create, terminate, start or stop a service in ecs"
'body': """
ecs_service:
name: ${1:undefined} # required. The name of the service
state: ${2|present,absent,deleting|} # required. choices: present;absent;deleting. The desired state of the service
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
repeat: ${6:10} # not required. The number of times to check that the service is available
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
desired_count: ${8:undefined} # not required. The count of how many instances of the service. This parameter is required when state=present
placement_constraints: ${9:undefined} # not required. The placement constraints for the tasks in the service
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
delay: ${11:10} # not required. The time to wait before checking that the service is available
cluster: ${12:undefined} # not required. The name of the cluster in which the service exists
task_definition: ${13:undefined} # not required. The task definition the service will run. This parameter is required when state=present
role: ${14:undefined} # not required. The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf. This parameter is only required if you are using a load balancer with your service.
deployment_configuration: ${15:undefined} # not required. Optional parameters that control the deployment_configuration; format is '{\"maximum_percent\":<integer>, \"minimum_healthy_percent\":<integer>}
ec2_url: ${16:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
load_balancers: ${17:undefined} # not required. The list of ELBs defined for this service
client_token: ${18:undefined} # not required. Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
validate_certs: ${19:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
placement_strategy: ${20:undefined} # not required. The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service
"""
'ecs_service_facts':
'prefix': "ecs_service_facts_snippet"
'description': "list or describe services in ecs"
'body': """
ecs_service_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
service: ${5:undefined} # not required. The service to get details for (required if details is true)
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
cluster: ${7:default} # not required. The cluster ARNS in which to list the services.
details: ${8|true,false|} # not required. choices: true;false. Set this to true if you want detailed information about the services.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'ecs_task':
'prefix': "ecs_task_snippet"
'description': "run, start or stop a task in ecs"
'body': """
ecs_task:
operation: ${1|run,start,stop|} # required. choices: run;start;stop. Which task operation to execute
count: ${2:undefined} # not required. How many new instances to start
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
task: ${5:undefined} # not required. The task to stop
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
overrides: ${7:undefined} # not required. A dictionary of values to pass to the new instances
started_by: ${8:undefined} # not required. A value showing who or what started the task (for informational purposes)
cluster: ${9:undefined} # not required. The name of the cluster to run the task on
task_definition: ${10:undefined} # not required. The task definition to start or run
container_instances: ${11:undefined} # not required. The list of container instances on which to deploy the task
profile: ${12:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${15:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
"""
'ecs_taskdefinition':
'prefix': "ecs_taskdefinition_snippet"
'description': "register a task definition in ecs"
'body': """
ecs_taskdefinition:
state: ${1|present,absent|} # required. choices: present;absent. State whether the task definition should exist or be deleted
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
family: ${6:undefined} # not required. A Name that would be given to the task definition
task_role_arn: ${7:undefined} # not required. The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
force_create: ${9:undefined} # not required. Always create new task definition
network_mode: ${10|bridge,host,none|} # not required. choices: bridge;host;none. The Docker networking mode to use for the containers in the task.
containers: ${11:undefined} # not required. A list of containers definitions
volumes: ${12:undefined} # not required. A list of names of volumes to be attached
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
arn: ${15:undefined} # not required. The arn of the task description to delete
revision: ${16:undefined} # not required. A revision number for the task definition
"""
'ecs_taskdefinition_facts':
'prefix': "ecs_taskdefinition_facts_snippet"
'description': "describe a task definition in ecs"
'body': """
ecs_taskdefinition_facts:
task_definition: ${1:undefined} # required. The name of the task definition to get details for
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'edgeos_command':
'prefix': "edgeos_command_snippet"
'description': "Run one or more commands on EdgeOS devices"
'body': """
edgeos_command:
commands: ${1:undefined} # required. The commands or ordered set of commands that should be run against the remote device. The output of the command is returned to the playbook. If the C(wait_for) argument is provided, the module is not returned until the condition is met or the number of retries is exceeded.
retries: ${2:10} # not required. Number of times a command should be tried before it is considered failed. The command is run on the target device and evaluated against the C(wait_for) conditionals.
wait_for: ${3:undefined} # not required. Causes the task to wait for a specific condition to be met before moving forward. If the condition is not met before the specified number of retries is exceeded, the task will fail.
match: ${4|any,all|} # not required. choices: any;all. Used in conjunction with C(wait_for) to create match policy. If set to C(all), then all conditions in C(wait_for) must be met. If set to C(any), then only one condition must match.
interval: ${5:1} # not required. The number of seconds to wait between C(retries) of the command.
"""
'edgeos_config':
'prefix': "edgeos_config_snippet"
'description': "Manage EdgeOS configuration on remote device"
'body': """
edgeos_config:
comment: ${1:configured by edgeos_config} # not required. Allows a commit description to be specified to be included when the configuration is committed. If the configuration is not changed or committed, this argument is ignored.
src: ${2:null} # not required. The C(src) argument specifies the path to the source config file to load. The source config file can either be in bracket format or set format. The source file can include Jinja2 template variables.
config: ${3:null} # not required. The C(config) argument specifies the base configuration to use to compare against the desired configuration. If this value is not specified, the module will automatically retrieve the current active configuration from the remote device.
lines: ${4:null} # not required. The ordered set of configuration lines to be managed and compared with the existing configuration on the remote device.
save: ${5|yes,no|} # not required. choices: yes;no. The C(save) argument controls whether or not changes made to the active configuration are saved to disk. This is independent of committing the config. When set to C(True), the active configuration is saved.
backup: ${6:no} # not required. The C(backup) argument will backup the current device's active configuration to the Ansible control host prior to making any changes. The backup file will be located in the backup folder in the playbook root directory or role root directory if the playbook is part of an ansible role. If the directory does not exist, it is created.
match: ${7|line,none|} # not required. choices: line;none. The C(match) argument controls the method used to match against the current active configuration. By default, the desired config is matched against the active config and the deltas are loaded. If the C(match) argument is set to C(none) the active configuration is ignored and the configuration is always loaded.
"""
'edgeos_facts':
'prefix': "edgeos_facts_snippet"
'description': "Collect facts from remote devices running EdgeOS"
'body': """
edgeos_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, default, config, and neighbors. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
"""
'efs':
'prefix': "efs_snippet"
'description': "create and maintain EFS file systems"
'body': """
efs:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
encrypt: ${4|yes,no|} # not required. choices: yes;no. A boolean value that, if true, creates an encrypted file system. This can not be modfied after the file system is created.
name: ${5:None} # not required. Creation Token of Amazon EFS file system. Required for create and update. Either name or ID required for delete.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${7:None} # not required. List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
purge_tags: ${8|yes,no|} # not required. choices: yes;no. If yes, existing tags will be purged from the resource to match exactly what is defined by I(tags) parameter. If the I(tags) parameter is not set then tags will not be modified.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
kms_key_id: ${10:undefined} # not required. The id of the AWS KMS CMK that will be used to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. The key id can be Key ID, Key ID ARN, Key Alias or Key Alias ARN.
id: ${11:None} # not required. ID of Amazon EFS. Either name or ID required for delete.
validate_certs: ${12:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
state: ${13|present,absent|} # not required. choices: present;absent. Allows to create, search and destroy Amazon EFS file system
wait_timeout: ${14:0} # not required. How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.
ec2_url: ${15:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
performance_mode: ${16|general_purpose,max_io|} # not required. choices: general_purpose;max_io. File system's performance mode to use. Only takes effect during creation.
targets: ${17:None} # not required. List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: - subnet_id - Mandatory. The ID of the subnet to add the mount target in. - ip_address - Optional. A valid IPv4 address within the address range of the specified subnet. - security_groups - Optional. List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified This data may be modified for existing EFS using state 'present' and new list of mount targets.
wait: ${18|yes,no|} # not required. choices: yes;no. In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
"""
'efs_facts':
'prefix': "efs_facts_snippet"
'description': "Get information about Amazon EFS file systems"
'body': """
efs_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:None} # not required. Creation Token of Amazon EFS file system.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:None} # not required. List of tags of Amazon EFS. Should be defined as dictionary
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
targets: ${8:None} # not required. list of targets on which to filter the returned results,result must match all of the specified targets, each of which can be a security group ID, a subnet ID or an IP address
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
id: ${11:None} # not required. ID of Amazon EFS.
"""
'ejabberd_user':
'prefix': "ejabberd_user_snippet"
'description': "Manages users for ejabberd servers"
'body': """
ejabberd_user:
username: ${1:undefined} # required. the name of the user to manage
host: ${2:undefined} # required. the ejabberd host associated with this username
password: ${3:undefined} # not required. the password to assign to the username
logging: ${4|true,false,yes,no|} # not required. choices: true;false;yes;no. enables or disables the local syslog facility for this module
state: ${5|present,absent|} # not required. choices: present;absent. describe the desired state of the user to be managed
"""
'elasticache':
'prefix': "elasticache_snippet"
'description': "Manage cache clusters in Amazon Elasticache."
'body': """
elasticache:
name: ${1:undefined} # required. The cache cluster identifier
state: ${2|present,absent,rebooted|} # required. choices: present;absent;rebooted. C(absent) or C(present) are idempotent actions that will create or destroy a cache cluster as needed. C(rebooted) will reboot the cluster, resulting in a momentary outage.
engine: ${3|redis,memcached|} # not required. choices: redis;memcached. Name of the cache engine to be used.
aws_secret_key: ${4:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
cache_port: ${5:None} # not required. The port number on which each of the cache nodes will accept connections
cache_parameter_group: ${6:None} # not required. The name of the cache parameter group to associate with this cache cluster. If this argument is omitted, the default cache parameter group for the specified engine will be used.
cache_engine_version: ${7:None} # not required. The version number of the cache engine
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
node_type: ${10:cache.m1.small} # not required. The compute and memory capacity of the nodes in the cache cluster
num_nodes: ${11:undefined} # not required. The initial number of cache nodes that the cache cluster will have. Required when state=present.
profile: ${12:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
zone: ${13:None} # not required. The EC2 Availability Zone in which the cache cluster will be created
cache_security_groups: ${14:None} # not required. A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc
cache_subnet_group: ${15:None} # not required. The subnet group name to associate with. Only use if inside a vpc. Required if inside a vpc
hard_modify: ${16|yes,no|} # not required. choices: yes;no. Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state
aws_access_key: ${17:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${18:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
security_group_ids: ${19:None} # not required. A list of vpc security group names to associate with this cache cluster. Only use if inside a vpc
validate_certs: ${20:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
wait: ${21|yes,no|} # not required. choices: yes;no. Wait for cache cluster result before returning
"""
'elasticache_facts':
'prefix': "elasticache_facts_snippet"
'description': "Retrieve facts for AWS Elasticache clusters"
'body': """
elasticache_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:undefined} # not required. The name of an Elasticache cluster
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'elasticache_parameter_group':
'prefix': "elasticache_parameter_group_snippet"
'description': "Manage cache security groups in Amazon Elasticache."
'body': """
elasticache_parameter_group:
name: ${1:undefined} # required. A user-specified name for the cache parameter group.
state: ${2|present,absent,reset|} # required. choices: present;absent;reset. Idempotent actions that will create/modify, destroy, or reset a cache parameter group as needed.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
group_family: ${7|memcached1.4,redis2.6,redis2.8,redis3.2|} # not required. choices: memcached1.4;redis2.6;redis2.8;redis3.2. The name of the cache parameter group family that the cache parameter group can be used with. Required when creating a cache parameter group.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
values: ${9:None} # not required. A user-specified dictionary of parameters to reset or modify for the cache parameter group.
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
description: ${12:undefined} # not required. A user-specified description for the cache parameter group.
"""
'elasticache_snapshot':
'prefix': "elasticache_snapshot_snippet"
'description': "Manage cache snapshots in Amazon Elasticache."
'body': """
elasticache_snapshot:
name: ${1:undefined} # required. The name of the snapshot we want to create, copy, delete
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
cluster_id: ${3:null} # not required. The name of an existing cache cluster in the replication group to make the snapshot.
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
target: ${5:null} # not required. The name of a snapshot copy
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
replication_id: ${8:null} # not required. The name of the existing replication group to make the snapshot.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
bucket: ${11:null} # not required. The s3 bucket to which the snapshot is exported
state: ${12|present,absent,copy|} # not required. choices: present;absent;copy. Actions that will create, destroy, or copy a snapshot.
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'elasticache_subnet_group':
'prefix': "elasticache_subnet_group_snippet"
'description': "manage Elasticache subnet groups"
'body': """
elasticache_subnet_group:
name: ${1:undefined} # required. Database subnet group identifier.
state: ${2|present,absent|} # required. choices: present;absent. Specifies whether the subnet should be present or absent.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
subnets: ${4:null} # not required. List of subnet IDs that make up the Elasticache subnet group.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
profile: ${8:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
description: ${11:null} # not required. Elasticache subnet group description. Only set when a new group is added.
"""
'elasticsearch_plugin':
'prefix': "elasticsearch_plugin_snippet"
'description': "Manage Elasticsearch plugins"
'body': """
elasticsearch_plugin:
name: ${1:undefined} # required. Name of the plugin to install. In Eleasticsearch >= 2.0, the name can be an URL or file location.
proxy_host: ${2:None} # not required. Proxy host to use during plugin installation
url: ${3:None} # not required. Set exact URL to download the plugin from (Only works for ES 1.x)
proxy_port: ${4:None} # not required. Proxy port to use during plugin installation
state: ${5|present,absent|} # not required. choices: present;absent. Desired state of a plugin.
version: ${6:None} # not required. Version of the plugin to be installed. If plugin exists with previous version, it will NOT be updated
timeout: ${7:1m} # not required. Timeout setting: 30s, 1m, 1h...,Only valid for Elasticsearch < 5.0. This option is ignored for Elasticsearch > 5.0.
plugin_dir: ${8:/usr/share/elasticsearch/plugins/} # not required. Your configured plugin directory specified in Elasticsearch
plugin_bin: ${9:None} # not required. Location of the plugin binary. If this file is not found, the default plugin binaries will be used.,The default changed in Ansible 2.4 to None.
"""
'elb_application_lb':
'prefix': "elb_application_lb_snippet"
'description': "Manage an Application load balancer"
'body': """
elb_application_lb:
state: ${1|present,absent|} # required. choices: present;absent. Create or destroy the load balancer.
name: ${2:undefined} # required. The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
subnets: ${4:undefined} # not required. A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones. Required if state=present.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
access_logs_enabled: ${6|yes,no|} # not required. choices: yes;no. Whether or not to enable access logs. When true, I(access_logs_s3_bucket) must be set.
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
access_logs_s3_bucket: ${8:undefined} # not required. The name of the S3 bucket for the access logs. This attribute is required if access logs in Amazon S3 are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permission to write to the bucket.
purge_tags: ${9|yes,no|} # not required. choices: yes;no. If yes, existing tags will be purged from the resource to match exactly what is defined by I(tags) parameter. If the I(tags) parameter is not set then tags will not be modified.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
tags: ${11:undefined} # not required. A dictionary of one or more tags to assign to the load balancer.
idle_timeout: ${12:60} # not required. The number of seconds to wait before an idle connection is closed.
profile: ${13:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
deletion_protection: ${14|yes,no|} # not required. choices: yes;no. Indicates whether deletion protection for the ELB is enabled.
purge_listeners: ${15|yes,no|} # not required. choices: yes;no. If yes, existing listeners will be purged from the ELB to match exactly what is defined by I(listeners) parameter. If the I(listeners) parameter is not set then listeners will not be modified
ec2_url: ${16:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
access_logs_s3_prefix: ${17:undefined} # not required. The prefix for the location in the S3 bucket. If you don't specify a prefix, the access logs are stored in the root of the bucket.
scheme: ${18|internet-facing,internal|} # not required. choices: internet-facing;internal. Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
validate_certs: ${19:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
listeners: ${20:undefined} # not required. A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
security_groups: ${21:} # not required. A list of the names or IDs of the security groups to assign to the load balancer. Required if state=present.
"""
'elb_application_lb_facts':
'prefix': "elb_application_lb_facts_snippet"
'description': "Gather facts about application ELBs in AWS"
'body': """
elb_application_lb_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
names: ${6:undefined} # not required. The names of the load balancers.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
load_balancer_arns: ${9:undefined} # not required. The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call.
"""
'elb_classic_lb':
'prefix': "elb_classic_lb_snippet"
'description': "Creates or destroys Amazon ELB."
'body': """
elb_classic_lb:
name: ${1:undefined} # required. The name of the ELB
state: ${2|present,absent|} # required. choices: present;absent. Create or destroy the ELB
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
subnets: ${4:None} # not required. A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
health_check: ${5:None} # not required. An associative array of health check configuration settings (see example)
tags: ${6:undefined} # not required. An associative array of tags. To delete all tags, supply an empty dict.
purge_subnets: ${7:false} # not required. Purge existing subnet on ELB that are not found in subnets
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
instance_ids: ${9:false} # not required. List of instance ids to attach to this ELB
zones: ${10:undefined} # not required. List of availability zones to enable on this ELB
idle_timeout: ${11:undefined} # not required. ELB connections from clients and to servers are timed out after this amount of time
wait_timeout: ${12:60} # not required. Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
cross_az_load_balancing: ${14|yes,no|} # not required. choices: yes;no. Distribute load across all configured Availability Zones
security_group_ids: ${15:None} # not required. A list of security groups to apply to the elb
purge_zones: ${16:false} # not required. Purge existing availability zones on ELB that are not found in zones
wait: ${17|yes,no|} # not required. choices: yes;no. When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
aws_secret_key: ${18:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
purge_instance_ids: ${19:false} # not required. Purge existing instance ids on ELB that are not found in instance_ids
connection_draining_timeout: ${20:undefined} # not required. Wait a specified timeout allowing connections to drain before terminating an instance
security_token: ${21:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${22:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
listeners: ${23:undefined} # not required. List of ports/protocols for this ELB to listen on (see example)
access_logs: ${24:None} # not required. An associative array of access logs configuration settings (see example)
security_group_names: ${25:None} # not required. A list of security group names to apply to the elb
purge_listeners: ${26:true} # not required. Purge existing listeners on ELB that are not found in listeners
scheme: ${27|internal,internet-facing|} # not required. choices: internal;internet-facing. The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
validate_certs: ${28|yes,no|} # not required. choices: yes;no. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
stickiness: ${29:undefined} # not required. An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
"""
'elb_classic_lb_facts':
'prefix': "elb_classic_lb_facts_snippet"
'description': "Gather facts about EC2 Elastic Load Balancers in AWS"
'body': """
elb_classic_lb_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${5:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
names: ${6:null} # not required. List of ELB names to gather facts about. Pass this option to gather facts about a set of ELBs, otherwise, all ELBs are returned.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'elb_instance':
'prefix': "elb_instance_snippet"
'description': "De-registers or registers instances from EC2 ELBs"
'body': """
elb_instance:
instance_id: ${1:undefined} # required. EC2 Instance ID
state: ${2|present,absent|} # required. choices: present;absent. register or deregister the instance
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
wait_timeout: ${4:0} # not required. Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
wait: ${6|yes,no|} # not required. choices: yes;no. Wait for instance registration or deregistration to complete successfully before returning.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_elbs: ${11:None} # not required. List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
validate_certs: ${12|yes,no|} # not required. choices: yes;no. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
enable_availability_zone: ${13|yes,no|} # not required. choices: yes;no. Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
"""
'elb_target':
'prefix': "elb_target_snippet"
'description': "Manage a target in a target group"
'body': """
elb_target:
target_id: ${1:undefined} # required. The ID of the target.
state: ${2|present,absent|} # required. choices: present;absent. Register or deregister the target.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
target_status_timeout: ${7:60} # not required. Maximum time in seconds to wait for target_status change
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
target_group_name: ${9:undefined} # not required. The name of the target group. Mutually exclusive of I(target_group_arn).
target_group_arn: ${10:undefined} # not required. The Amazon Resource Name (ARN) of the target group. Mutually exclusive of I(target_group_name).
target_port: ${11:The default port for a target is the port for the target group.} # not required. The port on which the target is listening. You can specify a port override. If a target is already registered, you can register it again using a different port.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
target_status: ${13|initial,healthy,unhealthy,unused,draining,unavailable|} # not required. choices: initial;healthy;unhealthy;unused;draining;unavailable. Blocks and waits for the target status to equal given value. For more detail on target status see U(http://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#target-health-states)
deregister_unused: ${14|yes,no|} # not required. choices: yes;no. The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set I(deregister_unused) to yes.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
target_az: ${16:undefined} # not required. An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
"""
'elb_target_group':
'prefix': "elb_target_group_snippet"
'description': "Manage a target group for an Application or Network load balancer"
'body': """
elb_target_group:
name: ${1:undefined} # required. The name of the target group.
state: ${2|present,absent|} # required. choices: present;absent. Create or destroy the target group.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
protocol: ${4|http,https,tcp|} # not required. choices: http;https;tcp. The protocol to use for routing traffic to the targets. Required when I(state) is C(present).
tags: ${5:undefined} # not required. A dictionary of one or more tags to assign to the target group.
purge_tags: ${6|yes,no|} # not required. choices: yes;no. If yes, existing tags will be purged from the resource to match exactly what is defined by I(tags) parameter. If the tag parameter is not set then tags will not be modified.
health_check_port: ${7:The port on which each target receives traffic from the load balancer.} # not required. The port the load balancer uses when performing health checks on targets. Can be set to 'traffic-port' to match target port.
successful_response_codes: ${8:undefined} # not required. The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
health_check_interval: ${10:undefined} # not required. The approximate amount of time, in seconds, between health checks of an individual target.
modify_targets: ${11:true} # not required. Whether or not to alter existing targets in the group to match what is passed with the module
healthy_threshold_count: ${12:undefined} # not required. The number of consecutive health checks successes required before considering an unhealthy target healthy.
targets: ${13:undefined} # not required. A list of targets to assign to the target group. This parameter defaults to an empty list. Unless you set the 'modify_targets' parameter then all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail.
health_check_path: ${14:undefined} # not required. The ping path that is the destination on the targets for health checks. The path must be defined in order to set a health check.
health_check_protocol: ${15|http,https,tcp|} # not required. choices: http;https;tcp. The protocol the load balancer uses when performing health checks on targets.
aws_secret_key: ${16:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
unhealthy_threshold_count: ${17:undefined} # not required. The number of consecutive health check failures required before considering a target unhealthy.
aws_access_key: ${18:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
stickiness_type: ${19:lb_cookie} # not required. The type of sticky sessions. The possible value is lb_cookie.
security_token: ${20:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${21:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
target_type: ${22|instance,ip|} # not required. choices: instance;ip. The type of target that you must specify when registering targets with this target group. The possible values are C(instance) (targets are specified by instance ID) or C(ip) (targets are specified by IP address). Note that you can't specify targets for a target group using both instance IDs and IP addresses. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.
port: ${23:undefined} # not required. The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. Required if I(state) is C(present).
stickiness_lb_cookie_duration: ${24:undefined} # not required. The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds).
stickiness_enabled: ${25|yes,no|} # not required. choices: yes;no. Indicates whether sticky sessions are enabled.
vpc_id: ${26:undefined} # not required. The identifier of the virtual private cloud (VPC). Required when I(state) is C(present).
deregistration_delay_timeout: ${27:undefined} # not required. The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds.
validate_certs: ${28:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
health_check_timeout: ${29:undefined} # not required. The amount of time, in seconds, during which no response from a target means a failed health check.
"""
'elb_target_group_facts':
'prefix': "elb_target_group_facts_snippet"
'description': "Gather facts about ELB target groups in AWS"
'body': """
elb_target_group_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
load_balancer_arn: ${4:undefined} # not required. The Amazon Resource Name (ARN) of the load balancer.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
target_group_arns: ${7:undefined} # not required. The Amazon Resource Names (ARN) of the target groups.
names: ${8:undefined} # not required. The names of the target groups.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'enos_command':
'prefix': "enos_command_snippet"
'description': "Run arbitrary commands on Lenovo ENOS devices"
'body': """
enos_command:
commands: ${1:undefined} # required. List of commands to send to the remote device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retires as expired.
authorize: ${2|yes,no|} # not required. choices: yes;no. Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
retries: ${3:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
auth_pass: ${4:none} # not required. Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
interval: ${5:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${6:null} # not required. A dict object containing connection details.
wait_for: ${7:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${8|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'enos_config':
'prefix': "enos_config_snippet"
'description': "Manage Lenovo ENOS configuration sections"
'body': """
enos_config:
comment: ${1:configured by enos_config} # not required. Allows a commit description to be specified to be included when the configuration is committed. If the configuration is not changed or committed, this argument is ignored.
src: ${2:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
auth_pass: ${3:none} # not required. Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
admin: ${4|yes,no|} # not required. choices: yes;no. Enters into administration configuration mode for making config changes to the device.
config: ${5:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
after: ${6:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${7:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
authorize: ${8|yes,no|} # not required. choices: yes;no. Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
replace: ${9|line,block,config|} # not required. choices: line;block;config. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${10:null} # not required. The ordered set of parents that uniquely identify the section the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${11:null} # not required. A dict object containing connection details.
backup: ${12|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
match: ${13|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${14:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'enos_facts':
'prefix': "enos_facts_snippet"
'description': "Collect facts from remote devices running Lenovo ENOS"
'body': """
enos_facts:
authorize: ${1|yes,no|} # not required. choices: yes;no. Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
auth_pass: ${2:none} # not required. Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
gather_subset: ${3:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${4:null} # not required. A dict object containing connection details.
"""
'eos_banner':
'prefix': "eos_banner_snippet"
'description': "Manage multiline banners on Arista EOS devices"
'body': """
eos_banner:
banner: ${1|login,motd|} # required. choices: login;motd. Specifies which banner that should be configured on the remote device.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
text: ${3:null} # not required. The banner text that should be present in the remote device running configuration. This argument accepts a multiline string. Requires I(state=present).
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
state: ${5|present,absent|} # not required. choices: present;absent. Specifies whether or not the configuration is present in the current devices active running configuration.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'eos_command':
'prefix': "eos_command_snippet"
'description': "Run arbitrary commands on an Arista EOS device"
'body': """
eos_command:
commands: ${1:undefined} # required. The commands to send to the remote EOS device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of I(retries) has been exceeded.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
retries: ${3:10} # not required. Specifies the number of retries a command should be tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditionals.
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
interval: ${5:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditional, the interval indicates how to long to wait before trying the command again.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
wait_for: ${7:null} # not required. Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured retries, the task fails. Note - With I(wait_for) the value in C(result['stdout']) can be accessed using C(result), that is to access C(result['stdout'][0]) use C(result[0]) See examples.
match: ${8|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the I(wait_for) must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'eos_config':
'prefix': "eos_config_snippet"
'description': "Manage Arista EOS configuration sections"
'body': """
eos_config:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
force: ${2:false} # not required. The force argument instructs the module to not consider the current devices running-config. When set to true, this will cause the module to push the contents of I(src) into the device without first checking if already configured.,Note this argument should be considered deprecated. To achieve the equivalent, set the C(match=none) which is idempotent. This argument will be removed in Ansible 2.6.
after: ${3:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
diff_against: ${4|startup,running,intended,session|} # not required. choices: startup;running;intended;session. When using the C(ansible-playbook --diff) command line argument the module can generate diffs against different sources.,When this option is configure as I(startup), the module will return the diff of the running-config against the startup-config.,When this option is configured as I(intended), the module will return the diff of the running-config against the configuration provided in the C(intended_config) argument.,When this option is configured as I(running), the module will return the before and after diff of the running-config with respect to any changes made to the device configuration.,When this option is configured as C(session), the diff returned will be based on the configuration session.
replace: ${5|line,block,config|} # not required. choices: line;block;config. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
running_config: ${6:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(running_config) argument allows the implementer to pass in the configuration to use as the base config for this module.
diff_ignore_lines: ${7:undefined} # not required. Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches.
src: ${8:null} # not required. The I(src) argument provides a path to the configuration file to load into the remote system. The path can either be a full system path to the configuration file if the value starts with / or relative to the root of the implemented role or playbook. This argument is mutually exclusive with the I(lines) and I(parents) arguments. It can be a Jinja2 template as well. src file must have same indentation as a live switch config. Arista EOS device config has 3 spaces indentation.
save: ${9:false} # not required. The C(save) argument instructs the module to save the running-config to startup-config. This operation is performed after any changes are made to the current running config. If no changes are made, the configuration is still saved to the startup config. This option will always cause the module to return changed.,This option is deprecated as of Ansible 2.4 and will be removed in Ansible 2.8, use C(save_when) instead.
auth_pass: ${10:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
lines: ${11:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
intended_config: ${12:undefined} # not required. The C(intended_config) provides the master configuration that the node should conform to and is used to check the final running-config against. This argument will not modify any settings on the remote device and is strictly used to check the compliance of the current device's configuration against. When specifying this argument, the task should also modify the C(diff_against) value and set it to I(intended).
parents: ${13:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
defaults: ${14:false} # not required. The I(defaults) argument will influence how the running-config is collected from the device. When the value is set to true, the command used to collect the running-config is append with the all keyword. When the value is set to false, the command is issued without the all keyword
provider: ${15:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
before: ${16:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
save_when: ${17|always,never,modified,changed|} # not required. choices: always;never;modified;changed. When changes are made to the device running-configuration, the changes are not copied to non-volatile storage by default. Using this argument will change that before. If the argument is set to I(always), then the running-config will always be copied to the startup-config and the I(modified) flag will always be set to True. If the argument is set to I(modified), then the running-config will only be copied to the startup-config if it has changed since the last save to startup-config. If the argument is set to I(never), the running-config will never be copied to the startup-config. If the argument is set to I(changed), then the running-config will only be copied to the startup-config if the task has made a change. I(changed) was added in Ansible 2.5.
backup: ${18:no} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created.
match: ${19|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
"""
'eos_eapi':
'prefix': "eos_eapi_snippet"
'description': "Manage and configure Arista EOS eAPI."
'body': """
eos_eapi:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
local_http_port: ${2:8080} # not required. Configures the HTTP port that will listen for connections when the HTTP transport protocol is enabled. This argument accepts integer values in the valid range of 1 to 65535.
http_port: ${3:80} # not required. Configures the HTTP port that will listen for connections when the HTTP transport protocol is enabled. This argument accepts integer values in the valid range of 1 to 65535.
http: ${4|yes,no|} # not required. choices: yes;no. The C(http) argument controls the operating state of the HTTP transport protocol when eAPI is present in the running-config. When the value is set to True, the HTTP protocol is enabled and when the value is set to False, the HTTP protocol is disabled. By default, when eAPI is first configured, the HTTP protocol is disabled.
https_port: ${5:443} # not required. Configures the HTTP port that will listen for connections when the HTTP transport protocol is enabled. This argument accepts integer values in the valid range of 1 to 65535.
auth_pass: ${6:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
state: ${7|started,stopped|} # not required. choices: started;stopped. The C(state) argument controls the operational state of eAPI on the remote device. When this argument is set to C(started), eAPI is enabled to receive requests and when this argument is C(stopped), eAPI is disabled and will not receive requests.
vrf: ${8:default} # not required. The C(vrf) argument will configure eAPI to listen for connections in the specified VRF. By default, eAPI transports will listen for connections in the global table. This value requires the VRF to already be created otherwise the task will fail.
https: ${9|yes,no|} # not required. choices: yes;no. The C(https) argument controls the operating state of the HTTPS transport protocol when eAPI is present in the running-config. When the value is set to True, the HTTPS protocol is enabled and when the value is set to False, the HTTPS protocol is disabled. By default, when eAPI is first configured, the HTTPS protocol is enabled.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
config: ${11:nul} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
local_http: ${12|yes,no|} # not required. choices: yes;no. The C(local_http) argument controls the operating state of the local HTTP transport protocol when eAPI is present in the running-config. When the value is set to True, the HTTP protocol is enabled and restricted to connections from localhost only. When the value is set to False, the HTTP local protocol is disabled.,Note is value is independent of the C(http) argument
socket: ${13|yes,no|} # not required. choices: yes;no. The C(socket) argument controls the operating state of the UNIX Domain Socket used to receive eAPI requests. When the value of this argument is set to True, the UDS will listen for eAPI requests. When the value is set to False, the UDS will not be available to handle requests. By default when eAPI is first configured, the UDS is disabled.
"""
'eos_facts':
'prefix': "eos_facts_snippet"
'description': "Collect facts from remote devices running Arista EOS"
'body': """
eos_facts:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
auth_pass: ${2:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
gather_subset: ${3:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'eos_interface':
'prefix': "eos_interface_snippet"
'description': "Manage Interface on Arista EOS network devices"
'body': """
eos_interface:
name: ${1:undefined} # required. Name of the Interface to be configured on remote device. The name of interface should be in expanded format and not abbreviated.
neighbors: ${2:undefined} # not required. Check the operational state of given interface C(name) for LLDP neighbor.,The following suboptions are available.
rx_rate: ${3:undefined} # not required. Receiver rate in bits per second (bps) for the interface given in C(name) option.,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
enabled: ${5:true} # not required. Interface link status. If the value is I(True) the interface state will be enabled, else if value is I(False) interface will be in disable (shutdown) state.
authorize: ${6|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
mtu: ${7:undefined} # not required. Set maximum transmission unit size in bytes of transmit packet for the interface given in C(name) option.
delay: ${8:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are I(state) with values C(up)/C(down), I(tx_rate) and I(rx_rate).
state: ${9|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the Interface configuration, C(up) means present and operationally up and C(down) means present and operationally C(down)
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${11:undefined} # not required. List of Interfaces definitions. Each of the entry in aggregate list should define name of interface C(name) and other options as required.
speed: ${12:undefined} # not required. This option configures autoneg and speed/duplex/flowcontrol for the interface given in C(name) option.
tx_rate: ${13:undefined} # not required. Transmit rate in bits per second (bps) for the interface given in C(name) option.,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
description: ${14:undefined} # not required. Description of Interface upto 240 characters.
"""
'eos_l2_interface':
'prefix': "eos_l2_interface_snippet"
'description': "Manage L2 interfaces on Arista EOS network devices."
'body': """
eos_l2_interface:
name: ${1:undefined} # required. Name of the interface
native_vlan: ${2:undefined} # not required. Native VLAN to be configured in trunk port. If C(mode=trunk), used as the trunk native VLAN ID.
access_vlan: ${3:undefined} # not required. Configure given VLAN in access port. If C(mode=access), used as the access VLAN ID.
state: ${4|present,absent,unconfigured|} # not required. choices: present;absent;unconfigured. Manage the state of the Layer-2 Interface configuration.
trunk_allowed_vlans: ${5:undefined} # not required. List of allowed VLANs in a given trunk port. If C(mode=trunk), these are the ONLY VLANs that will be configured on the trunk, i.e. C(2-10,15).
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${7:undefined} # not required. List of Layer-2 interface definitions.
auth_pass: ${8:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
authorize: ${9|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
mode: ${10|access,trunk|} # not required. choices: access;trunk. Mode in which interface needs to be configured.
"""
'eos_l3_interface':
'prefix': "eos_l3_interface_snippet"
'description': "Manage L3 interfaces on Arista EOS network devices."
'body': """
eos_l3_interface:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
name: ${2:undefined} # not required. Name of the L3 interface to be configured eg. ethernet1
auth_pass: ${3:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
state: ${5|present,absent|} # not required. choices: present;absent. State of the L3 interface configuration. It indicates if the configuration should be present or absent on remote device.
ipv4: ${6:undefined} # not required. IPv4 address to be set for the L3 interface mentioned in I(name) option. The address format is <ipv4 address>/<mask>, the mask is number in range 0-32 eg. 192.168.0.1/24
ipv6: ${7:undefined} # not required. IPv6 address to be set for the L3 interface mentioned in I(name) option. The address format is <ipv6 address>/<mask>, the mask is number in range 0-128 eg. fd5d:12c9:2201:1::1/64
aggregate: ${8:undefined} # not required. List of L3 interfaces definitions. Each of the entry in aggregate list should define name of interface C(name) and a optional C(ipv4) or C(ipv6) address.
"""
'eos_linkagg':
'prefix': "eos_linkagg_snippet"
'description': "Manage link aggregation groups on Arista EOS network devices"
'body': """
eos_linkagg:
purge: ${1:false} # not required. Purge links not defined in the I(aggregate) parameter.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${3|present,absent|} # not required. choices: present;absent. State of the link aggregation group.
group: ${4:undefined} # not required. Channel-group number for the port-channel Link aggregation group. Range 1-2000.
mode: ${5|active,on,passive|} # not required. choices: active;on;passive. Mode of the link aggregation group.
members: ${6:undefined} # not required. List of members of the link aggregation group.
min_links: ${7:undefined} # not required. Minimum number of ports required up before bringing up the link aggregation group.
aggregate: ${8:undefined} # not required. List of link aggregation definitions.
auth_pass: ${9:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'eos_lldp':
'prefix': "eos_lldp_snippet"
'description': "Manage LLDP configuration on Arista EOS network devices"
'body': """
eos_lldp:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${2|present,absent|} # not required. choices: present;absent. State of the LLDP configuration. If value is I(present) lldp will be enabled else if it is I(absent) it will be disabled.
auth_pass: ${3:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'eos_logging':
'prefix': "eos_logging_snippet"
'description': "Manage logging on network devices"
'body': """
eos_logging:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
aggregate: ${2:undefined} # not required. List of logging definitions.
state: ${3|present,absent|} # not required. choices: present;absent. State of the logging configuration.
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
name: ${5:undefined} # not required. If value of C(dest) is I(host) C(name) should be specified, which indicates hostname or IP address.
level: ${6|emergencies,alerts,critical,errors,warnings,notifications,informational,debugging|} # not required. choices: emergencies;alerts;critical;errors;warnings;notifications;informational;debugging. Set logging severity levels.
dest: ${7|on,host,console',monitor,buffered|} # not required. choices: on;host;console';monitor;buffered. Destination of the logs.
facility: ${8:undefined} # not required. Set logging facility.
provider: ${9:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
size: ${10:undefined} # not required. Size of buffer. The acceptable value is in range from 10 to 2147483647 bytes.
"""
'eos_static_route':
'prefix': "eos_static_route_snippet"
'description': "Manage static IP routes on Arista EOS network devices"
'body': """
eos_static_route:
next_hop: ${1:undefined} # required. Next hop IP of the static route.
address: ${2:undefined} # required. Network address with prefix of the static route.
authorize: ${3|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
admin_distance: ${6:1} # not required. Admin distance of the static route.
state: ${7|present,absent|} # not required. choices: present;absent. State of the static route configuration.
aggregate: ${8:undefined} # not required. List of static route definitions
"""
'eos_system':
'prefix': "eos_system_snippet"
'description': "Manage the system attributes on Arista EOS devices"
'body': """
eos_system:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${2|present,absent|} # not required. choices: present;absent. State of the configuration values in the device's current active configuration. When set to I(present), the values should be configured in the device active configuration and when set to I(absent) the values should not be in the device active configuration
auth_pass: ${3:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
lookup_source: ${5:undefined} # not required. Provides one or more source interfaces to use for performing DNS lookups. The interface provided in C(lookup_source) can only exist in a single VRF. This argument accepts either a list of interface names or a list of hashes that configure the interface name and VRF name. See examples.
name_servers: ${6:undefined} # not required. List of DNS name servers by IP address to use to perform name resolution lookups. This argument accepts either a list of DNS servers or a list of hashes that configure the name server and VRF name. See examples.
domain_search: ${7:undefined} # not required. Provides the list of domain suffixes to append to the hostname for the purpose of doing name resolution. This argument accepts a list of names and will be reconciled with the current active configuration on the running node.
hostname: ${8:undefined} # not required. Configure the device hostname parameter. This option takes an ASCII string value.
domain_name: ${9:undefined} # not required. Configure the IP domain name on the remote device to the provided value. Value should be in the dotted name form and will be appended to the C(hostname) to create a fully-qualified domain name.
"""
'eos_user':
'prefix': "eos_user_snippet"
'description': "Manage the collection of local users on EOS devices"
'body': """
eos_user:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
update_password: ${2|on_create,always|} # not required. choices: on_create;always. Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to C(always), the password will always be updated in the device and when set to C(on_create) the password will be updated only if the username is created.
configured_password: ${3:undefined} # not required. The password to be configured on the remote Arista EOS device. The password needs to be provided in clear and it will be encrypted on the device. Please note that this option is not same as C(provider password).
aggregate: ${4:undefined} # not required. The set of username objects to be configured on the remote Arista EOS device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the C(username) argument.
name: ${5:undefined} # not required. The username to be configured on the remote Arista EOS device. This argument accepts a stringv value and is mutually exclusive with the C(aggregate) argument. Please note that this option is not same as C(provider username).
auth_pass: ${6:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
purge: ${7:false} # not required. Instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user which cannot be deleted per EOS constraints.
privilege: ${8:undefined} # not required. The C(privilege) argument configures the privilege level of the user when logged into the system. This argument accepts integer values in the range of 1 to 15.
state: ${9|present,absent|} # not required. choices: present;absent. Configures the state of the username definition as it relates to the device operational configuration. When set to I(present), the username(s) should be configured in the device active configuration and when set to I(absent) the username(s) should not be in the device active configuration
role: ${10:undefined} # not required. Configures the role for the username in the device running configuration. The argument accepts a string value defining the role name. This argument does not check if the role has been configured on the device.
provider: ${11:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
nopassword: ${12:undefined} # not required. Defines the username without assigning a password. This will allow the user to login to the system without being authenticated by a password.
sshkey: ${13:undefined} # not required. Specifies the SSH public key to configure for the given username. This argument accepts a valid SSH key value.
"""
'eos_vlan':
'prefix': "eos_vlan_snippet"
'description': "Manage VLANs on Arista EOS network devices"
'body': """
eos_vlan:
vlan_id: ${1:undefined} # required. ID of the VLAN.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
delay: ${3:10} # not required. Delay the play should wait to check for declarative intent params values.
name: ${4:undefined} # not required. Name of the VLAN.
interfaces: ${5:undefined} # not required. List of interfaces that should be associated to the VLAN. The name of interface is case sensitive and should be in expanded format and not abbreviated.
auth_pass: ${6:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
purge: ${7:false} # not required. Purge VLANs not defined in the I(aggregate) parameter.
associated_interfaces: ${8:undefined} # not required. This is a intent option and checks the operational state of the for given vlan C(name) for associated interfaces. The name of interface is case sensitive and should be in expanded format and not abbreviated. If the value in the C(associated_interfaces) does not match with the operational state of vlan interfaces on device it will result in failure.
state: ${9|present,absent,active,suspend|} # not required. choices: present;absent;active;suspend. State of the VLAN configuration.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${11:undefined} # not required. List of VLANs definitions.
"""
'eos_vrf':
'prefix': "eos_vrf_snippet"
'description': "Manage VRFs on Arista EOS network devices"
'body': """
eos_vrf:
name: ${1:undefined} # required. Name of the VRF.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
rd: ${3:undefined} # not required. Route distinguisher of the VRF
interfaces: ${4:undefined} # not required. Identifies the set of interfaces that should be configured in the VRF. Interfaces must be routed interfaces in order to be placed into a VRF. The name of interface should be in expanded format and not abbreviated.
auth_pass: ${5:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
purge: ${6:false} # not required. Purge VRFs not defined in the I(aggregate) parameter.
associated_interfaces: ${7:undefined} # not required. This is a intent option and checks the operational state of the for given vrf C(name) for associated interfaces. If the value in the C(associated_interfaces) does not match with the operational state of vrf interfaces on device it will result in failure.
state: ${8|present,absent|} # not required. choices: present;absent. State of the VRF configuration.
delay: ${9:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state arguments.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using eAPI.,For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${11:undefined} # not required. List of VRFs definitions
"""
'etcd3':
'prefix': "etcd3_snippet"
'description': "Set or delete key value pairs from an etcd3 cluster"
'body': """
etcd3:
key: ${1:undefined} # required. the key where the information is stored in the cluster
state: ${2:undefined} # required. the state of the value for the key.,can be present or absent
value: ${3:undefined} # required. the information stored
host: ${4:localhost} # not required. the IP address of the cluster
port: ${5:2379} # not required. the port number used to connect to the cluster
"""
'execute_lambda':
'prefix': "execute_lambda_snippet"
'description': "Execute an AWS Lambda function"
'body': """
execute_lambda:
profile: ${1:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
security_token: ${2:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tail_log: ${3:false} # not required. If C(tail_log=true), the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only works if you use synchronous invocation C(wait=true). This is usually used for development or testing Lambdas.
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
payload: ${5:[object Object]} # not required. A dictionary in any form to be provided as input to the Lambda function.
wait: ${6:true} # not required. Whether to wait for the function results or not. If I(wait) is false, the task will not return any results. To wait for the Lambda function to complete, set C(wait=true) and the result will be available in the I(output) key.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${9:None} # not required. The name of the function to be invoked. This can only be used for invocations within the calling account. To invoke a function in another account, use I(function_arn) to specify the full ARN.
dry_run: ${10:false} # not required. Do not *actually* invoke the function. A C(DryRun) call will check that the caller has permissions to call the function, especially for checking cross-account permissions.
function_arn: ${11:None} # not required. The name of the function to be invoked
region: ${12:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
version_qualifier: ${13:LATEST} # not required. Which version/alias of the function to run. This defaults to the C(LATEST) revision, but can be set to any existing version or alias. See https;//docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html for details.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'exo_dns_domain':
'prefix': "exo_dns_domain_snippet"
'description': "Manages domain records on Exoscale DNS API."
'body': """
exo_dns_domain:
name: ${1:undefined} # required. Name of the record.
api_secret: ${2:undefined} # not required. Secret key of the Exoscale DNS API.,Since 2.4, the ENV variable C(CLOUDSTACK_SECRET) is used as default, when defined.
api_timeout: ${3:10} # not required. HTTP timeout to Exoscale DNS API.,Since 2.4, the ENV variable C(CLOUDSTACK_TIMEOUT) is used as default, when defined.
api_region: ${4:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,Since 2.4, the ENV variable C(CLOUDSTACK_REGION) is used as default, when defined.
state: ${5|present,absent|} # not required. choices: present;absent. State of the resource.
api_key: ${6:undefined} # not required. API key of the Exoscale DNS API.,Since 2.4, the ENV variable C(CLOUDSTACK_KEY) is used as default, when defined.
validate_certs: ${7:true} # not required. Validate SSL certs of the Exoscale DNS API.
"""
'exo_dns_record':
'prefix': "exo_dns_record_snippet"
'description': "Manages DNS records on Exoscale DNS."
'body': """
exo_dns_record:
domain: ${1:undefined} # required. Domain the record is related to.
multiple: ${2:false} # not required. Whether there are more than one records with similar C(name) and C(record_type).,Only allowed for a few record types, e.g. C(record_type=A), C(record_type=NS) or C(record_type=MX).,C(content) will not be updated, instead it is used as a key to find existing records.
name: ${3:} # not required. Name of the record.
prio: ${4:undefined} # not required. Priority of the record.
api_secret: ${5:undefined} # not required. Secret key of the Exoscale DNS API.,Since 2.4, the ENV variable C(CLOUDSTACK_SECRET) is used as default, when defined.
api_timeout: ${6:10} # not required. HTTP timeout to Exoscale DNS API.,Since 2.4, the ENV variable C(CLOUDSTACK_TIMEOUT) is used as default, when defined.
api_region: ${7:cloudstack} # not required. Name of the ini section in the C(cloustack.ini) file.,Since 2.4, the ENV variable C(CLOUDSTACK_REGION) is used as default, when defined.
content: ${8:undefined} # not required. Content of the record.,Required if C(state=present) or C(multiple=yes).
record_type: ${9|A,ALIAS,CNAME,MX,SPF,URL,TXT,NS,SRV,NAPTR,PTR,AAAA,SSHFP,HINFO,POOL|} # not required. choices: A;ALIAS;CNAME;MX;SPF;URL;TXT;NS;SRV;NAPTR;PTR;AAAA;SSHFP;HINFO;POOL. Type of the record.
state: ${10|present,absent|} # not required. choices: present;absent. State of the record.
ttl: ${11:3600} # not required. TTL of the record in seconds.
api_key: ${12:undefined} # not required. API key of the Exoscale DNS API.,Since 2.4, the ENV variable C(CLOUDSTACK_KEY) is used as default, when defined.
validate_certs: ${13:true} # not required. Validate SSL certs of the Exoscale DNS API.
"""
'expect':
'prefix': "expect_snippet"
'description': "Executes a command and responds to prompts."
'body': """
expect:
command: ${1:undefined} # required. The command module takes command to run.
responses: ${2:undefined} # required. Mapping of expected string/regex and string to respond with. If the response is a list, successive matches return successive responses. List functionality is new in 2.1.
creates: ${3:undefined} # not required. A filename, when it already exists, this step will B(not) be run.
chdir: ${4:undefined} # not required. Change into this directory before running the command.
timeout: ${5:30} # not required. Amount of time in seconds to wait for the expected strings.
removes: ${6:undefined} # not required. A filename, when it does not exist, this step will B(not) be run.
echo: ${7:false} # not required. Whether or not to echo out your response strings.
"""
'facter':
'prefix': "facter_snippet"
'description': "Runs the discovery program I(facter) on the remote system"
'body': """
facter:
"""
'fail':
'prefix': "fail_snippet"
'description': "Fail with custom message"
'body': """
fail:
msg: ${1:'Failed as requested from task'} # not required. The customized message used for failing execution. If omitted, fail will simply bail out with a generic message.
"""
'fetch':
'prefix': "fetch_snippet"
'description': "Fetches a file from remote nodes"
'body': """
fetch:
dest: ${1:null} # required. A directory to save the file into. For example, if the I(dest) directory is C(/backup) a I(src) file named C(/etc/profile) on host C(host.example.com), would be saved into C(/backup/host.example.com/etc/profile)
src: ${2:null} # required. The file on the remote system to fetch. This I(must) be a file, not a directory. Recursive fetching may be supported in a later release.
validate_checksum: ${3|yes,no|} # not required. choices: yes;no. Verify that the source and destination checksums match after the files are fetched.
fail_on_missing: ${4|yes,no|} # not required. choices: yes;no. When set to 'yes', the task will fail if the remote file cannot be read for any reason. Prior to Ansible-2.5, setting this would only fail if the source file was missing.,The default was changed to \"yes\" in Ansible-2.5.
flat: ${5:undefined} # not required. Allows you to override the default behavior of appending hostname/path/to/file to the destination. If dest ends with '/', it will use the basename of the source file, similar to the copy module. Obviously this is only handy if the filenames are unique.
"""
'file':
'prefix': "file_snippet"
'description': "Sets attributes of files"
'body': """
file:
path: ${1:undefined} # required. path to the file being managed. Aliases: I(dest), I(name)
force: ${2:no} # not required. force the creation of the symlinks in two cases: the source file does not exist (but will appear later); the destination exists and is a file (so, we need to unlink the \"path\" file and create symlink to the \"src\" file in place of it).
selevel: ${3:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
follow: ${4:yes} # not required. This flag indicates that filesystem links, if they exist, should be followed.,Previous to Ansible 2.5, this was C(no) by default.
owner: ${5:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
src: ${6:undefined} # not required. path of the file to link to (applies only to C(state=link) and C(state=hard)). Will accept absolute, relative and nonexisting paths. Relative paths are not expanded.
group: ${7:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
unsafe_writes: ${8:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
seuser: ${9:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
recurse: ${10:no} # not required. recursively set the specified file attributes (applies only to directories)
serole: ${11:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
state: ${12|absent,directory,file,hard,link,touch|} # not required. choices: absent;directory;file;hard;link;touch. If C(directory), all intermediate subdirectories will be created if they do not exist. Since Ansible 1.7 they will be created with the supplied permissions. If C(file), the file will NOT be created if it does not exist; see the C(touch) value or the M(copy) or M(template) module if you want that behavior. If C(link), the symbolic link will be created or changed. Use C(hard) for hardlinks. If C(absent), directories will be recursively deleted, and files or symlinks will be unlinked. Note that C(absent) will not cause C(file) to fail if the C(path) does not exist as the state did not change. If C(touch) (new in 1.4), an empty file will be created if the C(path) does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way `touch` works from the command line).
mode: ${13:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${14:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
setype: ${15:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'filesystem':
'prefix': "filesystem_snippet"
'description': "Makes a filesystem"
'body': """
filesystem:
dev: ${1:undefined} # required. Target path to device or image file.
fstype: ${2|btrfs,ext2,ext3,ext4,ext4dev,lvm,reiserfs,xfs,vfat|} # required. choices: btrfs;ext2;ext3;ext4;ext4dev;lvm;reiserfs;xfs;vfat. Filesystem type to be created.,reiserfs support was added in 2.2.,lvm support was added in 2.5.,since 2.5, I(dev) can be an image file.,vfat support was added in 2.5
resizefs: ${3:no} # not required. If C(yes), if the block device and filesytem size differ, grow the filesystem into the space.,Supported for C(ext2), C(ext3), C(ext4), C(ext4dev), C(lvm), C(xfs) and C(vfat) filesystems.,XFS Will only grow if mounted.,vFAT will likely fail if fatresize < 1.04.
force: ${4:no} # not required. If C(yes), allows to create new filesystem on devices that already has filesystem.
opts: ${5:undefined} # not required. List of options to be passed to mkfs command.
"""
'find':
'prefix': "find_snippet"
'description': "Return a list of files based on specific criteria"
'body': """
find:
paths: ${1:undefined} # required. List of paths of directories to search. All paths must be fully qualified.
excludes: ${2:null} # not required. One or more (shell or regex) patterns, which type is controlled by C(use_regex) option.,Excludes is a patterns should not be returned in list. Multiple patterns can be specified using a list.
file_type: ${3|any,directory,file,link|} # not required. choices: any;directory;file;link. Type of file to select.,The 'link' and 'any' choices were added in version 2.3.
age: ${4:undefined} # not required. Select files whose age is equal to or greater than the specified time. Use a negative age to find files equal to or less than the specified time. You can choose seconds, minutes, hours, days, or weeks by specifying the first letter of any of those words (e.g., \"1w\").
contains: ${5:undefined} # not required. One or more regex patterns which should be matched against the file content.
recurse: ${6|no,yes|} # not required. choices: no;yes. If target is a directory, recursively descend into the directory looking for files.
age_stamp: ${7|atime,ctime,mtime|} # not required. choices: atime;ctime;mtime. Choose the file property against which we compare age.
patterns: ${8:*} # not required. One or more (shell or regex) patterns, which type is controlled by C(use_regex) option.,The patterns restrict the list of files to be returned to those whose basenames match at least one of the patterns specified. Multiple patterns can be specified using a list.
get_checksum: ${9|no,yes|} # not required. choices: no;yes. Set this to true to retrieve a file's sha1 checksum.
use_regex: ${10|no,yes|} # not required. choices: no;yes. If false the patterns are file globs (shell) if true they are python regexes.
follow: ${11|no,yes|} # not required. choices: no;yes. Set this to true to follow symlinks in path for systems with python 2.6+.
hidden: ${12|no,yes|} # not required. choices: no;yes. Set this to true to include hidden files, otherwise they'll be ignored.
size: ${13:undefined} # not required. Select files whose size is equal to or greater than the specified size. Use a negative size to find files equal to or less than the specified size. Unqualified values are in bytes, but b, k, m, g, and t can be appended to specify bytes, kilobytes, megabytes, gigabytes, and terabytes, respectively. Size is not evaluated for directories.
"""
'firewalld':
'prefix': "firewalld_snippet"
'description': "Manage arbitrary ports/services with firewalld"
'body': """
firewalld:
state: ${1|enabled,disabled,present,absent|} # required. choices: enabled;disabled;present;absent. Enable or disable a setting. For ports: Should this port accept(enabled) or reject(disabled) connections. The states \"present\" and \"absent\" can only be used in zone level operations (i.e. when no other parameters but zone and state are set).\n
zone: ${2|work,drop,internal,external,trusted,home,dmz,public,block|} # not required. choices: work;drop;internal;external;trusted;home;dmz;public;block. The firewalld zone to add/remove to/from (NOTE: default zone can be configured per system but \"public\" is default from upstream. Available choices can be extended based on per-system configs, listed here are \"out of the box\" defaults).\n
service: ${3:null} # not required. Name of a service to add/remove to/from firewalld - service must be listed in output of firewall-cmd --get-services.
masquerade: ${4:null} # not required. The masquerade setting you would like to enable/disable to/from zones within firewalld
immediate: ${5:false} # not required. Should this configuration be applied immediately, if set as permanent
source: ${6:null} # not required. The source/network you would like to add/remove to/from firewalld
permanent: ${7:null} # not required. Should this configuration be in the running firewalld configuration or persist across reboots. As of Ansible version 2.3, permanent operations can operate on firewalld configs when it's not running (requires firewalld >= 3.0.9). (NOTE: If this is false, immediate is assumed true.)\n
timeout: ${8:0} # not required. The amount of time the rule should be in effect for when non-permanent.
interface: ${9:null} # not required. The interface you would like to add/remove to/from a zone in firewalld
port: ${10:null} # not required. Name of a port or port range to add/remove to/from firewalld. Must be in the form PORT/PROTOCOL or PORT-PORT/PROTOCOL for port ranges.
rich_rule: ${11:null} # not required. Rich rule to add/remove to/from firewalld.
"""
'flowadm':
'prefix': "flowadm_snippet"
'description': "Manage bandwidth resource control and priority for protocols, services and zones on Solaris/illumos systems"
'body': """
flowadm:
name: ${1:undefined} # required. - A flow is defined as a set of attributes based on Layer 3 and Layer 4 headers, which can be used to identify a protocol, service, or a zone.\n
dsfield: ${2:undefined} # not required. - Identifies the 8-bit differentiated services field (as defined in RFC 2474). The optional dsfield_mask is used to state the bits of interest in the differentiated services field when comparing with the dsfield value. Both values must be in hexadecimal.\n
temporary: ${3|true,false|} # not required. choices: true;false. Specifies that the configured flow is temporary. Temporary flows do not persist across reboots.
maxbw: ${4:undefined} # not required. - Sets the full duplex bandwidth for the flow. The bandwidth is specified as an integer with one of the scale suffixes(K, M, or G for Kbps, Mbps, and Gbps). If no units are specified, the input value will be read as Mbps.\n
local_port: ${5:undefined} # not required. Identifies a service specified by the local port.
local_ip: ${6:undefined} # not required. Identifies a network flow by the local IP address.
priority: ${7|low,medium,high|} # not required. choices: low;medium;high. Sets the relative priority for the flow.
state: ${8|absent,present,resetted|} # not required. choices: absent;present;resetted. Create/delete/enable/disable an IP address on the network interface.
link: ${9:undefined} # not required. Specifiies a link to configure flow on.
transport: ${10:undefined} # not required. - Specifies a Layer 4 protocol to be used. It is typically used in combination with I(local_port) to identify the service that needs special attention.\n
remote_ip: ${11:undefined} # not required. Identifies a network flow by the remote IP address.
"""
'flowdock':
'prefix': "flowdock_snippet"
'description': "Send a message to a flowdock"
'body': """
flowdock:
type: ${1|inbox,chat|} # required. choices: inbox;chat. Whether to post to 'inbox' or 'chat"
token: ${2:undefined} # required. API token.
msg: ${3:undefined} # required. Content of the message
from_name: ${4:undefined} # not required. (inbox only) Name of the message sender
from_address: ${5:undefined} # not required. (inbox only - required) Email address of the message sender
tags: ${6:undefined} # not required. tags of the message, separated by commas
external_user_name: ${7:undefined} # not required. (chat only - required) Name of the \"user\" sending the message
project: ${8:undefined} # not required. (inbox only) Human readable identifier for more detailed message categorization
source: ${9:undefined} # not required. (inbox only - required) Human readable identifier of the application that uses the Flowdock API
link: ${10:undefined} # not required. (inbox only) Link associated with the message. This will be used to link the message subject in Team Inbox.
reply_to: ${11:undefined} # not required. (inbox only) Email address for replies
subject: ${12:undefined} # not required. (inbox only - required) Subject line of the message
validate_certs: ${13|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'fmgr_script':
'prefix': "fmgr_script_snippet"
'description': "Add/Edit/Delete and execute scripts"
'body': """
fmgr_script:
username: ${1:undefined} # required. The username to log into the FortiManager
adom: ${2:undefined} # required. The administrative domain (admon) the configuration belongs to
host: ${3:undefined} # required. The FortiManager's Address.
script_name: ${4:undefined} # required. The name of the script.
script_content: ${5:undefined} # not required. The script content that will be executed.
script_scope: ${6:undefined} # not required. (datasource) The devices that the script will run on, can have both device member and device group member.
state: ${7|present,execute,delete|} # not required. choices: present;execute;delete. The desired state of the specified object.,present - will create a script.,execute - execute the scipt.,delete - delete the script.
script_target: ${8:undefined} # not required. The target of the script to be run.
script_description: ${9:undefined} # not required. The description of the script.
script_package: ${10:undefined} # not required. (datasource) Policy package object to run the script against
password: ${11:undefined} # not required. The password associated with the username account.
vdom: ${12:undefined} # not required. The virtual domain (vdom) the configuration belongs to
script_type: ${13:undefined} # not required. The type of script (CLI or TCL).
"""
'foreman':
'prefix': "foreman_snippet"
'description': "Manage Foreman Resources"
'body': """
foreman:
username: ${1:undefined} # required. Username on Foreman server.
password: ${2:undefined} # required. Password for user accessing Foreman server.
params: ${3:undefined} # required. Parameters associated to the entity resource to set or edit in dictionary format (e.g. name, description).
server_url: ${4:undefined} # required. URL of Foreman server.
entity: ${5:undefined} # required. The Foreman resource that the action will be performed on (e.g. organization, host).
"""
'fortios_address':
'prefix': "fortios_address_snippet"
'description': "Manage fortios firewall address objects"
'body': """
fortios_address:
name: ${1:undefined} # required. Name of the address to add or delete.
state: ${2|present,absent|} # required. choices: present;absent. Specifies if address need to be added or deleted.
comment: ${3:undefined} # not required. free text to describe address.
username: ${4:undefined} # not required. Configures the username used to authenticate to the remote device. Required when I(file_mode) is True.
backup: ${5|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the i(backup) folder.
config_file: ${6:undefined} # not required. Path to configuration file. Required when I(file_mode) is True.
backup_path: ${7:undefined} # not required. Specifies where to store backup files. Required if I(backup=yes).
country: ${8:undefined} # not required. 2 letter country code (like FR).
host: ${9:undefined} # not required. Specifies the DNS hostname or IP address for connecting to the remote fortios device. Required when I(file_mode) is False.
value: ${10:undefined} # not required. Address value, based on type. If type=fqdn, somthing like www.google.com. If type=ipmask, you can use simple ip (192.168.0.1), ip+mask (192.168.0.1 255.255.255.0) or CIDR (192.168.0.1/32).
start_ip: ${11:undefined} # not required. First ip in range (used only with type=iprange).
end_ip: ${12:undefined} # not required. Last ip in range (used only with type=iprange).
backup_filename: ${13:undefined} # not required. Specifies the backup filename. If omitted filename will be formatted like HOST_config.YYYY-MM-DD@HH:MM:SS
timeout: ${14:60} # not required. Timeout in seconds for connecting to the remote device.
interface: ${15:any} # not required. interface name the address apply to.
password: ${16:undefined} # not required. Specifies the password used to authenticate to the remote device. Required when I(file_mode) is True.
type: ${17|iprange,fqdn,ipmask,geography|} # not required. choices: iprange;fqdn;ipmask;geography. Type of the address.
vdom: ${18:undefined} # not required. Specifies on which vdom to apply configuration
file_mode: ${19:false} # not required. Don't connect to any device, only use I(config_file) as input and Output.
"""
'fortios_config':
'prefix': "fortios_config_snippet"
'description': "Manage config on Fortinet FortiOS firewall devices"
'body': """
fortios_config:
username: ${1:undefined} # not required. Configures the username used to authenticate to the remote device. Required when I(file_mode) is True.
src: ${2:undefined} # not required. The I(src) argument provides a path to the configuration template to load into the remote device.
config_file: ${3:undefined} # not required. Path to configuration file. Required when I(file_mode) is True.
file_mode: ${4:false} # not required. Don't connect to any device, only use I(config_file) as input and Output.
backup_path: ${5:undefined} # not required. Specifies where to store backup files. Required if I(backup=yes).
filter: ${6:} # not required. Only for partial backup, you can restrict by giving expected configuration path (ex. firewall address).
host: ${7:undefined} # not required. Specifies the DNS hostname or IP address for connecting to the remote fortios device. Required when I(file_mode) is False.
backup_filename: ${8:undefined} # not required. Specifies the backup filename. If omitted filename will be formatted like HOST_config.YYYY-MM-DD@HH:MM:SS
timeout: ${9:60} # not required. Timeout in seconds for connecting to the remote device.
password: ${10:undefined} # not required. Specifies the password used to authenticate to the remote device. Required when I(file_mode) is True.
backup: ${11|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the i(backup) folder.
vdom: ${12:undefined} # not required. Specifies on which vdom to apply configuration
"""
'fortios_ipv4_policy':
'prefix': "fortios_ipv4_policy_snippet"
'description': "Manage IPv4 policy objects on Fortinet FortiOS firewall devices"
'body': """
fortios_ipv4_policy:
id: ${1:undefined} # required. Policy ID. Warning: policy ID number is different than Policy sequence number. The policy ID is the number assigned at policy creation. The sequence number represents the order in which the Fortigate will evaluate the rule for policy enforcement, and also the order in which rules are listed in the GUI and CLI. These two numbers do not necessarily correlate: this module is based off policy ID. TIP: policy ID can be viewed in the GUI by adding 'ID' to the display columns
comment: ${2:undefined} # not required. free text to describe policy.
username: ${3:undefined} # not required. Configures the username used to authenticate to the remote device. Required when I(file_mode) is True.
config_file: ${4:undefined} # not required. Path to configuration file. Required when I(file_mode) is True.
file_mode: ${5:false} # not required. Don't connect to any device, only use I(config_file) as input and Output.
schedule: ${6:always} # not required. defines policy schedule.
application_list: ${7:undefined} # not required. Specifies Application Control name.
src_intf: ${8:any} # not required. Specifies source interface name(s).
service_negate: ${9|true,false|} # not required. choices: true;false. Negate policy service(s) defined in service value.
av_profile: ${10:undefined} # not required. Specifies Antivirus profile name.
dst_addr_negate: ${11|true,false|} # not required. choices: true;false. Negate destination address param.
host: ${12:undefined} # not required. Specifies the DNS hostname or IP address for connecting to the remote fortios device. Required when I(file_mode) is False.
backup_filename: ${13:undefined} # not required. Specifies the backup filename. If omitted filename will be formatted like HOST_config.YYYY-MM-DD@HH:MM:SS
logtraffic_start: ${14|true,false|} # not required. choices: true;false. Logs beginning of session as well.
password: ${15:undefined} # not required. Specifies the password used to authenticate to the remote device. Required when I(file_mode) is True.
fixedport: ${16|true,false|} # not required. choices: true;false. Use fixed port for nat.
backup_path: ${17:undefined} # not required. Specifies where to store backup files. Required if I(backup=yes).
timeout: ${18:60} # not required. Timeout in seconds for connecting to the remote device.
webfilter_profile: ${19:undefined} # not required. Specifies Webfilter profile name.
src_addr: ${20:undefined} # not required. Specifies source address (or group) object name(s). Required when I(state=present).
service: ${21:undefined} # not required. Specifies policy service(s), could be a list (ex: ['MAIL','DNS']). Required when I(state=present).
poolname: ${22:undefined} # not required. Specifies NAT pool name.
policy_action: ${23|accept,deny|} # not required. choices: accept;deny. Specifies accept or deny action policy. Required when I(state=present).
dst_intf: ${24:any} # not required. Specifies destination interface name(s).
ips_sensor: ${25:undefined} # not required. Specifies IPS Sensor profile name.
state: ${26|present,absent|} # not required. choices: present;absent. Specifies if policy I(id) need to be added or deleted.
vdom: ${27:undefined} # not required. Specifies on which vdom to apply configuration
nat: ${28|true,false|} # not required. choices: true;false. Enable or disable Nat.
src_addr_negate: ${29|true,false|} # not required. choices: true;false. Negate source address param.
backup: ${30|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the i(backup) folder.
dst_addr: ${31:undefined} # not required. Specifies destination address (or group) object name(s). Required when I(state=present).
logtraffic: ${32|disable,utm,all|} # not required. choices: disable;utm;all. Logs sessions that matched policy.
"""
'gc_storage':
'prefix': "gc_storage_snippet"
'description': "This module manages objects/buckets in Google Cloud Storage."
'body': """
gc_storage:
gs_access_key: ${1:null} # required. GS access key. If not set then the value of the GS_ACCESS_KEY_ID environment variable is used.
bucket: ${2:undefined} # required. Bucket name.
mode: ${3|get,put,get_url,get_str,delete,create|} # required. choices: get;put;get_url;get_str;delete;create. Switches the module behaviour between upload, download, get_url (return download url) , get_str (download object as string), create (bucket) and delete (bucket).
gs_secret_key: ${4:null} # required. GS secret key. If not set then the value of the GS_SECRET_ACCESS_KEY environment variable is used.
src: ${5:null} # not required. The source file path when performing a PUT operation.
force: ${6:true} # not required. Forces an overwrite either locally on the filesystem or remotely with the object/key. Used with PUT and GET operations.
permission: ${7:private} # not required. This option let's the user set the canned permissions on the object/bucket that are created. The permissions that can be set are 'private', 'public-read', 'authenticated-read'.
dest: ${8:undefined} # not required. The destination file path when downloading an object/key with a GET operation.
object: ${9:null} # not required. Keyname of the object inside the bucket. Can be also be used to create \"virtual directories\" (see examples).
expiration: ${10:null} # not required. Time limit (in seconds) for the URL generated and returned by GCA when performing a mode=put or mode=get_url operation. This url is only available when public-read is the acl for the object.
region: ${11:US} # not required. The gs region to use. If not defined then the value 'US' will be used. See U(https://cloud.google.com/storage/docs/bucket-locations)
versioning: ${12|yes,no|} # not required. choices: yes;no. Whether versioning is enabled or disabled (note that once versioning is enabled, it can only be suspended)
headers: ${13:{}} # not required. Headers to attach to object.
"""
'gcdns_record':
'prefix': "gcdns_record_snippet"
'description': "Creates or removes resource records in Google Cloud DNS"
'body': """
gcdns_record:
record: ${1:undefined} # required. The fully-qualified domain name of the resource record.
type: ${2|A,AAAA,CNAME,SRV,TXT,SOA,NS,MX,SPF,PTR|} # required. choices: A;AAAA;CNAME;SRV;TXT;SOA;NS;MX;SPF;PTR. The type of resource record to add.
zone_id: ${3:undefined} # not required. The Google Cloud ID of the zone (e.g., example-com).,One of either I(zone) or I(zone_id) must be specified as an option, or the module will fail.,These usually take the form of domain names with the dots replaced with dashes. A zone ID will never have any dots in it.,I(zone_id) can be faster than I(zone) in projects with a large number of zones.,If both I(zone) and I(zone_id) are specified, I(zone_id) will be used.
zone: ${4:undefined} # not required. The DNS domain name of the zone (e.g., example.com).,One of either I(zone) or I(zone_id) must be specified as an option, or the module will fail.,If both I(zone) and I(zone_id) are specified, I(zone_id) will be used.
service_account_email: ${5:null} # not required. The e-mail address for a service account with access to Google Cloud DNS.
ttl: ${6:300} # not required. The amount of time in seconds that a resource record will remain cached by a caching resolver.
pem_file: ${7:null} # not required. The path to the PEM file associated with the service account email.,This option is deprecated and may be removed in a future release. Use I(credentials_file) instead.
record_data: ${8:undefined} # not required. The record_data to use for the resource record.,I(record_data) must be specified if I(state) is C(present) or I(overwrite) is C(True), or the module will fail.,Valid record_data vary based on the record's I(type). In addition, resource records that contain a DNS domain name in the value field (e.g., CNAME, PTR, SRV, .etc) MUST include a trailing dot in the value.,Individual string record_data for TXT records must be enclosed in double quotes.,For resource records that have the same name but different record_data (e.g., multiple A records), they must be defined as multiple list entries in a single record.
state: ${9|present,absent|} # not required. choices: present;absent. Whether the given resource record should or should not be present.
credentials_file: ${10:null} # not required. The path to the JSON file associated with the service account email.
project_id: ${11:null} # not required. The Google Cloud Platform project ID to use.
overwrite: ${12|true,false|} # not required. choices: true;false. Whether an attempt to overwrite an existing record should succeed or fail. The behavior of this option depends on I(state).,If I(state) is C(present) and I(overwrite) is C(True), this module will replace an existing resource record of the same name with the provided I(record_data). If I(state) is C(present) and I(overwrite) is C(False), this module will fail if there is an existing resource record with the same name and type, but different resource data.,If I(state) is C(absent) and I(overwrite) is C(True), this module will remove the given resource record unconditionally. If I(state) is C(absent) and I(overwrite) is C(False), this module will fail if the provided record_data do not match exactly with the existing resource record's record_data.
"""
'gcdns_zone':
'prefix': "gcdns_zone_snippet"
'description': "Creates or removes zones in Google Cloud DNS"
'body': """
gcdns_zone:
zone: ${1:undefined} # required. The DNS domain name of the zone.,This is NOT the Google Cloud DNS zone ID (e.g., example-com). If you attempt to specify a zone ID, this module will attempt to create a TLD and will fail.
state: ${2|present,absent|} # not required. choices: present;absent. Whether the given zone should or should not be present.
description: ${3:} # not required. An arbitrary text string to use for the zone description.
credentials_file: ${4:null} # not required. The path to the JSON file associated with the service account email.
service_account_email: ${5:null} # not required. The e-mail address for a service account with access to Google Cloud DNS.
project_id: ${6:null} # not required. The Google Cloud Platform project ID to use.
pem_file: ${7:null} # not required. The path to the PEM file associated with the service account email.,This option is deprecated and may be removed in a future release. Use I(credentials_file) instead.
"""
'gce':
'prefix': "gce_snippet"
'description': "create or terminate GCE instances"
'body': """
gce:
zone: ${1:us-central1-a} # required. the GCE zone to use. The list of available zones is at U(https://cloud.google.com/compute/docs/regions-zones/regions-zones#available).
disks: ${2:null} # not required. a list of persistent disks to attach to the instance; a string value gives the name of the disk; alternatively, a dictionary value can define 'name' and 'mode' ('READ_ONLY' or 'READ_WRITE'). The first entry will be the boot disk (which must be READ_WRITE).
num_instances: ${3:undefined} # not required. can be used with 'name', specifies the number of nodes to provision using 'name' as a base name
ip_forward: ${4:false} # not required. set to true if the instance can forward ip packets (useful for gateways)
image: ${5:debian-8} # not required. image string to use for the instance (default will follow latest stable debian image)
service_account_permissions: ${6|bigquery,cloud-platform,compute-ro,compute-rw,useraccounts-ro,useraccounts-rw,datastore,logging-write,monitoring,sql-admin,storage-full,storage-ro,storage-rw,taskqueue,userinfo-email|} # not required. choices: bigquery;cloud-platform;compute-ro;compute-rw;useraccounts-ro;useraccounts-rw;datastore;logging-write;monitoring;sql-admin;storage-full;storage-ro;storage-rw;taskqueue;userinfo-email. service account permissions (see U(https://cloud.google.com/sdk/gcloud/reference/compute/instances/create), --scopes section for detailed information)
pem_file: ${7:null} # not required. path to the pem file associated with the service account email This option is deprecated. Use 'credentials_file'.
instance_names: ${8:null} # not required. a comma-separated list of instance names to create or destroy
machine_type: ${9:n1-standard-1} # not required. machine type to use for the instance, use 'n1-standard-1' by default
external_projects: ${10:null} # not required. A list of other projects (accessible with the provisioning credentials) to be searched for the image.
name: ${11:undefined} # not required. either a name of a single instance or when used with 'num_instances', the base name of a cluster of nodes
disk_size: ${12:10} # not required. The size of the boot disk created for this instance (in GB)
network: ${13:default} # not required. name of the network, 'default' will be used if not specified
external_ip: ${14:ephemeral} # not required. type of external ip, ephemeral by default; alternatively, a fixed gce ip or ip name can be given. Specify 'none' if no external ip is desired.
service_account_email: ${15:null} # not required. service account email
tags: ${16:null} # not required. a comma-separated list of tags to associate with the instance
persistent_boot_disk: ${17:false} # not required. if set, create the instance with a persistent boot disk
disk_auto_delete: ${18:true} # not required. if set boot disk will be removed after instance destruction
preemptible: ${19:false} # not required. if set to true, instances will be preemptible and time-limited. (requires libcloud >= 0.20.0)
state: ${20|active,present,absent,deleted,started,stopped,terminated|} # not required. choices: active;present;absent;deleted;started;stopped;terminated. desired state of the resource
credentials_file: ${21:null} # not required. path to the JSON file associated with the service account email
subnetwork: ${22:null} # not required. name of the subnetwork in which the instance should be created
project_id: ${23:null} # not required. your GCE project ID
image_family: ${24:null} # not required. image family from which to select the image. The most recent non-deprecated image in the family will be used.
metadata: ${25:null} # not required. a hash/dictionary of custom data for the instance; '{\"key\":\"value\", ...}"
"""
'gce_eip':
'prefix': "gce_eip_snippet"
'description': "Create or Destroy Global or Regional External IP addresses."
'body': """
gce_eip:
region: ${1:undefined} # required. Region to create the address in. Set to 'global' to create a global address.
name: ${2:undefined} # required. Name of Address.
state: ${3|present,absent|} # not required. choices: present;absent. The state the address should be in. C(present) or C(absent) are the only valid options.
"""
'gce_img':
'prefix': "gce_img_snippet"
'description': "utilize GCE image resources"
'body': """
gce_img:
name: ${1:null} # required. the name of the image to create or delete
project_id: ${2:null} # not required. your GCE project ID
family: ${3:null} # not required. an optional family name
service_account_email: ${4:null} # not required. service account email
pem_file: ${5:null} # not required. path to the pem file associated with the service account email
source: ${6:null} # not required. the source disk or the Google Cloud Storage URI to create the image from
state: ${7|present,absent|} # not required. choices: present;absent. desired state of the image
timeout: ${8:180} # not required. timeout for the operation
zone: ${9:us-central1-a} # not required. the zone of the disk specified by source
description: ${10:null} # not required. an optional description
"""
'gce_instance_template':
'prefix': "gce_instance_template_snippet"
'description': "create or destroy instance templates of Compute Engine of GCP."
'body': """
gce_instance_template:
name: ${1:null} # required. The name of the GCE instance template.
description: ${2:null} # not required. description of instance template
tags: ${3:null} # not required. a comma-separated list of tags to associate with the instance
automatic_restart: ${4:null} # not required. Defines whether the instance should be automatically restarted when it is terminated by Compute Engine.
image: ${5:null} # not required. The image to use to create the instance. Cannot specify both both I(image) and I(source).
service_account_permissions: ${6|bigquery,cloud-platform,compute-ro,compute-rw,useraccounts-ro,useraccounts-rw,datastore,logging-write,monitoring,sql-admin,storage-full,storage-ro,storage-rw,taskqueue,userinfo-email|} # not required. choices: bigquery;cloud-platform;compute-ro;compute-rw;useraccounts-ro;useraccounts-rw;datastore;logging-write;monitoring;sql-admin;storage-full;storage-ro;storage-rw;taskqueue;userinfo-email. service account permissions (see U(https://cloud.google.com/sdk/gcloud/reference/compute/instances/create), --scopes section for detailed information)
pem_file: ${7:null} # not required. path to the pem file associated with the service account email This option is deprecated. Use 'credentials_file'.
subnetwork_region: ${8:null} # not required. Region that subnetwork resides in. (Required for subnetwork to successfully complete)
disk_type: ${9:pd-standard} # not required. Specify a C(pd-standard) disk or C(pd-ssd) for an SSD disk.
size: ${10:f1-micro} # not required. The desired machine type for the instance template.
network: ${11:default} # not required. The network to associate with the instance.
external_ip: ${12:ephemeral} # not required. The external IP address to use. If C(ephemeral), a new non-static address will be used. If C(None), then no external address will be used. To use an existing static IP address specify address name.
service_account_email: ${13:null} # not required. service account email
disks: ${14:null} # not required. a list of persistent disks to attach to the instance; a string value gives the name of the disk; alternatively, a dictionary value can define 'name' and 'mode' ('READ_ONLY' or 'READ_WRITE'). The first entry will be the boot disk (which must be READ_WRITE).
nic_gce_struct: ${15:null} # not required. Support passing in the GCE-specific formatted networkInterfaces[] structure.
disk_auto_delete: ${16:true} # not required. Indicate that the boot disk should be deleted when the Node is deleted.
source: ${17:null} # not required. A source disk to attach to the instance. Cannot specify both I(image) and I(source).
state: ${18|present,absent|} # not required. choices: present;absent. The desired state for the instance template.
disks_gce_struct: ${19:null} # not required. Support passing in the GCE-specific formatted formatted disks[] structure. Case sensitive. see U(https://cloud.google.com/compute/docs/reference/latest/instanceTemplates#resource) for detailed information
credentials_file: ${20:null} # not required. path to the JSON file associated with the service account email
image_family: ${21:null} # not required. The image family to use to create the instance. If I(image) has been used I(image_family) is ignored. Cannot specify both I(image) and I(source).
subnetwork: ${22:null} # not required. The Subnetwork resource name for this instance.
project_id: ${23:null} # not required. your GCE project ID
can_ip_forward: ${24:false} # not required. Set to True to allow instance to send/receive non-matching src/dst packets.
preemptible: ${25:null} # not required. Defines whether the instance is preemptible.
metadata: ${26:null} # not required. a hash/dictionary of custom data for the instance; '{\"key\":\"value\", ...}"
"""
'gce_labels':
'prefix': "gce_labels_snippet"
'description': "Create, Update or Destroy GCE Labels."
'body': """
gce_labels:
labels: ${1:undefined} # not required. A list of labels (key/value pairs) to add or remove for the resource.
resource_url: ${2:undefined} # not required. The 'self_link' for the resource (instance, disk, snapshot, etc)
resource_name: ${3:undefined} # not required. The name of resource.
resource_type: ${4:undefined} # not required. The type of resource (instances, disks, snapshots, images)
resource_location: ${5:undefined} # not required. The location of resource (global, us-central1-f, etc.)
"""
'gce_lb':
'prefix': "gce_lb_snippet"
'description': "create/destroy GCE load-balancer resources"
'body': """
gce_lb:
httphealthcheck_host: ${1:null} # not required. host header to pass through on HTTP check requests
protocol: ${2|tcp,udp|} # not required. choices: tcp;udp. the protocol used for the load-balancer packet forwarding, tcp or udp
pem_file: ${3:null} # not required. path to the pem file associated with the service account email This option is deprecated. Use 'credentials_file'.
members: ${4:undefined} # not required. a list of zone/nodename pairs, e.g ['us-central1-a/www-a', ...]
httphealthcheck_port: ${5:80} # not required. the TCP port to use for HTTP health checking
httphealthcheck_name: ${6:null} # not required. the name identifier for the HTTP health check
name: ${7:null} # not required. name of the load-balancer resource
external_ip: ${8:null} # not required. the external static IPv4 (or auto-assigned) address for the LB
service_account_email: ${9:null} # not required. service account email
region: ${10:undefined} # not required. the GCE region where the load-balancer is defined
httphealthcheck_unhealthy_count: ${11:2} # not required. number of consecutive failed checks before marking a node unhealthy
httphealthcheck_healthy_count: ${12:2} # not required. number of consecutive successful checks before marking a node healthy
httphealthcheck_path: ${13:/} # not required. the url path to use for HTTP health checking
port_range: ${14:null} # not required. the port (range) to forward, e.g. 80 or 8000-8888 defaults to all ports
state: ${15|active,present,absent,deleted|} # not required. choices: active;present;absent;deleted. desired state of the LB
httphealthcheck_timeout: ${16:5} # not required. the timeout in seconds before a request is considered a failed check
credentials_file: ${17:null} # not required. path to the JSON file associated with the service account email
project_id: ${18:null} # not required. your GCE project ID
httphealthcheck_interval: ${19:5} # not required. the duration in seconds between each health check request
"""
'gce_mig':
'prefix': "gce_mig_snippet"
'description': "Create, Update or Destroy a Managed Instance Group (MIG)."
'body': """
gce_mig:
name: ${1:undefined} # required. Name of the Managed Instance Group.
zone: ${2:undefined} # required. The GCE zone to use for this Managed Instance Group.
service_account_email: ${3:null} # not required. service account email
autoscaling: ${4:null} # not required. A dictionary of configuration for the autoscaler. 'enabled (bool)', 'name (str)' and policy.max_instances (int) are required fields if autoscaling is used. See U(https://cloud.google.com/compute/docs/reference/beta/autoscalers) for more information on Autoscaling.
named_ports: ${5:null} # not required. Define named ports that backend services can forward data to. Format is a a list of name:port dictionaries.
state: ${6|absent,present|} # not required. choices: absent;present. desired state of the resource
template: ${7:undefined} # not required. Instance Template to be used in creating the VMs. See U(https://cloud.google.com/compute/docs/instance-templates) to learn more about Instance Templates. Required for creating MIGs.
credentials_file: ${8:null} # not required. Path to the JSON file associated with the service account email
project_id: ${9:null} # not required. GCE project ID
size: ${10:undefined} # not required. Size of Managed Instance Group. If MIG already exists, it will be resized to the number provided here. Required for creating MIGs.
"""
'gce_net':
'prefix': "gce_net_snippet"
'description': "create/destroy GCE networks and firewall rules"
'body': """
gce_net:
src_tags: ${1:} # not required. the source instance tags for creating a firewall rule
subnet_region: ${2:null} # not required. region of subnet to create
ipv4_range: ${3:undefined} # not required. the IPv4 address range in CIDR notation for the network this parameter is not mandatory when you specified existing network in name parameter, but when you create new network, this parameter is mandatory
pem_file: ${4:null} # not required. path to the pem file associated with the service account email This option is deprecated. Use 'credentials_file'.
target_tags: ${5:} # not required. the target instance tags for creating a firewall rule
allowed: ${6:null} # not required. the protocol:ports to allow ('tcp:80' or 'tcp:80,443' or 'tcp:80-800;udp:1-25') this parameter is mandatory when creating or updating a firewall rule
fwname: ${7:null} # not required. name of the firewall rule
name: ${8:null} # not required. name of the network
src_range: ${9:} # not required. the source IPv4 address range in CIDR notation
state: ${10|active,present,absent,deleted|} # not required. choices: active;present;absent;deleted. desired state of the network or firewall
subnet_name: ${11:null} # not required. name of subnet to create
mode: ${12|legacy,auto,custom|} # not required. choices: legacy;auto;custom. network mode for Google Cloud \"legacy\" indicates a network with an IP address range \"auto\" automatically generates subnetworks in different regions \"custom\" uses networks to group subnets of user specified IP address ranges https://cloud.google.com/compute/docs/networking#network_types
credentials_file: ${13:null} # not required. path to the JSON file associated with the service account email
service_account_email: ${14:null} # not required. service account email
project_id: ${15:null} # not required. your GCE project ID
subnet_desc: ${16:null} # not required. description of subnet to create
"""
'gce_pd':
'prefix': "gce_pd_snippet"
'description': "utilize GCE persistent disk resources"
'body': """
gce_pd:
name: ${1:null} # required. name of the disk
size_gb: ${2:10} # not required. whole integer size of disk (in GB) to create, default is 10 GB
project_id: ${3:null} # not required. your GCE project ID
zone: ${4:us-central1-b} # not required. zone in which to create the disk
service_account_email: ${5:null} # not required. service account email
image: ${6:null} # not required. the source image to use for the disk
pem_file: ${7:null} # not required. path to the pem file associated with the service account email This option is deprecated. Use 'credentials_file'.
instance_name: ${8:null} # not required. instance name if you wish to attach or detach the disk
state: ${9|active,present,absent,deleted|} # not required. choices: active;present;absent;deleted. desired state of the persistent disk
snapshot: ${10:null} # not required. the source snapshot to use for the disk
detach_only: ${11|yes,no|} # not required. choices: yes;no. do not destroy the disk, merely detach it from an instance
credentials_file: ${12:null} # not required. path to the JSON file associated with the service account email
disk_type: ${13|pd-standard,pd-ssd|} # not required. choices: pd-standard;pd-ssd. type of disk provisioned
delete_on_termination: ${14|yes,no|} # not required. choices: yes;no. If yes, deletes the volume when instance is terminated
mode: ${15|READ_WRITE,READ_ONLY|} # not required. choices: READ_WRITE;READ_ONLY. GCE mount mode of disk, READ_ONLY (default) or READ_WRITE
"""
'gce_snapshot':
'prefix': "gce_snapshot_snippet"
'description': "Create or destroy snapshots for GCE storage volumes"
'body': """
gce_snapshot:
instance_name: ${1:undefined} # required. The GCE instance to snapshot
project_id: ${2:undefined} # required. The GCP project ID to use
credentials_file: ${3:undefined} # required. The path to the credentials file associated with the service account
service_account_email: ${4:undefined} # required. GCP service account email for the project where the instance resides
state: ${5|present,absent|} # not required. choices: present;absent. Whether a snapshot should be C(present) or C(absent)
snapshot_name: ${6:undefined} # not required. The name of the snapshot to manage
disks: ${7:all} # not required. A list of disks to create snapshots for. If none is provided, all of the volumes will be snapshotted
"""
'gce_tag':
'prefix': "gce_tag_snippet"
'description': "add or remove tag(s) to/from GCE instances"
'body': """
gce_tag:
tags: ${1:undefined} # required. Comma-separated list of tags to add or remove.
zone: ${2:us-central1-a} # not required. The zone of the disk specified by source.
service_account_email: ${3:undefined} # not required. Service account email.
pem_file: ${4:undefined} # not required. Path to the PEM file associated with the service account email.
instance_name: ${5:undefined} # not required. The name of the GCE instance to add/remove tags.,Required if C(instance_pattern) is not specified.
state: ${6|absent,present|} # not required. choices: absent;present. Desired state of the tags.
instance_pattern: ${7:undefined} # not required. The pattern of GCE instance names to match for adding/removing tags. Full-Python regex is supported. See U(https://docs.python.org/2/library/re.html) for details.,If C(instance_name) is not specified, this field is required.
project_id: ${8:undefined} # not required. Your GCE project ID.
"""
'gconftool2':
'prefix': "gconftool2_snippet"
'description': "Edit GNOME Configurations"
'body': """
gconftool2:
state: ${1|absent,get,present|} # required. choices: absent;get;present. The action to take upon the key/value.
key: ${2:undefined} # required. A GConf preference key is an element in the GConf repository that corresponds to an application preference. See man gconftool-2(1)
value_type: ${3|bool,float,int,string|} # not required. choices: bool;float;int;string. The type of value being set. This is ignored if the state is \"get\".
direct: ${4:no} # not required. Access the config database directly, bypassing server. If direct is specified then the config_source must be specified as well. See man gconftool-2(1)
value: ${5:undefined} # not required. Preference keys typically have simple values such as strings, integers, or lists of strings and integers. This is ignored if the state is \"get\". See man gconftool-2(1)
config_source: ${6:undefined} # not required. Specify a configuration source to use rather than the default path. See man gconftool-2(1)
"""
'gcp_backend_service':
'prefix': "gcp_backend_service_snippet"
'description': "Create or Destroy a Backend Service."
'body': """
gcp_backend_service:
backends: ${1:undefined} # required. List of backends that make up the backend service. A backend is made up of an instance group and optionally several other parameters. See U(https://cloud.google.com/compute/docs/reference/latest/backendServices) for details.
healthchecks: ${2:undefined} # required. List of healthchecks. Only one healthcheck is supported.
backend_service_name: ${3:undefined} # required. Name of the Backend Service.
protocol: ${4:undefined} # not required. The protocol this Backend Service uses to communicate with backends. Possible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.
enable_cdn: ${5:undefined} # not required. If true, enable Cloud CDN for this Backend Service.
service_account_email: ${6:null} # not required. Service account email
state: ${7|absent,present|} # not required. choices: absent;present. Desired state of the resource
port_name: ${8:null} # not required. Name of the port on the managed instance group (MIG) that backend services can forward data to. Required for external load balancing.
timeout: ${9:undefined} # not required. How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is 1-86400.
credentials_file: ${10:null} # not required. Path to the JSON file associated with the service account email.
project_id: ${11:null} # not required. GCE project ID.
"""
'gcp_dns_managed_zone':
'prefix': "gcp_dns_managed_zone_snippet"
'description': "Creates a GCP ManagedZone"
'body': """
gcp_dns_managed_zone:
scopes: ${1:undefined} # required. Array of scopes to be used.
state: ${2|present,absent|} # required. choices: present;absent. Whether the given object should exist in GCP
auth_kind: ${3|machineaccount,serviceaccount,application|} # required. choices: machineaccount;serviceaccount;application. The type of credential used.
name: ${4:undefined} # required. User assigned name for this resource. Must be unique within the project.
description: ${5:undefined} # not required. A mutable string of at most 1024 characters associated with this resource for the user's convenience. Has no effect on the managed zone's function.
name_server_set: ${6:undefined} # not required. Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is a set of DNS name servers that all host the same ManagedZones. Most users will leave this field unset.
dns_name: ${7:undefined} # not required. The DNS name of this managed zone, for instance \"example.com.\".
project: ${8:null} # not required. The Google Cloud Platform project to use.
service_account_email: ${9:undefined} # not required. An optional service account email address if machineaccount is selected and the user does not wish to use the default email.
service_account_file: ${10:undefined} # not required. The path of a Service Account JSON file if serviceaccount is selected as type.
"""
'gcp_forwarding_rule':
'prefix': "gcp_forwarding_rule_snippet"
'description': "Create, Update or Destroy a Forwarding_Rule."
'body': """
gcp_forwarding_rule:
forwarding_rule_name: ${1:undefined} # required. Name of the Forwarding_Rule.
state: ${2|present,absent|} # required. choices: present;absent. The state of the Forwarding Rule. 'present' or 'absent"
port_range: ${3:undefined} # not required. For global forwarding rules, must be set to 80 or 8080 for TargetHttpProxy, and 443 for TargetHttpsProxy or TargetSslProxy.
protocol: ${4:undefined} # not required. For global forwarding rules, TCP, UDP, ESP, AH, SCTP or ICMP. Default is TCP.
target: ${5:undefined} # not required. Target resource for forwarding rule. For global proxy, this is a Global TargetProxy resource. Required for external load balancing (including Global load balancing)
address: ${6:undefined} # not required. IPv4 or named IP address. Must be of the same scope (regional, global). Reserved addresses can (and probably should) be used for global forwarding rules. You may reserve IPs from the console or via the gce_eip module.
region: ${7:undefined} # not required. The region for this forwarding rule. Currently, only 'global' is supported.
"""
'gcp_healthcheck':
'prefix': "gcp_healthcheck_snippet"
'description': "Create, Update or Destroy a Healthcheck."
'body': """
gcp_healthcheck:
healthcheck_name: ${1:undefined} # required. Name of the Healthcheck.
healthcheck_type: ${2|HTTP,HTTPS|} # required. choices: HTTP;HTTPS. Type of Healthcheck.
host_header: ${3:} # required. The value of the host header in the health check request. If left empty, the public IP on behalf of which this health check is performed will be used.
state: ${4|present,absent|} # required. choices: present;absent. State of the Healthcheck.
check_interval: ${5:5} # not required. How often (in seconds) to send a health check.
service_account_email: ${6:null} # not required. service account email
healthy_threshold: ${7:2} # not required. A so-far unhealthy instance will be marked healthy after this many consecutive successes.
service_account_permissions: ${8|bigquery,cloud-platform,compute-ro,compute-rw,useraccounts-ro,useraccounts-rw,datastore,logging-write,monitoring,sql-admin,storage-full,storage-ro,storage-rw,taskqueue,userinfo-email|} # not required. choices: bigquery;cloud-platform;compute-ro;compute-rw;useraccounts-ro;useraccounts-rw;datastore;logging-write;monitoring;sql-admin;storage-full;storage-ro;storage-rw;taskqueue;userinfo-email. service account permissions (see U(https://cloud.google.com/sdk/gcloud/reference/compute/instances/create), --scopes section for detailed information)
unhealthy_threshold: ${9:2} # not required. A so-far healthy instance will be marked unhealthy after this many consecutive failures.
timeout: ${10:5} # not required. How long (in seconds) to wait for a response before claiming failure. It is invalid for timeout to have a greater value than check_interval.
credentials_file: ${11:null} # not required. Path to the JSON file associated with the service account email
project_id: ${12:null} # not required. Your GCP project ID
port: ${13:undefined} # not required. The TCP port number for the health check request. The default value is 443 for HTTPS and 80 for HTTP.
request_path: ${14:/} # not required. The request path of the HTTPS health check request.
"""
'gcp_target_proxy':
'prefix': "gcp_target_proxy_snippet"
'description': "Create, Update or Destroy a Target_Proxy."
'body': """
gcp_target_proxy:
target_proxy_type: ${1:undefined} # required. Type of Target_Proxy. HTTP, HTTPS or SSL. Only HTTP is currently supported.
target_proxy_name: ${2:undefined} # required. Name of the Target_Proxy.
url_map_name: ${3:undefined} # not required. Name of the Url Map. Required if type is HTTP or HTTPS proxy.
"""
'gcp_url_map':
'prefix': "gcp_url_map_snippet"
'description': "Create, Update or Destory a Url_Map."
'body': """
gcp_url_map:
default_service: ${1:undefined} # required. Default Backend Service if no host rules match.
url_map_name: ${2:undefined} # required. Name of the Url_Map.
host_rules: ${3:undefined} # not required. The list of HostRules to use against the URL. Contains a list of hosts and an associated path_matcher.,The 'hosts' parameter is a list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..,The 'path_matcher' parameter is name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
path_matchers: ${4:undefined} # not required. The list of named PathMatchers to use against the URL. Contains path_rules, which is a list of paths and an associated service. A default_service can also be specified for each path_matcher.,The 'name' parameter to which this path_matcher is referred by the host_rule.,The 'default_service' parameter is the name of the BackendService resource. This will be used if none of the path_rules defined by this path_matcher is matched by the URL's path portion.,The 'path_rules' parameter is a list of dictionaries containing a list of paths and a service to direct traffic to. Each path item must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or
"""
'gcpubsub':
'prefix': "gcpubsub_snippet"
'description': "Create and Delete Topics/Subscriptions, Publish and pull messages on PubSub"
'body': """
gcpubsub:
topic: ${1:undefined} # required. GCP pubsub topic name.,Only the name, not the full path, is required.
pull: ${2:undefined} # not required. Subfield of subscription. Not required. If specified, messages will be retrieved from topic via the provided subscription name. max_messages (int; default None; max number of messages to pull), message_ack (bool; default False; acknowledge the message) and return_immediately (bool; default True, don't wait for messages to appear). If the messages are acknowledged, changed is set to True, otherwise, changed is False.
ack_deadline: ${3:undefined} # not required. Subfield of subscription. Not required. Default deadline for subscriptions to ACK the message before it is resent. See examples.
name: ${4:undefined} # not required. Subfield of subscription. Required if subscription is specified. See examples.
publish: ${5:undefined} # not required. List of dictionaries describing messages and attributes to be published. Dictionary is in message(str):attributes(dict) format. Only message is required.
state: ${6|absent,present|} # not required. choices: absent;present. State of the topic or queue.,Applies to the most granular resource.,If subscription isspecified we remove it.,If only topic is specified, that is what is removed.,NOTE - A topic can be removed without first removing the subscription.
push_endpoint: ${7:undefined} # not required. Subfield of subscription. Not required. If specified, message will be sent to an endpoint. See U(https://cloud.google.com/pubsub/docs/advanced#push_endpoints) for more information.
subscription: ${8:undefined} # not required. Dictionary containing a subscripton name associated with a topic (required), along with optional ack_deadline, push_endpoint and pull. For pulling from a subscription, message_ack (bool), max_messages (int) and return_immediate are available as subfields. See subfields name, push_endpoint and ack_deadline for more information.
"""
'gcpubsub_facts':
'prefix': "gcpubsub_facts_snippet"
'description': "List Topics/Subscriptions and Messages from Google PubSub."
'body': """
gcpubsub_facts:
view: ${1:undefined} # required. Choices are 'topics' or 'subscriptions"
topic: ${2:undefined} # not required. GCP pubsub topic name. Only the name, not the full path, is required.
state: ${3:undefined} # not required. list is the only valid option.
"""
'gcspanner':
'prefix': "gcspanner_snippet"
'description': "Create and Delete Instances/Databases on Spanner"
'body': """
gcspanner:
instance_id: ${1:undefined} # required. GCP spanner instance name.
configuration: ${2:undefined} # required. Configuration the instance should use.,Examples are us-central1, asia-east1 and europe-west1.
state: ${3|absent,present|} # not required. choices: absent;present. State of the instance or database. Applies to the most granular resource.,If a C(database_name) is specified we remove it.,If only C(instance_id) is specified, that is what is removed.
instance_display_name: ${4:undefined} # not required. Name of Instance to display.,If not specified, instance_id will be used instead.
database_name: ${5:undefined} # not required. Name of database contained on the instance.
force_instance_delete: ${6:no} # not required. To delete an instance, this argument must exist and be true (along with state being equal to absent).
node_count: ${7:1} # not required. Number of nodes in the instance.
"""
'gem':
'prefix': "gem_snippet"
'description': "Manage Ruby gems"
'body': """
gem:
name: ${1:undefined} # required. The name of the gem to be managed.
include_dependencies: ${2|yes,no|} # not required. choices: yes;no. Whether to include dependencies or not.
executable: ${3:undefined} # not required. Override the path to the gem executable
repository: ${4:undefined} # not required. The repository from which the gem will be installed
build_flags: ${5:undefined} # not required. Allow adding build flags for gem compilation
include_doc: ${6:no} # not required. Install with or without docs.
user_install: ${7|yes,no|} # not required. choices: yes;no. Install gem in user's local gems cache or for all users
pre_release: ${8:no} # not required. Allow installation of pre-release versions of the gem.
env_shebang: ${9:no} # not required. Rewrite the shebang line on installed scripts to use /usr/bin/env.
state: ${10|present,absent,latest|} # not required. choices: present;absent;latest. The desired state of the gem. C(latest) ensures that the latest version is installed.
version: ${11:undefined} # not required. Version of the gem to be installed/removed.
gem_source: ${12:undefined} # not required. The path to a local gem used as installation source.
"""
'get_url':
'prefix': "get_url_snippet"
'description': "Downloads files from HTTP, HTTPS, or FTP to node"
'body': """
get_url:
dest: ${1:undefined} # required. Absolute path of where to download the file to.,If C(dest) is a directory, either the server provided filename or, if none provided, the base name of the URL on the remote server will be used. If a directory, C(force) has no effect.,If C(dest) is a directory, the file will always be downloaded (regardless of the C(force) option), but replaced only if the contents changed..
url: ${2:undefined} # required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
backup: ${3:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
force: ${4:no} # not required. If C(yes) and C(dest) is not a directory, will download the file every time and replace the file if the contents change. If C(no), the file will only be downloaded if the destination does not exist. Generally should be C(yes) only for small local files.,Prior to 0.6, this module behaved as if C(yes) was the default.
url_username: ${5:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without C(url_password) for sites that allow empty passwords.
selevel: ${6:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
force_basic_auth: ${7:no} # not required. httplib2, the library used by the uri module only sends authentication information when a webservice responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail. This option forces the sending of the Basic authentication header upon initial request.
sha256sum: ${8:} # not required. If a SHA-256 checksum is passed to this parameter, the digest of the destination file will be calculated after it is downloaded to ensure its integrity and verify that the transfer completed successfully. This option is deprecated. Use C(checksum) instead.
others: ${9:undefined} # not required. all arguments accepted by the M(file) module also work here
owner: ${10:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
client_key: ${11:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
url_password: ${12:undefined} # not required. The password for use in HTTP basic authentication.,If the C(url_username) parameter is not specified, the C(url_password) parameter will not be used.
unsafe_writes: ${13:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
group: ${14:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
use_proxy: ${15:yes} # not required. if C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
checksum: ${16:} # not required. If a checksum is passed to this parameter, the digest of the destination file will be calculated after it is downloaded to ensure its integrity and verify that the transfer completed successfully. Format: <algorithm>:<checksum>, e.g. checksum=\"sha256:D98291AC[...]B6DC7B97\",If you worry about portability, only the sha1 algorithm is available on all platforms and python versions.,The third party hashlib library can be installed for access to additional algorithms.,Additionally, if a checksum is passed to this parameter, and the file exist under the C(dest) location, the I(destination_checksum) would be calculated, and if checksum equals I(destination_checksum), the file download would be skipped (unless C(force) is true).
seuser: ${17:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
setype: ${18:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
headers: ${19:undefined} # not required. Add custom HTTP headers to a request in the format \"key:value,key:value\".
serole: ${20:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
mode: ${21:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
timeout: ${22:10} # not required. Timeout in seconds for URL request.
attributes: ${23:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
validate_certs: ${24:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
client_cert: ${25:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
tmp_dest: ${26:undefined} # not required. Absolute path of where temporary file is downloaded to.,When run on Ansible 2.5 or greater, path defaults to ansible's remote_tmp setting,When run on Ansible prior to 2.5, it defaults to C(TMPDIR), C(TEMP) or C(TMP) env variables or a platform specific value.,U(https://docs.python.org/2/library/tempfile.html#tempfile.tempdir)
"""
'getent':
'prefix': "getent_snippet"
'description': "A wrapper to the unix getent utility"
'body': """
getent:
database: ${1:undefined} # required. The name of a getent database supported by the target system (passwd, group, hosts, etc).
fail_key: ${2:yes} # not required. If a supplied key is missing this will make the task fail if C(yes).
split: ${3:undefined} # not required. Character used to split the database values into lists/arrays such as ':' or '\t', otherwise it will try to pick one depending on the database.
key: ${4:} # not required. Key from which to return values from the specified database, otherwise the full contents are returned.
"""
'git':
'prefix': "git_snippet"
'description': "Deploy software (or files) from git checkouts"
'body': """
git:
dest: ${1:undefined} # required. The path of where the repository should be checked out. This parameter is required, unless C(clone) is set to C(no).
repo: ${2:undefined} # required. git, SSH, or HTTP(S) protocol address of the git repository.
force: ${3|yes,no|} # not required. choices: yes;no. If C(yes), any modified files in the working repository will be discarded. Prior to 0.7, this was always 'yes' and could not be disabled. Prior to 1.9, the default was `yes`
track_submodules: ${4|yes,no|} # not required. choices: yes;no. if C(yes), submodules will track the latest commit on their master branch (or other branch specified in .gitmodules). If C(no), submodules will be kept at the revision specified by the main project. This is equivalent to specifying the --remote flag to git submodule update.
reference: ${5:null} # not required. Reference repository (see \"git clone --reference ...\")
accept_hostkey: ${6|yes,no|} # not required. choices: yes;no. if C(yes), ensure that \"-o StrictHostKeyChecking=no\" is present as an ssh options.
clone: ${7|yes,no|} # not required. choices: yes;no. If C(no), do not clone the repository if it does not exist locally
update: ${8|yes,no|} # not required. choices: yes;no. If C(no), do not retrieve new revisions from the origin repository,Operations like archive will work on the existing (old) repository and might not respond to changes to the options version or remote.
ssh_opts: ${9:None} # not required. Creates a wrapper script and exports the path as GIT_SSH which git then automatically uses to override ssh arguments. An example value could be \"-o StrictHostKeyChecking=no\"
bare: ${10|yes,no|} # not required. choices: yes;no. if C(yes), repository will be created as a bare repo, otherwise it will be a standard repo with a workspace.
verify_commit: ${11|yes,no|} # not required. choices: yes;no. if C(yes), when cloning or checking out a C(version) verify the signature of a GPG signed commit. This requires C(git) version>=2.1.0 to be installed. The commit MUST be signed and the public key MUST be present in the GPG keyring.
archive: ${12:undefined} # not required. Specify archive file path with extension. If specified, creates an archive file of the specified format containing the tree structure for the source tree. Allowed archive formats [\"zip\", \"tar.gz\", \"tar\", \"tgz\"]
recursive: ${13|yes,no|} # not required. choices: yes;no. if C(no), repository will be cloned without the --recursive option, skipping sub-modules.
executable: ${14:null} # not required. Path to git executable to use. If not supplied, the normal mechanism for resolving binary paths will be used.
remote: ${15:origin} # not required. Name of the remote.
refspec: ${16:null} # not required. Add an additional refspec to be fetched. If version is set to a I(SHA-1) not reachable from any branch or tag, this option may be necessary to specify the ref containing the I(SHA-1). Uses the same syntax as the 'git fetch' command. An example value could be \"refs/meta/config\".
umask: ${17:null} # not required. The umask to set before doing any checkouts, or any other repository maintenance.
depth: ${18:null} # not required. Create a shallow clone with a history truncated to the specified number or revisions. The minimum possible value is C(1), otherwise ignored. Needs I(git>=1.9.1) to work correctly.
version: ${19:HEAD} # not required. What version of the repository to check out. This can be the the literal string C(HEAD), a branch name, a tag name. It can also be a I(SHA-1) hash, in which case C(refspec) needs to be specified if the given revision is not already available.
key_file: ${20:None} # not required. Specify an optional private key file to use for the checkout.
"""
'git_config':
'prefix': "git_config_snippet"
'description': "Read and write git configuration"
'body': """
git_config:
repo: ${1:null} # not required. Path to a git repository for reading and writing values from a specific repo.
scope: ${2|local,global,system|} # not required. choices: local;global;system. Specify which scope to read/set values from. This is required when setting config values. If this is set to local, you must also specify the repo parameter. It defaults to system only when not using I(list_all)=yes.
list_all: ${3|yes,no|} # not required. choices: yes;no. List all settings (optionally limited to a given I(scope))
name: ${4:null} # not required. The name of the setting. If no value is supplied, the value will be read from the config if it has been set.
value: ${5:null} # not required. When specifying the name of a single setting, supply a value to set that setting to the given value.
"""
'github_deploy_key':
'prefix': "github_deploy_key_snippet"
'description': "Manages deploy keys for GitHub repositories."
'body': """
github_deploy_key:
name: ${1:null} # required. The name for the deploy key.
repo: ${2:null} # required. The name of the GitHub repository.
owner: ${3:null} # required. The name of the individual account or organization that owns the GitHub repository.
key: ${4:null} # required. The SSH public key to add to the repository as a deploy key.
read_only: ${5:true} # not required. If C(true), the deploy key will only be able to read repository contents. Otherwise, the deploy key will be able to read and write.
username: ${6:null} # not required. The username to authenticate with.
force: ${7:false} # not required. If C(true), forcefully adds the deploy key by deleting any existing deploy key with the same public key or title.
state: ${8|present,absent|} # not required. choices: present;absent. The state of the deploy key.
token: ${9:null} # not required. The OAuth2 token or personal access token to authenticate with. Mutually exclusive with I(password).
otp: ${10:null} # not required. The 6 digit One Time Password for 2-Factor Authentication. Required together with I(username) and I(password).
password: ${11:null} # not required. The password to authenticate with. A personal access token can be used here in place of a password.
"""
'github_hooks':
'prefix': "github_hooks_snippet"
'description': "Manages GitHub service hooks."
'body': """
github_hooks:
repo: ${1:undefined} # required. This is the API url for the repository you want to manage hooks for. It should be in the form of: https://api.github.com/repos/user:/repo:. Note this is different than the normal repo url.\n
oauthkey: ${2:undefined} # required. The oauth key provided by GitHub. It can be found/generated on GitHub under \"Edit Your Profile\" >> \"Developer settings\" >> \"Personal Access Tokens\"
user: ${3:undefined} # required. Github username.
action: ${4|create,cleanall,list,clean504|} # required. choices: create;cleanall;list;clean504. This tells the githooks module what you want it to do.
content_type: ${5|json,form|} # not required. choices: json;form. Content type to use for requests made to the webhook
validate_certs: ${6|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates for the target repo will not be validated. This should only be used on personally controlled sites using self-signed certificates.
hookurl: ${7:undefined} # not required. When creating a new hook, this is the url that you want GitHub to post to. It is only required when creating a new hook.
"""
'github_issue':
'prefix': "github_issue_snippet"
'description': "View GitHub issue."
'body': """
github_issue:
repo: ${1:none} # required. Name of repository from which issue needs to be retrieved.
organization: ${2:none} # required. Name of the GitHub organization in which the repository is hosted.
issue: ${3:none} # required. Issue number for which information is required.
action: ${4|get_status|} # not required. choices: get_status. Get various details about issue depending upon action specified.
"""
'github_key':
'prefix': "github_key_snippet"
'description': "Manage GitHub access keys."
'body': """
github_key:
token: ${1:undefined} # required. GitHub Access Token with permission to list and create public keys.
name: ${2:undefined} # required. SSH key name
pubkey: ${3:none} # not required. SSH public key value. Required when C(state=present).
force: ${4|yes,no|} # not required. choices: yes;no. The default is C(yes), which will replace the existing remote key if it's different than C(pubkey). If C(no), the key will only be set if no key with the given C(name) exists.
state: ${5|present,absent|} # not required. choices: present;absent. Whether to remove a key, ensure that it exists, or update its value.
"""
'github_release':
'prefix': "github_release_snippet"
'description': "Interact with GitHub Releases"
'body': """
github_release:
repo: ${1:null} # required. Repository name
user: ${2:null} # required. The GitHub account that owns the repository
action: ${3|latest_release,create_release|} # required. choices: latest_release;create_release. Action to perform
body: ${4:undefined} # not required. Description of the release when creating a release
target: ${5:undefined} # not required. Target of release when creating a release
token: ${6:null} # not required. GitHub Personal Access Token for authenticating
tag: ${7:undefined} # not required. Tag name when creating a release. Required when using action is set to C(create_release).
draft: ${8|True,False|} # not required. choices: True;False. Sets if the release is a draft or not. (boolean)
prerelease: ${9|True,False|} # not required. choices: True;False. Sets if the release is a prerelease or not. (boolean)
password: ${10:null} # not required. The GitHub account password for the user
name: ${11:undefined} # not required. Name of release when creating a release
"""
'gitlab_group':
'prefix': "gitlab_group_snippet"
'description': "Creates/updates/deletes Gitlab Groups"
'body': """
gitlab_group:
name: ${1:undefined} # required. Name of the group you want to create.
server_url: ${2:undefined} # required. Url of Gitlab server, with protocol (http or https).
login_user: ${3:null} # not required. Gitlab user name.
login_token: ${4:null} # not required. Gitlab token for logging in.
state: ${5|present,absent|} # not required. choices: present;absent. create or delete group.,Possible values are present and absent.
login_password: ${6:null} # not required. Gitlab password for login_user
path: ${7:null} # not required. The path of the group you want to create, this will be server_url/group_path,If not supplied, the group_name will be used.
validate_certs: ${8:true} # not required. When using https if SSL certificate needs to be verified.
"""
'gitlab_project':
'prefix': "gitlab_project_snippet"
'description': "Creates/updates/deletes Gitlab Projects"
'body': """
gitlab_project:
server_url: ${1:undefined} # required. Url of Gitlab server, with protocol (http or https).
name: ${2:undefined} # required. The name of the project
merge_requests_enabled: ${3:true} # not required. If merge requests can be made or not.,Possible values are true and false.
import_url: ${4:false} # not required. Git repository which will be imported into gitlab.,Gitlab server needs read access to this git repository.
login_user: ${5:null} # not required. Gitlab user name.
login_password: ${6:null} # not required. Gitlab password for login_user
group: ${7:null} # not required. The name of the group of which this projects belongs to.,When not provided, project will belong to user which is configured in 'login_user' or 'login_token',When provided with username, project will be created for this user. 'login_user' or 'login_token' needs admin rights.
wiki_enabled: ${8:true} # not required. If an wiki for this project should be available or not.,Possible values are true and false.
visibility_level: ${9:0} # not required. Private. visibility_level is 0. Project access must be granted explicitly for each user.,Internal. visibility_level is 10. The project can be cloned by any logged in user.,Public. visibility_level is 20. The project can be cloned without any authentication.,Possible values are 0, 10 and 20.
description: ${10:null} # not required. An description for the project.
snippets_enabled: ${11:true} # not required. If creating snippets should be available or not.,Possible values are true and false.
login_token: ${12:null} # not required. Gitlab token for logging in.
state: ${13|present,absent|} # not required. choices: present;absent. create or delete project.,Possible values are present and absent.
issues_enabled: ${14:true} # not required. Whether you want to create issues or not.,Possible values are true and false.
path: ${15:null} # not required. The path of the project you want to create, this will be server_url/<group>/path,If not supplied, name will be used.
validate_certs: ${16:true} # not required. When using https if SSL certificate needs to be verified.
public: ${17:false} # not required. If the project is public available or not.,Setting this to true is same as setting visibility_level to 20.,Possible values are true and false.
"""
'gitlab_user':
'prefix': "gitlab_user_snippet"
'description': "Creates/updates/deletes Gitlab Users"
'body': """
gitlab_user:
username: ${1:undefined} # required. The username of the user.
name: ${2:undefined} # required. Name of the user you want to create
server_url: ${3:undefined} # required. Url of Gitlab server, with protocol (http or https).
password: ${4:undefined} # required. The password of the user.,GitLab server enforces minimum password length to 8, set this value with 8 or more characters.
email: ${5:undefined} # required. The email that belongs to the user.
group: ${6:null} # not required. Add user as an member to this group.
sshkey_file: ${7:null} # not required. The ssh key itself.
sshkey_name: ${8:null} # not required. The name of the sshkey
login_user: ${9:null} # not required. Gitlab user name.
login_token: ${10:null} # not required. Gitlab token for logging in.
confirm: ${11:true} # not required. Require confirmation.
access_level: ${12:null} # not required. The access level to the group. One of the following can be used.,guest,reporter,developer,master,owner
state: ${13|present,absent|} # not required. choices: present;absent. create or delete group.,Possible values are present and absent.
login_password: ${14:null} # not required. Gitlab password for login_user
validate_certs: ${15:true} # not required. When using https if SSL certificate needs to be verified.
"""
'gluster_volume':
'prefix': "gluster_volume_snippet"
'description': "Manage GlusterFS volumes"
'body': """
gluster_volume:
name: ${1:undefined} # required. The volume name.
state: ${2|absent,present,started,stopped|} # required. choices: absent;present;started;stopped. Use present/absent ensure if a volume exists or not. Use started/stopped to control its availability.
arbiters: ${3:undefined} # not required. Arbiter count for volume.
force: ${4:undefined} # not required. If brick is being created in the root partition, module will fail. Set force to true to override this behaviour.
replicas: ${5:undefined} # not required. Replica count for volume.
bricks: ${6:undefined} # not required. Brick paths on servers. Multiple brick paths can be separated by commas.
quota: ${7:undefined} # not required. Quota value for limit-usage (be sure to use 10.0MB instead of 10MB, see quota list).
stripes: ${8:undefined} # not required. Stripe count for volume.
cluster: ${9:undefined} # not required. List of hosts to use for probing and brick setup.
host: ${10:undefined} # not required. Override local hostname (for peer probing purposes).
start_on_create: ${11:yes} # not required. Controls whether the volume is started after creation or not.
redundancies: ${12:undefined} # not required. Redundancy count for volume.
transport: ${13|rdma,tcp,tcp,rdma|} # not required. choices: rdma;tcp;tcp;rdma. Transport type for volume.
disperses: ${14:undefined} # not required. Disperse count for volume.
directory: ${15:undefined} # not required. Directory for limit-usage.
rebalance: ${16:no} # not required. Controls whether the cluster is rebalanced after changes.
options: ${17:undefined} # not required. A dictionary/hash with options/settings for the volume.
"""
'grafana_dashboard':
'prefix': "grafana_dashboard_snippet"
'description': "Manage Grafana dashboards"
'body': """
grafana_dashboard:
grafana_url: ${1:undefined} # required. The Grafana URL.
state: ${2|absent,export,present|} # required. choices: absent;export;present. State of the dashboard.
grafana_user: ${3:admin} # not required. The Grafana API user.
org_id: ${4:1} # not required. The Grafana Organisation ID where the dashboard will be imported / exported.,Not used when I(grafana_api_key) is set, because the grafana_api_key only belong to one organisation..
grafana_api_key: ${5:undefined} # not required. The Grafana API key.,If set, I(grafana_user) and I(grafana_password) will be ignored.
grafana_password: ${6:admin} # not required. The Grafana API password.
path: ${7:undefined} # not required. The path to the json file containing the Grafana dashboard to import or export.
message: ${8:undefined} # not required. Set a commit message for the version history.,Only used when C(state) is C(present).
validate_certs: ${9:yes} # not required. If C(no), SSL certificates will not be validated.,This should only be used on personally controlled sites using self-signed certificates.
slug: ${10:undefined} # not required. slug of the dashboard. It's the friendly url name of the dashboard.,When C(state) is C(present), this parameter can override the slug in the meta section of the json file.,If you want to import a json dashboard exported directly from the interface (not from the api), you have to specify the slug parameter because there is no meta section in the exported json.
overwrite: ${11:no} # not required. Override existing dashboard when state is present.
"""
'grafana_datasource':
'prefix': "grafana_datasource_snippet"
'description': "Manage Grafana datasources"
'body': """
grafana_datasource:
grafana_url: ${1:undefined} # required. The Grafana URL.
ds_type: ${2|elasticsearch,graphite,influxdb,mysql,opentsdb,postgres,prometheus|} # required. choices: elasticsearch;graphite;influxdb;mysql;opentsdb;postgres;prometheus. The type of the datasource.
name: ${3:undefined} # required. The name of the datasource.
url: ${4:undefined} # required. The URL of the datasource.
time_interval: ${5:undefined} # not required. Minimum group by interval for C(influxdb) or C(elasticsearch) datasources.,for example C(>10s)
tls_client_key: ${6:undefined} # not required. The client TLS private key,Starts with ----- BEGIN RSA PRIVATE KEY -----
interval: ${7|,Hourly,Daily,Weekly,Monthly,Yearly|} # not required. choices: ;Hourly;Daily;Weekly;Monthly;Yearly. For elasticsearch C(ds_type), this is the index pattern used.
grafana_user: ${8:admin} # not required. The Grafana API user.
es_version: ${9|2,5,56|} # not required. choices: 2;5;56. Elasticsearch version (for C(ds_type = elasticsearch) only),Version 56 is for elasticsearch 5.6+ where tou can specify the C(max_concurrent_shard_requests) option.
tsdb_version: ${10|1,2,3|} # not required. choices: 1;2;3. The opentsdb version.,Use C(1) for <=2.1, C(2) for ==2.2, C(3) for ==2.3.
is_default: ${11:no} # not required. Make this datasource the default one.
sslmode: ${12|disable,require,verify-ca,verify-full|} # not required. choices: disable;require;verify-ca;verify-full. SSL mode for C(postgres) datasoure type.
grafana_api_key: ${13:undefined} # not required. The Grafana API key.,If set, C(grafana_user) and C(grafana_password) will be ignored.
password: ${14:undefined} # not required. The datasource password
max_concurrent_shard_requests: ${15:256} # not required. Starting with elasticsearch 5.6, you can specify the max concurrent shard per requests.
tls_ca_cert: ${16:undefined} # not required. The TLS CA certificate for self signed certificates.,Only used when C(tls_client_cert) and C(tls_client_key) are set.
basic_auth_password: ${17:undefined} # not required. The datasource basic auth password, when C(basic auth) is C(yes).
basic_auth_user: ${18:undefined} # not required. The datasource basic auth user.,Setting this option with basic_auth_password will enable basic auth.
database: ${19:undefined} # not required. Name of the database for the datasource.,This options is required when the C(ds_type) is C(influxdb), C(elasticsearch) (index name), C(mysql) or C(postgres).
time_field: ${20:timestamp} # not required. Name of the time field in elasticsearch ds.,For example C(@timestamp)
with_credentials: ${21:no} # not required. Whether credentials such as cookies or auth headers should be sent with cross-site requests.
org_id: ${22:1} # not required. Grafana Organisation ID in which the datasource should be created.,Not used when C(grafana_api_key) is set, because the C(grafana_api_key) only belong to one organisation.
tsdb_resolution: ${23|millisecond,second|} # not required. choices: millisecond;second. The opentsdb time resolution.
access: ${24|direct,proxy|} # not required. choices: direct;proxy. The access mode for this datasource.
state: ${25|absent,present|} # not required. choices: absent;present. Status of the datasource
tls_client_cert: ${26:undefined} # not required. The client TLS certificate.,If C(tls_client_cert) and C(tls_client_key) are set, this will enable TLS authentication.,Starts with ----- BEGIN CERTIFICATE -----
grafana_password: ${27:admin} # not required. The Grafana API password.
validate_certs: ${28:yes} # not required. Whether to validate the Grafana certificate.
user: ${29:undefined} # not required. The datasource login user for influxdb datasources.
"""
'grafana_plugin':
'prefix': "grafana_plugin_snippet"
'description': "Manage Grafana plugins via grafana-cli"
'body': """
grafana_plugin:
name: ${1:undefined} # required. Name of the plugin.
state: ${2|absent,present|} # not required. choices: absent;present. Status of the Grafana plugin.,If latest is set, the version parameter will be ignored.
grafana_repo: ${3:undefined} # not required. Grafana repository. If not set, gafana-cli will use the default value C(https://grafana.net/api/plugins).
version: ${4:undefined} # not required. Version of the plugin to install.,Default to latest.
grafana_plugin_url: ${5:undefined} # not required. Custom Grafana plugin URL.,Requires grafana 4.6.x or later.
grafana_plugins_dir: ${6:undefined} # not required. Directory where Grafana plugin will be installed.
"""
'group':
'prefix': "group_snippet"
'description': "Add or remove groups"
'body': """
group:
name: ${1:undefined} # required. Name of the group to manage.
state: ${2|absent,present|} # not required. choices: absent;present. Whether the group should be present or not on the remote host.
gid: ${3:undefined} # not required. Optional I(GID) to set for the group.
system: ${4:no} # not required. If I(yes), indicates that the group created is a system group.
"""
'group_by':
'prefix': "group_by_snippet"
'description': "Create Ansible groups based on facts"
'body': """
group_by:
key: ${1:undefined} # required. The variables whose values will be used as groups
parents: ${2:all} # not required. The list of the parent groups
"""
'grove':
'prefix': "grove_snippet"
'description': "Sends a notification to a grove.io channel"
'body': """
grove:
message: ${1:undefined} # required. Message content
channel_token: ${2:undefined} # required. Token of the channel to post to.
service: ${3:ansible} # not required. Name of the service (displayed as the \"user\" in the message)
url: ${4:undefined} # not required. Service URL for the web client
icon_url: ${5:undefined} # not required. Icon for the service
validate_certs: ${6|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'gunicorn':
'prefix': "gunicorn_snippet"
'description': "Run gunicorn with various settings."
'body': """
gunicorn:
app: ${1:undefined} # required. The app module. A name refers to a WSGI callable that should be found in the specified module.
venv: ${2:undefined} # not required. Path to the virtualenv directory.
user: ${3:undefined} # not required. Switch worker processes to run as this user.
config: ${4:undefined} # not required. Path to the gunicorn configuration file.
worker: ${5|sync,eventlet,gevent,tornado ,gthread,gaiohttp|} # not required. choices: sync;eventlet;gevent;tornado ;gthread;gaiohttp. The type of workers to use. The default class (sync) should handle most \"normal\" types of workloads.
chdir: ${6:undefined} # not required. Chdir to specified directory before apps loading.
pid: ${7:undefined} # not required. A filename to use for the PID file. If not set and not found on the configuration file a tmp pid file will be created to check a successful run of gunicorn.
"""
'hall':
'prefix': "hall_snippet"
'description': "Send notification to Hall"
'body': """
hall:
msg: ${1:undefined} # required. The message you wish to deliver as a notification
room_token: ${2:undefined} # required. Room token provided to you by setting up the Ansible room integation on U(https://hall.com)
title: ${3:undefined} # required. The title of the message
picture: ${4:undefined} # not required. The full URL to the image you wish to use for the Icon of the message. Defaults to U(http://cdn2.hubspot.net/hub/330046/file-769078210-png/Official_Logos/ansible_logo_black_square_small.png?t=1421076128627)\n
"""
'haproxy':
'prefix': "haproxy_snippet"
'description': "Enable, disable, and set weights for HAProxy backend servers using socket commands."
'body': """
haproxy:
state: ${1|enabled,disabled,drain|} # required. choices: enabled;disabled;drain. Desired state of the provided backend host.,Note that C(drain) state was added in version 2.4. It is supported only by HAProxy version 1.5 or later, if used on versions < 1.5, it will be ignored.
host: ${2:null} # required. Name of the backend host to change.
drain: ${3:false} # not required. Wait until the server has no active connections or until the timeout determined by wait_interval and wait_retries is reached. Continue only after the status changes to 'MAINT'. This overrides the shutdown_sessions option.
socket: ${4:/var/run/haproxy.sock} # not required. Path to the HAProxy socket file.
weight: ${5:null} # not required. The value passed in argument. If the value ends with the `%` sign, then the new weight will be relative to the initially configured weight. Relative weights are only permitted between 0 and 100% and absolute weights are permitted between 0 and 256.
wait_interval: ${6:5} # not required. Number of seconds to wait between retries.
backend: ${7:auto-detected} # not required. Name of the HAProxy backend pool.
wait_retries: ${8:25} # not required. Number of times to check for status after changing the state.
fail_on_not_found: ${9:false} # not required. Fail whenever trying to enable/disable a backend host that does not exist
shutdown_sessions: ${10:false} # not required. When disabling a server, immediately terminate all the sessions attached to the specified server. This can be used to terminate long-running sessions after a server is put into maintenance mode. Overridden by the drain option.
wait: ${11:false} # not required. Wait until the server reports a status of 'UP' when `state=enabled`, status of 'MAINT' when `state=disabled` or status of 'DRAIN' when `state=drain`
"""
'helm':
'prefix': "helm_snippet"
'description': "Manages Kubernetes packages with the Helm package manager"
'body': """
helm:
disable_hooks: ${1:false} # not required. Whether to disable hooks during the uninstall process
name: ${2:null} # not required. Release name to manage
namespace: ${3:default} # not required. Kubernetes namespace where the chart should be installed
chart: ${4:[object Object]} # not required. A map describing the chart to install. For example:\nchart:\n name: memcached\n version: 0.4.0\n source:\n type: repo\n location: https://kubernetes-charts.storage.googleapis.com\n
state: ${5|absent,purged,present|} # not required. choices: absent;purged;present. Whether to install C(present), remove C(absent), or purge C(purged) a package.
values: ${6:[object Object]} # not required. A map of value options for the chart.
host: ${7:localhost} # not required. Tiller's server host
port: ${8:44134} # not required. Tiller's server port
"""
'hg':
'prefix': "hg_snippet"
'description': "Manages Mercurial (hg) repositories"
'body': """
hg:
repo: ${1:undefined} # required. The repository address.
dest: ${2:undefined} # required. Absolute path of where the repository should be cloned to. This parameter is required, unless clone and update are set to no
executable: ${3:undefined} # not required. Path to hg executable to use. If not supplied, the normal mechanism for resolving binary paths will be used.
force: ${4:no} # not required. Discards uncommitted changes. Runs C(hg update -C). Prior to 1.9, the default was `yes`.
clone: ${5:yes} # not required. If C(no), do not clone the repository if it does not exist locally.
update: ${6:yes} # not required. If C(no), do not retrieve new revisions from the origin repository
purge: ${7:no} # not required. Deletes untracked files. Runs C(hg purge).
revision: ${8:undefined} # not required. Equivalent C(-r) option in hg command which could be the changeset, revision number, branch name or even tag.
"""
'hipchat':
'prefix': "hipchat_snippet"
'description': "Send a message to Hipchat."
'body': """
hipchat:
room: ${1:undefined} # required. ID or name of the room.
token: ${2:undefined} # required. API token.
msg: ${3:null} # required. The message body.
from: ${4:Ansible} # not required. Name the message will appear to be sent from. Max length is 15 characters - above this it will be truncated.
color: ${5|yellow,red,green,purple,gray,random|} # not required. choices: yellow;red;green;purple;gray;random. Background color for the message.
msg_format: ${6|text,html|} # not required. choices: text;html. Message format.
api: ${7:https://api.hipchat.com/v1} # not required. API url if using a self-hosted hipchat server. For Hipchat API version 2 use the default URI with C(/v2) instead of C(/v1).
notify: ${8|yes,no|} # not required. choices: yes;no. If true, a notification will be triggered for users in the room.
validate_certs: ${9|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'homebrew':
'prefix': "homebrew_snippet"
'description': "Package manager for Homebrew"
'body': """
homebrew:
install_options: ${1:null} # not required. options flags to install a package
state: ${2|head,latest,present,absent,linked,unlinked|} # not required. choices: head;latest;present;absent;linked;unlinked. state of the package
name: ${3:None} # not required. list of names of packages to install/remove
update_homebrew: ${4|yes,no|} # not required. choices: yes;no. update homebrew itself first
path: ${5:/usr/local/bin} # not required. A ':' separated list of paths to search for 'brew' executable. Since a package (I(formula) in homebrew parlance) location is prefixed relative to the actual path of I(brew) command, providing an alternative I(brew) path enables managing different set of packages in an alternative location in the system.
upgrade_all: ${6|yes,no|} # not required. choices: yes;no. upgrade all homebrew packages
"""
'homebrew_cask':
'prefix': "homebrew_cask_snippet"
'description': "Install/uninstall homebrew casks."
'body': """
homebrew_cask:
name: ${1:undefined} # required. name of cask to install/remove
install_options: ${2:null} # not required. options flags to install a package
upgrade: ${3:false} # not required. upgrade all casks (mutually exclusive with `upgrade_all`)
update_homebrew: ${4|yes,no|} # not required. choices: yes;no. update homebrew itself first. Note that C(brew cask update) is a synonym for C(brew update).
upgrade_all: ${5:false} # not required. upgrade all casks (mutually exclusive with `upgrade`)
accept_external_apps: ${6:false} # not required. allow external apps
state: ${7|present,absent,upgraded|} # not required. choices: present;absent;upgraded. state of the cask
path: ${8:/usr/local/bin} # not required. ':' separated list of paths to search for 'brew' executable.
"""
'homebrew_tap':
'prefix': "homebrew_tap_snippet"
'description': "Tap a Homebrew repository."
'body': """
homebrew_tap:
name: ${1:undefined} # required. The GitHub user/organization repository to tap.
url: ${2:undefined} # not required. The optional git URL of the repository to tap. The URL is not assumed to be on GitHub, and the protocol doesn't have to be HTTP. Any location and protocol that git can handle is fine.,I(name) option may not be a list of multiple taps (but a single tap instead) when this option is provided.
state: ${3|present,absent|} # not required. choices: present;absent. state of the repository.
"""
'honeybadger_deployment':
'prefix': "honeybadger_deployment_snippet"
'description': "Notify Honeybadger.io about app deployments"
'body': """
honeybadger_deployment:
environment: ${1:undefined} # required. The environment name, typically 'production', 'staging', etc.
token: ${2:undefined} # required. API token.
repo: ${3:None} # not required. URL of the project repository
user: ${4:None} # not required. The username of the person doing the deployment
url: ${5:https://api.honeybadger.io/v1/deploys} # not required. Optional URL to submit the notification to.
validate_certs: ${6|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates.
revision: ${7:None} # not required. A hash, number, tag, or other identifier showing what revision was deployed
"""
'hostname':
'prefix': "hostname_snippet"
'description': "Manage hostname"
'body': """
hostname:
name: ${1:undefined} # required. Name of the host
"""
'hpilo_boot':
'prefix': "hpilo_boot_snippet"
'description': "Boot system using specific media through HP iLO interface"
'body': """
hpilo_boot:
host: ${1:undefined} # required. The HP iLO hostname/address that is linked to the physical system.
force: ${2|yes,no|} # not required. choices: yes;no. Whether to force a reboot (even when the system is already booted).,As a safeguard, without force, hpilo_boot will refuse to reboot a server that is already running.
media: ${3|cdrom,floppy,hdd,network,normal,usb|} # not required. choices: cdrom;floppy;hdd;network;normal;usb. The boot media to boot the system from
image: ${4:undefined} # not required. The URL of a cdrom, floppy or usb boot media image. protocol://username:password@hostname:port/filename,protocol is either 'http' or 'https',username:password is optional,port is optional
ssl_version: ${5|SSLv3,SSLv23,TLSv1,TLSv1_1,TLSv1_2|} # not required. choices: SSLv3;SSLv23;TLSv1;TLSv1_1;TLSv1_2. Change the ssl_version used.
state: ${6|boot_always,boot_once,connect,disconnect,no_boot,poweroff|} # not required. choices: boot_always;boot_once;connect;disconnect;no_boot;poweroff. The state of the boot media.,no_boot: Do not boot from the device,boot_once: Boot from the device once and then notthereafter,boot_always: Boot from the device each time the serveris rebooted,connect: Connect the virtual media device and set to boot_always,disconnect: Disconnects the virtual media device and set to no_boot,poweroff: Power off the server
login: ${7:Administrator} # not required. The login name to authenticate to the HP iLO interface.
password: ${8:admin} # not required. The password to authenticate to the HP iLO interface.
"""
'hpilo_facts':
'prefix': "hpilo_facts_snippet"
'description': "Gather facts through an HP iLO interface"
'body': """
hpilo_facts:
host: ${1:undefined} # required. The HP iLO hostname/address that is linked to the physical system.
password: ${2:admin} # not required. The password to authenticate to the HP iLO interface.
ssl_version: ${3|SSLv3,SSLv23,TLSv1,TLSv1_1,TLSv1_2|} # not required. choices: SSLv3;SSLv23;TLSv1;TLSv1_1;TLSv1_2. Change the ssl_version used.
login: ${4:Administrator} # not required. The login name to authenticate to the HP iLO interface.
"""
'hponcfg':
'prefix': "hponcfg_snippet"
'description': "Configure HP iLO interface using hponcfg"
'body': """
hponcfg:
path: ${1:undefined} # required. The XML file as accepted by hponcfg.
executable: ${2:hponcfg} # not required. Path to the hponcfg executable (`hponcfg` which uses $PATH).
minfw: ${3:undefined} # not required. The minimum firmware level needed.
verbose: ${4:false} # not required. Run hponcfg in verbose mode (-v).
"""
'htpasswd':
'prefix': "htpasswd_snippet"
'description': "manage user files for basic authentication"
'body': """
htpasswd:
path: ${1:undefined} # required. Path to the file that contains the usernames and passwords
name: ${2:undefined} # required. User name to add or remove
selevel: ${3:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
owner: ${4:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
password: ${5:undefined} # not required. Password associated with user.,Must be specified if user does not exist yet.
group: ${6:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
unsafe_writes: ${7:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
create: ${8|yes,no|} # not required. choices: yes;no. Used with C(state=present). If specified, the file will be created if it does not already exist. If set to \"no\", will fail if the file does not exist
seuser: ${9:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
serole: ${10:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
state: ${11|present,absent|} # not required. choices: present;absent. Whether the user entry should be present or not
mode: ${12:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${13:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
crypt_scheme: ${14|apr_md5_crypt,des_crypt,ldap_sha1,plaintext|} # not required. choices: apr_md5_crypt;des_crypt;ldap_sha1;plaintext. Encryption scheme to be used. As well as the four choices listed here, you can also use any other hash supported by passlib, such as md5_crypt and sha256_crypt, which are linux passwd hashes. If you do so the password file will not be compatible with Apache or Nginx
setype: ${15:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'iam':
'prefix': "iam_snippet"
'description': "Manage IAM users, groups, roles and keys"
'body': """
iam:
name: ${1:undefined} # required. Name of IAM resource to create or identify
iam_type: ${2|user,group,role|} # required. choices: user;group;role. Type of IAM resource
state: ${3|present,absent,update|} # required. choices: present;absent;update. Whether to create, delete or update the IAM resource. Note, roles cannot be updated.
new_name: ${4:null} # not required. When state is update, will replace name with new_name on IAM resource
aws_secret_key: ${5:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
update_password: ${6|always,on_create|} # not required. choices: always;on_create. C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users.
new_path: ${7:null} # not required. When state is update, will replace the path with new_path on the IAM resource
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
access_key_state: ${9|create,remove,active,inactive|} # not required. choices: create;remove;active;inactive. When type is user, it creates, removes, deactivates or activates a user's access key(s). Note that actions apply only to keys specified.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
key_count: ${12:1} # not required. When access_key_state is create it will ensure this quantity of keys are present. Defaults to 1.
aws_access_key: ${13:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
access_key_ids: ${15:undefined} # not required. A list of the keys that you want impacted by the access_key_state parameter.
profile: ${16:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
groups: ${17:null} # not required. A list of groups the user should belong to. When update, will gracefully remove groups not listed.
trust_policy: ${18:null} # not required. The inline (JSON or YAML) trust policy document that grants an entity permission to assume the role. Mutually exclusive with C(trust_policy_filepath).
path: ${19:/} # not required. When creating or updating, specify the desired path of the resource. If state is present, it will replace the current path to match what is passed in when they do not match.
password: ${20:null} # not required. When type is user and state is present, define the users login password. Also works with update. Note that always returns changed.
trust_policy_filepath: ${21:null} # not required. The path to the trust policy document that grants an entity permission to assume the role. Mutually exclusive with C(trust_policy).
"""
'iam_cert':
'prefix': "iam_cert_snippet"
'description': "Manage server certificates for use on ELBs and CloudFront"
'body': """
iam_cert:
name: ${1:undefined} # required. Name of certificate to add, update or remove.
state: ${2|present,absent|} # required. choices: present;absent. Whether to create(or update) or delete certificate.,If new_path or new_name is defined, specifying present will attempt to make an update these.
new_name: ${3:undefined} # not required. When state is present, this will update the name of the cert.,The cert, key and cert_chain parameters will be ignored if this is defined.
aws_secret_key: ${4:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
dup_ok: ${5:false} # not required. By default the module will not upload a certificate that is already uploaded into AWS. If set to True, it will upload the certificate as long as the name is unique.
new_path: ${6:undefined} # not required. When state is present, this will update the path of the cert.,The cert, key and cert_chain parameters will be ignored if this is defined.
security_token: ${7:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
cert: ${9:undefined} # not required. The path to, or content of the certificate body in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
profile: ${10:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
key: ${11:undefined} # not required. The path to, or content of the private key in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
path: ${13:/} # not required. When creating or updating, specify the desired path of the certificate.
aws_access_key: ${14:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
cert_chain: ${16:undefined} # not required. The path to, or content of the CA certificate chain in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
"""
'iam_server_certificate_facts':
'prefix': "iam_server_certificate_facts_snippet"
'description': "Retrieve the facts of a server certificate"
'body': """
iam_server_certificate_facts:
name: ${1:undefined} # required. The name of the server certificate you are retrieving attributes for.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${8:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'iam_group':
'prefix': "iam_group_snippet"
'description': "Manage AWS IAM groups"
'body': """
iam_group:
name: ${1:undefined} # required. The name of the group to create.
state: ${2|present,absent|} # required. choices: present;absent. Create or remove the IAM group
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
users: ${4:undefined} # not required. A list of existing users to add as members of the group.
purge_users: ${5:false} # not required. Deatach users which not included in users list
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
purge_policy: ${11:false} # not required. Deatach policy which not included in managed_policy list
managed_policy: ${12:undefined} # not required. A list of managed policy ARNs or friendly names to attach to the role. To embed an inline policy, use M(iam_policy).
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'iam_managed_policy':
'prefix': "iam_managed_policy_snippet"
'description': "Manage User Managed IAM policies"
'body': """
iam_managed_policy:
policy_name: ${1:undefined} # required. The name of the managed policy.
state: ${2|present,absent|} # required. choices: present;absent. Should this managed policy be present or absent. Set to absent to detach all entities from this policy and remove it if found.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
make_default: ${4:true} # not required. Make this revision the default revision.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
only_version: ${6:false} # not required. Remove all other non default revisions, if this is used with C(make_default) it will result in all other versions of this policy being deleted.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
policy_description: ${9:} # not required. A helpful description of this policy, this value is immuteable and only set when creating a new policy.
security_token: ${10:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${11:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
policy: ${12:undefined} # not required. A properly json formatted policy
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'iam_mfa_device_facts':
'prefix': "iam_mfa_device_facts_snippet"
'description': "List the MFA (Multi-Factor Authentication) devices registered for a user"
'body': """
iam_mfa_device_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${5:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
user_name: ${8:null} # not required. The name of the user whose MFA devices will be listed
"""
'iam_policy':
'prefix': "iam_policy_snippet"
'description': "Manage IAM policies for users, groups, and roles"
'body': """
iam_policy:
iam_name: ${1:undefined} # required. Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
policy_name: ${2:undefined} # required. The name label for the policy to create or remove.
iam_type: ${3|user,group,role|} # required. choices: user;group;role. Type of IAM resource
state: ${4|present,absent|} # required. choices: present;absent. Whether to create or delete the IAM policy.
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
policy_document: ${8:undefined} # not required. The path to the properly json formatted policy file (mutually exclusive with C(policy_json))
aws_access_key: ${9:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${10:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${11:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
policy_json: ${12:undefined} # not required. A properly json formatted policy as string (mutually exclusive with C(policy_document), see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly)
skip_duplicates: ${13:/} # not required. By default the module looks for any policies that match the document you pass in, if there is a match it will not make a new policy object with the same rules. You can override this by specifying false which would allow for two policy objects with different names but same rules.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'iam_role':
'prefix': "iam_role_snippet"
'description': "Manage AWS IAM roles"
'body': """
iam_role:
name: ${1:undefined} # required. The name of the role to create.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
managed_policy: ${7:undefined} # not required. A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names. To embed an inline policy, use M(iam_policy). To remove existing policies, use an empty list item.
purge_policies: ${8:true} # not required. Detaches any managed policies not listed in the \"managed_policy\" option. Set to false if you want to attach policies elsewhere.
assume_role_policy_document: ${9:undefined} # not required. The trust relationship policy document that grants an entity permission to assume the role.,This parameter is required when C(state=present).
state: ${10|present,absent|} # not required. choices: present;absent. Create or remove the IAM role
create_instance_profile: ${11:true} # not required. Creates an IAM instance profile along with the role
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
path: ${13:/} # not required. The path to the role. For more information about paths, see U(http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html).
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
description: ${15:undefined} # not required. Provide a description of the new role
"""
'iam_role_facts':
'prefix': "iam_role_facts_snippet"
'description': "Gather information on IAM roles"
'body': """
iam_role_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
name: ${4:None} # not required. Name of a role to search for,Mutually exclusive with C(prefix)
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
path_prefix: ${8:None} # not required. Prefix of role I(path) to restrict IAM role search for,Mutually exclusive with C(name)
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'iam_user':
'prefix': "iam_user_snippet"
'description': "Manage AWS IAM users"
'body': """
iam_user:
name: ${1:undefined} # required. The name of the user to create.
state: ${2|present,absent|} # required. choices: present;absent. Create or remove the IAM user
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${4:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
purge_policy: ${8:false} # not required. Detach policies which are not included in managed_policy list
managed_policy: ${9:undefined} # not required. A list of managed policy ARNs or friendly names to attach to the user. To embed an inline policy, use M(iam_policy).
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'icinga2_feature':
'prefix': "icinga2_feature_snippet"
'description': "Manage Icinga2 feature"
'body': """
icinga2_feature:
name: ${1:undefined} # required. This is the feature name to enable or disable.
state: ${2|present,absent|} # not required. choices: present;absent. Apply feature state.
"""
'icinga2_host':
'prefix': "icinga2_host_snippet"
'description': "Manage a host in Icinga2"
'body': """
icinga2_host:
ip: ${1:undefined} # required. The IP address of the host.
name: ${2:undefined} # required. Name used to create / delete the host. This does not need to be the FQDN, but does needs to be unique.
url: ${3:undefined} # required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
url_username: ${4:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without C(url_password) for sites that allow empty passwords.
variables: ${5:None} # not required. List of variables.
force_basic_auth: ${6:no} # not required. httplib2, the library used by the uri module only sends authentication information when a webservice responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail. This option forces the sending of the Basic authentication header upon initial request.
url_password: ${7:undefined} # not required. The password for use in HTTP basic authentication.,If the C(url_username) parameter is not specified, the C(url_password) parameter will not be used.
display_name: ${8:if none is give it is the value of the <name> parameter} # not required. The name used to display the host.
use_proxy: ${9:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
zone: ${10:undefined} # not required. The zone from where this host should be polled.
check_command: ${11:hostalive} # not required. The command used to check if the host is alive.
state: ${12|present,absent|} # not required. choices: present;absent. Apply feature state.
template: ${13:None} # not required. The template used to define the host.,Template cannot be modified after object creation.
client_key: ${14:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
validate_certs: ${15:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
client_cert: ${16:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
"""
'imc_rest':
'prefix': "imc_rest_snippet"
'description': "Manage Cisco IMC hardware through its REST API"
'body': """
imc_rest:
hostname: ${1:undefined} # required. IP Address or hostname of Cisco IMC, resolvable by Ansible control host.
username: ${2:admin} # not required. Username used to login to the switch.
protocol: ${3|http,https|} # not required. choices: http;https. Connection protocol to use.
content: ${4:undefined} # not required. When used instead of C(path), sets the content of the API requests directly.,This may be convenient to template simple requests, for anything complex use the M(template) module.,You can collate multiple IMC XML fragments and they will be processed sequentially in a single stream, the Cisco IMC output is subsequently merged.,Parameter C(content) is mutual exclusive with parameter C(path).
timeout: ${5:60} # not required. The socket level timeout in seconds.,This is the time that every single connection (every fragment) can spend. If this C(timeout) is reached, the module will fail with a C(Connection failure) indicating that C(The read operation timed out).
path: ${6:undefined} # not required. Name of the absolute path of the filename that includes the body of the http request being sent to the Cisco IMC REST API.,Parameter C(path) is mutual exclusive with parameter C(content).
password: ${7:password} # not required. The password to use for authentication.
validate_certs: ${8:yes} # not required. If C(no), SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'imgadm':
'prefix': "imgadm_snippet"
'description': "Manage SmartOS images"
'body': """
imgadm:
state: ${1|present,absent,deleted,imported,updated,vacuumed|} # required. choices: present;absent;deleted;imported;updated;vacuumed. State the object operated on should be in. C(imported) is an alias for for C(present) and C(deleted) for C(absent). When set to C(vacuumed) and C(uuid) to C(*), it will remove all unused images.
source: ${2:undefined} # not required. URI for the image source.
force: ${3|true,false|} # not required. choices: true;false. Force a given operation (where supported by imgadm(1M)).
uuid: ${4:undefined} # not required. Image UUID. Can either be a full UUID or C(*) for all images.
type: ${5|imgapi,docker,dsapi|} # not required. choices: imgapi;docker;dsapi. Type for image sources.
pool: ${6:zones} # not required. zpool to import to or delete images from.
"""
'import_playbook':
'prefix': "import_playbook_snippet"
'description': "Import a playbook"
'body': """
import_playbook:
free-form: ${1:undefined} # not required. The name of the imported playbook is specified directly without any other option.
"""
'import_role':
'prefix': "import_role_snippet"
'description': "Import a role into a play"
'body': """
import_role:
name: ${1:undefined} # required. The name of the role to be executed.
allow_duplicates: ${2:true} # not required. Overrides the role's metadata setting to allow using a role more than once with the same parameters.
tasks_from: ${3:main} # not required. File to load from a role's C(tasks/) directory.
vars_from: ${4:main} # not required. File to load from a role's C(vars/) directory.
defaults_from: ${5:main} # not required. File to load from a role's C(defaults/) directory.
private: ${6:None} # not required. If C(True) the variables from C(defaults/) and C(vars/) in a role will not be made available to the rest of the play.
"""
'import_tasks':
'prefix': "import_tasks_snippet"
'description': "Import a task list"
'body': """
import_tasks:
free-form: ${1:undefined} # not required. The name of the imported file is specified directly without any other option.,Most keywords, including loops and conditionals, only applied to the imported tasks, not to this statement itself. If you need any of those to apply, use M(include_tasks) instead.
"""
'include':
'prefix': "include_snippet"
'description': "Include a play or task list"
'body': """
include:
free-form: ${1:undefined} # not required. This module allows you to specify the name of the file directly without any other options.
"""
'include_role':
'prefix': "include_role_snippet"
'description': "Load and execute a role"
'body': """
include_role:
name: ${1:undefined} # required. The name of the role to be executed.
allow_duplicates: ${2:true} # not required. Overrides the role's metadata setting to allow using a role more than once with the same parameters.
tasks_from: ${3:main} # not required. File to load from a role's C(tasks/) directory.
vars_from: ${4:main} # not required. File to load from a role's C(vars/) directory.
defaults_from: ${5:main} # not required. File to load from a role's C(defaults/) directory.
private: ${6:None} # not required. If C(True) the variables from C(defaults/) and C(vars/) in a role will not be made available to the rest of the play.
"""
'include_tasks':
'prefix': "include_tasks_snippet"
'description': "Dynamically include a task list"
'body': """
include_tasks:
free-form: ${1:undefined} # not required. The name of the imported file is specified directly without any other option.,Unlike M(import_tasks), most keywords, including loops and conditionals, apply to this statement.
"""
'include_vars':
'prefix': "include_vars_snippet"
'description': "Load variables from files, dynamically within a task"
'body': """
include_vars:
ignore_files: ${1:null} # not required. List of file names to ignore.
free-form: ${2:undefined} # not required. This module allows you to specify the 'file' option directly without any other options. There is no 'free-form' option, this is just an indicator, see example below.
files_matching: ${3:null} # not required. Limit the files that are loaded within any directory to this regular expression.
depth: ${4:0} # not required. When using C(dir), this module will, by default, recursively go through each sub directory and load up the variables. By explicitly setting the depth, this module will only go as deep as the depth.
extensions: ${5:yaml,yml,json} # not required. List of file extensions to read when using C(dir).
file: ${6:undefined} # not required. The file name from which variables should be loaded.,If the path is relative, it will look for the file in vars/ subdirectory of a role or relative to playbook.
dir: ${7:null} # not required. The directory name from which the variables should be loaded.,If the path is relative, it will look for the file in vars/ subdirectory of a role or relative to playbook.
name: ${8:null} # not required. The name of a variable into which assign the included vars. If omitted (null) they will be made top level vars.
"""
'infini_export':
'prefix': "infini_export_snippet"
'description': "Create, Delete or Modify NFS Exports on Infinibox"
'body': """
infini_export:
name: ${1:undefined} # required. Export name. Should always start with C(/). (ex. name=/data)
system: ${2:undefined} # required. Infinibox Hostname or IPv4 Address.
filesystem: ${3:undefined} # required. Name of exported file system.
inner_path: ${4:/} # not required. Internal path of the export.
client_list: ${5:All Hosts(*), RW, no_root_squash: True} # not required. List of dictionaries with client entries. See examples. Check infini_export_client module to modify individual NFS client entries for export.
state: ${6|present,absent|} # not required. choices: present;absent. Creates/Modifies export when present and removes when absent.
user: ${7:undefined} # not required. Infinibox User username with sufficient priveledges ( see notes ).
password: ${8:undefined} # not required. Infinibox User password.
"""
'infini_export_client':
'prefix': "infini_export_client_snippet"
'description': "Create, Delete or Modify NFS Client(s) for existing exports on Infinibox"
'body': """
infini_export_client:
system: ${1:undefined} # required. Infinibox Hostname or IPv4 Address.
client: ${2:undefined} # required. Client IP or Range. Ranges can be defined as follows 192.168.0.1-192.168.0.254.
export: ${3:undefined} # required. Name of the export.
no_root_squash: ${4|yes,no|} # not required. choices: yes;no. Don't squash root user to anonymous. Will be set to \"no\" on creation if not specified explicitly.
access_mode: ${5|RW,RO|} # not required. choices: RW;RO. Read Write or Read Only Access.
state: ${6|present,absent|} # not required. choices: present;absent. Creates/Modifies client when present and removes when absent.
user: ${7:undefined} # not required. Infinibox User username with sufficient priveledges ( see notes ).
password: ${8:undefined} # not required. Infinibox User password.
"""
'infini_fs':
'prefix': "infini_fs_snippet"
'description': "Create, Delete or Modify filesystems on Infinibox"
'body': """
infini_fs:
name: ${1:undefined} # required. File system name.
system: ${2:undefined} # required. Infinibox Hostname or IPv4 Address.
pool: ${3:undefined} # required. Pool that will host file system.
state: ${4|present,absent|} # not required. choices: present;absent. Creates/Modifies file system when present or removes when absent.
user: ${5:undefined} # not required. Infinibox User username with sufficient priveledges ( see notes ).
password: ${6:undefined} # not required. Infinibox User password.
size: ${7:undefined} # not required. File system size in MB, GB or TB units. See examples.
"""
'infini_host':
'prefix': "infini_host_snippet"
'description': "Create, Delete and Modify Hosts on Infinibox"
'body': """
infini_host:
name: ${1:undefined} # required. Host Name
system: ${2:undefined} # required. Infinibox Hostname or IPv4 Address.
volume: ${3:undefined} # not required. Volume name to map to the host
state: ${4|present,absent|} # not required. choices: present;absent. Creates/Modifies Host when present or removes when absent
user: ${5:undefined} # not required. Infinibox User username with sufficient priveledges ( see notes ).
password: ${6:undefined} # not required. Infinibox User password.
wwns: ${7:undefined} # not required. List of wwns of the host
"""
'infini_pool':
'prefix': "infini_pool_snippet"
'description': "Create, Delete and Modify Pools on Infinibox"
'body': """
infini_pool:
name: ${1:undefined} # required. Pool Name
system: ${2:undefined} # required. Infinibox Hostname or IPv4 Address.
ssd_cache: ${3|yes,no|} # not required. choices: yes;no. Enable/Disable SSD Cache on Pool
state: ${4|present,absent|} # not required. choices: present;absent. Creates/Modifies Pool when present or removes when absent
user: ${5:undefined} # not required. Infinibox User username with sufficient priveledges ( see notes ).
password: ${6:undefined} # not required. Infinibox User password.
vsize: ${7:undefined} # not required. Pool Virtual Capacity in MB, GB or TB units. If pool vsize is not set on pool creation, Virtual Capacity will be equal to Physical Capacity. See examples.
size: ${8:undefined} # not required. Pool Physical Capacity in MB, GB or TB units. If pool size is not set on pool creation, size will be equal to 1TB. See examples.
"""
'infini_vol':
'prefix': "infini_vol_snippet"
'description': "Create, Delete or Modify volumes on Infinibox"
'body': """
infini_vol:
name: ${1:undefined} # required. Volume Name
system: ${2:undefined} # required. Infinibox Hostname or IPv4 Address.
pool: ${3:undefined} # required. Pool that volume will reside on
state: ${4|present,absent|} # not required. choices: present;absent. Creates/Modifies volume when present or removes when absent
user: ${5:undefined} # not required. Infinibox User username with sufficient priveledges ( see notes ).
password: ${6:undefined} # not required. Infinibox User password.
size: ${7:undefined} # not required. Volume size in MB, GB or TB units. See examples.
"""
'infinity':
'prefix': "infinity_snippet"
'description': "manage Infinity IPAM using Rest API"
'body': """
infinity:
username: ${1:undefined} # required. Username to access Infinity,The user must have Rest API privileges
server_ip: ${2:undefined} # required. Infinity server_ip with IP address
action: ${3|reserve_next_available_ip,release_ip,delete_network,add_network,reserve_network,release_network,get_network_id|} # required. choices: reserve_next_available_ip;release_ip;delete_network;add_network;reserve_network;release_network;get_network_id. Action to perform
password: ${4:undefined} # required. Infinity password
network_size: ${5:} # not required. Network bitmask (e.g. 255.255.255.220) or CIDR format (e.g., /26)
network_location: ${6:-1} # not required. the parent network id for a given network
network_family: ${7|4,6,dual|} # not required. choices: 4;6;dual. Network family defined by Infinity, e.g. IPv4, IPv6 and Dual stack
network_id: ${8:} # not required. Network ID
ip_address: ${9:} # not required. IP Address for a reservation or a release
network_address: ${10:} # not required. Network address with CIDR format (e.g., 192.168.310.0)
network_name: ${11:} # not required. The name of a network
network_type: ${12|lan,shared_lan,supernet|} # not required. choices: lan;shared_lan;supernet. Network type defined by Infinity
"""
'influxdb_database':
'prefix': "influxdb_database_snippet"
'description': "Manage InfluxDB databases"
'body': """
influxdb_database:
database_name: ${1:undefined} # required. Name of the database.
username: ${2:root} # not required. Username that will be used to authenticate against InfluxDB server.,Alias C(login_username) added in version 2.5.
retries: ${3:3} # not required. Number of retries client will try before aborting.,C(0) indicates try until success.
use_udp: ${4:false} # not required. Use UDP to connect to InfluxDB server.
proxies: ${5:None} # not required. HTTP(S) proxy to use for Requests to connect to InfluxDB server.
hostname: ${6:localhost} # not required. The hostname or IP address on which InfluxDB server is listening.,Since version 2.5, defaulted to localhost.
udp_port: ${7:4444} # not required. UDP port to connect to InfluxDB server.
ssl: ${8:false} # not required. Use https instead of http to connect to InfluxDB server.
state: ${9|present,absent|} # not required. choices: present;absent. Determines if the database should be created or destroyed.
timeout: ${10:None} # not required. Number of seconds Requests will wait for client to establish a connection.
password: ${11:root} # not required. Password that will be used to authenticate against InfluxDB server.,Alias C(login_password) added in version 2.5.
validate_certs: ${12:true} # not required. If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${13:8086} # not required. The port on which InfluxDB server is listening
"""
'influxdb_query':
'prefix': "influxdb_query_snippet"
'description': "Query data points from InfluxDB."
'body': """
influxdb_query:
database_name: ${1:undefined} # required. Name of the database.
query: ${2:undefined} # required. Query to be executed.
username: ${3:root} # not required. Username that will be used to authenticate against InfluxDB server.,Alias C(login_username) added in version 2.5.
retries: ${4:3} # not required. Number of retries client will try before aborting.,C(0) indicates try until success.
use_udp: ${5:false} # not required. Use UDP to connect to InfluxDB server.
proxies: ${6:None} # not required. HTTP(S) proxy to use for Requests to connect to InfluxDB server.
hostname: ${7:localhost} # not required. The hostname or IP address on which InfluxDB server is listening.,Since version 2.5, defaulted to localhost.
udp_port: ${8:4444} # not required. UDP port to connect to InfluxDB server.
ssl: ${9:false} # not required. Use https instead of http to connect to InfluxDB server.
timeout: ${10:None} # not required. Number of seconds Requests will wait for client to establish a connection.
password: ${11:root} # not required. Password that will be used to authenticate against InfluxDB server.,Alias C(login_password) added in version 2.5.
validate_certs: ${12:true} # not required. If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${13:8086} # not required. The port on which InfluxDB server is listening
"""
'influxdb_retention_policy':
'prefix': "influxdb_retention_policy_snippet"
'description': "Manage InfluxDB retention policies"
'body': """
influxdb_retention_policy:
default: ${1:undefined} # required. Sets the retention policy as default retention policy
database_name: ${2:undefined} # required. Name of the database.
policy_name: ${3:undefined} # required. Name of the retention policy
replication: ${4:undefined} # required. Determines how many independent copies of each point are stored in the cluster
duration: ${5:undefined} # required. Determines how long InfluxDB should keep the data
username: ${6:root} # not required. Username that will be used to authenticate against InfluxDB server.,Alias C(login_username) added in version 2.5.
retries: ${7:3} # not required. Number of retries client will try before aborting.,C(0) indicates try until success.
use_udp: ${8:false} # not required. Use UDP to connect to InfluxDB server.
proxies: ${9:None} # not required. HTTP(S) proxy to use for Requests to connect to InfluxDB server.
ssl: ${10:false} # not required. Use https instead of http to connect to InfluxDB server.
hostname: ${11:localhost} # not required. The hostname or IP address on which InfluxDB server is listening.,Since version 2.5, defaulted to localhost.
udp_port: ${12:4444} # not required. UDP port to connect to InfluxDB server.
timeout: ${13:None} # not required. Number of seconds Requests will wait for client to establish a connection.
password: ${14:root} # not required. Password that will be used to authenticate against InfluxDB server.,Alias C(login_password) added in version 2.5.
validate_certs: ${15:true} # not required. If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${16:8086} # not required. The port on which InfluxDB server is listening
"""
'influxdb_user':
'prefix': "influxdb_user_snippet"
'description': "Manage InfluxDB users"
'body': """
influxdb_user:
user_name: ${1:undefined} # required. Name of the user.
username: ${2:root} # not required. Username that will be used to authenticate against InfluxDB server.,Alias C(login_username) added in version 2.5.
retries: ${3:3} # not required. Number of retries client will try before aborting.,C(0) indicates try until success.
use_udp: ${4:false} # not required. Use UDP to connect to InfluxDB server.
proxies: ${5:None} # not required. HTTP(S) proxy to use for Requests to connect to InfluxDB server.
admin: ${6|true,false|} # not required. choices: true;false. Whether the user should be in the admin role or not.
validate_certs: ${7:true} # not required. If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
user_password: ${8:undefined} # not required. Password to be set for the user.
hostname: ${9:localhost} # not required. The hostname or IP address on which InfluxDB server is listening.,Since version 2.5, defaulted to localhost.
udp_port: ${10:4444} # not required. UDP port to connect to InfluxDB server.
ssl: ${11:false} # not required. Use https instead of http to connect to InfluxDB server.
state: ${12|present,absent|} # not required. choices: present;absent. State of the user.
timeout: ${13:None} # not required. Number of seconds Requests will wait for client to establish a connection.
password: ${14:root} # not required. Password that will be used to authenticate against InfluxDB server.,Alias C(login_password) added in version 2.5.
port: ${15:8086} # not required. The port on which InfluxDB server is listening
"""
'influxdb_write':
'prefix': "influxdb_write_snippet"
'description': "Write data points into InfluxDB."
'body': """
influxdb_write:
data_points: ${1:undefined} # required. Data points as dict to write into the database.
database_name: ${2:undefined} # required. Name of the database.
username: ${3:root} # not required. Username that will be used to authenticate against InfluxDB server.,Alias C(login_username) added in version 2.5.
retries: ${4:3} # not required. Number of retries client will try before aborting.,C(0) indicates try until success.
use_udp: ${5:false} # not required. Use UDP to connect to InfluxDB server.
proxies: ${6:None} # not required. HTTP(S) proxy to use for Requests to connect to InfluxDB server.
hostname: ${7:localhost} # not required. The hostname or IP address on which InfluxDB server is listening.,Since version 2.5, defaulted to localhost.
udp_port: ${8:4444} # not required. UDP port to connect to InfluxDB server.
ssl: ${9:false} # not required. Use https instead of http to connect to InfluxDB server.
timeout: ${10:None} # not required. Number of seconds Requests will wait for client to establish a connection.
password: ${11:root} # not required. Password that will be used to authenticate against InfluxDB server.,Alias C(login_password) added in version 2.5.
validate_certs: ${12:true} # not required. If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
port: ${13:8086} # not required. The port on which InfluxDB server is listening
"""
'ini_file':
'prefix': "ini_file_snippet"
'description': "Tweak settings in INI files"
'body': """
ini_file:
section: ${1:undefined} # required. Section name in INI file. This is added if C(state=present) automatically when a single value is being set.,If left empty or set to `null`, the I(option) will be placed before the first I(section). Using `null` is also required if the config format does not support sections.
path: ${2:undefined} # required. Path to the INI-style file; this file is created if required.,Before 2.3 this option was only usable as I(dest).
seuser: ${3:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
group: ${4:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
option: ${5:undefined} # not required. If set (required for changing a I(value)), this is the name of the option.,May be omitted if adding/removing a whole I(section).
unsafe_writes: ${6:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
selevel: ${7:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
no_extra_spaces: ${8:no} # not required. Do not insert spaces before and after '=' symbol
serole: ${9:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
value: ${10:undefined} # not required. The string value to be associated with an I(option). May be omitted when removing an I(option).
state: ${11|absent,present|} # not required. choices: absent;present. If set to C(absent) the option or section will be removed if present instead of created.
mode: ${12:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
others: ${13:undefined} # not required. All arguments accepted by the M(file) module also work here
owner: ${14:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
attributes: ${15:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
backup: ${16:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
create: ${17:yes} # not required. If set to 'no', the module will fail if the file does not already exist. By default it will create the file if it is missing.
setype: ${18:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'interfaces_file':
'prefix': "interfaces_file_snippet"
'description': "Tweak settings in /etc/network/interfaces files"
'body': """
interfaces_file:
option: ${1:null} # not required. Name of the option, required for value changes or option remove
dest: ${2:/etc/network/interfaces} # not required. Path to the interfaces file
selevel: ${3:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
owner: ${4:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
iface: ${5:null} # not required. Name of the interface, required for value changes or option remove
group: ${6:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
unsafe_writes: ${7:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
seuser: ${8:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
serole: ${9:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
value: ${10:null} # not required. If I(option) is not presented for the I(interface) and I(state) is C(present) option will be added. If I(option) already exists and is not C(pre-up), C(up), C(post-up) or C(down), it's value will be updated. C(pre-up), C(up), C(post-up) and C(down) options can't be updated, only adding new options, removing existing ones or cleaning the whole option set are supported
state: ${11|present,absent|} # not required. choices: present;absent. If set to C(absent) the option or section will be removed if present instead of created.
mode: ${12:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${13:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
backup: ${14|yes,no|} # not required. choices: yes;no. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
setype: ${15:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'ios_banner':
'prefix': "ios_banner_snippet"
'description': "Manage multiline banners on Cisco IOS devices"
'body': """
ios_banner:
banner: ${1|login,motd,exec,incoming,slip-ppp|} # required. choices: login;motd;exec;incoming;slip-ppp. Specifies which banner should be configured on the remote device. In Ansible 2.4 and earlier only I(login) and I(motd) were supported.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
text: ${3:null} # not required. The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires I(state=present).
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
state: ${5|present,absent|} # not required. choices: present;absent. Specifies whether or not the configuration is present in the current devices active running configuration.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'ios_command':
'prefix': "ios_command_snippet"
'description': "Run commands on remote devices running Cisco IOS"
'body': """
ios_command:
commands: ${1:undefined} # required. List of commands to send to the remote ios device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
retries: ${3:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
interval: ${5:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
wait_for: ${7:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${8|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'ios_config':
'prefix': "ios_config_snippet"
'description': "Manage Cisco IOS configuration sections"
'body': """
ios_config:
multiline_delimiter: ${1:@} # not required. This argument is used when pushing a multiline configuration element to the IOS device. It specifies the character to use as the delimiting character. This only applies to the configuration action.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
force: ${3:false} # not required. The force argument instructs the module to not consider the current devices running-config. When set to true, this will cause the module to push the contents of I(src) into the device without first checking if already configured.,Note this argument should be considered deprecated. To achieve the equivalent, set the C(match=none) which is idempotent. This argument will be removed in Ansible 2.6.
after: ${4:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
diff_against: ${5|running,startup,intended|} # not required. choices: running;startup;intended. When using the C(ansible-playbook --diff) command line argument the module can generate diffs against different sources.,When this option is configure as I(startup), the module will return the diff of the running-config against the startup-config.,When this option is configured as I(intended), the module will return the diff of the running-config against the configuration provided in the C(intended_config) argument.,When this option is configured as I(running), the module will return the before and after diff of the running-config with respect to any changes made to the device configuration.
replace: ${6|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
running_config: ${7:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(running_config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
diff_ignore_lines: ${8:undefined} # not required. Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches.
src: ${9:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
save: ${10:false} # not required. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.,This option is deprecated as of Ansible 2.4 and will be removed in Ansible 2.8, use C(save_when) instead.
auth_pass: ${11:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
lines: ${12:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
intended_config: ${13:undefined} # not required. The C(intended_config) provides the master configuration that the node should conform to and is used to check the final running-config against. This argument will not modify any settings on the remote device and is strictly used to check the compliance of the current device's configuration against. When specifying this argument, the task should also modify the C(diff_against) value and set it to I(intended).
parents: ${14:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
defaults: ${15:false} # not required. This argument specifies whether or not to collect all defaults when getting the remote device running config. When enabled, the module will get the current config by issuing the command C(show running-config all).
provider: ${16:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
before: ${17:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
save_when: ${18|always,never,modified,changed|} # not required. choices: always;never;modified;changed. When changes are made to the device running-configuration, the changes are not copied to non-volatile storage by default. Using this argument will change that before. If the argument is set to I(always), then the running-config will always be copied to the startup-config and the I(modified) flag will always be set to True. If the argument is set to I(modified), then the running-config will only be copied to the startup-config if it has changed since the last save to startup-config. If the argument is set to I(never), the running-config will never be copied to the startup-config. If the argument is set to I(changed), then the running-config will only be copied to the startup-config if the task has made a change. I(changed) was added in Ansible 2.5.
backup: ${19:no} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created.
match: ${20|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
"""
'ios_facts':
'prefix': "ios_facts_snippet"
'description': "Collect facts from remote devices running Cisco IOS"
'body': """
ios_facts:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
auth_pass: ${2:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
gather_subset: ${3:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'ios_interface':
'prefix': "ios_interface_snippet"
'description': "Manage Interface on Cisco IOS network devices"
'body': """
ios_interface:
name: ${1:undefined} # required. Name of the Interface.
neighbors: ${2:undefined} # not required. Check the operational state of given interface C(name) for CDP/LLDP neighbor.,The following suboptions are available.
rx_rate: ${3:undefined} # not required. Receiver rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
duplex: ${4|full,half,auto|} # not required. choices: full;half;auto. Interface link status
auth_pass: ${5:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
enabled: ${6:undefined} # not required. Interface link status.
authorize: ${7|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
mtu: ${8:undefined} # not required. Maximum size of transmit packet.
delay: ${9:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are I(state) with values C(up)/C(down), I(tx_rate) and I(rx_rate).
state: ${10|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the Interface configuration, C(up) means present and operationally up and C(down) means present and operationally C(down)
provider: ${11:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${12:undefined} # not required. List of Interfaces definitions.
speed: ${13:undefined} # not required. Interface link speed.
tx_rate: ${14:undefined} # not required. Transmit rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
description: ${15:undefined} # not required. Description of Interface.
"""
'ios_l2_interface':
'prefix': "ios_l2_interface_snippet"
'description': "Manage Layer-2 interface on Cisco IOS devices."
'body': """
ios_l2_interface:
name: ${1:undefined} # required. Full name of the interface excluding any logical unit number, i.e. GigabitEthernet0/1.
native_vlan: ${2:undefined} # not required. Native VLAN to be configured in trunk port. If C(mode=trunk), used as the trunk native VLAN ID.
access_vlan: ${3:undefined} # not required. Configure given VLAN in access port. If C(mode=access), used as the access VLAN ID.
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
trunk_vlans: ${5:undefined} # not required. List of VLANs to be configured in trunk port. If C(mode=trunk), used as the VLAN range to ADD or REMOVE from the trunk.
authorize: ${6|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${7|present,absent,unconfigured|} # not required. choices: present;absent;unconfigured. Manage the state of the Layer-2 Interface configuration.
trunk_allowed_vlans: ${8:undefined} # not required. List of allowed VLANs in a given trunk port. If C(mode=trunk), these are the only VLANs that will be configured on the trunk, i.e. \"2-10,15\".
mode: ${9|access,trunk|} # not required. choices: access;trunk. Mode in which interface needs to be configured.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${11:undefined} # not required. List of Layer-2 interface definitions.
"""
'ios_l3_interface':
'prefix': "ios_l3_interface_snippet"
'description': "Manage L3 interfaces on Cisco IOS network devices."
'body': """
ios_l3_interface:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
name: ${2:undefined} # not required. Name of the L3 interface to be configured eg. GigabitEthernet0/2
auth_pass: ${3:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
state: ${5|present,absent|} # not required. choices: present;absent. State of the L3 interface configuration. It indicates if the configuration should be present or absent on remote device.
ipv4: ${6:undefined} # not required. IPv4 address to be set for the L3 interface mentioned in I(name) option. The address format is <ipv4 address>/<mask>, the mask is number in range 0-32 eg. 192.168.0.1/24
ipv6: ${7:undefined} # not required. IPv6 address to be set for the L3 interface mentioned in I(name) option. The address format is <ipv6 address>/<mask>, the mask is number in range 0-128 eg. fd5d:12c9:2201:1::1/64
aggregate: ${8:undefined} # not required. List of L3 interfaces definitions. Each of the entry in aggregate list should define name of interface C(name) and a optional C(ipv4) or C(ipv6) address.
"""
'ios_linkagg':
'prefix': "ios_linkagg_snippet"
'description': "Manage link aggregation groups on Cisco IOS network devices"
'body': """
ios_linkagg:
purge: ${1:false} # not required. Purge links not defined in the I(aggregate) parameter.
authorize: ${2|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${3|present,absent|} # not required. choices: present;absent. State of the link aggregation group.
group: ${4:undefined} # not required. Channel-group number for the port-channel Link aggregation group. Range 1-255.
mode: ${5|active,on,passive,auto,desirable|} # not required. choices: active;on;passive;auto;desirable. Mode of the link aggregation group.
members: ${6:undefined} # not required. List of members of the link aggregation group.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${8:undefined} # not required. List of link aggregation definitions.
auth_pass: ${9:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
"""
'ios_lldp':
'prefix': "ios_lldp_snippet"
'description': "Manage LLDP configuration on Cisco IOS network devices."
'body': """
ios_lldp:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${2|present,absent|} # not required. choices: present;absent. State of the LLDP configuration. If value is I(present) lldp will be enabled else if it is I(absent) it will be disabled.
auth_pass: ${3:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'ios_logging':
'prefix': "ios_logging_snippet"
'description': "Manage logging on network devices"
'body': """
ios_logging:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
aggregate: ${2:undefined} # not required. List of logging definitions.
state: ${3|present,absent|} # not required. choices: present;absent. State of the logging configuration.
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
name: ${5:undefined} # not required. If value of C(dest) is I(file) it indicates file-name, for I(user) it indicates username and for I(host) indicates the host name to be notified.
level: ${6:undefined} # not required. Set logging severity levels.
dest: ${7|on,host,console,monitor,buffered|} # not required. choices: on;host;console;monitor;buffered. Destination of the logs.
facility: ${8:undefined} # not required. Set logging facility.
provider: ${9:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
size: ${10:4096} # not required. Size of buffer. The acceptable value is in range from 4096 to 4294967295 bytes.
"""
'ios_ping':
'prefix': "ios_ping_snippet"
'description': "Tests reachability using ping from Cisco IOS network devices"
'body': """
ios_ping:
dest: ${1:undefined} # required. The IP Address or hostname (resolvable by switch) of the remote node.
count: ${2:5} # not required. Number of packets to send.
authorize: ${3|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
auth_pass: ${4:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
source: ${5:null} # not required. The source IP Address.
state: ${6|absent,present|} # not required. choices: absent;present. Determines if the expected result is success or fail.
vrf: ${7:default} # not required. The VRF to use for forwarding.
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'ios_static_route':
'prefix': "ios_static_route_snippet"
'description': "Manage static IP routes on Cisco IOS network devices"
'body': """
ios_static_route:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${2|present,absent|} # not required. choices: present;absent. State of the static route configuration.
next_hop: ${3:undefined} # not required. Next hop IP of the static route.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${5:undefined} # not required. List of static route definitions.
auth_pass: ${6:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
mask: ${7:undefined} # not required. Network prefix mask of the static route.
prefix: ${8:undefined} # not required. Network prefix of the static route.
admin_distance: ${9:undefined} # not required. Admin distance of the static route.
"""
'ios_system':
'prefix': "ios_system_snippet"
'description': "Manage the system attributes on Cisco IOS devices"
'body': """
ios_system:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
state: ${2|present,absent|} # not required. choices: present;absent. State of the configuration values in the device's current active configuration. When set to I(present), the values should be configured in the device active configuration and when set to I(absent) the values should not be in the device active configuration
auth_pass: ${3:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
lookup_source: ${5:undefined} # not required. Provides one or more source interfaces to use for performing DNS lookups. The interface provided in C(lookup_source) must be a valid interface configured on the device.
name_servers: ${6:undefined} # not required. List of DNS name servers by IP address to use to perform name resolution lookups. This argument accepts either a list of DNS servers See examples.
domain_search: ${7:undefined} # not required. Provides the list of domain suffixes to append to the hostname for the purpose of doing name resolution. This argument accepts a list of names and will be reconciled with the current active configuration on the running node.
hostname: ${8:undefined} # not required. Configure the device hostname parameter. This option takes an ASCII string value.
domain_name: ${9:undefined} # not required. Configure the IP domain name on the remote device to the provided value. Value should be in the dotted name form and will be appended to the C(hostname) to create a fully-qualified domain name.
lookup_enabled: ${10:undefined} # not required. Administrative control for enabling or disabling DNS lookups. When this argument is set to True, lookups are performed and when it is set to False, lookups are not performed.
"""
'ios_user':
'prefix': "ios_user_snippet"
'description': "Manage the aggregate of local users on Cisco IOS device"
'body': """
ios_user:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
update_password: ${2|on_create,always|} # not required. choices: on_create;always. Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to C(always), the password will always be updated in the device and when set to C(on_create) the password will be updated only if the username is created.
configured_password: ${3:undefined} # not required. The password to be configured on the Cisco IOS device. The password needs to be provided in clear and it will be encrypted on the device. Please note that this option is not same as C(provider password).
aggregate: ${4:undefined} # not required. The set of username objects to be configured on the remote Cisco IOS device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the C(name) argument.
name: ${5:undefined} # not required. The username to be configured on the Cisco IOS device. This argument accepts a string value and is mutually exclusive with the C(aggregate) argument. Please note that this option is not same as C(provider username).
auth_pass: ${6:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
purge: ${7:false} # not required. Instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user (the current defined set of users).
privilege: ${8:undefined} # not required. The C(privilege) argument configures the privilege level of the user when logged into the system. This argument accepts integer values in the range of 1 to 15.
state: ${9|present,absent|} # not required. choices: present;absent. Configures the state of the username definition as it relates to the device operational configuration. When set to I(present), the username(s) should be configured in the device active configuration and when set to I(absent) the username(s) should not be in the device active configuration
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
nopassword: ${11:undefined} # not required. Defines the username without assigning a password. This will allow the user to login to the system without being authenticated by a password.
view: ${12:undefined} # not required. Configures the view for the username in the device running configuration. The argument accepts a string value defining the view name. This argument does not check if the view has been configured on the device.
"""
'ios_vlan':
'prefix': "ios_vlan_snippet"
'description': "Manage VLANs on IOS network devices"
'body': """
ios_vlan:
interfaces: ${1:undefined} # required. List of interfaces that should be associated to the VLAN.
vlan_id: ${2:undefined} # required. ID of the VLAN. Range 1-4094.
authorize: ${3|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
delay: ${4:10} # not required. Delay the play should wait to check for declarative intent params values.
name: ${5:undefined} # not required. Name of the VLAN.
auth_pass: ${6:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
purge: ${7:false} # not required. Purge VLANs not defined in the I(aggregate) parameter.
associated_interfaces: ${8:undefined} # not required. This is a intent option and checks the operational state of the for given vlan C(name) for associated interfaces. If the value in the C(associated_interfaces) does not match with the operational state of vlan interfaces on device it will result in failure.
state: ${9|present,absent,active,suspend|} # not required. choices: present;absent;active;suspend. State of the VLAN configuration.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${11:undefined} # not required. List of VLANs definitions.
"""
'ios_vrf':
'prefix': "ios_vrf_snippet"
'description': "Manage the collection of VRF definitions on Cisco IOS devices"
'body': """
ios_vrf:
authorize: ${1|yes,no|} # not required. choices: yes;no. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
rd: ${2:undefined} # not required. The router-distinguisher value uniquely identifies the VRF to routing processes on the remote IOS system. The RD value takes the form of C(A:B) where C(A) and C(B) are both numeric values.
description: ${3:undefined} # not required. Provides a short description of the VRF definition in the current active configuration. The VRF definition value accepts alphanumeric characters used to provide additional information about the VRF.
route_export: ${4:undefined} # not required. Adds an export list of extended route target communities to the VRF.
interfaces: ${5:undefined} # not required. Identifies the set of interfaces that should be configured in the VRF. Interfaces must be routed interfaces in order to be placed into a VRF.
auth_pass: ${6:none} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) and C(become: yes) with C(become_pass).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,Specifies the password to use if required to enter privileged mode on the remote device. If I(authorize) is false, then this argument does nothing. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS) will be used instead.
name: ${7:undefined} # not required. The name of the VRF definition to be managed on the remote IOS device. The VRF definition name is an ASCII string name used to uniquely identify the VRF. This argument is mutually exclusive with the C(vrfs) argument
delay: ${8:10} # not required. Time in seconds to wait before checking for the operational state on remote device.
purge: ${9:false} # not required. Instructs the module to consider the VRF definition absolute. It will remove any previously configured VRFs on the device.
state: ${10|present,absent|} # not required. choices: present;absent. Configures the state of the VRF definition as it relates to the device operational configuration. When set to I(present), the VRF should be configured in the device active configuration and when set to I(absent) the VRF should not be in the device active configuration
vrfs: ${11:undefined} # not required. The set of VRF definition objects to be configured on the remote IOS device. Ths list entries can either be the VRF name or a hash of VRF definitions and attributes. This argument is mutually exclusive with the C(name) argument.
route_both: ${12:undefined} # not required. Adds an export and import list of extended route target communities to the VRF.
provider: ${13:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(IOS Platform Options guide, ../network/user_guide/platform_ios.html).,HORIZONTALLINE,A dict object containing connection details.
associated_interfaces: ${14:undefined} # not required. This is a intent option and checks the operational state of the for given vrf C(name) for associated interfaces. If the value in the C(associated_interfaces) does not match with the operational state of vrf interfaces on device it will result in failure.
route_import: ${15:undefined} # not required. Adds an import list of extended route target communities to the VRF.
"""
'iosxr_banner':
'prefix': "iosxr_banner_snippet"
'description': "Manage multiline banners on Cisco IOS XR devices"
'body': """
iosxr_banner:
banner: ${1|login,motd|} # required. choices: login;motd. Specifies the type of banner to configure on remote device.
text: ${2:null} # not required. Banner text to be configured. Accepts multiline string, without empty lines. Requires I(state=present).
state: ${3|present,absent|} # not required. choices: present;absent. Existential state of the configuration on the device.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
"""
'iosxr_command':
'prefix': "iosxr_command_snippet"
'description': "Run commands on remote devices running Cisco IOS XR"
'body': """
iosxr_command:
commands: ${1:undefined} # required. List of commands to send to the remote iosxr device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
wait_for: ${5:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'iosxr_config':
'prefix': "iosxr_config_snippet"
'description': "Manage Cisco IOS XR configuration sections"
'body': """
iosxr_config:
comment: ${1:configured by iosxr_config} # not required. Allows a commit description to be specified to be included when the configuration is committed. If the configuration is not changed or committed, this argument is ignored.
src: ${2:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
force: ${3|yes,no|} # not required. choices: yes;no. The force argument instructs the module to not consider the current devices running-config. When set to true, this will cause the module to push the contents of I(src) into the device without first checking if already configured.,Note this argument should be considered deprecated. To achieve the equivalent, set the C(match=none) which is idempotent. This argument will be removed in a future release.
admin: ${4|yes,no|} # not required. choices: yes;no. Enters into administration configuration mode for making config changes to the device.
config: ${5:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
after: ${6:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${7:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
replace: ${8|line,block,config|} # not required. choices: line;block;config. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${9:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
backup: ${11:no} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created.
match: ${12|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${13:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'iosxr_facts':
'prefix': "iosxr_facts_snippet"
'description': "Collect facts from remote devices running IOS XR"
'body': """
iosxr_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
"""
'iosxr_interface':
'prefix': "iosxr_interface_snippet"
'description': "Manage Interface on Cisco IOS XR network devices"
'body': """
iosxr_interface:
name: ${1:undefined} # required. Name of the interface to configure in C(type + path) format. e.g. C(GigabitEthernet0/0/0/0)
rx_rate: ${2:undefined} # not required. Receiver rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
duplex: ${3|full,half|} # not required. choices: full;half. Configures the interface duplex mode. Default is auto-negotiation when not configured.
enabled: ${4:true} # not required. Removes the shutdown configuration, which removes the forced administrative down on the interface, enabling it to move to an up or down state.
mtu: ${5:undefined} # not required. Sets the MTU value for the interface. Range is between 64 and 65535"
delay: ${6:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are I(state) with values C(up)/C(down), I(tx_rate) and I(rx_rate).
active: ${7|active,preconfigure|} # not required. choices: active;preconfigure. Whether the interface is C(active) or C(preconfigured). Preconfiguration allows you to configure modular services cards before they are inserted into the router. When the cards are inserted, they are instantly configured. Active cards are the ones already inserted.
state: ${8|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the Interface configuration, C(up) means present and operationally up and C(down) means present and operationally C(down)
provider: ${9:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${10:undefined} # not required. List of Interface definitions. Include multiple interface configurations together, one each on a seperate line
speed: ${11|10,100,1000|} # not required. choices: 10;100;1000. Configure the speed for an interface. Default is auto-negotiation when not configured.
tx_rate: ${12:undefined} # not required. Transmit rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
description: ${13:undefined} # not required. Description of Interface being configured.
"""
'iosxr_logging':
'prefix': "iosxr_logging_snippet"
'description': "Configuration management of system logging services on network devices"
'body': """
iosxr_logging:
name: ${1:undefined} # not required. When C(dest) = I(file) name indicates file-name,When C(dest) = I(host) name indicates the host-name or ip-address of syslog server.
facility: ${2:local7} # not required. To configure the type of syslog facility in which system logging (syslog) messages are sent to syslog servers Optional config for C(dest) = C(host)
dest: ${3|host,console,monitor,buffered,file|} # not required. choices: host;console;monitor;buffered;file. Destination for system logging (syslog) messages.
level: ${4:debugging} # not required. Specifies the severity level for the logging.
hostnameprefix: ${5:undefined} # not required. To append a hostname prefix to system logging (syslog) messages logged to syslog servers. Optional config for C(dest) = C(host)
state: ${6|present,absent|} # not required. choices: present;absent. Existential state of the logging configuration on the node.
vrf: ${7:default} # not required. vrf name when syslog server is configured, C(dest) = C(host)
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${9:undefined} # not required. List of syslog logging configuration definitions.
size: ${10:undefined} # not required. Size of buffer when C(dest) = C(buffered). The acceptable value is in the range I(307200 to 125000000 bytes). Default 307200,Size of file when C(dest) = C(file). The acceptable value is in the range I(1 to 2097152)KB. Default 2 GB
"""
'iosxr_netconf':
'prefix': "iosxr_netconf_snippet"
'description': "Configures NetConf sub-system service on Cisco IOS-XR devices"
'body': """
iosxr_netconf:
state: ${1|present,absent|} # not required. choices: present;absent. Specifies the state of the C(iosxr_netconf) resource on the remote device. If the I(state) argument is set to I(present) the netconf service will be configured. If the I(state) argument is set to I(absent) the netconf service will be removed from the configuration.
netconf_vrf: ${2:default} # not required. netconf vrf name
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
netconf_port: ${4:830} # not required. This argument specifies the port the netconf service should listen on for SSH connections. The default port as defined in RFC 6242 is 830.
"""
'iosxr_system':
'prefix': "iosxr_system_snippet"
'description': "Manage the system attributes on Cisco IOS XR devices"
'body': """
iosxr_system:
lookup_source: ${1:undefined} # not required. The C(lookup_source) argument provides one or more source interfaces to use for performing DNS lookups. The interface provided in C(lookup_source) must be a valid interface configured on the device.
domain_search: ${2:undefined} # not required. Provides the list of domain suffixes to append to the hostname for the purpose of doing name resolution. This argument accepts a list of names and will be reconciled with the current active configuration on the running node.
hostname: ${3:undefined} # not required. Configure the device hostname parameter. This option takes an ASCII string value.
domain_name: ${4:undefined} # not required. Configure the IP domain name on the remote device to the provided value. Value should be in the dotted name form and will be appended to the C(hostname) to create a fully-qualified domain name.
state: ${5|present,absent|} # not required. choices: present;absent. State of the configuration values in the device's current active configuration. When set to I(present), the values should be configured in the device active configuration and when set to I(absent) the values should not be in the device active configuration
vrf: ${6:undefined} # not required. VRF name for domain services
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
name_servers: ${8:undefined} # not required. The C(name_serves) argument accepts a list of DNS name servers by way of either FQDN or IP address to use to perform name resolution lookups. This argument accepts wither a list of DNS servers See examples.
lookup_enabled: ${9:undefined} # not required. Provides administrative control for enabling or disabling DNS lookups. When this argument is set to True, lookups are performed and when it is set to False, lookups are not performed.
"""
'iosxr_user':
'prefix': "iosxr_user_snippet"
'description': "Manage the aggregate of local users on Cisco IOS XR device"
'body': """
iosxr_user:
public_key: ${1:undefined} # not required. Configures the contents of the public keyfile to upload to the IOS-XR node. This enables users to login using the accompanying private key. IOS-XR only accepts base64 decoded files, so this will be decoded and uploaded to the node. Do note that this requires an OpenSSL public key file, PuTTy generated files will not work! Mutually exclusive with public_key_contents. If used with multiple users in aggregates, then the same key file is used for all users.
update_password: ${2|on_create,always|} # not required. choices: on_create;always. Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to C(always), the password will always be updated in the device and when set to C(on_create) the password will be updated only if the username is created.
configured_password: ${3:undefined} # not required. The password to be configured on the Cisco IOS XR device. The password needs to be provided in clear text. Password is encrypted on the device when used with I(cli) and by Ansible when used with I(netconf) using the same MD5 hash technique with salt size of 3. Please note that this option is not same as C(provider password).
group: ${4:undefined} # not required. Configures the group for the username in the device running configuration. The argument accepts a string value defining the group name. This argument does not check if the group has been configured on the device.
name: ${5:undefined} # not required. The username to be configured on the Cisco IOS XR device. This argument accepts a string value and is mutually exclusive with the C(aggregate) argument. Please note that this option is not same as C(provider username).
purge: ${6:false} # not required. Instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user and the current defined set of users.
state: ${7|present,absent|} # not required. choices: present;absent. Configures the state of the username definition as it relates to the device operational configuration. When set to I(present), the username(s) should be configured in the device active configuration and when set to I(absent) the username(s) should not be in the device active configuration
public_key_contents: ${8:undefined} # not required. Configures the contents of the public keyfile to upload to the IOS-XR node. This enables users to login using the accompanying private key. IOS-XR only accepts base64 decoded files, so this will be decoded and uploaded to the node. Do note that this requires an OpenSSL public key file, PuTTy generated files will not work! Mutually exclusive with public_key.If used with multiple users in aggregates, then the same key file is used for all users.
groups: ${9:undefined} # not required. Configures the groups for the username in the device running configuration. The argument accepts a list of group names. This argument does not check if the group has been configured on the device. It is similar to the aggregrate command for usernames, but lets you configure multiple groups for the user(s).
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${11:undefined} # not required. The set of username objects to be configured on the remote Cisco IOS XR device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the C(name) argument.
"""
'ip_netns':
'prefix': "ip_netns_snippet"
'description': "Manage network namespaces"
'body': """
ip_netns:
state: ${1|present,absent|} # not required. choices: present;absent. Whether the namespace should exist
name: ${2:undefined} # not required. Name of the namespace
"""
'ipa_dnsrecord':
'prefix': "ipa_dnsrecord_snippet"
'description': "Manage FreeIPA DNS records"
'body': """
ipa_dnsrecord:
record_name: ${1:undefined} # required. The DNS record name to manage.
record_value: ${2:undefined} # required. Manage DNS record name with this value.,In the case of 'A' or 'AAAA' record types, this will be the IP address.,In the case of 'A6' record type, this will be the A6 Record data.,In the case of 'CNAME' record type, this will be the hostname.,In the case of 'DNAME' record type, this will be the DNAME target.,In the case of 'PTR' record type, this will be the hostname.,In the case of 'TXT' record type, this will be a text.
ipa_pass: ${3:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
zone_name: ${4:undefined} # required. The DNS zone name to which DNS record needs to be managed.
ipa_port: ${5:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_prot: ${6|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
record_type: ${7|A,AAAA,A6,CNAME,DNAME,PTR,TXT|} # not required. choices: A;AAAA;A6;CNAME;DNAME;PTR;TXT. The type of DNS record name.,Currently, 'A', 'AAAA', 'A6', 'CNAME', 'DNAME', 'PTR' and 'TXT' are supported.,'A6', 'CNAME', 'DNAME' and 'TXT' are added in version 2.5.
state: ${8|present,absent|} # not required. choices: present;absent. State to ensure
ipa_host: ${9:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_user: ${10:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${11:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'ipa_dnszone':
'prefix': "ipa_dnszone_snippet"
'description': "Manage FreeIPA DNS Zones"
'body': """
ipa_dnszone:
ipa_pass: ${1:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
zone_name: ${2:undefined} # required. The DNS zone name to which needs to be managed.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_prot: ${4|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
state: ${5|present,absent|} # not required. choices: present;absent. State to ensure
ipa_host: ${6:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_user: ${7:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${8:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'ipa_group':
'prefix': "ipa_group_snippet"
'description': "Manage FreeIPA group"
'body': """
ipa_group:
cn: ${1:undefined} # required. Canonical name.,Can not be changed as it is the unique identifier.
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
external: ${3:undefined} # not required. Allow adding external non-IPA members from trusted domains.
ipa_port: ${4:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
group: ${5:undefined} # not required. List of group names assigned to this group.,If an empty list is passed all groups will be removed from this group.,If option is omitted assigned groups will not be checked or changed.,Groups that are already assigned but not passed will be removed.
user: ${6:undefined} # not required. List of user names assigned to this group.,If an empty list is passed all users will be removed from this group.,If option is omitted assigned users will not be checked or changed.,Users that are already assigned but not passed will be removed.
ipa_prot: ${7|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
gidnumber: ${8:undefined} # not required. GID (use this option to set it manually).
state: ${9|present,absent|} # not required. choices: present;absent. State to ensure
ipa_user: ${10:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${11:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
nonposix: ${12:undefined} # not required. Create as a non-POSIX group.
ipa_host: ${13:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
"""
'ipa_hbacrule':
'prefix': "ipa_hbacrule_snippet"
'description': "Manage FreeIPA HBAC rule"
'body': """
ipa_hbacrule:
cn: ${1:undefined} # required. Canonical name.,Can not be changed as it is the unique identifier.
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
servicecategory: ${3|all|} # not required. choices: all. Service category
sourcehostcategory: ${4|all|} # not required. choices: all. Source host category
service: ${5:undefined} # not required. List of service names to assign.,If an empty list is passed all services will be removed from the rule.,If option is omitted services will not be checked or changed.
ipa_port: ${6:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
description: ${7:undefined} # not required. Description
ipa_prot: ${8|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
hostcategory: ${9|all|} # not required. choices: all. Host category
hostgroup: ${10:undefined} # not required. List of hostgroup names to assign.,If an empty list is passed all hostgroups will be removed. from the rule,If option is omitted hostgroups will not be checked or changed.
usercategory: ${11|all|} # not required. choices: all. User category
state: ${12|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. State to ensure
ipa_host: ${13:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
user: ${14:undefined} # not required. List of user names to assign.,If an empty list if passed all assigned users will be removed from the rule.,If option is omitted users will not be checked or changed.
ipa_user: ${15:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
usergroup: ${16:undefined} # not required. List of user group names to assign.,If an empty list if passed all assigned user groups will be removed from the rule.,If option is omitted user groups will not be checked or changed.
host: ${17:undefined} # not required. List of host names to assign.,If an empty list is passed all hosts will be removed from the rule.,If option is omitted hosts will not be checked or changed.
servicegroup: ${18:undefined} # not required. List of service group names to assign.,If an empty list is passed all assigned service groups will be removed from the rule.,If option is omitted service groups will not be checked or changed.
validate_certs: ${19:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
sourcehostgroup: ${20:undefined} # not required. List of source host group names to assign.,If an empty list if passed all assigned source host groups will be removed from the rule.,If option is omitted source host groups will not be checked or changed.
sourcehost: ${21:undefined} # not required. List of source host names to assign.,If an empty list if passed all assigned source hosts will be removed from the rule.,If option is omitted source hosts will not be checked or changed.
"""
'ipa_host':
'prefix': "ipa_host_snippet"
'description': "Manage FreeIPA host"
'body': """
ipa_host:
fqdn: ${1:undefined} # required. Full qualified domain name.,Can not be changed as it is the unique identifier.
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
force: ${4:undefined} # not required. Force host name even if not in DNS.
description: ${5:undefined} # not required. A description of this host.
ns_os_version: ${6:undefined} # not required. Host operating system and version (e.g. \"Fedora 9\")
ipa_prot: ${7|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_host: ${8:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${9:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
state: ${10|present,absent,disabled|} # not required. choices: present;absent;disabled. State to ensure
random_password: ${11:false} # not required. Generate a random password to be used in bulk enrollment
ns_host_location: ${12:undefined} # not required. Host location (e.g. \"Lab 2\")
ipa_user: ${13:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
mac_address: ${14:undefined} # not required. List of Hardware MAC address(es) off this host.,If option is omitted MAC addresses will not be checked or changed.,If an empty list is passed all assigned MAC addresses will be removed.,MAC addresses that are already assigned but not passed will be removed.
user_certificate: ${15:undefined} # not required. List of Base-64 encoded server certificates.,If option is omitted certificates will not be checked or changed.,If an empty list is passed all assigned certificates will be removed.,Certificates already assigned but not passed will be removed.
ip_address: ${16:undefined} # not required. Add the host to DNS with this IP address.
ns_hardware_platform: ${17:undefined} # not required. Host hardware platform (e.g. \"Lenovo T61\")
update_dns: ${18:false} # not required. If set C(\"True\") with state as C(\"absent\"), then removes DNS records of the host managed by FreeIPA DNS.,This option has no effect for states other than \"absent\".
"""
'ipa_hostgroup':
'prefix': "ipa_hostgroup_snippet"
'description': "Manage FreeIPA host-group"
'body': """
ipa_hostgroup:
ipa_pass: ${1:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
cn: ${2:undefined} # required. Name of host-group.,Can not be changed as it is the unique identifier.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
description: ${4:undefined} # not required. Description
ipa_prot: ${5|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
state: ${6|present,absent|} # not required. choices: present;absent. State to ensure.
hostgroup: ${7:undefined} # not required. List of host-groups than belong to that host-group.,If an empty list is passed all host-groups will be removed from the group.,If option is omitted host-groups will not be checked or changed.,If option is passed all assigned hostgroups that are not passed will be unassigned from the group.
host: ${8:undefined} # not required. List of hosts that belong to the host-group.,If an empty list is passed all hosts will be removed from the group.,If option is omitted hosts will not be checked or changed.,If option is passed all assigned hosts that are not passed will be unassigned from the group.
ipa_host: ${9:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_user: ${10:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${11:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'ipa_role':
'prefix': "ipa_role_snippet"
'description': "Manage FreeIPA role"
'body': """
ipa_role:
cn: ${1:undefined} # required. Role name.,Can not be changed as it is the unique identifier.
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
group: ${4:undefined} # not required. List of group names assign to this role.,If an empty list is passed all assigned groups will be unassigned from the role.,If option is omitted groups will not be checked or changed.,If option is passed all assigned groups that are not passed will be unassigned from the role.
service: ${5:undefined} # not required. List of service names to assign.,If an empty list is passed all assigned services will be removed from the role.,If option is omitted services will not be checked or changed.,If option is passed all assigned services that are not passed will be removed from the role.
ipa_prot: ${6|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
host: ${7:undefined} # not required. List of host names to assign.,If an empty list is passed all assigned hosts will be unassigned from the role.,If option is omitted hosts will not be checked or changed.,If option is passed all assigned hosts that are not passed will be unassigned from the role.
hostgroup: ${8:undefined} # not required. List of host group names to assign.,If an empty list is passed all assigned host groups will be removed from the role.,If option is omitted host groups will not be checked or changed.,If option is passed all assigned hostgroups that are not passed will be unassigned from the role.
state: ${9|present,absent|} # not required. choices: present;absent. State to ensure
ipa_host: ${10:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
user: ${11:undefined} # not required. List of user names to assign.,If an empty list is passed all assigned users will be removed from the role.,If option is omitted users will not be checked or changed.
ipa_user: ${12:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
privilege: ${13:None} # not required. List of privileges granted to the role.,If an empty list is passed all assigned privileges will be removed.,If option is omitted privileges will not be checked or changed.,If option is passed all assigned privileges that are not passed will be removed.
validate_certs: ${14:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
description: ${15:undefined} # not required. A description of this role-group.
"""
'ipa_service':
'prefix': "ipa_service_snippet"
'description': "Manage FreeIPA service"
'body': """
ipa_service:
krbcanonicalname: ${1:undefined} # required. principal of the service,Can not be changed as it is the unique identifier.
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
force: ${4:undefined} # not required. Force principal name even if host is not in DNS.
ipa_prot: ${5|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
state: ${6|present,absent|} # not required. choices: present;absent. State to ensure
hosts: ${7:undefined} # not required. defines the list of 'ManagedBy' hosts
ipa_host: ${8:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_user: ${9:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${10:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'ipa_subca':
'prefix': "ipa_subca_snippet"
'description': "Manage FreeIPA Lightweight Sub Certificate Authorities."
'body': """
ipa_subca:
subca_name: ${1:undefined} # required. The Sub Certificate Authority name which needs to be managed.
subca_subject: ${2:undefined} # required. The Sub Certificate Authority's Subject. e.g., 'CN=SampleSubCA1,O=testrelm.test"
ipa_pass: ${3:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
subca_desc: ${4:undefined} # required. The Sub Certificate Authority's description.
ipa_port: ${5:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_prot: ${6|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
state: ${7|present,absent,enable,disable|} # not required. choices: present;absent;enable;disable. State to ensure,State 'disable' and 'enable' is available for FreeIPA 4.4.2 version and onwards
ipa_host: ${8:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_user: ${9:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${10:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'ipa_sudocmd':
'prefix': "ipa_sudocmd_snippet"
'description': "Manage FreeIPA sudo command"
'body': """
ipa_sudocmd:
ipa_pass: ${1:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
sudocmd: ${2:undefined} # required. Sudo Command.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
description: ${4:undefined} # not required. A description of this command.
ipa_prot: ${5|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
state: ${6|present,absent|} # not required. choices: present;absent. State to ensure
ipa_host: ${7:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_user: ${8:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
validate_certs: ${9:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
"""
'ipa_sudocmdgroup':
'prefix': "ipa_sudocmdgroup_snippet"
'description': "Manage FreeIPA sudo command group"
'body': """
ipa_sudocmdgroup:
cn: ${1:undefined} # required. Sudo Command Group.
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_user: ${4:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_prot: ${5|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
state: ${6|present,absent|} # not required. choices: present;absent. State to ensure
ipa_host: ${7:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
sudocmd: ${8:undefined} # not required. List of sudo commands to assign to the group.,If an empty list is passed all assigned commands will be removed from the group.,If option is omitted sudo commands will not be checked or changed.
validate_certs: ${9:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
description: ${10:undefined} # not required. Group description.
"""
'ipa_sudorule':
'prefix': "ipa_sudorule_snippet"
'description': "Manage FreeIPA sudo rule"
'body': """
ipa_sudorule:
cn: ${1:undefined} # required. Canonical name.,Can not be changed as it is the unique identifier.
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
ipa_port: ${3:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
runasgroupcategory: ${4|all|} # not required. choices: all. RunAs Group category the rule applies to.
runasusercategory: ${5|all|} # not required. choices: all. RunAs User category the rule applies to.
cmd: ${6:undefined} # not required. List of commands assigned to the rule.,If an empty list is passed all commands will be removed from the rule.,If option is omitted commands will not be checked or changed.
ipa_prot: ${7|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
host: ${8:undefined} # not required. List of hosts assigned to the rule.,If an empty list is passed all hosts will be removed from the rule.,If option is omitted hosts will not be checked or changed.,Option C(hostcategory) must be omitted to assign hosts.
hostgroup: ${9:undefined} # not required. List of host groups assigned to the rule.,If an empty list is passed all host groups will be removed from the rule.,If option is omitted host groups will not be checked or changed.,Option C(hostcategory) must be omitted to assign host groups.
usercategory: ${10|all|} # not required. choices: all. User category the rule applies to.
hostcategory: ${11|all|} # not required. choices: all. Host category the rule applies to.,If 'all' is passed one must omit C(host) and C(hostgroup).,Option C(host) and C(hostgroup) must be omitted to assign 'all'.
state: ${12|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. State to ensure
user: ${13:undefined} # not required. List of users assigned to the rule.,If an empty list is passed all users will be removed from the rule.,If option is omitted users will not be checked or changed.
ipa_user: ${14:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
usergroup: ${15:undefined} # not required. List of user groups assigned to the rule.,If an empty list is passed all user groups will be removed from the rule.,If option is omitted user groups will not be checked or changed.
cmdcategory: ${16|all|} # not required. choices: all. Command category the rule applies to.
validate_certs: ${17:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
ipa_host: ${18:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
"""
'ipa_user':
'prefix': "ipa_user_snippet"
'description': "Manage FreeIPA users"
'body': """
ipa_user:
uid: ${1:undefined} # required. uid of the user
ipa_pass: ${2:undefined} # required. Password of administrative user.,If the value is not specified in the task, the value of environment variable C(IPA_PASS) will be used instead.,If both the environment variable C(IPA_PASS) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
telephonenumber: ${3:undefined} # not required. List of telephone numbers assigned to the user.,If an empty list is passed all assigned telephone numbers will be deleted.,If None is passed telephone numbers will not be checked or changed.
sshpubkey: ${4:undefined} # not required. List of public SSH key.,If an empty list is passed all assigned public keys will be deleted.,If None is passed SSH public keys will not be checked or changed.
ipa_port: ${5:443} # not required. Port of FreeIPA / IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PORT) will be used instead.,If both the environment variable C(IPA_PORT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
password: ${6:undefined} # not required. Password for new user
displayname: ${7:undefined} # not required. Display name
krbpasswordexpiration: ${8:undefined} # not required. Date at which the user password will expire,In the format YYYYMMddHHmmss,e.g. 20180121182022 will expire on 21 January 2018 at 18:20:22
title: ${9:undefined} # not required. Title
loginshell: ${10:undefined} # not required. Login shell
uidnumber: ${11:undefined} # not required. Account Settings UID/Posix User ID number
state: ${12|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. State to ensure
ipa_prot: ${13|http,https|} # not required. choices: http;https. Protocol used by IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_PROT) will be used instead.,If both the environment variable C(IPA_PROT) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
gidnumber: ${14:undefined} # not required. Posix Group ID
sn: ${15:undefined} # not required. Surname
ipa_user: ${16:admin} # not required. Administrative account used on IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_USER) will be used instead.,If both the environment variable C(IPA_USER) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
mail: ${17:undefined} # not required. List of mail addresses assigned to the user.,If an empty list is passed all assigned email addresses will be deleted.,If None is passed email addresses will not be checked or changed.
givenname: ${18:undefined} # not required. First name
validate_certs: ${19:true} # not required. This only applies if C(ipa_prot) is I(https).,If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
ipa_host: ${20:ipa.example.com} # not required. IP or hostname of IPA server.,If the value is not specified in the task, the value of environment variable C(IPA_HOST) will be used instead.,If both the environment variable C(IPA_HOST) and the value are not specified in the task, then default value is set.,Environment variable fallback mechanism is added in version 2.5.
"""
'ipadm_addr':
'prefix': "ipadm_addr_snippet"
'description': "Manage IP addresses on an interface on Solaris/illumos systems"
'body': """
ipadm_addr:
addrobj: ${1:undefined} # required. Specifies an unique IP address on the system.
addrtype: ${2|static,dhcp,addrconf|} # not required. choices: static;dhcp;addrconf. Specifiies a type of IP address to configure.
state: ${3|absent,present,up,down,enabled,disabled,refreshed|} # not required. choices: absent;present;up;down;enabled;disabled;refreshed. Create/delete/enable/disable an IP address on the network interface.
temporary: ${4:false} # not required. Specifies that the configured IP address is temporary. Temporary IP addresses do not persist across reboots.
address: ${5:undefined} # not required. Specifiies an IP address to configure in CIDR notation.
wait: ${6:60} # not required. Specifies the time in seconds we wait for obtaining address via DHCP.
"""
'ipadm_addrprop':
'prefix': "ipadm_addrprop_snippet"
'description': "Manage IP address properties on Solaris/illumos systems."
'body': """
ipadm_addrprop:
property: ${1:undefined} # required. Specifies the name of the address property we want to manage.
addrobj: ${2:undefined} # required. Specifies the address object we want to manage.
state: ${3|present,absent,reset|} # not required. choices: present;absent;reset. Set or reset the property value.
temporary: ${4:false} # not required. Specifies that the address property value is temporary. Temporary values do not persist across reboots.
value: ${5:undefined} # not required. Specifies the value we want to set for the address property.
"""
'ipadm_if':
'prefix': "ipadm_if_snippet"
'description': "Manage IP interfaces on Solaris/illumos systems."
'body': """
ipadm_if:
name: ${1:undefined} # required. IP interface name.
state: ${2|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. Create or delete Solaris/illumos IP interfaces.
temporary: ${3|true,false|} # not required. choices: true;false. Specifies that the IP interface is temporary. Temporary IP interfaces do not persist across reboots.
"""
'ipadm_ifprop':
'prefix': "ipadm_ifprop_snippet"
'description': "Manage IP interface properties on Solaris/illumos systems."
'body': """
ipadm_ifprop:
interface: ${1:undefined} # required. Specifies the IP interface we want to manage.
protocol: ${2:undefined} # required. Specifies the procotol for which we want to manage properties.
property: ${3:undefined} # required. Specifies the name of the property we want to manage.
state: ${4|present,absent,reset|} # not required. choices: present;absent;reset. Set or reset the property value.
temporary: ${5:false} # not required. Specifies that the property value is temporary. Temporary property values do not persist across reboots.
value: ${6:undefined} # not required. Specifies the value we want to set for the property.
"""
'ipadm_prop':
'prefix': "ipadm_prop_snippet"
'description': "Manage protocol properties on Solaris/illumos systems."
'body': """
ipadm_prop:
protocol: ${1:undefined} # required. Specifies the procotol for which we want to manage properties.
property: ${2:undefined} # required. Specifies the name of property we want to manage.
state: ${3|present,absent,reset|} # not required. choices: present;absent;reset. Set or reset the property value.
temporary: ${4|true,false|} # not required. choices: true;false. Specifies that the property value is temporary. Temporary property values do not persist across reboots.
value: ${5:undefined} # not required. Specifies the value we want to set for the property.
"""
'ipify_facts':
'prefix': "ipify_facts_snippet"
'description': "Retrieve the public IP of your internet gateway."
'body': """
ipify_facts:
validate_certs: ${1:yes} # not required. When set to C(NO), SSL certificates will not be validated.
api_url: ${2:https://api.ipify.org} # not required. URL of the ipify.org API service.,C(?format=json) will be appended per default.
timeout: ${3:10} # not required. HTTP connection timeout in seconds.
"""
'ipinfoio_facts':
'prefix': "ipinfoio_facts_snippet"
'description': "Retrieve IP geolocation facts of a host's IP address"
'body': """
ipinfoio_facts:
http_agent: ${1:ansible-ipinfoio-module/0.0.1} # not required. Set http user agent
timeout: ${2:10} # not required. HTTP connection timeout in seconds
"""
'ipmi_boot':
'prefix': "ipmi_boot_snippet"
'description': "Management of order of boot devices"
'body': """
ipmi_boot:
bootdev: ${1|network -- Request network boot,floppy -- Boot from floppy,hd -- Boot from hard drive,safe -- Boot from hard drive, requesting 'safe mode',optical -- boot from CD/DVD/BD drive,setup -- Boot into setup utility,default -- remove any IPMI directed boot device request|} # required. choices: network -- Request network boot;floppy -- Boot from floppy;hd -- Boot from hard drive;safe -- Boot from hard drive, requesting 'safe mode';optical -- boot from CD/DVD/BD drive;setup -- Boot into setup utility;default -- remove any IPMI directed boot device request. Set boot device to use on next reboot
name: ${2:undefined} # required. Hostname or ip address of the BMC.
user: ${3:undefined} # required. Username to use to connect to the BMC.
password: ${4:null} # required. Password to connect to the BMC.
persistent: ${5:false} # not required. If set, ask that system firmware uses this device beyond next boot. Be aware many systems do not honor this.
uefiboot: ${6:false} # not required. If set, request UEFI boot explicitly. Strictly speaking, the spec suggests that if not set, the system should BIOS boot and offers no \"don't care\" option. In practice, this flag not being set does not preclude UEFI boot on any system I've encountered.
state: ${7|present -- Request system turn on,absent -- Request system turn on|} # not required. choices: present -- Request system turn on;absent -- Request system turn on. Whether to ensure that boot devices is desired.
port: ${8:623} # not required. Remote RMCP port.
"""
'ipmi_power':
'prefix': "ipmi_power_snippet"
'description': "Power management for machine"
'body': """
ipmi_power:
state: ${1|on -- Request system turn on,off -- Request system turn off without waiting for OS to shutdown,shutdown -- Have system request OS proper shutdown,reset -- Request system reset without waiting for OS,boot -- If system is off, then 'on', else 'reset'|} # required. choices: on -- Request system turn on;off -- Request system turn off without waiting for OS to shutdown;shutdown -- Have system request OS proper shutdown;reset -- Request system reset without waiting for OS;boot -- If system is off, then 'on', else 'reset'. Whether to ensure that the machine in desired state.
name: ${2:undefined} # required. Hostname or ip address of the BMC.
password: ${3:null} # required. Password to connect to the BMC.
user: ${4:undefined} # required. Username to use to connect to the BMC.
timeout: ${5:300} # not required. Maximum number of seconds before interrupt request.
port: ${6:623} # not required. Remote RMCP port.
"""
'iptables':
'prefix': "iptables_snippet"
'description': "Modify the systems iptables"
'body': """
iptables:
tcp_flags: ${1:[object Object]} # not required. TCP flags specification.,C(tcp_flags) expects a dict with the two keys C(flags) and C(flags_set).
comment: ${2:undefined} # not required. This specifies a comment that will be added to the rule.
log_prefix: ${3:undefined} # not required. Specifies a log text for the rule. Only make sense with a LOG jump.
protocol: ${4:undefined} # not required. The protocol of the rule or of the packet to check.,The specified protocol can be one of tcp, udp, udplite, icmp, esp, ah, sctp or the special keyword \"all\", or it can be a numeric value, representing one of these protocols or a different one. A protocol name from /etc/protocols is also allowed. A \"!\" argument before the protocol inverts the test. The number zero is equivalent to all. \"all\" will match with all protocols and is taken as default when this option is omitted.
chain: ${5:undefined} # not required. Chain to operate on.,This option can either be the name of a user defined chain or any of the builtin chains: 'INPUT', 'FORWARD', 'OUTPUT', 'PREROUTING', 'POSTROUTING', 'SECMARK', 'CONNSECMARK'.
out_interface: ${6:undefined} # not required. Name of an interface via which a packet is going to be sent (for packets entering the FORWARD, OUTPUT and POSTROUTING chains). When the \"!\" argument is used before the interface name, the sense is inverted. If the interface name ends in a \"+\", then any interface which begins with this name will match. If this option is omitted, any interface name will match.
limit_burst: ${7:undefined} # not required. Specifies the maximum burst before the above limit kicks in.
ctstate: ${8|DNAT,ESTABLISHED,INVALID,NEW,RELATED,SNAT,UNTRACKED|} # not required. choices: DNAT;ESTABLISHED;INVALID;NEW;RELATED;SNAT;UNTRACKED. C(ctstate) is a list of the connection states to match in the conntrack module. Possible states are: 'INVALID', 'NEW', 'ESTABLISHED', 'RELATED', 'UNTRACKED', 'SNAT', 'DNAT"
jump: ${9:undefined} # not required. This specifies the target of the rule; i.e., what to do if the packet matches it. The target can be a user-defined chain (other than the one this rule is in), one of the special builtin targets which decide the fate of the packet immediately, or an extension (see EXTENSIONS below). If this option is omitted in a rule (and the goto parameter is not used), then matching the rule will have no effect on the packet's fate, but the counters on the rule will be incremented.
to_ports: ${10:undefined} # not required. This specifies a destination port or range of ports to use: without this, the destination port is never altered. This is only valid if the rule also specifies one of the following protocols: tcp, udp, dccp or sctp.
flush: ${11:undefined} # not required. Flushes the specified table and chain of all rules.,If no chain is specified then the entire table is purged.,Ignores all other parameters.
table: ${12|filter,nat,mangle,raw,security|} # not required. choices: filter;nat;mangle;raw;security. This option specifies the packet matching table which the command should operate on. If the kernel is configured with automatic module loading, an attempt will be made to load the appropriate module for that table if it is not already there.
icmp_type: ${13:undefined} # not required. This allows specification of the ICMP type, which can be a numeric ICMP type, type/code pair, or one of the ICMP type names shown by the command 'iptables -p icmp -h"
to_destination: ${14:undefined} # not required. This specifies a destination address to use with DNAT.,Without this, the destination address is never altered.
uid_owner: ${15:undefined} # not required. Specifies the UID or username to use in match by owner rule.
set_dscp_mark_class: ${16:undefined} # not required. This allows specifying a predefined DiffServ class which will be translated to the corresponding DSCP mark.,Mutually exclusive with C(set_dscp_mark).
destination: ${17:undefined} # not required. Destination specification.,Address can be either a network name, a hostname, a network IP address (with /mask), or a plain IP address.,Hostnames will be resolved once only, before the rule is submitted to the kernel. Please note that specifying any name to be resolved with a remote query such as DNS is a really bad idea.,The mask can be either a network mask or a plain number, specifying the number of 1's at the left side of the network mask. Thus, a mask of 24 is equivalent to 255.255.255.0. A \"!\" argument before the address specification inverts the sense of the address.
state: ${18|absent,present|} # not required. choices: absent;present. Whether the rule should be absent or present.
source: ${19:undefined} # not required. Source specification.,Address can be either a network name, a hostname, a network IP address (with /mask), or a plain IP address.,Hostnames will be resolved once only, before the rule is submitted to the kernel. Please note that specifying any name to be resolved with a remote query such as DNS is a really bad idea.,The mask can be either a network mask or a plain number, specifying the number of 1's at the left side of the network mask. Thus, a mask of 24 is equivalent to 255.255.255.0. A \"!\" argument before the address specification inverts the sense of the address.
set_dscp_mark: ${20:undefined} # not required. This allows specifying a DSCP mark to be added to packets. It takes either an integer or hex value.,Mutually exclusive with C(set_dscp_mark_class).
policy: ${21|ACCEPT,DROP,QUEUE,RETURN|} # not required. choices: ACCEPT;DROP;QUEUE;RETURN. Set the policy for the chain to the given target.,Only built-in chains can have policies.,This parameter requires the C(chain) parameter.,Ignores all other parameters.
set_counters: ${22:undefined} # not required. This enables the administrator to initialize the packet and byte counters of a rule (during INSERT, APPEND, REPLACE operations).
match: ${23:} # not required. Specifies a match to use, that is, an extension module that tests for a specific property. The set of matches make up the condition under which a target is invoked. Matches are evaluated first to last if specified as an array and work in short-circuit fashion, i.e. if one extension yields false, evaluation will stop.
goto: ${24:undefined} # not required. This specifies that the processing should continue in a user specified chain. Unlike the jump argument return will not continue processing in this chain but instead in the chain that called us via jump.
fragment: ${25:undefined} # not required. This means that the rule only refers to second and further fragments of fragmented packets. Since there is no way to tell the source or destination ports of such a packet (or ICMP type), such a packet will not match any rules which specify them. When the \"!\" argument precedes fragment argument, the rule will only match head fragments, or unfragmented packets.
to_source: ${26:undefined} # not required. This specifies a source address to use with SNAT.,Without this, the source address is never altered.
syn: ${27|ignore,match,negate|} # not required. choices: ignore;match;negate. This allows matching packets that have the SYN bit set and the ACK and RST bits unset.,When negated, this matches all packets with the RST or the ACK bits set.
in_interface: ${28:undefined} # not required. Name of an interface via which a packet was received (only for packets entering the INPUT, FORWARD and PREROUTING chains). When the \"!\" argument is used before the interface name, the sense is inverted. If the interface name ends in a \"+\", then any interface which begins with this name will match. If this option is omitted, any interface name will match.
source_port: ${29:undefined} # not required. Source port or port range specification. This can either be a service name or a port number. An inclusive range can also be specified, using the format first:last. If the first port is omitted, '0' is assumed; if the last is omitted, '65535' is assumed. If the first port is greater than the second one they will be swapped.
rule_num: ${30:undefined} # not required. Insert the rule as the given rule number. This works only with action = 'insert'.
destination_port: ${31:undefined} # not required. Destination port or port range specification. This can either be a service name or a port number. An inclusive range can also be specified, using the format first:last. If the first port is omitted, '0' is assumed; if the last is omitted, '65535' is assumed. If the first port is greater than the second one they will be swapped.
reject_with: ${32:undefined} # not required. Specifies the error packet type to return while rejecting. It implies \"jump: REJECT\"
limit: ${33:undefined} # not required. Specifies the maximum average number of matches to allow per second.,The number can specify units explicitly, using `/second', `/minute', `/hour' or `/day', or parts of them (so `5/second' is the same as `5/s').
action: ${34|append,insert|} # not required. choices: append;insert. Whether the rule should be appended at the bottom or inserted at the top.,If the rule already exists the chain won't be modified.
ip_version: ${35|ipv4,ipv6|} # not required. choices: ipv4;ipv6. Which version of the IP protocol this rule should apply to.
"""
'irc':
'prefix': "irc_snippet"
'description': "Send a message to an IRC channel"
'body': """
irc:
msg: ${1:null} # required. The message body.
channel: ${2:undefined} # required. Channel name. One of nick_to or channel needs to be set. When both are set, the message will be sent to both of them.
style: ${3|bold,underline,reverse,italic|} # not required. choices: bold;underline;reverse;italic. Text style for the message. Note italic does not work on some clients
key: ${4:undefined} # not required. Channel key
passwd: ${5:undefined} # not required. Server password
color: ${6|none,white,black,blue,green,red,brown,purple,orange,yellow,light_green,teal,light_cyan,light_blue,pink,gray,light_gray|} # not required. choices: none;white;black;blue;green;red;brown;purple;orange;yellow;light_green;teal;light_cyan;light_blue;pink;gray;light_gray. Text color for the message. (\"none\" is a valid option in 1.6 or later, in 1.6 and prior, the default color is black, not \"none\"). Added 11 more colors in version 2.0.
server: ${7:localhost} # not required. IRC server name/address
topic: ${8:null} # not required. Set the channel topic
nick: ${9:ansible} # not required. Nickname to send the message from. May be shortened, depending on server's NICKLEN setting.
part: ${10:true} # not required. Designates whether user should part from channel after sending message or not. Useful for when using a faux bot and not wanting join/parts between messages.
nick_to: ${11:null} # not required. A list of nicknames to send the message to. One of nick_to or channel needs to be set. When both are defined, the message will be sent to both of them.
timeout: ${12:30} # not required. Timeout to use while waiting for successful registration and join messages, this is to prevent an endless loop
use_ssl: ${13:false} # not required. Designates whether TLS/SSL should be used when connecting to the IRC server
port: ${14:6667} # not required. IRC server port number
"""
'ironware_command':
'prefix': "ironware_command_snippet"
'description': "Run arbitrary commands on Brocade IronWare devices"
'body': """
ironware_command:
commands: ${1:undefined} # required. List of commands to send to the remote device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retires as expired.
authorize: ${2|yes,no|} # not required. choices: yes;no. Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
retries: ${3:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${4:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${5:null} # not required. A dict object containing connection details.
wait_for: ${6:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${7|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. If the value is set to C(all) then all conditionals in the I(wait_for) must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'ironware_config':
'prefix': "ironware_config_snippet"
'description': "Manage configuration sections on Brocade Ironware devices"
'body': """
ironware_config:
authorize: ${1|yes,no|} # not required. choices: yes;no. Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
src: ${2:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
backup: ${3|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
after: ${4:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${5:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
update: ${6|merge,check|} # not required. choices: merge;check. The I(update) argument controls how the configuration statements are processed on the remote device. Valid choices for the I(update) argument are I(merge) and I(check). When the argument is set to I(merge), the configuration changes are merged with the current device running configuration. When the argument is set to I(check) the configuration updates are determined but not actually configured on the remote device.
replace: ${7|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct
parents: ${8:null} # not required. The ordered set of parents that uniquely identify the section the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${9:null} # not required. A dict object containing connection details.
commit: ${10|merge,check|} # not required. choices: merge;check. This argument specifies the update method to use when applying the configuration changes to the remote node. If the value is set to I(merge) the configuration updates are merged with the running- config. If the value is set to I(check), no changes are made to the remote host.
save_when: ${11|always,never,modified|} # not required. choices: always;never;modified. When changes are made to the device running-configuration, the changes are not copied to non-volatile storage by default. Using this argument will change that before. If the argument is set to I(always), then the running-config will always be copied to the startup-config and the I(modified) flag will always be set to True. If the argument is set to I(modified), then the running-config will only be copied to the startup-config if it has changed since the last save to startup-config. If the argument is set to I(never), the running-config will never be copied to the startup-config
config: ${12:null} # not required. The C(config) argument allows the playbook designer to supply the base configuration to be used to validate configuration changes necessary. If this argument is provided, the module will not download the running-config from the remote node.
match: ${13|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${14:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system
"""
'ironware_facts':
'prefix': "ironware_facts_snippet"
'description': "Collect facts from devices running Brocade Ironware"
'body': """
ironware_facts:
authorize: ${1|yes,no|} # not required. choices: yes;no. Instructs the module to enter privileged mode on the remote device before sending any commands. If not specified, the device will attempt to execute all commands in non-privileged mode. If the value is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
gather_subset: ${2:!config,!mpls} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, mpls and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${3:null} # not required. A dict object containing connection details.
"""
'iso_extract':
'prefix': "iso_extract_snippet"
'description': "Extract files from an ISO image"
'body': """
iso_extract:
dest: ${1:undefined} # required. The destination directory to extract files to.
files: ${2:undefined} # required. A list of files to extract from the image.,Extracting directories does not work.
image: ${3:undefined} # required. The ISO image to extract files from.
force: ${4:yes} # not required. If C(yes), which will replace the remote file when contents are different than the source.,If C(no), the file will only be extracted and copied if the destination does not already exist.
executable: ${5:7z} # not required. The path to the C(7z) executable to use for extracting files from the ISO.
"""
'jabber':
'prefix': "jabber_snippet"
'description': "Send a message to jabber user or chat room"
'body': """
jabber:
to: ${1:undefined} # required. user ID or name of the room, when using room use a slash to indicate your nick.
user: ${2:undefined} # required. User as which to connect
msg: ${3:null} # required. The message body.
password: ${4:undefined} # required. password for user to connect
host: ${5:undefined} # not required. host to connect, overrides user info
encoding: ${6:undefined} # not required. message encoding
port: ${7:5222} # not required. port to connect to, overrides default
"""
'java_cert':
'prefix': "java_cert_snippet"
'description': "Uses keytool to import/remove key from java keystore(cacerts)"
'body': """
java_cert:
keystore_pass: ${1:undefined} # required. Keystore password.
keystore_create: ${2:undefined} # not required. Create keystore if it doesn't exist
cert_alias: ${3:undefined} # not required. Imported certificate alias.
executable: ${4:keytool} # not required. Path to keytool binary if not used we search in PATH for it.
pkcs12_password: ${5:} # not required. Password for importing from PKCS12 keystore.
cert_port: ${6:443} # not required. Port to connect to URL. This will be used to create server URL:PORT
pkcs12_alias: ${7:1} # not required. Alias in the PKCS12 keystore.
state: ${8|absent,present|} # not required. choices: absent;present. Defines action which can be either certificate import or removal.
pkcs12_path: ${9:undefined} # not required. Local path to load PKCS12 keystore from.
cert_url: ${10:undefined} # not required. Basic URL to fetch SSL certificate from. One of cert_url or cert_path is required to load certificate.
cert_path: ${11:undefined} # not required. Local path to load certificate from. One of cert_url or cert_path is required to load certificate.
keystore_path: ${12:undefined} # not required. Path to keystore.
"""
'jboss':
'prefix': "jboss_snippet"
'description': "deploy applications to JBoss"
'body': """
jboss:
deployment: ${1:undefined} # required. The name of the deployment
src: ${2:undefined} # not required. The remote path of the application ear or war to deploy
deploy_path: ${3:/var/lib/jbossas/standalone/deployments} # not required. The location in the filesystem where the deployment scanner listens
state: ${4|present,absent|} # not required. choices: present;absent. Whether the application should be deployed or undeployed
"""
'jenkins_job':
'prefix': "jenkins_job_snippet"
'description': "Manage jenkins jobs"
'body': """
jenkins_job:
name: ${1:undefined} # required. Name of the Jenkins job.
url: ${2:http://localhost:8080} # not required. Url where the Jenkins server is accessible.
enabled: ${3:undefined} # not required. Whether the job should be enabled or disabled.,Mututally exclusive with C(config).,Considered if C(state=present).
state: ${4|present,absent|} # not required. choices: present;absent. Attribute that specifies if the job has to be created or deleted.
token: ${5:undefined} # not required. API token used to authenticate alternatively to password.
user: ${6:undefined} # not required. User to authenticate with the Jenkins server.
password: ${7:undefined} # not required. Password to authenticate with the Jenkins server.
config: ${8:undefined} # not required. config in XML format.,Required if job does not yet exist.,Mututally exclusive with C(enabled).,Considered if C(state=present).
"""
'jenkins_job_facts':
'prefix': "jenkins_job_facts_snippet"
'description': "Get facts about Jenkins jobs"
'body': """
jenkins_job_facts:
url: ${1:http://localhost:8080} # not required. Url where the Jenkins server is accessible.
token: ${2:undefined} # not required. API token used to authenticate alternatively to C(password).
name: ${3:undefined} # not required. Exact name of the Jenkins job to fetch facts about.
color: ${4:undefined} # not required. Only fetch jobs with the given status color.
glob: ${5:undefined} # not required. A shell glob of Jenkins job names to fetch facts about.
password: ${6:undefined} # not required. Password to authenticate with the Jenkins server.
user: ${7:undefined} # not required. User to authenticate with the Jenkins server.
"""
'jenkins_plugin':
'prefix': "jenkins_plugin_snippet"
'description': "Add or remove Jenkins plugin"
'body': """
jenkins_plugin:
name: ${1:undefined} # required. Plugin name.
jenkins_home: ${2:/var/lib/jenkins} # not required. Home directory of the Jenkins user.
url_password: ${3:undefined} # not required. The password for use in HTTP basic authentication.,If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
group: ${4:jenkins} # not required. Name of the Jenkins group on the OS.
url: ${5:http://localhost:8080} # not required. URL of the Jenkins server.
force_basic_auth: ${6:false} # not required. Credentials specified with I(url_username) and I(url_password) should be passed in HTTP Header.
url_username: ${7:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without I(url_password) for sites that allow empty passwords
updates_url: ${8:https://updates.jenkins-ci.org} # not required. URL of the Update Centre.,Used as the base URL to download the plugins and the I(update-center.json) JSON file.
http_agent: ${9:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
with_dependencies: ${10|yes,no|} # not required. choices: yes;no. Defines whether to install plugin dependencies.,This option takes effect only if the I(version) is not defined.
state: ${11|absent,present,pinned,unpinned,enabled,disabled,latest|} # not required. choices: absent;present;pinned;unpinned;enabled;disabled;latest. Desired plugin state.,If the C(latest) is set, the check for new version will be performed every time. This is suitable to keep the plugin up-to-date.
version: ${12:null} # not required. Plugin version number.,If this option is specified, all plugin dependencies must be installed manually.,It might take longer to verify that the correct version is installed. This is especially true if a specific version number is specified.,Quote the version to prevent the value to be interpreted as float. For example if C(1.20) would be unquoted, it would become C(1.2).
updates_expiration: ${13:86400} # not required. Number of seconds after which a new copy of the I(update-center.json) file is downloaded. This is used to avoid the need to download the plugin to calculate its checksum when C(latest) is specified.,Set it to C(0) if no cache file should be used. In that case, the plugin file will always be downloaded to calculate its checksum when C(latest) is specified.
mode: ${14:0664} # not required. File mode applied on versioned plugins.
timeout: ${15:30} # not required. Server connection timeout in secs.
owner: ${16:jenkins} # not required. Name of the Jenkins user on the OS.
force: ${17:false} # not required. If C(yes) do not get a cached copy.
client_key: ${18:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
validate_certs: ${19:true} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
client_cert: ${20:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
use_proxy: ${21:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
"""
'jenkins_script':
'prefix': "jenkins_script_snippet"
'description': "Executes a groovy script in the jenkins instance"
'body': """
jenkins_script:
script: ${1:null} # required. The groovy script to be executed. This gets passed as a string Template if args is defined.
password: ${2:null} # not required. The password to connect to the jenkins server with.
user: ${3:null} # not required. The username to connect to the jenkins server with.
timeout: ${4:10} # not required. The request timeout in seconds
url: ${5:http://localhost:8080} # not required. The jenkins server to execute the script against. The default is a local jenkins instance that is not being proxied through a webserver.
args: ${6:null} # not required. A dict of key-value pairs used in formatting the script using string.Template (see https://docs.python.org/2/library/string.html#template-strings).
validate_certs: ${7:true} # not required. If set to C(no), the SSL certificates will not be validated. This should only set to C(no) used on personally controlled sites using self-signed certificates as it avoids verifying the source site.
"""
'jira':
'prefix': "jira_snippet"
'description': "create and modify issues in a JIRA instance"
'body': """
jira:
username: ${1:undefined} # required. The username to log-in with.
operation: ${2|create,comment,edit,fetch,transition,link|} # required. choices: create;comment;edit;fetch;transition;link. The operation to perform.
password: ${3:undefined} # required. The password to log-in with.
uri: ${4:undefined} # required. Base URI for the JIRA instance.
comment: ${5:undefined} # not required. The comment text to add.
description: ${6:undefined} # not required. The issue description, where appropriate.
assignee: ${7:undefined} # not required. Sets the assignee on create or transition operations. Note not all transitions will allow this.
inwardissue: ${8:undefined} # not required. Set issue from which link will be created.
linktype: ${9:undefined} # not required. Set type of link, when action 'link' selected.
issue: ${10:undefined} # not required. An existing issue key to operate on.
fields: ${11:undefined} # not required. This is a free-form data structure that can contain arbitrary data. This is passed directly to the JIRA REST API (possibly after merging with other required data, as when passed to create). See examples for more information, and the JIRA REST API for the structure required for various fields.
outwardissue: ${12:undefined} # not required. Set issue to which link will be created.
summary: ${13:undefined} # not required. The issue summary, where appropriate.
project: ${14:undefined} # not required. The project for this operation. Required for issue creation.
status: ${15:undefined} # not required. The desired status; only relevant for the transition operation.
timeout: ${16:10} # not required. Set timeout, in seconds, on requests to JIRA API.
issuetype: ${17:undefined} # not required. The issue type, for issue creation.
validate_certs: ${18:true} # not required. Require valid SSL certificates (set to `false` if you'd like to use self-signed certificates)
"""
'junos_banner':
'prefix': "junos_banner_snippet"
'description': "Manage multiline banners on Juniper JUNOS devices"
'body': """
junos_banner:
banner: ${1|login,motd|} # required. choices: login;motd. Specifies which banner that should be configured on the remote device. Value C(login) indicates system login message prior to authenticating, C(motd) is login announcement after successful authentication.
active: ${2|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
text: ${3:null} # not required. The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires I(state=present).
state: ${4|present,absent|} # not required. choices: present;absent. Specifies whether or not the configuration is present in the current devices active running configuration.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'junos_command':
'prefix': "junos_command_snippet"
'description': "Run arbitrary commands on an Juniper JUNOS device"
'body': """
junos_command:
retries: ${1:10} # not required. Specifies the number of retries a command should be tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditionals.
commands: ${2:null} # not required. The commands to send to the remote junos device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of I(retries) has been exceeded.
wait_for: ${3:null} # not required. Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured retries, the task fails. See examples.
rpcs: ${4:null} # not required. The C(rpcs) argument accepts a list of RPCs to be executed over a netconf session and the results from the RPC execution is return to the playbook via the modules results dictionary.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
interval: ${6:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditional, the interval indicates how to long to wait before trying the command again.
display: ${7|text,json,xml,set|} # not required. choices: text;json;xml;set. Encoding scheme to use when serializing output from the device. This handles how to properly understand the output and apply the conditionals path to the result set. For I(rpcs) argument default display is C(xml) and for I(commands) argument default display is C(text). Value C(set) is applicable only for fetching configuration from device.
match: ${8|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the I(wait_for) must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'junos_config':
'prefix': "junos_config_snippet"
'description': "Manage configuration on devices running Juniper JUNOS"
'body': """
junos_config:
comment: ${1:configured by junos_config} # not required. The C(comment) argument specifies a text string to be used when committing the configuration. If the C(confirm) argument is set to False, this argument is silently ignored.
src: ${2:null} # not required. The I(src) argument provides a path to the configuration file to load into the remote system. The path can either be a full system path to the configuration file if the value starts with / or relative to the root of the implemented role or playbook. This argument is mutually exclusive with the I(lines) argument.
rollback: ${3:null} # not required. The C(rollback) argument instructs the module to rollback the current configuration to the identifier specified in the argument. If the specified rollback identifier does not exist on the remote device, the module will fail. To rollback to the most recent commit, set the C(rollback) argument to 0.
confirm: ${4:0} # not required. The C(confirm) argument will configure a time out value for the commit to be confirmed before it is automatically rolled back. If the C(confirm) argument is set to False, this argument is silently ignored. If the value for this argument is set to 0, the commit is confirmed immediately.
lines: ${5:null} # not required. This argument takes a list of C(set) or C(delete) configuration lines to push into the remote device. Each line must start with either C(set) or C(delete). This argument is mutually exclusive with the I(src) argument.
update: ${6|merge,override,replace|} # not required. choices: merge;override;replace. This argument will decide how to load the configuration data particulary when the candidate configuration and loaded configuration contain conflicting statements. Following are accepted values. C(merge) combines the data in the loaded configuration with the candidate configuration. If statements in the loaded configuration conflict with statements in the candidate configuration, the loaded statements replace the candidate ones. C(override) discards the entire candidate configuration and replaces it with the loaded configuration. C(replace) substitutes each hierarchy level in the loaded configuration for the corresponding level.
replace: ${7|yes,no|} # not required. choices: yes;no. The C(replace) argument will instruct the remote device to replace the current configuration hierarchy with the one specified in the corresponding hierarchy of the source configuration loaded from this module.,Note this argument should be considered deprecated. To achieve the equivalent, set the I(update) argument to C(replace). This argument will be removed in a future release. The C(replace) and C(update) argument is mutually exclusive.
confirm_commit: ${8|yes,no|} # not required. choices: yes;no. This argument will execute commit operation on remote device. It can be used to confirm a previous commit.
zeroize: ${9:null} # not required. The C(zeroize) argument is used to completely sanitize the remote device configuration back to initial defaults. This argument will effectively remove all current configuration statements on the remote device.
src_format: ${10|xml,set,text,json|} # not required. choices: xml;set;text;json. The I(src_format) argument specifies the format of the configuration found int I(src). If the I(src_format) argument is not provided, the module will attempt to determine the format of the configuration file specified in I(src).
provider: ${11:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
backup: ${12:no} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created.
"""
'junos_facts':
'prefix': "junos_facts_snippet"
'description': "Collect facts from remote devices running Juniper Junos"
'body': """
junos_facts:
config_format: ${1|xml,set,text,json|} # not required. choices: xml;set;text;json. The I(config_format) argument specifies the format of the configuration when serializing output from the device. This argument is applicable only when C(config) value is present in I(gather_subset). The I(config_format) should be supported by the junos version running on device.
gather_subset: ${2:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected. To maintain backward compatbility old style facts can be retrieved using all value, this reqires junos-eznc to be installed as a prerequisite.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'junos_interface':
'prefix': "junos_interface_snippet"
'description': "Manage Interface on Juniper JUNOS network devices"
'body': """
junos_interface:
name: ${1:undefined} # required. Name of the Interface.
neighbors: ${2:undefined} # not required. Check the operational state of given interface C(name) for LLDP neighbor.,The following suboptions are available.
rx_rate: ${3:undefined} # not required. Receiver rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
duplex: ${4|full,half,auto|} # not required. choices: full;half;auto. Interface link status.
enabled: ${5:undefined} # not required. Configure interface link status.
mtu: ${6:undefined} # not required. Maximum size of transmit packet.
delay: ${7:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are I(state) with values C(up)/C(down), I(tx_rate) and I(rx_rate).
aggregate: ${8:undefined} # not required. List of Interfaces definitions.
state: ${9|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the Interface configuration, C(up) idicates present and operationally up and C(down) indicates present and operationally C(down)
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
active: ${11|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
speed: ${12:undefined} # not required. Interface link speed.
tx_rate: ${13:undefined} # not required. Transmit rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
description: ${14:undefined} # not required. Description of Interface.
"""
'junos_l2_interface':
'prefix': "junos_l2_interface_snippet"
'description': "Manage Layer-2 interface on Juniper JUNOS network devices"
'body': """
junos_l2_interface:
native_vlan: ${1:undefined} # not required. Native VLAN to be configured in trunk port. The value of C(native_vlan) should be vlan id.
access_vlan: ${2:undefined} # not required. Configure given VLAN in access port. The value of C(access_vlan) should be vlan name.
name: ${3:undefined} # not required. Name of the interface excluding any logical unit number.
trunk_vlans: ${4:undefined} # not required. List of VLAN names to be configured in trunk port. The value of C(trunk_vlans) should be list of vlan names.
aggregate: ${5:undefined} # not required. List of Layer-2 interface definitions.
state: ${6|present,absent|} # not required. choices: present;absent. State of the Layer-2 Interface configuration.
mode: ${7|access,trunk|} # not required. choices: access;trunk. Mode in which interface needs to be configured.
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
active: ${9|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
unit: ${10:0} # not required. Logical interface number. Value of C(unit) should be of type integer.
description: ${11:undefined} # not required. Description of Interface.
"""
'junos_l3_interface':
'prefix': "junos_l3_interface_snippet"
'description': "Manage L3 interfaces on Juniper JUNOS network devices"
'body': """
junos_l3_interface:
aggregate: ${1:undefined} # not required. List of L3 interfaces definitions
state: ${2|present,absent|} # not required. choices: present;absent. State of the L3 interface configuration.
name: ${3:undefined} # not required. Name of the L3 interface.
ipv6: ${4:undefined} # not required. IPv6 of the L3 interface.
active: ${5|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
unit: ${7:0} # not required. Logical interface number.
ipv4: ${8:undefined} # not required. IPv4 of the L3 interface.
"""
'junos_linkagg':
'prefix': "junos_linkagg_snippet"
'description': "Manage link aggregation groups on Juniper JUNOS network devices"
'body': """
junos_linkagg:
members: ${1:undefined} # required. List of members interfaces of the link aggregation group. The value can be single interface or list of interfaces.
name: ${2:undefined} # required. Name of the link aggregation group.
description: ${3:undefined} # not required. Description of Interface.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
device_count: ${5:undefined} # not required. Number of aggregated ethernet devices that can be configured. Acceptable integer value is between 1 and 128.
aggregate: ${6:undefined} # not required. List of link aggregation definitions.
state: ${7|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the link aggregation group.
mode: ${8|on,off,active,passive|} # not required. choices: on;off;active;passive. Mode of the link aggregation group. A value of C(on) will enable LACP in C(passive) mode. C(active) configures the link to actively information about the state of the link, or it can be configured in C(passive) mode ie. send link state information only when received them from another link. A value of C(off) will disable LACP.
min_links: ${9:undefined} # not required. Minimum members that should be up before bringing up the link aggregation group.
active: ${10|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
"""
'junos_lldp':
'prefix': "junos_lldp_snippet"
'description': "Manage LLDP configuration on Juniper JUNOS network devices"
'body': """
junos_lldp:
interval: ${1:undefined} # not required. Frequency at which LLDP advertisements are sent (in seconds).
state: ${2|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. Value of C(present) ensures given LLDP configuration is present on device and LLDP is enabled, for value of C(absent) LLDP configuration is deleted and LLDP is in disabled state. Value C(enabled) ensures LLDP protocol is enabled and LLDP configuration if any is configured on remote device, for value of C(disabled) it ensures LLDP protocol is disabled any LLDP configuration if any is still present.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
active: ${4|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
hold_multiplier: ${5:undefined} # not required. Specify the number of seconds that LLDP information is held before it is discarded. The multiplier value is used in combination with the C(interval) value.
transmit_delay: ${6:undefined} # not required. Specify the number of seconds the device waits before sending advertisements to neighbors after a change is made in local system.
"""
'junos_lldp_interface':
'prefix': "junos_lldp_interface_snippet"
'description': "Manage LLDP interfaces configuration on Juniper JUNOS network devices"
'body': """
junos_lldp_interface:
active: ${1|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
state: ${2|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. Value of C(present) ensures given LLDP configured on given I(interfaces) and is enabled, for value of C(absent) LLDP configuration on given I(interfaces) deleted. Value C(enabled) ensures LLDP protocol is enabled on given I(interfaces) and for value of C(disabled) it ensures LLDP is disabled on given I(interfaces).
name: ${3:undefined} # not required. Name of the interface LLDP should be configured on.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'junos_logging':
'prefix': "junos_logging_snippet"
'description': "Manage logging on network devices"
'body': """
junos_logging:
files: ${1:undefined} # not required. Number of files to be archived, this is applicable if value of I(dest) is C(file). The acceptable value is in range from 1 to 1000.
name: ${2:undefined} # not required. If value of C(dest) is I(file) it indicates file-name, for I(user) it indicates username and for I(host) indicates the host name to be notified.
level: ${3:undefined} # not required. Set logging severity levels.
dest: ${4|console,host,file,user|} # not required. choices: console;host;file;user. Destination of the logs.
facility: ${5:undefined} # not required. Set logging facility.
aggregate: ${6:undefined} # not required. List of logging definitions.
state: ${7|present,absent|} # not required. choices: present;absent. State of the logging configuration.
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
active: ${9|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
rotate_frequency: ${10:undefined} # not required. Rotate log frequency in minutes, this is applicable if value of I(dest) is C(file). The acceptable value is in range of 1 to 59. This controls the frequency after which log file is rotated.
size: ${11:undefined} # not required. Size of the file in archive, this is applicable if value of I(dest) is C(file). The acceptable value is in range from 65536 to 1073741824 bytes.
"""
'junos_netconf':
'prefix': "junos_netconf_snippet"
'description': "Configures the Junos Netconf system service"
'body': """
junos_netconf:
state: ${1|present,absent|} # not required. choices: present;absent. Specifies the state of the C(junos_netconf) resource on the remote device. If the I(state) argument is set to I(present) the netconf service will be configured. If the I(state) argument is set to I(absent) the netconf service will be removed from the configuration.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
netconf_port: ${3:830} # not required. This argument specifies the port the netconf service should listen on for SSH connections. The default port as defined in RFC 6242 is 830.
"""
'junos_package':
'prefix': "junos_package_snippet"
'description': "Installs packages on remote devices running Junos"
'body': """
junos_package:
src: ${1:null} # required. The I(src) argument specifies the path to the source package to be installed on the remote device in the advent of a version mismatch. The I(src) argument can be either a localized path or a full path to the package file to install.
force: ${2|true,false|} # required. choices: true;false. The I(force) argument instructs the module to bypass the package version check and install the packaged identified in I(src) on the remote device.
reboot: ${3|true,false|} # required. choices: true;false. In order for a package to take effect, the remote device must be restarted. When enabled, this argument will instruct the module to reboot the device once the updated package has been installed. If disabled or the remote package does not need to be changed, the device will not be started.
version: ${4:null} # not required. The I(version) argument can be used to explicitly specify the version of the package that should be installed on the remote device. If the I(version) argument is not specified, then the version is extracts from the I(src) filename.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
no_copy: ${6|true,false|} # not required. choices: true;false. The I(no_copy) argument is responsible for instructing the remote device on where to install the package from. When enabled, the package is transferred to the remote device prior to installing.
validate: ${7|true,false|} # not required. choices: true;false. The I(validate) argument is responsible for instructing the remote device to skip checking the current device configuration compatibility with the package being installed. When set to false validation is not performed.
"""
'junos_rpc':
'prefix': "junos_rpc_snippet"
'description': "Runs an arbitrary RPC over NetConf on an Juniper JUNOS device"
'body': """
junos_rpc:
rpc: ${1:undefined} # required. The C(rpc) argument specifies the RPC call to send to the remote devices to be executed. The RPC Reply message is parsed and the contents are returned to the playbook.
output: ${2:xml} # not required. The C(output) argument specifies the desired output of the return data. This argument accepts one of C(xml), C(text), or C(json). For C(json), the JUNOS device must be running a version of software that supports native JSON output.
args: ${3:null} # not required. The C(args) argument provides a set of arguments for the RPC call and are encoded in the request message. This argument accepts a set of key=value arguments.
attrs: ${4:undefined} # not required. The C(attrs) arguments defines a list of attributes and their values to set for the RPC call. This accepts a dictionary of key-values.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'junos_scp':
'prefix': "junos_scp_snippet"
'description': "Transfer files from or to remote devices running Junos"
'body': """
junos_scp:
src: ${1:null} # required. The C(src) argument takes a single path, or a list of paths to be transfered. The argument C(recursive) must be C(true) to transfer directories.
dest: ${2:.} # not required. The C(dest) argument specifies the path in which to receive the files.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
recursive: ${4|true,false|} # not required. choices: true;false. The C(recursive) argument enables recursive transfer of files and directories.
remote_src: ${5|true,false|} # not required. choices: true;false. The C(remote_src) argument enables the download of files (I(scp get)) from the remote device. The default behavior is to upload files (I(scp put)) to the remote device.
"""
'junos_static_route':
'prefix': "junos_static_route_snippet"
'description': "Manage static IP routes on Juniper JUNOS network devices"
'body': """
junos_static_route:
next_hop: ${1:undefined} # required. Next hop IP of the static route.
address: ${2:undefined} # required. Network address with prefix of the static route.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
qualified_next_hop: ${4:undefined} # not required. Qualified next hop IP of the static route. Qualified next hops allow to associate preference with a particular next-hop address.
aggregate: ${5:undefined} # not required. List of static route definitions
state: ${6|present,absent|} # not required. choices: present;absent. State of the static route configuration.
preference: ${7:undefined} # not required. Global admin preference of the static route.
qualified_preference: ${8:undefined} # not required. Assign preference for qualified next hop.
active: ${9|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
"""
'junos_system':
'prefix': "junos_system_snippet"
'description': "Manage the system attributes on Juniper JUNOS devices"
'body': """
junos_system:
name_servers: ${1:undefined} # not required. List of DNS name servers by IP address to use to perform name resolution lookups. This argument accepts either a list of DNS servers See examples.
state: ${2|present,absent|} # not required. choices: present;absent. State of the configuration values in the device's current active configuration. When set to I(present), the values should be configured in the device active configuration and when set to I(absent) the values should not be in the device active configuration
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
active: ${4|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
domain_search: ${5:undefined} # not required. Provides the list of domain suffixes to append to the hostname for the purpose of doing name resolution. This argument accepts a list of names and will be reconciled with the current active configuration on the running node.
hostname: ${6:undefined} # not required. Configure the device hostname parameter. This option takes an ASCII string value.
domain_name: ${7:undefined} # not required. Configure the IP domain name on the remote device to the provided value. Value should be in the dotted name form and will be appended to the C(hostname) to create a fully-qualified domain name.
"""
'junos_user':
'prefix': "junos_user_snippet"
'description': "Manage local user accounts on Juniper JUNOS devices"
'body': """
junos_user:
name: ${1:null} # not required. The C(name) argument defines the username of the user to be created on the system. This argument must follow appropriate usernaming conventions for the target device running JUNOS. This argument is mutually exclusive with the C(aggregate) argument.
purge: ${2:false} # not required. The C(purge) argument instructs the module to consider the users definition absolute. It will remove any previously configured users on the device with the exception of the current defined set of aggregate.
aggregate: ${3:null} # not required. The C(aggregate) argument defines a list of users to be configured on the remote device. The list of users will be compared against the current users and only changes will be added or removed from the device configuration. This argument is mutually exclusive with the name argument.
state: ${4|present,absent|} # not required. choices: present;absent. The C(state) argument configures the state of the user definitions as it relates to the device operational configuration. When set to I(present), the user should be configured in the device active configuration and when set to I(absent) the user should not be in the device active configuration
role: ${5|operator,read-only,super-user,unauthorized|} # not required. choices: operator;read-only;super-user;unauthorized. The C(role) argument defines the role of the user account on the remote system. User accounts can have more than one role configured.
full_name: ${6:null} # not required. The C(full_name) argument provides the full name of the user account to be created on the remote device. This argument accepts any text string value.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
active: ${8|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
sshkey: ${9:null} # not required. The C(sshkey) argument defines the public SSH key to be configured for the user account on the remote system. This argument must be a valid SSH key
"""
'junos_vlan':
'prefix': "junos_vlan_snippet"
'description': "Manage VLANs on Juniper JUNOS network devices"
'body': """
junos_vlan:
name: ${1:undefined} # required. Name of the VLAN.
vlan_id: ${2:undefined} # required. ID of the VLAN.
aggregate: ${3:undefined} # not required. List of VLANs definitions.
state: ${4|present,absent|} # not required. choices: present;absent. State of the VLAN configuration.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
active: ${6|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
interfaces: ${7:undefined} # not required. List of interfaces to check the VLAN has been configured correctly.
description: ${8:undefined} # not required. Text description of VLANs.
"""
'junos_vrf':
'prefix': "junos_vrf_snippet"
'description': "Manage the VRF definitions on Juniper JUNOS devices"
'body': """
junos_vrf:
target: ${1:undefined} # not required. It configures VRF target community configuration. The target value takes the form of C(target:A:B) where C(A) and C(B) are both numeric values.
interfaces: ${2:undefined} # not required. Identifies the set of interfaces that should be configured in the VRF. Interfaces must be routed interfaces in order to be placed into a VRF.
name: ${3:undefined} # not required. The name of the VRF definition to be managed on the remote IOS device. The VRF definition name is an ASCII string name used to uniquely identify the VRF. This argument is mutually exclusive with the C(aggregate) argument
rd: ${4:undefined} # not required. The router-distinguisher value uniquely identifies the VRF to routing processes on the remote IOS system. The RD value takes the form of C(A:B) where C(A) and C(B) are both numeric values.
table_label: ${5:undefined} # not required. Causes JUNOS to allocate a VPN label per VRF rather than per VPN FEC. This allows for forwarding of traffic to directly connected subnets, COS Egress filtering etc.
state: ${6|present,absent|} # not required. choices: present;absent. Configures the state of the VRF definition as it relates to the device operational configuration. When set to I(present), the VRF should be configured in the device active configuration and when set to I(absent) the VRF should not be in the device active configuration
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection: netconf).,For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${8:undefined} # not required. The set of VRF definition objects to be configured on the remote JUNOS device. Ths list entries can either be the VRF name or a hash of VRF definitions and attributes. This argument is mutually exclusive with the C(name) argument.
active: ${9|true,false|} # not required. choices: true;false. Specifies whether or not the configuration is active or deactivated
description: ${10:undefined} # not required. Provides a short description of the VRF definition in the current active configuration. The VRF definition value accepts alphanumeric characters used to provide additional information about the VRF.
"""
'k8s_raw':
'prefix': "k8s_raw_snippet"
'description': "Manage Kubernetes (K8s) objects"
'body': """
k8s_raw:
username: ${1:undefined} # not required. Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment variable.
src: ${2:undefined} # not required. Provide a path to a file containing a valid YAML definition of an object to be created or updated. Mutually exclusive with I(resource_definition). NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the configuration read in from the I(src) file.,Reads from the local file system. To read from the Ansible controller's file system, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to I(resource_definition). See Examples below.
kind: ${3:undefined} # not required. Use to specify an object model. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(kind) from the I(resource_definition) will override this option.
verify_ssl: ${4:undefined} # not required. Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL environment variable.
force: ${5:false} # not required. If set to C(True), and I(state) is C(present), an existing object will be replaced.
name: ${6:undefined} # not required. Use to specify an object name. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(metadata.name) value from the I(resource_definition) will override this option.
ssl_ca_cert: ${7:undefined} # not required. Path to a CA certificate used to authenticate with the API. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable.
cert_file: ${8:undefined} # not required. Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE environment variable.
namespace: ${9:undefined} # not required. Use to specify an object namespace. Useful when creating, deleting, or discovering an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind), and I(name) to identify a specfic object. If I(resource definition) is provided, the I(metadata.namespace) value from the I(resource_definition) will override this option.
host: ${10:undefined} # not required. Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
resource_definition: ${11:undefined} # not required. Provide a valid YAML definition for an object when creating or updating. NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition).
api_key: ${12:undefined} # not required. Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable.
state: ${13|present,absent|} # not required. choices: present;absent. Determines if an object should be created, patched, or deleted. When set to C(present), an object will be created, if it does not already exist. If set to C(absent), an existing object will be deleted. If set to C(present), an existing object will be patched, if its attributes differ from those specified using I(resource_definition) or I(src).
context: ${14:undefined} # not required. The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment variable.
key_file: ${15:undefined} # not required. Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_HOST environment variable.
password: ${16:undefined} # not required. Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment variable.
api_version: ${17:v1} # not required. Use to specify the API version. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(kind), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(apiVersion) from the I(resource_definition) will override this option.
kubeconfig: ${18:undefined} # not required. Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the openshift client will attempt to load the default configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG environment variable.
"""
'k8s_scale':
'prefix': "k8s_scale_snippet"
'description': "Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job."
'body': """
k8s_scale:
username: ${1:undefined} # not required. Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment variable.
ssl_ca_cert: ${2:undefined} # not required. Path to a CA certificate used to authenticate with the API. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable.
kind: ${3:undefined} # not required. Use to specify an object model. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(kind) from the I(resource_definition) will override this option.
api_key: ${4:undefined} # not required. Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable.
name: ${5:undefined} # not required. Use to specify an object name. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(metadata.name) value from the I(resource_definition) will override this option.
src: ${6:undefined} # not required. Provide a path to a file containing a valid YAML definition of an object to be created or updated. Mutually exclusive with I(resource_definition). NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the configuration read in from the I(src) file.,Reads from the local file system. To read from the Ansible controller's file system, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to I(resource_definition). See Examples below.
cert_file: ${7:undefined} # not required. Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE environment variable.
replicas: ${8:undefined} # not required. The desired number of replicas.
namespace: ${9:undefined} # not required. Use to specify an object namespace. Useful when creating, deleting, or discovering an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind), and I(name) to identify a specfic object. If I(resource definition) is provided, the I(metadata.namespace) value from the I(resource_definition) will override this option.
verify_ssl: ${10:undefined} # not required. Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL environment variable.
kubeconfig: ${11:undefined} # not required. Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the openshift client will attempt to load the default configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG environment variable.
host: ${12:undefined} # not required. Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
wait_timeout: ${13:20} # not required. When C(wait) is I(True), the number of seconds to wait for the I(ready_replicas) status to equal I(replicas). If the status is not reached within the allotted time, an error will result. In the case of a Job, this option is ignored.
current_replicas: ${14:undefined} # not required. For Deployment, ReplicaSet, Replication Controller, only scale, if the number of existing replicas matches. In the case of a Job, update parallelism only if the current parallelism value matches.
context: ${15:undefined} # not required. The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment variable.
resource_version: ${16:undefined} # not required. Only attempt to scale, if the current object version matches.
resource_definition: ${17:undefined} # not required. Provide a valid YAML definition for an object when creating or updating. NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition).
key_file: ${18:undefined} # not required. Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_HOST environment variable.
password: ${19:undefined} # not required. Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment variable.
api_version: ${20:v1} # not required. Use to specify the API version. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(kind), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(apiVersion) from the I(resource_definition) will override this option.
wait: ${21:true} # not required. For Deployment, ReplicaSet, Replication Controller, wait for the status value of I(ready_replicas) to change to the number of I(replicas). In the case of a Job, this option is ignored.
"""
'katello':
'prefix': "katello_snippet"
'description': "Manage Katello Resources"
'body': """
katello:
username: ${1:undefined} # required. Username on Foreman server.
password: ${2:undefined} # required. Password for user accessing Foreman server.
params: ${3:undefined} # required. Parameters associated to the entity resource to set or edit in dictionary format (e.g. name, description).
server_url: ${4:undefined} # required. URL of Foreman server.
entity: ${5:undefined} # required. The Foreman resource that the action will be performed on (e.g. organization, host).
"""
'kernel_blacklist':
'prefix': "kernel_blacklist_snippet"
'description': "Blacklist kernel modules"
'body': """
kernel_blacklist:
name: ${1:undefined} # required. Name of kernel module to black- or whitelist.
blacklist_file: ${2:undefined} # not required. If specified, use this blacklist file instead of C(/etc/modprobe.d/blacklist-ansible.conf).
state: ${3|absent,present|} # not required. choices: absent;present. Whether the module should be present in the blacklist or absent.
"""
'keycloak_client':
'prefix': "keycloak_client_snippet"
'description': "Allows administration of Keycloak clients via Keycloak API"
'body': """
keycloak_client:
auth_realm: ${1:undefined} # required. Keycloak realm name to authenticate to for API access.
auth_password: ${2:undefined} # required. Password to authenticate for API access with.
auth_keycloak_url: ${3:undefined} # required. URL to the Keycloak instance.
auth_client_id: ${4:undefined} # required. OpenID Connect I(client_id) to authenticate to the API with.
auth_username: ${5:undefined} # required. Username to authenticate for API access with.
default_roles: ${6:undefined} # not required. list of default roles for this client. If the client roles referenced do not exist yet, they will be created. This is 'defaultRoles' in the Keycloak REST API.
protocol: ${7|openid-connect,saml|} # not required. choices: openid-connect;saml. Type of client (either C(openid-connect) or C(saml).
auth_client_secret: ${8:undefined} # not required. Client Secret to use in conjunction with I(auth_client_id) (if required).
use_template_config: ${9:undefined} # not required. Whether or not to use configuration from the I(client_template). This is 'useTemplateConfig' in the Keycloak REST API.
authorization_settings: ${10:undefined} # not required. a data structure defining the authorization settings for this client. For reference, please see the Keycloak API docs at U(http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_resourceserverrepresentation). This is 'authorizationSettings' in the Keycloak REST API.
frontchannel_logout: ${11:undefined} # not required. Is frontchannel logout enabled for this client or not. This is 'frontchannelLogout' in the Keycloak REST API.
use_template_scope: ${12:undefined} # not required. Whether or not to use scope configuration from the I(client_template). This is 'useTemplateScope' in the Keycloak REST API.
registration_access_token: ${13:undefined} # not required. The registration access token provides access for clients to the client registration service. This is 'registrationAccessToken' in the Keycloak REST API.
authorization_services_enabled: ${14:undefined} # not required. Are authorization services enabled for this client or not (OpenID connect). This is 'authorizationServicesEnabled' in the Keycloak REST API.
standard_flow_enabled: ${15:undefined} # not required. Enable standard flow for this client or not (OpenID connect). This is 'standardFlowEnabled' in the Keycloak REST API.
direct_access_grants_enabled: ${16:undefined} # not required. Are direct access grants enabled for this client or not (OpenID connect). This is 'directAccessGrantsEnabled' in the Keycloak REST API.
id: ${17:undefined} # not required. Id of client to be worked on. This is usually an UUID. Either this or I(client_id) is required. If you specify both, this takes precedence.
surrogate_auth_required: ${18:undefined} # not required. Whether or not surrogate auth is required. This is 'surrogateAuthRequired' in the Keycloak REST API.
implicit_flow_enabled: ${19:undefined} # not required. Enable implicit flow for this client or not (OpenID connect). This is 'implictFlowEnabled' in the Keycloak REST API.
node_re_registration_timeout: ${20:undefined} # not required. Cluster node re-registration timeout for this client. This is 'nodeReRegistrationTimeout' in the Keycloak REST API.
root_url: ${21:undefined} # not required. Root URL appended to relative URLs for this client This is 'rootUrl' in the Keycloak REST API.
base_url: ${22:undefined} # not required. Default URL to use when the auth server needs to redirect or link back to the client This is 'baseUrl' in the Keycloak REST API.
web_origins: ${23:undefined} # not required. List of allowed CORS origins. This is 'webOrigins' in the Keycloak REST API.
full_scope_allowed: ${24:undefined} # not required. Is the \"Full Scope Allowed\" feature set for this client or not. This is 'fullScopeAllowed' in the Keycloak REST API.
secret: ${25:undefined} # not required. When using I(client_authenticator_type) C(client-secret) (the default), you can specify a secret here (otherwise one will be generated if it does not exit). If changing this secret, the module will not register a change currently (but the changed secret will be saved).
bearer_only: ${26:undefined} # not required. The access type of this client is bearer-only. This is 'bearerOnly' in the Keycloak REST API.
not_before: ${27:undefined} # not required. Revoke any tokens issued before this date for this client (this is a UNIX timestamp). This is 'notBefore' in the Keycloak REST API.
redirect_uris: ${28:undefined} # not required. Acceptable redirect URIs for this client. This is 'redirectUris' in the Keycloak REST API.
description: ${29:undefined} # not required. Description of the client in Keycloak
registered_nodes: ${30:undefined} # not required. dict of registered cluster nodes (with C(nodename) as the key and last registration time as the value). This is 'registeredNodes' in the Keycloak REST API.
state: ${31|present,absent|} # not required. choices: present;absent. State of the client,On C(present), the client will be created (or updated if it exists already).,On C(absent), the client will be removed if it exists
client_id: ${32:undefined} # not required. Client id of client to be worked on. This is usually an alphanumeric name chosen by you. Either this or I(id) is required. If you specify both, I(id) takes precedence. This is 'clientId' in the Keycloak REST API.
public_client: ${33:undefined} # not required. Is the access type for this client public or not. This is 'publicClient' in the Keycloak REST API.
service_accounts_enabled: ${34:undefined} # not required. Are service accounts enabled for this client or not (OpenID connect). This is 'serviceAccountsEnabled' in the Keycloak REST API.
name: ${35:undefined} # not required. Name of the client (this is not the same as I(client_id))
client_authenticator_type: ${36|client-secret,client-jwt|} # not required. choices: client-secret;client-jwt. How do clients authenticate with the auth server? Either C(client-secret) or C(client-jwt) can be chosen. When using C(client-secret), the module parameter I(secret) can set it, while for C(client-jwt), you can use the keys C(use.jwks.url), C(jwks.url), and C(jwt.credential.certificate) in the I(attributes) module parameter to configure its behavior. This is 'clientAuthenticatorType' in the Keycloak REST API.
admin_url: ${37:undefined} # not required. URL to the admin interface of the client This is 'adminUrl' in the Keycloak REST API.
enabled: ${38:undefined} # not required. Is this client enabled or not?
protocol_mappers: ${39:undefined} # not required. a list of dicts defining protocol mappers for this client. This is 'protocolMappers' in the Keycloak REST API.
client_template: ${40:undefined} # not required. Client template to use for this client. If it does not exist this field will silently be dropped. This is 'clientTemplate' in the Keycloak REST API.
use_template_mappers: ${41:undefined} # not required. Whether or not to use mapper configuration from the I(client_template). This is 'useTemplateMappers' in the Keycloak REST API.
attributes: ${42:undefined} # not required. A dict of further attributes for this client. This can contain various configuration settings; an example is given in the examples section. While an exhaustive list of permissible options is not available; possible options as of Keycloak 3.4 are listed below. The Keycloak API does not validate whether a given option is appropriate for the protocol used; if specified anyway, Keycloak will simply not use it.
validate_certs: ${43:true} # not required. Verify TLS certificates (do not disable this in production).
consent_required: ${44:undefined} # not required. If enabled, users have to consent to client access. This is 'consentRequired' in the Keycloak REST API.
"""
'keycloak_clienttemplate':
'prefix': "keycloak_clienttemplate_snippet"
'description': "Allows administration of Keycloak client templates via Keycloak API"
'body': """
keycloak_clienttemplate:
auth_keycloak_url: ${1:undefined} # required. URL to the Keycloak instance.
auth_client_id: ${2:undefined} # required. OpenID Connect I(client_id) to authenticate to the API with.
auth_password: ${3:undefined} # required. Password to authenticate for API access with.
auth_realm: ${4:undefined} # required. Keycloak realm name to authenticate to for API access.
auth_username: ${5:undefined} # required. Username to authenticate for API access with.
auth_client_secret: ${6:undefined} # not required. Client Secret to use in conjunction with I(auth_client_id) (if required).
protocol: ${7|openid-connect,saml|} # not required. choices: openid-connect;saml. Type of client template (either C(openid-connect) or C(saml).
description: ${8:undefined} # not required. Description of the client template in Keycloak
validate_certs: ${9:true} # not required. Verify TLS certificates (do not disable this in production).
protocol_mappers: ${10:undefined} # not required. a list of dicts defining protocol mappers for this client template. This is 'protocolMappers' in the Keycloak REST API.
full_scope_allowed: ${11:undefined} # not required. Is the \"Full Scope Allowed\" feature set for this client template or not. This is 'fullScopeAllowed' in the Keycloak REST API.
state: ${12|present,absent|} # not required. choices: present;absent. State of the client template,On C(present), the client template will be created (or updated if it exists already).,On C(absent), the client template will be removed if it exists
attributes: ${13:undefined} # not required. A dict of further attributes for this client template. This can contain various configuration settings, though in the default installation of Keycloak as of 3.4, none are documented or known, so this is usually empty.
realm: ${14:undefined} # not required. Realm this client template is found in.
id: ${15:undefined} # not required. Id of client template to be worked on. This is usually a UUID.
name: ${16:undefined} # not required. Name of the client template
"""
'kibana_plugin':
'prefix': "kibana_plugin_snippet"
'description': "Manage Kibana plugins"
'body': """
kibana_plugin:
name: ${1:undefined} # required. Name of the plugin to install
force: ${2|yes,no|} # not required. choices: yes;no. Delete and re-install the plugin. Can be useful for plugins update
url: ${3:None} # not required. Set exact URL to download the plugin from. For local file, prefix its absolute path with file://
state: ${4|present,absent|} # not required. choices: present;absent. Desired state of a plugin.
version: ${5:None} # not required. Version of the plugin to be installed. If plugin exists with previous version, it will NOT be updated if C(force) is not set to yes
timeout: ${6:1m} # not required. Timeout setting: 30s, 1m, 1h...
plugin_dir: ${7:/opt/kibana/installedPlugins/} # not required. Your configured plugin directory specified in Kibana
plugin_bin: ${8:/opt/kibana/bin/kibana} # not required. Location of the plugin binary
"""
'kinesis_stream':
'prefix': "kinesis_stream_snippet"
'description': "Manage a Kinesis Stream."
'body': """
kinesis_stream:
name: ${1:None} # required. The name of the Kinesis Stream you are managing.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${6:null} # not required. A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }.
encryption_type: ${7:KMS} # not required. The type of encryption.
retention_period: ${8:None} # not required. The default retention period is 24 hours and can not be less than 24 hours.,The retention period can be modified during any point in time.
shards: ${9:None} # not required. The number of shards you want to have with this stream.,This is required when state == present
encryption_state: ${10|enabled,disabled|} # not required. choices: enabled;disabled. Enable or Disable encryption on the Kinesis Stream.
state: ${11|present,absent|} # not required. choices: present;absent. Create or Delete the Kinesis Stream.
wait_timeout: ${12:300} # not required. How many seconds to wait for an operation to complete before timing out.
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
key_id: ${14:None} # not required. The GUID or alias for the KMS key.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${16:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
wait: ${17:true} # not required. Wait for operation to complete before returning.
"""
'known_hosts':
'prefix': "known_hosts_snippet"
'description': "Add or remove a host from the C(known_hosts) file"
'body': """
known_hosts:
name: ${1:null} # required. The host to add or remove (must match a host specified in key). It will be converted to lowercase so that ssh-keygen can find it.
path: ${2:(homedir)+/.ssh/known_hosts} # not required. The known_hosts file to edit
state: ${3|present,absent|} # not required. choices: present;absent. I(present) to add the host key, I(absent) to remove it.
hash_host: ${4:false} # not required. Hash the hostname in the known_hosts file
key: ${5:null} # not required. The SSH public host key, as a string (required if state=present, optional when state=absent, in which case all keys for the host are removed). The key must be in the right format for ssh (see sshd(8), section \"SSH_KNOWN_HOSTS FILE FORMAT\")
"""
'kubernetes':
'prefix': "kubernetes_snippet"
'description': "Manage Kubernetes resources"
'body': """
kubernetes:
inline_data: ${1:undefined} # required. The Kubernetes YAML data to send to the API I(endpoint). This option is mutually exclusive with C('file_reference').
api_endpoint: ${2:undefined} # required. The IPv4 API endpoint of the Kubernetes cluster.
state: ${3|absent,present,replace,update|} # required. choices: absent;present;replace;update. The desired action to take on the Kubernetes data.
url_password: ${4:undefined} # not required. The HTTP Basic Auth password for the API I(endpoint). This should be set unless using the C('insecure') option.
certificate_authority_data: ${5:undefined} # not required. Certificate Authority data for Kubernetes server. Should be in either standard PEM format or base64 encoded PEM data. Note that certificate verification is broken until ansible supports a version of 'match_hostname' that can match the IP address against the CA data.
insecure: ${6:undefined} # not required. Reverts the connection to using HTTP instead of HTTPS. This option should only be used when execuing the M('kubernetes') module local to the Kubernetes cluster using the insecure local port (locahost:8080 by default).
file_reference: ${7:undefined} # not required. Specify full path to a Kubernets YAML file to send to API I(endpoint). This option is mutually exclusive with C('inline_data').
url_username: ${8:admin} # not required. The HTTP Basic Auth username for the API I(endpoint). This should be set unless using the C('insecure') option.
validate_certs: ${9:no} # not required. Enable/disable certificate validation. Note that this is set to C(false) until Ansible can support IP address based certificate hostname matching (exists in >= python3.5.0).
patch_operation: ${10|JSON Patch,Merge Patch,Strategic Merge Patch|} # not required. choices: JSON Patch;Merge Patch;Strategic Merge Patch. Specify patch operation for Kubernetes resource update.,For details, see the description of PATCH operations at U(https://github.com/kubernetes/kubernetes/blob/release-1.5/docs/devel/api-conventions.md#patch-operations).
"""
'lambda':
'prefix': "lambda_snippet"
'description': "Manage AWS Lambda functions"
'body': """
lambda:
name: ${1:undefined} # required. The name you want to assign to the function you are uploading. Cannot be changed.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
description: ${3:null} # not required. A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
tags: ${4:None} # not required. tag dict to apply to the function (requires botocore 1.5.40 or above)
s3_key: ${5:null} # not required. The Amazon S3 object (the deployment package) key name you want to upload,s3_bucket and s3_key are required together
zip_file: ${6:null} # not required. A .zip file containing your deployment package,If C(state=present) then either zip_file or s3_bucket must be present.
s3_object_version: ${7:null} # not required. The Amazon S3 object (the deployment package) version you want to upload.
memory_size: ${8:128} # not required. The amount of memory, in MB, your Lambda function is given
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
dead_letter_arn: ${10:None} # not required. The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
aws_secret_key: ${11:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${12:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${13:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
s3_bucket: ${14:null} # not required. Amazon S3 bucket name where the .zip file containing your deployment package is stored,If C(state=present) then either zip_file or s3_bucket must be present.,s3_bucket and s3_key are required together
state: ${15|present,absent|} # not required. choices: present;absent. Create or delete Lambda function
handler: ${16:null} # not required. The function within your code that Lambda calls to begin execution
role: ${17:undefined} # not required. The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS) resources. You may use the bare ARN if the role belongs to the same AWS account.,Required when C(state=present)
timeout: ${18:3} # not required. The function execution time at which Lambda should terminate the function.
environment_variables: ${19:None} # not required. A dictionary of environment variables the Lambda function is given.
runtime: ${20:undefined} # not required. The runtime environment for the Lambda function you are uploading. Required when creating a function. Use parameters as described in boto3 docs. Current example runtime environments are nodejs, nodejs4.3, java8 or python2.7,Required when C(state=present)
validate_certs: ${21:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${22:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
vpc_subnet_ids: ${23:None} # not required. List of subnet IDs to run Lambda function in. Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
vpc_security_group_ids: ${24:None} # not required. List of VPC security group IDs to associate with the Lambda function. Required when vpc_subnet_ids is used.
"""
'lambda_alias':
'prefix': "lambda_alias_snippet"
'description': "Creates, updates or deletes AWS Lambda function aliases."
'body': """
lambda_alias:
name: ${1:undefined} # required. Name of the function alias.
state: ${2|present,absent|} # required. choices: present;absent. Describes the desired state.
function_name: ${3:undefined} # required. The name of the function alias.
aws_secret_key: ${4:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${6:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
description: ${7:undefined} # not required. A short, user-defined function alias description.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
version: ${10:undefined} # not required. Version associated with the Lambda function alias. A value of 0 (or omitted parameter) sets the alias to the $LATEST version.
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${12:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'lambda_event':
'prefix': "lambda_event_snippet"
'description': "Creates, updates or deletes AWS Lambda function event mappings."
'body': """
lambda_event:
source_params: ${1:undefined} # required. Sub-parameters required for event source.,I(== stream event source ==),C(source_arn) The Amazon Resource Name (ARN) of the Kinesis or DynamoDB stream that is the event source.,C(enabled) Indicates whether AWS Lambda should begin polling the event source. Default is True.,C(batch_size) The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function. Default is 100.,C(starting_position) The position in the stream where AWS Lambda should start reading. Choices are TRIM_HORIZON or LATEST.
lambda_function_arn: ${2:undefined} # required. The name or ARN of the lambda function.
alias: ${3:undefined} # required. Name of the function alias. Mutually exclusive with C(version).
state: ${4|present,absent|} # required. choices: present;absent. Describes the desired state.
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
event_source: ${9|stream|} # not required. choices: stream. Source of the event that triggers the lambda function.
security_token: ${10:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${11:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
version: ${12:undefined} # not required. Version of the Lambda function. Mutually exclusive with C(alias).
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'lambda_facts':
'prefix': "lambda_facts_snippet"
'description': "Gathers AWS Lambda function details as Ansible facts"
'body': """
lambda_facts:
query: ${1|aliases,all,config,mappings,policy,versions|} # required. choices: aliases;all;config;mappings;policy;versions. Specifies the resource type for which to gather facts. Leave blank to retrieve all facts.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
event_source_arn: ${7:null} # not required. For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
function_name: ${10:null} # not required. The name of the lambda function for which facts are requested.
"""
'lambda_policy':
'prefix': "lambda_policy_snippet"
'description': "Creates, updates or deletes AWS Lambda policy statements."
'body': """
lambda_policy:
statement_id: ${1:undefined} # required. A unique statement identifier.
state: ${2|present,absent|} # required. choices: present;absent. Describes the desired state.
action: ${3:undefined} # required. The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard (lambda:* ) to grant permission for all AWS Lambda actions.
function_name: ${4:undefined} # required. Name of the Lambda function whose resource policy you are updating by adding a new permission.,You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the,function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to,specify partial ARN (for example, account-id:Thumbnail ). Note that the length constraint applies only to the,ARN. If you specify only the function name, it is limited to 64 character in length.
principal: ${5:undefined} # required. The principal who is getting this permission. It can be Amazon S3 service Principal (s3.amazonaws.com ) if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${7:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
event_source_token: ${9:undefined} # not required. Token string representing source ARN or account. Mutually exclusive with C(source_arn) or C(source_account).
security_token: ${10:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${12:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
alias: ${13:undefined} # not required. Name of the function alias. Mutually exclusive with C(version).
version: ${14:undefined} # not required. Version of the Lambda function. Mutually exclusive with C(alias).
ec2_url: ${15:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
source_arn: ${16:undefined} # not required. This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function.
source_account: ${17:undefined} # not required. The AWS account ID (without a hyphen) of the source owner. For example, if the SourceArn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the SourceArn ) owned by a specific account.
"""
'layman':
'prefix': "layman_snippet"
'description': "Manage Gentoo overlays"
'body': """
layman:
name: ${1:undefined} # required. The overlay id to install, synchronize, or uninstall. Use 'ALL' to sync all of the installed overlays (can be used only when C(state=updated)).
list_url: ${2:undefined} # not required. An URL of the alternative overlays list that defines the overlay to install. This list will be fetched and saved under C(${overlay_defs})/${name}.xml), where C(overlay_defs) is readed from the Layman's configuration.
validate_certs: ${3|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be set to C(no) when no other option exists. Prior to 1.9.3 the code defaulted to C(no).
state: ${4|present,absent,updated|} # not required. choices: present;absent;updated. Whether to install (C(present)), sync (C(updated)), or uninstall (C(absent)) the overlay.
"""
'ldap_attr':
'prefix': "ldap_attr_snippet"
'description': "Add or remove LDAP attribute values."
'body': """
ldap_attr:
dn: ${1:undefined} # required. The DN of the entry to modify.
name: ${2:undefined} # required. The name of the attribute to modify.
values: ${3:undefined} # required. The value(s) to add or remove. This can be a string or a list of strings. The complex argument format is required in order to pass a list of strings (see examples).
server_uri: ${4:ldapi:///} # not required. A URI to the LDAP server. The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location.
start_tls: ${5|yes,no|} # not required. choices: yes;no. If true, we'll use the START_TLS LDAP extension.
bind_dn: ${6:null} # not required. A DN to bind with. If this is omitted, we'll try a SASL bind with the EXTERNAL mechanism. If this is blank, we'll use an anonymous bind.
state: ${7|present,absent,exact|} # not required. choices: present;absent;exact. The state of the attribute values. If C(present), all given values will be added if they're missing. If C(absent), all given values will be removed if present. If C(exact), the set of values will be forced to exactly those provided and no others. If I(state=exact) and I(value) is empty, all values for this attribute will be removed.
bind_pw: ${8:null} # not required. The password to use with I(bind_dn).
validate_certs: ${9|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on sites using self-signed certificates.
"""
'ldap_entry':
'prefix': "ldap_entry_snippet"
'description': "Add or remove LDAP entries."
'body': """
ldap_entry:
dn: ${1:undefined} # required. The DN of the entry to add or remove.
objectClass: ${2:null} # not required. If I(state=present), value or list of values to use when creating the entry. It can either be a string or an actual list of strings.
start_tls: ${3|yes,no|} # not required. choices: yes;no. If true, we'll use the START_TLS LDAP extension.
bind_dn: ${4:null} # not required. A DN to bind with. If this is omitted, we'll try a SASL bind with the EXTERNAL mechanism. If this is blank, we'll use an anonymous bind.
server_uri: ${5:ldapi:///} # not required. A URI to the LDAP server. The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location.
state: ${6|present,absent|} # not required. choices: present;absent. The target state of the entry.
params: ${7:null} # not required. List of options which allows to overwrite any of the task or the I(attributes) options. To remove an option, set the value of the option to C(null).
bind_pw: ${8:null} # not required. The password to use with I(bind_dn).
attributes: ${9:null} # not required. If I(state=present), attributes necessary to create an entry. Existing entries are never modified. To assert specific attribute values on an existing entry, use M(ldap_attr) module instead.
validate_certs: ${10|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on sites using self-signed certificates.
"""
'letsencrypt':
'prefix': "letsencrypt_snippet"
'description': "Create SSL certificates with Let's Encrypt"
'body': """
letsencrypt:
csr: ${1:undefined} # required. File containing the CSR for the new certificate.,Can be created with C(openssl req ...).,The CSR may contain multiple Subject Alternate Names, but each one will lead to an individual challenge that must be fulfilled for the CSR to be signed.,Note: the private key used to create the CSR I(must not) be the the account key. This is a bad idea from a security point of view, and Let's Encrypt will not accept the CSR.
acme_directory: ${2:https://acme-staging.api.letsencrypt.org/directory} # not required. The ACME directory to use. This is the entry point URL to access CA server API.,For safety reasons the default is set to the Let's Encrypt staging server. This will create technically correct, but untrusted certificates.,You can find URLs of staging endpoints here: U(https://letsencrypt.org/docs/staging-environment/),The production Let's Encrypt ACME v1 directory URL, which produces properly trusted certificates, is U(https://acme-v01.api.letsencrypt.org/directory).
terms_agreed: ${3:false} # not required. Boolean indicating whether you agree to the terms of service document.,ACME servers can require this to be true.,This option will only be used when C(acme_version) is not 1.
account_email: ${4:undefined} # not required. The email address associated with this account.,It will be used for certificate expiration warnings.
dest: ${5:undefined} # not required. The destination file for the certificate.,Required if C(fullchain_dest) is not specified.
validate_certs: ${6:true} # not required. Whether calls to the ACME directory will validate TLS certificates.,I(Warning:) Should I(only ever) be set to C(false) for testing purposes, for example when testing against a local Pebble server.
challenge: ${7|http-01,dns-01,tls-sni-02|} # not required. choices: http-01;dns-01;tls-sni-02. The challenge to be performed.
fullchain_dest: ${8:undefined} # not required. The destination file for the full chain (i.e. certificate followed by chain of intermediate certificates).,Required if C(dest) is not specified.
agreement: ${9:undefined} # not required. URI to a terms of service document you agree to when using the ACME v1 service at C(acme_directory).,Default is latest gathered from C(acme_directory) URL.,This option will only be used when C(acme_version) is 1.
data: ${10:undefined} # not required. The data to validate ongoing challenges. This must be specified for the second run of the module only.,The value that must be used here will be provided by a previous use of this module. See the examples for more details.
account_key_content: ${11:undefined} # not required. Content of the Let's Encrypt account RSA or Elliptic Curve key.,Mutually exclusive with C(account_key_src).,Required if C(account_key_src) is not used.,Warning: the content will be written into a temporary file, which will be deleted by Ansible when the module completes. Since this is an important private key — it can be used to change the account key, or to revoke your certificates without knowing their private keys —, this might not be acceptable.
remaining_days: ${12:10} # not required. The number of days the certificate must have left being valid. If C(cert_days < remaining_days), then it will be renewed. If the certificate is not renewed, module return values will not include C(challenge_data).
acme_version: ${13|1,2|} # not required. choices: 1;2. The ACME version of the endpoint.,Must be 1 for the classic Let's Encrypt ACME endpoint, or 2 for the new ACME v2 endpoint.,I(Warning): ACME v2 support is currently experimental, as the Let's Encrypt production ACME v2 endpoint is still under development. The code is tested against the latest staging endpoint as well as the Pebble testing server, but there could be bugs which will only appear with a newer version of these or with the production ACME v2 endpoint.
chain_dest: ${14:null} # not required. If specified, the intermediate certificate will be written to this file.
account_key_src: ${15:undefined} # not required. Path to a file containing the Let's Encrypt account RSA or Elliptic Curve key.,RSA keys can be created with C(openssl rsa ...). Elliptic curve keys can be created with C(openssl ecparam -genkey ...).,Mutually exclusive with C(account_key_content).,Required if C(account_key_content) is not used.
"""
'librato_annotation':
'prefix': "librato_annotation_snippet"
'description': "create an annotation in librato"
'body': """
librato_annotation:
links: ${1:undefined} # required. See examples
title: ${2:undefined} # required. The title of an annotation is a string and may contain spaces,The title should be a short, high-level summary of the annotation e.g. v45 Deployment
api_key: ${3:undefined} # required. Librato account api key
user: ${4:undefined} # required. Librato account username
description: ${5:undefined} # not required. The description contains extra meta-data about a particular annotation,The description should contain specifics on the individual annotation e.g. Deployed 9b562b2 shipped new feature foo!
start_time: ${6:undefined} # not required. The unix timestamp indicating the time at which the event referenced by this annotation started
name: ${7:undefined} # not required. The annotation stream name,If the annotation stream does not exist, it will be created automatically
source: ${8:undefined} # not required. A string which describes the originating source of an annotation when that annotation is tracked across multiple members of a population
end_time: ${9:undefined} # not required. The unix timestamp indicating the time at which the event referenced by this annotation ended,For events that have a duration, this is a useful way to annotate the duration of the event
"""
'lightsail':
'prefix': "lightsail_snippet"
'description': "Create or delete a virtual machine instance in AWS Lightsail"
'body': """
lightsail:
name: ${1:null} # required. Name of the instance
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
zone: ${5:null} # not required. AWS availability zone in which to launch the instance. Required when state='present"
blueprint_id: ${6:null} # not required. ID of the instance blueprint image. Required when state='present"
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
user_data: ${8:null} # not required. Launch script that can configure the instance with additional data
key_pair_name: ${9:null} # not required. Name of the key pair to use with the instance
state: ${10|present,absent,running,restarted,stopped|} # not required. choices: present;absent;running;restarted;stopped. Indicate desired state of the target.
wait_timeout: ${11:300} # not required. How long before wait gives up, in seconds.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
bundle_id: ${13:null} # not required. Bundle of specification info for the instance. Required when state='present"
security_token: ${14:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
wait: ${16|yes,no|} # not required. choices: yes;no. Wait for the instance to be in state 'running' before returning. If wait is \"no\" an ip_address may not be returned
"""
'lineinfile':
'prefix': "lineinfile_snippet"
'description': "Manage lines in text files"
'body': """
lineinfile:
path: ${1:undefined} # required. The file to modify.,Before 2.3 this option was only usable as I(dest), I(destfile) and I(name).
validate: ${2:None} # not required. The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
seuser: ${3:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
group: ${4:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
insertbefore: ${5|BOF,*regex*|} # not required. choices: BOF;*regex*. Used with C(state=present). If specified, the line will be inserted before the last match of specified regular expression. If the first match is required, use(firstmatch=yes). A value is available; C(BOF) for inserting the line at the beginning of the file. If specified regular expression has no matches, the line will be inserted at the end of the file. May not be used with C(backrefs).
unsafe_writes: ${6:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
selevel: ${7:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
create: ${8:no} # not required. Used with C(state=present). If specified, the file will be created if it does not already exist. By default it will fail if the file is missing.
others: ${9:undefined} # not required. All arguments accepted by the M(file) module also work here.
serole: ${10:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
backrefs: ${11:no} # not required. Used with C(state=present). If set, line can contain backreferences (both positional and named) that will get populated if the C(regexp) matches. This flag changes the operation of the module slightly; C(insertbefore) and C(insertafter) will be ignored, and if the C(regexp) doesn't match anywhere in the file, the file will be left unchanged. If the C(regexp) does match, the last matching line will be replaced by the expanded line parameter.
owner: ${12:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
state: ${13|absent,present|} # not required. choices: absent;present. Whether the line should be there or not.
mode: ${14:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
firstmatch: ${15:no} # not required. Used with C(insertafter) or C(insertbefore). If set, C(insertafter) and C(inserbefore) find a first line has regular expression matches.
insertafter: ${16|EOF,*regex*|} # not required. choices: EOF;*regex*. Used with C(state=present). If specified, the line will be inserted after the last match of specified regular expression. If the first match is required, use(firstmatch=yes). A special value is available; C(EOF) for inserting the line at the end of the file. If specified regular expression has no matches, EOF will be used instead. May not be used with C(backrefs).
regexp: ${17:undefined} # not required. The regular expression to look for in every line of the file. For C(state=present), the pattern to replace if found. Only the last line found will be replaced. For C(state=absent), the pattern of the line(s) to remove. Uses Python regular expressions. See U(http://docs.python.org/2/library/re.html).
attributes: ${18:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
backup: ${19:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
line: ${20:undefined} # not required. Required for C(state=present). The line to insert/replace into the file. If C(backrefs) is set, may contain backreferences that will get expanded with the C(regexp) capture groups if the regexp matches.
setype: ${21:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'linode':
'prefix': "linode_snippet"
'description': "Manage instances on the Linode Public Cloud"
'body': """
linode:
alert_diskio_enabled: ${1:undefined} # not required. Set status of receiving disk IO alerts.
additional_disks: ${2:undefined} # not required. List of dictionaries for creating additional disks that are added to the Linode configuration settings.,Dictionary takes Size, Label, Type. Size is in MB.
alert_bwin_enabled: ${3:undefined} # not required. Set status of bandwidth in alerts.
payment_term: ${4|1,12,24|} # not required. choices: 1;12;24. payment term to use for the instance (payment term in months)
kernel_id: ${5:undefined} # not required. kernel to use for the instance (Linode Kernel)
alert_bwin_threshold: ${6:undefined} # not required. Set threshold in MB of bandwidth in alerts.
alert_cpu_enabled: ${7:undefined} # not required. Set status of receiving CPU usage alerts.
alert_bwquota_enabled: ${8:undefined} # not required. Set status of bandwidth quota alerts as percentage of network transfer quota.
linode_id: ${9:undefined} # not required. Unique ID of a linode server
alert_diskio_threshold: ${10:undefined} # not required. Set threshold for average IO ops/sec over 2 hour period.
wait_timeout: ${11:300} # not required. how long before wait gives up, in seconds
private_ip: ${12:no} # not required. Add private IPv4 address when Linode is created.
watchdog: ${13:True} # not required. Set status of Lassie watchdog.
password: ${14:undefined} # not required. root password to apply to a new server (auto generated if missing)
ssh_pub_key: ${15:undefined} # not required. SSH public key applied to root user
wait: ${16:no} # not required. wait for the instance to be in state C(running) before returning
datacenter: ${17:undefined} # not required. datacenter to create an instance in (Linode Datacenter)
alert_bwquota_threshold: ${18:undefined} # not required. Set threshold in MB of bandwidth quota alerts.
backupweeklyday: ${19:undefined} # not required. Integer value for what day of the week to store weekly backups.
name: ${20:undefined} # not required. Name to give the instance (alphanumeric, dashes, underscore).,To keep sanity on the Linode Web Console, name is prepended with C(LinodeID_).
displaygroup: ${21:undefined} # not required. Add the instance to a Display Group in Linode Manager.
alert_cpu_threshold: ${22:undefined} # not required. Set percentage threshold for receiving CPU usage alerts. Each CPU core adds 100% to total.
alert_bwout_enabled: ${23:undefined} # not required. Set status of bandwidth out alerts.
state: ${24|absent,active,deleted,present,restarted,started,stopped|} # not required. choices: absent;active;deleted;present;restarted;started;stopped. Indicate desired state of the resource
swap: ${25:512} # not required. swap size in MB
alert_bwout_threshold: ${26:undefined} # not required. Set threshold in MB of bandwidth out alerts.
distribution: ${27:undefined} # not required. distribution to use for the instance (Linode Distribution)
api_key: ${28:undefined} # not required. Linode API key
plan: ${29:undefined} # not required. plan to use for the instance (Linode plan)
"""
'lldp':
'prefix': "lldp_snippet"
'description': "get details reported by lldp"
'body': """
lldp:
"""
'locale_gen':
'prefix': "locale_gen_snippet"
'description': "Creates or removes locales"
'body': """
locale_gen:
name: ${1:undefined} # required. Name and encoding of the locale, such as \"en_GB.UTF-8\".
state: ${2|absent,present|} # not required. choices: absent;present. Whether the locale shall be present.
"""
'logentries':
'prefix': "logentries_snippet"
'description': "Module for tracking logs via logentries.com"
'body': """
logentries:
path: ${1:undefined} # required. path to a log file
state: ${2|present,absent|} # not required. choices: present;absent. following state of the log
name: ${3:undefined} # not required. name of the log
logtype: ${4:undefined} # not required. type of the log
"""
'logentries_msg':
'prefix': "logentries_msg_snippet"
'description': "Send a message to logentries."
'body': """
logentries_msg:
msg: ${1:undefined} # required. The message body.
token: ${2:undefined} # required. Log token.
api: ${3:data.logentries.com} # not required. API endpoint
port: ${4:80} # not required. API endpoint port
"""
'logicmonitor':
'prefix': "logicmonitor_snippet"
'description': "Manage your LogicMonitor account through Ansible Playbooks"
'body': """
logicmonitor:
company: ${1:null} # required. The LogicMonitor account company name. If you would log in to your account at \"superheroes.logicmonitor.com\" you would use \"superheroes.\"
user: ${2:null} # required. A LogicMonitor user name. The module will authenticate and perform actions on behalf of this user.
password: ${3:null} # required. The password of the specified LogicMonitor user
target: ${4|collector,host,datsource,hostgroup|} # required. choices: collector;host;datsource;hostgroup. The type of LogicMonitor object you wish to manage.,Collector: Perform actions on a LogicMonitor collector.,NOTE You should use Ansible service modules such as M(service) or M(supervisorctl) for managing the Collector 'logicmonitor-agent' and 'logicmonitor-watchdog' services. Specifically, you'll probably want to start these services after a Collector add and stop these services before a Collector remove.,Host: Perform actions on a host device.,Hostgroup: Perform actions on a LogicMonitor host group.,NOTE Host and Hostgroup tasks should always be performed via delegate_to: localhost. There are no benefits to running these tasks on the remote host and doing so will typically cause problems.\n
action: ${5|add,remove,update,sdt|} # required. choices: add;remove;update;sdt. The action you wish to perform on target.,Add: Add an object to your LogicMonitor account.,Remove: Remove an object from your LogicMonitor account.,Update: Update properties, description, or groups (target=host) for an object in your LogicMonitor account.,SDT: Schedule downtime for an object in your LogicMonitor account.
displayname: ${6:hostname -f} # not required. The display name of a host in your LogicMonitor account or the desired display name of a device to manage.,Optional for managing hosts (target=host).
description: ${7:} # not required. The long text description of the object in your LogicMonitor account.,Optional for managing hosts and host groups (target=host or target=hostgroup; action=add or action=update).
groups: ${8:} # not required. A list of groups that the host should be a member of.,Optional for managing hosts (target=host; action=add or action=update).
duration: ${9:30} # not required. The duration (minutes) of the Scheduled Down Time (SDT).,Optional for putting an object into SDT (action=sdt).
collector: ${10:null} # not required. The fully qualified domain name of a collector in your LogicMonitor account.,This is required for the creation of a LogicMonitor host (target=host action=add).,This is required for updating, removing or scheduling downtime for hosts if 'displayname' isn't specified (target=host action=update action=remove action=sdt).
id: ${11:null} # not required. ID of the datasource to target.,Required for management of LogicMonitor datasources (target=datasource).
alertenable: ${12|true,false|} # not required. choices: true;false. A boolean flag to turn alerting on or off for an object.,Optional for managing all hosts (action=add or action=update).
hostname: ${13:hostname -f} # not required. The hostname of a host in your LogicMonitor account, or the desired hostname of a device to manage.,Optional for managing hosts (target=host).
properties: ${14:[object Object]} # not required. A dictionary of properties to set on the LogicMonitor host or host group.,Optional for managing hosts and host groups (target=host or target=hostgroup; action=add or action=update).,This parameter will add or update existing properties in your LogicMonitor account.
starttime: ${15:Now} # not required. The time that the Scheduled Down Time (SDT) should begin.,Optional for managing SDT (action=sdt).,Y-m-d H:M
fullpath: ${16:null} # not required. The fullpath of the host group object you would like to manage.,Recommend running on a single Ansible host.,Required for management of LogicMonitor host groups (target=hostgroup).
"""
'logicmonitor_facts':
'prefix': "logicmonitor_facts_snippet"
'description': "Collect facts about LogicMonitor objects"
'body': """
logicmonitor_facts:
target: ${1|host,hostgroup|} # required. choices: host;hostgroup. The LogicMonitor object you wish to manage.
company: ${2:null} # required. The LogicMonitor account company name. If you would log in to your account at \"superheroes.logicmonitor.com\" you would use \"superheroes\".
user: ${3:null} # required. A LogicMonitor user name. The module will authenticate and perform actions on behalf of this user.
password: ${4:null} # required. The password for the chosen LogicMonitor User.,If an md5 hash is used, the digest flag must be set to true.
displayname: ${5:hostname -f} # not required. The display name of a host in your LogicMonitor account or the desired display name of a device to add into monitoring.
hostname: ${6:hostname -f} # not required. The hostname of a host in your LogicMonitor account, or the desired hostname of a device to add into monitoring.,Required for managing hosts (target=host).
fullpath: ${7:null} # not required. The fullpath of the hostgroup object you would like to manage.,Recommend running on a single ansible host.,Required for management of LogicMonitor host groups (target=hostgroup).
collector: ${8:null} # not required. The fully qualified domain name of a collector in your LogicMonitor account.,This is optional for querying a LogicMonitor host when a displayname is specified.,This is required for querying a LogicMonitor host when a displayname is not specified.
"""
'logstash_plugin':
'prefix': "logstash_plugin_snippet"
'description': "Manage Logstash plugins"
'body': """
logstash_plugin:
name: ${1:undefined} # required. Install plugin with that name.
proxy_port: ${2:None} # not required. Proxy port to use during plugin installation.
state: ${3|present,absent|} # not required. choices: present;absent. Apply plugin state.
version: ${4:None} # not required. Specify plugin Version of the plugin to install. If plugin exists with previous version, it will NOT be updated.
proxy_host: ${5:None} # not required. Proxy host to use during plugin installation.
plugin_bin: ${6:/usr/share/logstash/bin/logstash-plugin} # not required. Specify logstash-plugin to use for plugin management.
"""
'lvg':
'prefix': "lvg_snippet"
'description': "Configure LVM volume groups"
'body': """
lvg:
vg: ${1:undefined} # required. The name of the volume group.
vg_options: ${2:undefined} # not required. Additional options to pass to C(vgcreate) when creating the volume group.
pvs: ${3:undefined} # not required. List of comma-separated devices to use as physical devices in this volume group. Required when creating or resizing volume group.,The module will take care of running pvcreate if needed.
force: ${4:no} # not required. If C(yes), allows to remove volume group with logical volumes.
pesize: ${5:4} # not required. The size of the physical extent in megabytes. Must be a power of 2.
pv_options: ${6:undefined} # not required. Additional options to pass to C(pvcreate) when creating the volume group.
state: ${7|absent,present|} # not required. choices: absent;present. Control if the volume group exists.
"""
'lvol':
'prefix': "lvol_snippet"
'description': "Configure LVM logical volumes"
'body': """
lvol:
pvs: ${1:undefined} # not required. Comma separated list of physical volumes (e.g. /dev/sda,/dev/sdb).
force: ${2:no} # not required. Shrink or remove operations of volumes requires this switch. Ensures that that filesystems get never corrupted/destroyed by mistake.
vg: ${3:undefined} # not required. The volume group this logical volume is part of.
lv: ${4:undefined} # not required. The name of the logical volume.
resizefs: ${5:yes} # not required. Resize the underlying filesystem together with the logical volume.
state: ${6|absent,present|} # not required. choices: absent;present. Control if the logical volume exists. If C(present) and the volume does not already exist then the C(size) option is required.
thinpool: ${7:undefined} # not required. The thin pool volume name. When you want to create a thin provisioned volume, specify a thin pool volume name.
snapshot: ${8:undefined} # not required. The name of the snapshot volume
active: ${9:yes} # not required. Whether the volume is activate and visible to the host.
shrink: ${10:yes} # not required. Shrink if current size is higher than size requested.
opts: ${11:undefined} # not required. Free-form options to be passed to the lvcreate command.
size: ${12:undefined} # not required. The size of the logical volume, according to lvcreate(8) --size, by default in megabytes or optionally with one of [bBsSkKmMgGtTpPeE] units; or according to lvcreate(8) --extents as a percentage of [VG|PVS|FREE]; Float values must begin with a digit. Resizing using percentage values was not supported prior to 2.1.
"""
'lxc_container':
'prefix': "lxc_container_snippet"
'description': "Manage LXC Containers"
'body': """
lxc_container:
name: ${1:undefined} # required. Name of a container.
archive_path: ${2:null} # not required. Path the save the archived container. If the path does not exist the archive method will attempt to create it.
zfs_root: ${3:undefined} # not required. Create zfs under given zfsroot.
container_log_level: ${4|INFO,ERROR,DEBUG|} # not required. choices: INFO;ERROR;DEBUG. Set the log level for a container where *container_log* was set.
template_options: ${5:undefined} # not required. Template options when building the container.
container_command: ${6:undefined} # not required. Run a command within a container.
clone_name: ${7:false} # not required. Name of the new cloned server. This is only used when state is clone.
lxc_path: ${8:undefined} # not required. Place container under PATH
container_config: ${9:undefined} # not required. list of 'key=value' options to use when configuring a container.
fs_type: ${10:ext4} # not required. Create fstype TYPE.
archive: ${11|true,false|} # not required. choices: true;false. Create an archive of a container. This will create a tarball of the running container.
vg_name: ${12:lxc} # not required. If Backend store is lvm, specify the name of the volume group.
clone_snapshot: ${13|true,false|} # not required. choices: true;false. Create a snapshot a container when cloning. This is not supported by all container storage backends. Enabling this may fail if the backing store does not support snapshots.
container_log: ${14|true,false|} # not required. choices: true;false. Enable a container log for host actions to the container.
lv_name: ${15:$CONTAINER_NAME} # not required. Name of the logical volume, defaults to the container name.
fs_size: ${16:5G} # not required. File system Size.
archive_compression: ${17|gzip,bzip2,none|} # not required. choices: gzip;bzip2;none. Type of compression to use when creating an archive of a running container.
backing_store: ${18|dir,lvm,loop,btrfs,overlayfs,zfs|} # not required. choices: dir;lvm;loop;btrfs;overlayfs;zfs. Backend storage type for the container.
state: ${19|started,stopped,restarted,absent,frozen|} # not required. choices: started;stopped;restarted;absent;frozen. Define the state of a container. If you clone a container using `clone_name` the newly cloned container created in a stopped state. The running container will be stopped while the clone operation is happening and upon completion of the clone the original container state will be restored.
thinpool: ${20:undefined} # not required. Use LVM thin pool called TP.
template: ${21:ubuntu} # not required. Name of the template to use within an LXC create.
directory: ${22:undefined} # not required. Place rootfs directory under DIR.
config: ${23:null} # not required. Path to the LXC configuration file.
"""
'lxd_container':
'prefix': "lxd_container_snippet"
'description': "Manage LXD Containers"
'body': """
lxd_container:
name: ${1:undefined} # required. Name of a container.
source: ${2:undefined} # not required. The source for the container (e.g. { \"type\": \"image\", \"mode\": \"pull\", \"server\": \"https://images.linuxcontainers.org\", \"protocol\": \"lxd\", \"alias\": \"ubuntu/xenial/amd64\" }). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)
url: ${3:unix:/var/lib/lxd/unix.socket} # not required. The unix domain socket path or the https URL for the LXD server.
config: ${4:undefined} # not required. The config for the container (e.g. {\"limits.cpu\": \"2\"}). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1),If the container already exists and its \"config\" value in metadata obtained from GET /1.0/containers/<name> U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#10containersname) are different, they this module tries to apply the configurations.,The key starts with 'volatile.' are ignored for this comparison.,Not all config values are supported to apply the existing container. Maybe you need to delete and recreate a container.
cert_file: ${5:\"{}/.config/lxc/client.crt\" .format(os.environ[\"HOME\"])} # not required. The client certificate file path.
ephemeral: ${6:undefined} # not required. Whether or not the container is ephemeral (e.g. true or false). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)
devices: ${7:undefined} # not required. The devices for the container (e.g. { \"rootfs\': \"path\": \"/dev/kvm\", \"type\": \"unix-char\" }). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)
wait_for_ipv4_addresses: ${8:false} # not required. If this is true, the C(lxd_container) waits until IPv4 addresses are set to the all network interfaces in the container after starting or restarting.
state: ${9|started,stopped,restarted,absent,frozen|} # not required. choices: started;stopped;restarted;absent;frozen. Define the state of a container.
architecture: ${10:undefined} # not required. The architecture for the container (e.g. \"x86_64\" or \"i686\"). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)
timeout: ${11:30} # not required. A timeout for changing the state of the container.,This is also used as a timeout for waiting until IPv4 addresses are set to the all network interfaces in the container after starting or restarting.
key_file: ${12:\"{}/.config/lxc/client.key\" .format(os.environ[\"HOME\"])} # not required. The client certificate key file path.
trust_password: ${13:undefined} # not required. The client trusted password.,You need to set this password on the LXD server before running this module using the following command. lxc config set core.trust_password <some random password> See U(https://www.stgraber.org/2016/04/18/lxd-api-direct-interaction/),If trust_password is set, this module send a request for authentication before sending any requests.
force_stop: ${14:false} # not required. If this is true, the C(lxd_container) forces to stop the container when it stops or restarts the container.
"""
'lxd_profile':
'prefix': "lxd_profile_snippet"
'description': "Manage LXD profiles"
'body': """
lxd_profile:
name: ${1:undefined} # required. Name of a profile.
new_name: ${2:undefined} # not required. A new name of a profile.,If this parameter is specified a profile will be renamed to this name. See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-11)
url: ${3:unix:/var/lib/lxd/unix.socket} # not required. The unix domain socket path or the https URL for the LXD server.
config: ${4:undefined} # not required. The config for the container (e.g. {\"limits.memory\": \"4GB\"}). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#patch-3),If the profile already exists and its \"config\" value in metadata obtained from GET /1.0/profiles/<name> U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#get-19) are different, they this module tries to apply the configurations.,Not all config values are supported to apply the existing profile. Maybe you need to delete and recreate a profile.
cert_file: ${5:\"{}/.config/lxc/client.crt\" .format(os.environ[\"HOME\"])} # not required. The client certificate file path.
devices: ${6:undefined} # not required. The devices for the profile (e.g. {\"rootfs\':\"path\": \"/dev/kvm\", \"type\": \"unix-char\"}). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#patch-3)
state: ${7|present,absent|} # not required. choices: present;absent. Define the state of a profile.
key_file: ${8:\"{}/.config/lxc/client.key\" .format(os.environ[\"HOME\"])} # not required. The client certificate key file path.
trust_password: ${9:undefined} # not required. The client trusted password.,You need to set this password on the LXD server before running this module using the following command. lxc config set core.trust_password <some random password> See U(https://www.stgraber.org/2016/04/18/lxd-api-direct-interaction/),If trust_password is set, this module send a request for authentication before sending any requests.
description: ${10:undefined} # not required. Description of the profile.
"""
'macports':
'prefix': "macports_snippet"
'description': "Package manager for MacPorts"
'body': """
macports:
name: ${1:undefined} # required. name of package to install/remove
state: ${2|present,absent,active,inactive|} # not required. choices: present;absent;active;inactive. state of the package
update_cache: ${3|yes,no|} # not required. choices: yes;no. update the package db first
"""
'mail':
'prefix': "mail_snippet"
'description': "Send an email"
'body': """
mail:
subject: ${1:undefined} # required. The subject of the email being sent.
body: ${2:$subject} # not required. The body of the email being sent.
username: ${3:undefined} # not required. If SMTP requires username.
secure: ${4|always,never,starttls,try|} # not required. choices: always;never;starttls;try. If C(always), the connection will only send email if the connection is Encrypted. If the server doesn't accept the encrypted connection it will fail.,If C(try), the connection will attempt to setup a secure SSL/TLS session, before trying to send.,If C(never), the connection will not attempt to setup a secure SSL/TLS session, before sending,If C(starttls), the connection will try to upgrade to a secure SSL/TLS connection, before sending. If it is unable to do so it will fail.
cc: ${5:undefined} # not required. The email-address(es) the mail is being copied to.,This is a list, which may contain address and phrase portions.
host: ${6:localhost} # not required. The mail server.
password: ${7:undefined} # not required. If SMTP requires password.
port: ${8:25} # not required. The mail server port.,This must be a valid integer between 1 and 65534
to: ${9:root} # not required. The email-address(es) the mail is being sent to.,This is a list, which may contain address and phrase portions.
from: ${10:root} # not required. The email-address the mail is sent from. May contain address and phrase.
headers: ${11:} # not required. A list of headers which should be added to the message.,Each individual header is specified as C(header=value) (see example below).
charset: ${12:utf-8} # not required. The character set of email being sent.
bcc: ${13:undefined} # not required. The email-address(es) the mail is being 'blind' copied to.,This is a list, which may contain address and phrase portions.
attach: ${14:} # not required. A list of pathnames of files to attach to the message.,Attached files will have their content-type set to C(application/octet-stream).
timeout: ${15:20} # not required. Sets the timeout in seconds for connection attempts.
subtype: ${16|html,plain|} # not required. choices: html;plain. The minor mime type, can be either C(plain) or C(html).,The major type is always C(text).
"""
'make':
'prefix': "make_snippet"
'description': "Run targets in a Makefile"
'body': """
make:
chdir: ${1:undefined} # required. cd into this directory before running make
params: ${2:none} # not required. Any extra parameters to pass to make
target: ${3:none} # not required. The target to run
file: ${4:none} # not required. Use file as a Makefile
"""
'manageiq_alert_profiles':
'prefix': "manageiq_alert_profiles_snippet"
'description': "Configuration of alert profiles for ManageIQ"
'body': """
manageiq_alert_profiles:
manageiq_connection: ${1:undefined} # required. ManageIQ connection configuration information.
name: ${2:undefined} # not required. The unique alert profile name in ManageIQ.,Required when state is \"absent\" or \"present\".
notes: ${3:undefined} # not required. Optional notes for this profile
alerts: ${4:undefined} # not required. List of alert descriptions to assign to this profile.,Required if state is \"present\"
state: ${5|absent,present|} # not required. choices: absent;present. absent - alert profile should not exist,,present - alert profile should exist,
resource_type: ${6|Vm,ContainerNode,MiqServer,Host,Storage,EmsCluster,ExtManagementSystem,MiddlewareServer|} # not required. choices: Vm;ContainerNode;MiqServer;Host;Storage;EmsCluster;ExtManagementSystem;MiddlewareServer. The resource type for the alert profile in ManageIQ. Required when state is \"present\".
"""
'manageiq_alerts':
'prefix': "manageiq_alerts_snippet"
'description': "Configuration of alerts in ManageIQ"
'body': """
manageiq_alerts:
manageiq_connection: ${1:undefined} # required. ManageIQ connection configuration information.
state: ${2|absent,present|} # not required. choices: absent;present. absent - alert should not exist,,present - alert should exist,
description: ${3:undefined} # not required. The unique alert description in ManageIQ.,Required when state is \"absent\" or \"present\".
expression: ${4:undefined} # not required. The alert expression for ManageIQ.,Can either be in the \"Miq Expression\" format or the \"Hash Expression format\".,Required if state is \"present\".
expression_type: ${5|hash,miq|} # not required. choices: hash;miq. Expression type.
enabled: ${6:undefined} # not required. Enable or disable the alert. Required if state is \"present\".
options: ${7:undefined} # not required. Additional alert options, such as notification type and frequency
resource_type: ${8|Vm,ContainerNode,MiqServer,Host,Storage,EmsCluster,ExtManagementSystem,MiddlewareServer|} # not required. choices: Vm;ContainerNode;MiqServer;Host;Storage;EmsCluster;ExtManagementSystem;MiddlewareServer. The entity type for the alert in ManageIQ. Required when state is \"present\".
"""
'manageiq_policies':
'prefix': "manageiq_policies_snippet"
'description': "Management of resource policy_profiles in ManageIQ."
'body': """
manageiq_policies:
manageiq_connection: ${1:undefined} # required. ManageIQ connection configuration information.
resource_name: ${2:null} # required. the name of the resource to which the profile should be [un]assigned
resource_type: ${3|provider,host,vm,blueprint,category,cluster,data store,group,resource pool,service,service template,template,tenant,user|} # required. choices: provider;host;vm;blueprint;category;cluster;data store;group;resource pool;service;service template;template;tenant;user. the type of the resource to which the profile should be [un]assigned
state: ${4|absent,present,list|} # not required. choices: absent;present;list. absent - policy_profiles should not exist,,present - policy_profiles should exist,,list - list current policy_profiles and policies.
policy_profiles: ${5:null} # not required. list of dictionaries, each includes the policy_profile 'name' key.,required if state is present or absent.
"""
'manageiq_provider':
'prefix': "manageiq_provider_snippet"
'description': "Management of provider in ManageIQ."
'body': """
manageiq_provider:
name: ${1:undefined} # required. The provider's name.
manageiq_connection: ${2:undefined} # required. ManageIQ connection configuration information.
type: ${3|Openshift,Amazon,oVirt,VMware,Azure,Director,OpenStack,GCE|} # required. choices: Openshift;Amazon;oVirt;VMware;Azure;Director;OpenStack;GCE. The provider's type.
ssh_keypair: ${4:null} # not required. SSH key pair used for SSH connections to all hosts in this provider.
host_default_vnc_port_start: ${5:null} # not required. The first port in the host VNC range. defaults to None.
tenant_mapping_enabled: ${6:false} # not required. Whether to enable mapping of existing tenants. defaults to False.
metrics: ${7:null} # not required. Metrics endpoint connection information.
azure_tenant_id: ${8:null} # not required. Tenant ID. defaults to None.
provider_region: ${9:null} # not required. The provider region name to connect to (e.g. AWS region for Amazon).
subscription: ${10:null} # not required. Microsoft Azure subscription ID. defaults to None.
zone: ${11:default} # not required. The ManageIQ zone name that will manage the provider.
host_default_vnc_port_end: ${12:null} # not required. The last port in the host VNC range. defaults to None.
alerts: ${13:null} # not required. Alerts endpoint connection information.
project: ${14:null} # not required. Google Compute Engine Project ID. defaults to None.
state: ${15|absent,present|} # not required. choices: absent;present. absent - provider should not exist, present - provider should be present.
provider: ${16:null} # not required. Default endpoint connection information, required if state is true.
api_version: ${17|v2,v3|} # not required. choices: v2;v3. The OpenStack Keystone API version. defaults to None.
"""
'manageiq_tags':
'prefix': "manageiq_tags_snippet"
'description': "Management of resource tags in ManageIQ."
'body': """
manageiq_tags:
manageiq_connection: ${1:undefined} # required. ManageIQ connection configuration information.
resource_name: ${2:null} # required. the relevant resource name in manageiq
resource_type: ${3|provider,host,vm,blueprint,category,cluster,data store,group,resource pool,service,service template,template,tenant,user|} # required. choices: provider;host;vm;blueprint;category;cluster;data store;group;resource pool;service;service template;template;tenant;user. the relevant resource type in manageiq
state: ${4|absent,present,list|} # not required. choices: absent;present;list. absent - tags should not exist,,present - tags should exist,,list - list current tags.
tags: ${5:null} # not required. tags - list of dictionaries, each includes 'name' and 'category' keys.,required if state is present or absent.
"""
'manageiq_user':
'prefix': "manageiq_user_snippet"
'description': "Management of users in ManageIQ."
'body': """
manageiq_user:
manageiq_connection: ${1:undefined} # required. ManageIQ connection configuration information.
userid: ${2:undefined} # required. The unique userid in manageiq, often mentioned as username.
update_password: ${3|always,on_create|} # not required. choices: always;on_create. C(always) will update passwords unconditionally. C(on_create) will only set the password for a newly created user.
group: ${4:null} # not required. The name of the group to which the user belongs.
name: ${5:null} # not required. The users' full name.
password: ${6:null} # not required. The users' password.
state: ${7|absent,present|} # not required. choices: absent;present. absent - user should not exist, present - user should be.
email: ${8:null} # not required. The users' E-mail address.
"""
'mattermost':
'prefix': "mattermost_snippet"
'description': "Send Mattermost notifications"
'body': """
mattermost:
url: ${1:undefined} # required. Mattermost url (i.e. http://mattermost.yourcompany.com).
text: ${2:undefined} # required. Text to send. Note that the module does not handle escaping characters.
api_key: ${3:undefined} # required. Mattermost webhook api key. Log into your mattermost site, go to Menu -> Integration -> Incoming Webhook -> Add Incoming Webhook. This will give you full URL. api_key is the last part. http://mattermost.example.com/hooks/C(API_KEY)
username: ${4:Ansible} # not required. This is the sender of the message (Username Override need to be enabled by mattermost admin, see mattermost doc.
icon_url: ${5:https://www.ansible.com/favicon.ico} # not required. Url for the message sender's icon.
validate_certs: ${6|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
channel: ${7:undefined} # not required. Channel to send the message to. If absent, the message goes to the channel selected for the I(api_key).
"""
'maven_artifact':
'prefix': "maven_artifact_snippet"
'description': "Downloads an Artifact from a Maven Repository"
'body': """
maven_artifact:
state: ${1|present,absent|} # required. choices: present;absent. The desired state of the artifact
artifact_id: ${2:undefined} # required. The maven artifactId coordinate
dest: ${3:false} # required. The path where the artifact should be written to,If file mode or ownerships are specified and destination path already exists, they affect the downloaded file
group_id: ${4:undefined} # required. The Maven groupId coordinate
repository_url: ${5:http://repo1.maven.org/maven2} # not required. The URL of the Maven Repository to download from.,Use s3://... if the repository is hosted on Amazon S3, added in version 2.2.
owner: ${6:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
keep_name: ${7|yes,no|} # not required. choices: yes;no. If C(yes), the downloaded artifact's name is preserved, i.e the version number remains part of it.,This option only has effect when C(dest) is a directory and C(version) is set to C(latest).
group: ${8:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
unsafe_writes: ${9:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
serole: ${10:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
version: ${11:latest} # not required. The maven version coordinate
setype: ${12:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
username: ${13:null} # not required. The username to authenticate as to the Maven Repository. Use AWS secret key of the repository is hosted on S3
selevel: ${14:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
password: ${15:null} # not required. The password to authenticate with to the Maven Repository. Use AWS secret access key of the repository is hosted on S3
extension: ${16:jar} # not required. The maven type/extension coordinate
seuser: ${17:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
mode: ${18:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
timeout: ${19:10} # not required. Specifies a timeout in seconds for the connection attempt
attributes: ${20:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
validate_certs: ${21|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be set to C(no) when no other option exists.
classifier: ${22:null} # not required. The maven classifier coordinate
"""
'meta':
'prefix': "meta_snippet"
'description': "Execute Ansible 'actions'"
'body': """
meta:
free_form: ${1|noop,flush_handlers,refresh_inventory,clear_facts,clear_host_errors,end_play,reset_connection|} # required. choices: noop;flush_handlers;refresh_inventory;clear_facts;clear_host_errors;end_play;reset_connection. This module takes a free form command, as a string. There's not an actual option named \"free form\". See the examples!,C(flush_handlers) makes Ansible run any handler tasks which have thus far been notified. Ansible inserts these tasks internally at certain points to implicitly trigger handler runs (after pre/post tasks, the final role execution, and the main tasks section of your plays).\n,C(refresh_inventory) (added in 2.0) forces the reload of the inventory, which in the case of dynamic inventory scripts means they will be re-executed. This is mainly useful when additional hosts are created and users wish to use them instead of using the `add_host` module.\"\n,C(noop) (added in 2.0) This literally does 'nothing'. It is mainly used internally and not recommended for general use.,C(clear_facts) (added in 2.1) causes the gathered facts for the hosts specified in the play's list of hosts to be cleared, including the fact cache.,C(clear_host_errors) (added in 2.1) clears the failed state (if any) from hosts specified in the play's list of hosts.,C(end_play) (added in 2.2) causes the play to end without failing the host(s). Note that this affects all hosts.,C(reset_connection) (added in 2.3) interrupts a persistent connection (i.e. ssh + control persist)
"""
'mksysb':
'prefix': "mksysb_snippet"
'description': "Generates AIX mksysb rootvg backups."
'body': """
mksysb:
name: ${1:undefined} # required. Backup name
storage_path: ${2:undefined} # required. Storage path where the mksysb will stored.
exclude_files: ${3|yes,no|} # not required. choices: yes;no. Excludes files using C(/etc/rootvg.exclude).
software_packing: ${4|yes,no|} # not required. choices: yes;no. Exclude files from packing option listed in C(/etc/exclude_packing.rootvg).
use_snapshot: ${5|yes,no|} # not required. choices: yes;no. Creates backup using snapshots.
create_map_files: ${6|yes,no|} # not required. choices: yes;no. Creates a new MAP files.
extended_attrs: ${7|yes,no|} # not required. choices: yes;no. Backup extended attributes.
backup_crypt_files: ${8|yes,no|} # not required. choices: yes;no. Backup encrypted files.
new_image_data: ${9|yes,no|} # not required. choices: yes;no. Creates a new file data.
exclude_wpar_files: ${10|yes,no|} # not required. choices: yes;no. Excludes WPAR files.
backup_dmapi_fs: ${11|yes,no|} # not required. choices: yes;no. Back up DMAPI filesystem files.
"""
'modprobe':
'prefix': "modprobe_snippet"
'description': "Load or unload kernel modules"
'body': """
modprobe:
name: ${1:undefined} # required. Name of kernel module to manage.
state: ${2|absent,present|} # not required. choices: absent;present. Whether the module should be present or absent.
params: ${3:} # not required. Modules parameters.
"""
'mongodb_parameter':
'prefix': "mongodb_parameter_snippet"
'description': "Change an administrative parameter on a MongoDB server."
'body': """
mongodb_parameter:
database: ${1:undefined} # required. The name of the database to add/remove the user from
param: ${2:undefined} # required. MongoDB administrative parameter to modify
value: ${3:undefined} # required. MongoDB administrative parameter value to set
login_port: ${4:27017} # not required. The port to connect to
login_user: ${5:null} # not required. The username used to authenticate with
login_host: ${6:localhost} # not required. The host running the database
login_database: ${7:null} # not required. The database where login credentials are stored
ssl: ${8:false} # not required. Whether to use an SSL connection when connecting to the database
param_type: ${9:str} # not required. Define the parameter value (str, int)
login_password: ${10:null} # not required. The password used to authenticate with
replica_set: ${11:null} # not required. Replica set to connect to (automatically connects to primary for writes)
"""
'mongodb_user':
'prefix': "mongodb_user_snippet"
'description': "Adds or removes a user from a MongoDB database."
'body': """
mongodb_user:
name: ${1:null} # required. The name of the user to add or remove
database: ${2:undefined} # required. The name of the database to add/remove the user from
login_port: ${3:27017} # not required. The port to connect to
update_password: ${4|always,on_create|} # not required. choices: always;on_create. C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users.
roles: ${5:readWrite} # not required. The database user roles valid values could either be one or more of the following strings: 'read', 'readWrite', 'dbAdmin', 'userAdmin', 'clusterAdmin', 'readAnyDatabase', 'readWriteAnyDatabase', 'userAdminAnyDatabase', 'dbAdminAnyDatabase'\n,Or the following dictionary '{ db: DATABASE_NAME, role: ROLE_NAME }'.,This param requires pymongo 2.5+. If it is a string, mongodb 2.4+ is also required. If it is a dictionary, mongo 2.6+ is required.
login_user: ${6:null} # not required. The username used to authenticate with
login_host: ${7:localhost} # not required. The host running the database
login_database: ${8:null} # not required. The database where login credentials are stored
ssl_cert_reqs: ${9|CERT_REQUIRED,CERT_OPTIONAL,CERT_NONE|} # not required. choices: CERT_REQUIRED;CERT_OPTIONAL;CERT_NONE. Specifies whether a certificate is required from the other side of the connection, and whether it will be validated if provided.
ssl: ${10:false} # not required. Whether to use an SSL connection when connecting to the database
state: ${11|present,absent|} # not required. choices: present;absent. The database user state
login_password: ${12:null} # not required. The password used to authenticate with
password: ${13:null} # not required. The password to use for the user
replica_set: ${14:null} # not required. Replica set to connect to (automatically connects to primary for writes)
"""
'monit':
'prefix': "monit_snippet"
'description': "Manage the state of a program monitored via Monit"
'body': """
monit:
state: ${1|present,started,stopped,restarted,monitored,unmonitored,reloaded|} # required. choices: present;started;stopped;restarted;monitored;unmonitored;reloaded. The state of service
name: ${2:null} # required. The name of the I(monit) program/process to manage
timeout: ${3:300} # not required. If there are pending actions for the service monitored by monit, then Ansible will check for up to this many seconds to verify the requested action has been performed. Ansible will sleep for five seconds between each check.
"""
'mount':
'prefix': "mount_snippet"
'description': "Control active and configured mount points"
'body': """
mount:
state: ${1|absent,mounted,present,unmounted|} # required. choices: absent;mounted;present;unmounted. If C(mounted), the device will be actively mounted and appropriately configured in I(fstab). If the mount point is not present, the mount point will be created.,If C(unmounted), the device will be unmounted without changing I(fstab).,C(present) only specifies that the device is to be configured in I(fstab) and does not trigger or require a mount.,C(absent) specifies that the device mount's entry will be removed from I(fstab) and will also unmount the device and remove the mount point.
path: ${2:undefined} # required. Path to the mount point (e.g. C(/mnt/files)).,Before 2.3 this option was only usable as I(dest), I(destfile) and I(name).
src: ${3:undefined} # not required. Device to be mounted on I(path). Required when I(state) set to C(present) or C(mounted).
dump: ${4:0} # not required. Dump (see fstab(5)). Note that if set to C(null) and I(state) set to C(present), it will cease to work and duplicate entries will be made with subsequent runs.,Has no effect on Solaris systems.
passno: ${5:0} # not required. Passno (see fstab(5)). Note that if set to C(null) and I(state) set to C(present), it will cease to work and duplicate entries will be made with subsequent runs.,Deprecated on Solaris systems.
fstab: ${6:/etc/fstab (/etc/vfstab on Solaris)} # not required. File to use instead of C(/etc/fstab). You shouldn't use this option unless you really know what you are doing. This might be useful if you need to configure mountpoints in a chroot environment. OpenBSD does not allow specifying alternate fstab files with mount so do not use this on OpenBSD with any state that operates on the live filesystem.
boot: ${7:yes} # not required. Determines if the filesystem should be mounted on boot.,Only applies to Solaris systems.
fstype: ${8:undefined} # not required. Filesystem type. Required when I(state) is C(present) or C(mounted).
backup: ${9|yes,no|} # not required. choices: yes;no. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
opts: ${10:undefined} # not required. Mount options (see fstab(5), or vfstab(4) on Solaris).
"""
'mqtt':
'prefix': "mqtt_snippet"
'description': "Publish a message on an MQTT topic for the IoT"
'body': """
mqtt:
topic: ${1:null} # required. MQTT topic name
payload: ${2:null} # required. Payload. The special string C(\"None\") may be used to send a NULL (i.e. empty) payload which is useful to simply notify with the I(topic) or to clear previously retained messages.
username: ${3:undefined} # not required. Username to authenticate against the broker.
certfile: ${4:None} # not required. The path pointing to the PEM encoded client certificate. If this is not None it will be used as client information for TLS based authentication. Support for this feature is broker dependent.
port: ${5:1883} # not required. MQTT broker port number
server: ${6:localhost} # not required. MQTT broker address/name
client_id: ${7:hostname + pid} # not required. MQTT client identifier
ca_certs: ${8:None} # not required. The path to the Certificate Authority certificate files that are to be treated as trusted by this client. If this is the only option given then the client will operate in a similar manner to a web browser. That is to say it will require the broker to have a certificate signed by the Certificate Authorities in ca_certs and will communicate using TLS v1, but will not attempt any form of authentication. This provides basic network encryption but may not be sufficient depending on how the broker is configured.
retain: ${9:false} # not required. Setting this flag causes the broker to retain (i.e. keep) the message so that applications that subsequently subscribe to the topic can received the last retained message immediately.
password: ${10:undefined} # not required. Password for C(username) to authenticate against the broker.
keyfile: ${11:None} # not required. The path pointing to the PEM encoded client private key. If this is not None it will be used as client information for TLS based authentication. Support for this feature is broker dependent.
qos: ${12|0,1,2|} # not required. choices: 0;1;2. QoS (Quality of Service)
"""
'mssql_db':
'prefix': "mssql_db_snippet"
'description': "Add or remove MSSQL databases from a remote host."
'body': """
mssql_db:
name: ${1:null} # required. name of the database to add or remove
autocommit: ${2|false,true|} # not required. choices: false;true. Automatically commit the change only if the import succeed. Sometimes it is necessary to use autocommit=true, since some content can't be changed within a transaction.
login_port: ${3:1433} # not required. Port of the MSSQL server. Requires login_host be defined as other then localhost if login_port is used
login_user: ${4:null} # not required. The username used to authenticate with
login_host: ${5:undefined} # not required. Host running the database
state: ${6|present,absent,import|} # not required. choices: present;absent;import. The database state
login_password: ${7:null} # not required. The password used to authenticate with
target: ${8:undefined} # not required. Location, on the remote host, of the dump file to read from or write to. Uncompressed SQL files (C(.sql)) files are supported.
"""
'mysql_db':
'prefix': "mysql_db_snippet"
'description': "Add or remove MySQL databases from a remote host."
'body': """
mysql_db:
name: ${1:null} # required. name of the database to add or remove,name=all May only be provided if I(state) is C(dump) or C(import).,if name=all Works like --all-databases option for mysqldump (Added in 2.0)
ssl_key: ${2:null} # not required. The path to the client private key.
config_file: ${3:~/.my.cnf} # not required. Specify a config file from which user and password are to be read.
encoding: ${4:null} # not required. Encoding mode to use, examples include C(utf8) or C(latin1_swedish_ci)
login_user: ${5:null} # not required. The username used to authenticate with.
login_host: ${6:localhost} # not required. Host running the database.
login_unix_socket: ${7:null} # not required. The path to a Unix domain socket for local connections.
login_password: ${8:null} # not required. The password used to authenticate with.
collation: ${9:null} # not required. Collation mode (sorting). This only applies to new table/databases and does not update existing ones, this is a limitation of MySQL.
ssl_ca: ${10:null} # not required. The path to a Certificate Authority (CA) certificate. This option, if used, must specify the same certificate as used by the server.
single_transaction: ${11:false} # not required. Execute the dump in a single transaction
login_port: ${12:3306} # not required. Port of the MySQL server. Requires I(login_host) be defined as other then localhost if login_port is used.
ssl_cert: ${13:null} # not required. The path to a client public key certificate.
target: ${14:undefined} # not required. Location, on the remote host, of the dump file to read from or write to. Uncompressed SQL files (C(.sql)) as well as bzip2 (C(.bz2)), gzip (C(.gz)) and xz (Added in 2.0) compressed files are supported.
state: ${15|present,absent,dump,import|} # not required. choices: present;absent;dump;import. The database state
quick: ${16:true} # not required. Option used for dumping large tables
connect_timeout: ${17:30} # not required. The connection timeout when connecting to the MySQL server.
"""
'mysql_replication':
'prefix': "mysql_replication_snippet"
'description': "Manage MySQL replication"
'body': """
mysql_replication:
master_ssl_cert: ${1:undefined} # not required. same as mysql variable
master_auto_position: ${2:null} # not required. does the host uses GTID based replication or not
config_file: ${3:~/.my.cnf} # not required. Specify a config file from which user and password are to be read.
master_password: ${4:undefined} # not required. same as mysql variable
master_host: ${5:undefined} # not required. same as mysql variable
login_host: ${6:localhost} # not required. Host running the database.
login_password: ${7:null} # not required. The password used to authenticate with.
master_ssl_capath: ${8:undefined} # not required. same as mysql variable
master_ssl_ca: ${9:undefined} # not required. same as mysql variable
login_unix_socket: ${10:null} # not required. The path to a Unix domain socket for local connections.
master_connect_retry: ${11:undefined} # not required. same as mysql variable
master_user: ${12:undefined} # not required. same as mysql variable
master_port: ${13:undefined} # not required. same as mysql variable
master_log_file: ${14:undefined} # not required. same as mysql variable
master_ssl_cipher: ${15:undefined} # not required. same as mysql variable
relay_log_file: ${16:undefined} # not required. same as mysql variable
login_port: ${17:3306} # not required. Port of the MySQL server. Requires I(login_host) be defined as other then localhost if login_port is used.
ssl_cert: ${18:null} # not required. The path to a client public key certificate.
master_ssl: ${19|0,1|} # not required. choices: 0;1. same as mysql variable
ssl_key: ${20:null} # not required. The path to the client private key.
ssl_ca: ${21:null} # not required. The path to a Certificate Authority (CA) certificate. This option, if used, must specify the same certificate as used by the server.
master_ssl_key: ${22:undefined} # not required. same as mysql variable
mode: ${23|getslave,getmaster,changemaster,stopslave,startslave,resetslave,resetslaveall|} # not required. choices: getslave;getmaster;changemaster;stopslave;startslave;resetslave;resetslaveall. module operating mode. Could be getslave (SHOW SLAVE STATUS), getmaster (SHOW MASTER STATUS), changemaster (CHANGE MASTER TO), startslave (START SLAVE), stopslave (STOP SLAVE), resetslave (RESET SLAVE), resetslaveall (RESET SLAVE ALL)
login_user: ${24:null} # not required. The username used to authenticate with.
master_log_pos: ${25:undefined} # not required. same as mysql variable
connect_timeout: ${26:30} # not required. The connection timeout when connecting to the MySQL server.
relay_log_pos: ${27:undefined} # not required. same as mysql variable
"""
'mysql_user':
'prefix': "mysql_user_snippet"
'description': "Adds or removes a user from a MySQL database."
'body': """
mysql_user:
name: ${1:undefined} # required. name of the user (role) to add or remove
login_port: ${2:3306} # not required. Port of the MySQL server. Requires I(login_host) be defined as other then localhost if login_port is used.
update_password: ${3|always,on_create|} # not required. choices: always;on_create. C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users.
ssl_cert: ${4:null} # not required. The path to a client public key certificate.
config_file: ${5:~/.my.cnf} # not required. Specify a config file from which user and password are to be read.
ssl_key: ${6:null} # not required. The path to the client private key.
encrypted: ${7|yes,no|} # not required. choices: yes;no. Indicate that the 'password' field is a `mysql_native_password` hash
login_host: ${8:localhost} # not required. Host running the database.
append_privs: ${9|yes,no|} # not required. choices: yes;no. Append the privileges defined by priv to the existing ones for this user instead of overwriting existing ones.
sql_log_bin: ${10|yes,no|} # not required. choices: yes;no. Whether binary logging should be enabled or disabled for the connection.
host_all: ${11|yes,no|} # not required. choices: yes;no. override the host option, making ansible apply changes to all hostnames for a given user. This option cannot be used when creating users
ssl_ca: ${12:null} # not required. The path to a Certificate Authority (CA) certificate. This option, if used, must specify the same certificate as used by the server.
login_password: ${13:null} # not required. The password used to authenticate with.
login_unix_socket: ${14:null} # not required. The path to a Unix domain socket for local connections.
state: ${15|present,absent|} # not required. choices: present;absent. Whether the user should exist. When C(absent), removes the user.
login_user: ${16:null} # not required. The username used to authenticate with.
host: ${17:localhost} # not required. the 'host' part of the MySQL username
check_implicit_admin: ${18|yes,no|} # not required. choices: yes;no. Check if mysql allows login as root/nopassword before trying supplied credentials.
password: ${19:null} # not required. set the user's password.
connect_timeout: ${20:30} # not required. The connection timeout when connecting to the MySQL server.
priv: ${21:null} # not required. MySQL privileges string in the format: C(db.table:priv1,priv2).,Multiple privileges can be specified by separating each one using a forward slash: C(db.table:priv/db.table:priv).,The format is based on MySQL C(GRANT) statement.,Database and table names can be quoted, MySQL-style.,If column privileges are used, the C(priv1,priv2) part must be exactly as returned by a C(SHOW GRANT) statement. If not followed, the module will always report changes. It includes grouping columns by permission (C(SELECT(col1,col2)) instead of C(SELECT(col1),SELECT(col2))).
"""
'mysql_variables':
'prefix': "mysql_variables_snippet"
'description': "Manage MySQL global variables"
'body': """
mysql_variables:
variable: ${1:undefined} # required. Variable name to operate
login_port: ${2:3306} # not required. Port of the MySQL server. Requires I(login_host) be defined as other then localhost if login_port is used.
ssl_cert: ${3:null} # not required. The path to a client public key certificate.
config_file: ${4:~/.my.cnf} # not required. Specify a config file from which user and password are to be read.
ssl_key: ${5:null} # not required. The path to the client private key.
login_user: ${6:null} # not required. The username used to authenticate with.
login_host: ${7:localhost} # not required. Host running the database.
value: ${8:undefined} # not required. If set, then sets variable value to this
ssl_ca: ${9:null} # not required. The path to a Certificate Authority (CA) certificate. This option, if used, must specify the same certificate as used by the server.
login_unix_socket: ${10:null} # not required. The path to a Unix domain socket for local connections.
login_password: ${11:null} # not required. The password used to authenticate with.
connect_timeout: ${12:30} # not required. The connection timeout when connecting to the MySQL server.
"""
'na_cdot_aggregate':
'prefix': "na_cdot_aggregate_snippet"
'description': "Manage NetApp cDOT aggregates."
'body': """
na_cdot_aggregate:
username: ${1:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
name: ${2:undefined} # required. The name of the aggregate to manage.
hostname: ${3:undefined} # required. The hostname or IP address of the ONTAP instance.
state: ${4|present,absent|} # required. choices: present;absent. Whether the specified aggregate should exist or not.
password: ${5:undefined} # required. Password for the specified user.
disk_count: ${6:undefined} # not required. Number of disks to place into the aggregate, including parity disks.,The disks in this newly-created aggregate come from the spare disk pool.,The smallest disks in this pool join the aggregate first, unless the C(disk-size) argument is provided.,Either C(disk-count) or C(disks) must be supplied. Range [0..2^31-1].,Required when C(state=present).
"""
'na_cdot_license':
'prefix': "na_cdot_license_snippet"
'description': "Manage NetApp cDOT protocol and feature licenses"
'body': """
na_cdot_license:
username: ${1:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
hostname: ${2:undefined} # required. The hostname or IP address of the ONTAP instance.
password: ${3:undefined} # required. Password for the specified user.
remove_unused: ${4|true,false|} # not required. choices: true;false. Remove licenses that have no controller affiliation in the cluster.
licenses: ${5:undefined} # not required. List of licenses to add or remove.,Please note that trying to remove a non-existent license will throw an error.
remove_expired: ${6|true,false|} # not required. choices: true;false. Remove licenses that have expired in the cluster.
serial_number: ${7:None} # not required. Serial number of the node associated with the license.,This parameter is used primarily when removing license for a specific service.,If this parameter is not provided, the cluster serial number is used by default.
"""
'na_cdot_lun':
'prefix': "na_cdot_lun_snippet"
'description': "Manage NetApp cDOT luns"
'body': """
na_cdot_lun:
username: ${1:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
name: ${2:undefined} # required. The name of the lun to manage.
hostname: ${3:undefined} # required. The hostname or IP address of the ONTAP instance.
vserver: ${4:undefined} # required. The name of the vserver to use.
state: ${5|present,absent|} # required. choices: present;absent. Whether the specified lun should exist or not.
password: ${6:undefined} # required. Password for the specified user.
force_remove: ${7:false} # not required. If \"true\", override checks that prevent a LUN from being destroyed if it is online and mapped.,If \"false\", destroying an online and mapped LUN will fail.
flexvol_name: ${8:undefined} # not required. The name of the FlexVol the lun should exist on.,Required when C(state=present).
size_unit: ${9|bytes,b,kb,mb,gb,tb,pb,eb,zb,yb|} # not required. choices: bytes;b;kb;mb;gb;tb;pb;eb;zb;yb. The unit used to interpret the size parameter.
force_resize: ${10:false} # not required. Forcibly reduce the size. This is required for reducing the size of the LUN to avoid accidentally reducing the LUN size.
force_remove_fenced: ${11:false} # not required. If \"true\", override checks that prevent a LUN from being destroyed while it is fenced.,If \"false\", attempting to destroy a fenced LUN will fail.,The default if not specified is \"false\". This field is available in Data ONTAP 8.2 and later.
size: ${12:undefined} # not required. The size of the lun in C(size_unit).,Required when C(state=present).
"""
'na_cdot_qtree':
'prefix': "na_cdot_qtree_snippet"
'description': "Manage qtrees"
'body': """
na_cdot_qtree:
username: ${1:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
name: ${2:undefined} # required. The name of the Qtree to manage.
hostname: ${3:undefined} # required. The hostname or IP address of the ONTAP instance.
vserver: ${4:undefined} # required. The name of the vserver to use.
state: ${5|present,absent|} # required. choices: present;absent. Whether the specified Qtree should exist or not.
password: ${6:undefined} # required. Password for the specified user.
flexvol_name: ${7:undefined} # not required. The name of the FlexVol the Qtree should exist on. Required when C(state=present).
"""
'na_cdot_svm':
'prefix': "na_cdot_svm_snippet"
'description': "Manage NetApp cDOT svm"
'body': """
na_cdot_svm:
username: ${1:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
name: ${2:undefined} # required. The name of the SVM to manage.
hostname: ${3:undefined} # required. The hostname or IP address of the ONTAP instance.
state: ${4|present,absent|} # required. choices: present;absent. Whether the specified SVM should exist or not.
password: ${5:undefined} # required. Password for the specified user.
root_volume_aggregate: ${6:undefined} # not required. The aggregate on which the root volume will be created.,Required when C(state=present).
root_volume_security_style: ${7|unix,ntfs,mixed,unified|} # not required. choices: unix;ntfs;mixed;unified. Security Style of the root volume.,When specified as part of the vserver-create, this field represents the security style for the Vserver root volume.,When specified as part of vserver-get-iter call, this will return the list of matching Vservers.,Possible values are 'unix', 'ntfs', 'mixed'.,The 'unified' security style, which applies only to Infinite Volumes, cannot be applied to a Vserver's root volume.,Valid options are \"unix\" for NFS, \"ntfs\" for CIFS, \"mixed\" for Mixed, \"unified\" for Unified.,Required when C(state=present)
root_volume: ${8:undefined} # not required. Root volume of the SVM. Required when C(state=present).
"""
'na_cdot_user':
'prefix': "na_cdot_user_snippet"
'description': "useradmin configuration and management"
'body': """
na_cdot_user:
vserver: ${1:undefined} # required. The name of the vserver to use.
application: ${2|console,http,ontapi,rsh,snmp,sp,ssh,telnet|} # required. choices: console;http;ontapi;rsh;snmp;sp;ssh;telnet. Applications to grant access to.
state: ${3|present,absent|} # required. choices: present;absent. Whether the specified user should exist or not.
name: ${4:undefined} # required. The name of the user to manage.
authentication_method: ${5|community,password,publickey,domain,nsswitch,usm|} # required. choices: community;password;publickey;domain;nsswitch;usm. Authentication method for the application.,Not all authentication methods are valid for an application.,Valid authentication methods for each application are as denoted in I(authentication_choices_description).,password for console application,password, domain, nsswitch, cert for http application.,password, domain, nsswitch, cert for ontapi application.,community for snmp application (when creating SNMPv1 and SNMPv2 users).,usm and community for snmp application (when creating SNMPv3 users).,password for sp application.,password for rsh application.,password for telnet application.,password, publickey, domain, nsswitch for ssh application.
username: ${6:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
password: ${7:undefined} # required. Password for the specified user.
hostname: ${8:undefined} # required. The hostname or IP address of the ONTAP instance.
role_name: ${9:undefined} # not required. The name of the role. Required when C(state=present)
set_password: ${10:None} # not required. Password for the user account.,It is ignored for creating snmp users, but is required for creating non-snmp users.,For an existing user, this value will be used as the new password.
"""
'na_cdot_user_role':
'prefix': "na_cdot_user_role_snippet"
'description': "useradmin configuration and management"
'body': """
na_cdot_user_role:
username: ${1:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
name: ${2:undefined} # required. The name of the role to manage.
hostname: ${3:undefined} # required. The hostname or IP address of the ONTAP instance.
vserver: ${4:undefined} # required. The name of the vserver to use.
state: ${5|present,absent|} # required. choices: present;absent. Whether the specified user should exist or not.
password: ${6:undefined} # required. Password for the specified user.
command_directory_name: ${7:undefined} # required. The command or command directory to which the role has an access.
access_level: ${8|none,readonly,all|} # not required. choices: none;readonly;all. The name of the role to manage.
"""
'na_cdot_volume':
'prefix': "na_cdot_volume_snippet"
'description': "Manage NetApp cDOT volumes"
'body': """
na_cdot_volume:
username: ${1:undefined} # required. This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation U(https://goo.gl/BRu78Z).
password: ${2:undefined} # required. Password for the specified user.
name: ${3:undefined} # required. The name of the volume to manage.
hostname: ${4:undefined} # required. The hostname or IP address of the ONTAP instance.
vserver: ${5:None} # required. Name of the vserver to use.
state: ${6|present,absent|} # required. choices: present;absent. Whether the specified volume should exist or not.
size_unit: ${7|bytes,b,kb,mb,gb,tb,pb,eb,zb,yb|} # not required. choices: bytes;b;kb;mb;gb;tb;pb;eb;zb;yb. The unit used to interpret the size parameter.
online: ${8|True,False|} # not required. choices: True;False. Whether the specified volume is online, or not.
infinite: ${9|True,False|} # not required. choices: True;False. Set True if the volume is an Infinite Volume.
aggregate_name: ${10:undefined} # not required. The name of the aggregate the flexvol should exist on. Required when C(state=present).
size: ${11:undefined} # not required. The size of the volume in (size_unit). Required when C(state=present).
"""
'nagios':
'prefix': "nagios_snippet"
'description': "Perform common tasks in Nagios related to downtime and notifications."
'body': """
nagios:
action: ${1|downtime,delete_downtime,enable_alerts,disable_alerts,silence,unsilence,silence_nagios,unsilence_nagios,command,servicegroup_service_downtime,servicegroup_host_downtime|} # required. choices: downtime;delete_downtime;enable_alerts;disable_alerts;silence;unsilence;silence_nagios;unsilence_nagios;command;servicegroup_service_downtime;servicegroup_host_downtime. Action to take.,servicegroup options were added in 2.0.,delete_downtime options were added in 2.2.
command: ${2:undefined} # required. The raw command to send to nagios, which should not include the submitted time header or the line-feed B(Required) option when using the C(command) action.
services: ${3:undefined} # required. What to manage downtime/alerts for. Separate multiple services with commas. C(service) is an alias for C(services). B(Required) option when using the C(downtime), C(enable_alerts), and C(disable_alerts) actions.
comment: ${4:Scheduling downtime} # not required. Comment for C(downtime) action.
servicegroup: ${5:undefined} # not required. The Servicegroup we want to set downtimes/alerts for. B(Required) option when using the C(servicegroup_service_downtime) amd C(servicegroup_host_downtime).
author: ${6:Ansible} # not required. Author to leave downtime comments as. Only usable with the C(downtime) action.
host: ${7:null} # not required. Host to operate on in Nagios.
minutes: ${8:30} # not required. Minutes to schedule downtime for.,Only usable with the C(downtime) action.
cmdfile: ${9:auto-detected} # not required. Path to the nagios I(command file) (FIFO pipe). Only required if auto-detection fails.
"""
'nclu':
'prefix': "nclu_snippet"
'description': "Configure network interfaces using NCLU"
'body': """
nclu:
commands: ${1:undefined} # not required. A list of strings containing the net commands to run. Mutually exclusive with I(template).
abort: ${2:false} # not required. Boolean. When true, perform a 'net abort' before the block. This cleans out any uncommitted changes in the buffer. Mutually exclusive with I(atomic).
description: ${3:Ansible-originated commit} # not required. Commit description that will be recorded to the commit log if I(commit) or I(atomic) are true.
template: ${4:undefined} # not required. A single, multi-line string with jinja2 formatting. This string will be broken by lines, and each line will be run through net. Mutually exclusive with I(commands).
commit: ${5:false} # not required. When true, performs a 'net commit' at the end of the block. Mutually exclusive with I(atomic).
atomic: ${6:false} # not required. When true, equivalent to both I(commit) and I(abort) being true. Mutually exclusive with I(commit) and I(atomic).
"""
'net_banner':
'prefix': "net_banner_snippet"
'description': "Manage multiline banners on network devices"
'body': """
net_banner:
banner: ${1|login,motd|} # required. choices: login;motd. Specifies which banner that should be configured on the remote device.
text: ${2:null} # not required. The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires I(state=present).
state: ${3|present,absent|} # not required. choices: present;absent. Specifies whether or not the configuration is present in the current devices active running configuration.
"""
'net_interface':
'prefix': "net_interface_snippet"
'description': "Manage Interface on network devices"
'body': """
net_interface:
name: ${1:undefined} # required. Name of the Interface.
rx_rate: ${2:undefined} # not required. Receiver rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
duplex: ${3|full,half,auto|} # not required. choices: full;half;auto. Interface link status
enabled: ${4:undefined} # not required. Configure interface link status.
mtu: ${5:undefined} # not required. Maximum size of transmit packet.
delay: ${6:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are I(state) with values C(up)/C(down), I(tx_rate) and I(rx_rate).
purge: ${7:false} # not required. Purge Interfaces not defined in the aggregate parameter. This applies only for logical interface.
state: ${8|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the Interface configuration, C(up) indicates present and operationally up and C(down) indicates present and operationally C(down)
aggregate: ${9:undefined} # not required. List of Interfaces definitions.
speed: ${10:undefined} # not required. Interface link speed.
tx_rate: ${11:undefined} # not required. Transmit rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
description: ${12:undefined} # not required. Description of Interface.
"""
'net_l2_interface':
'prefix': "net_l2_interface_snippet"
'description': "Manage Layer-2 interface on network devices"
'body': """
net_l2_interface:
native_vlan: ${1:undefined} # not required. Native VLAN to be configured in trunk port.
access_vlan: ${2:undefined} # not required. Configure given VLAN in access port.
name: ${3:undefined} # not required. Name of the interface excluding any logical unit number.
trunk_vlans: ${4:undefined} # not required. List of VLANs to be configured in trunk port.
state: ${5|present,absent|} # not required. choices: present;absent. State of the Layer-2 Interface configuration.
trunk_allowed_vlans: ${6:undefined} # not required. List of allowed VLAN's in a given trunk port.
mode: ${7|access,trunk|} # not required. choices: access;trunk. Mode in which interface needs to be configured.
aggregate: ${8:undefined} # not required. List of Layer-2 interface definitions.
"""
'net_l3_interface':
'prefix': "net_l3_interface_snippet"
'description': "Manage L3 interfaces on network devices"
'body': """
net_l3_interface:
purge: ${1:false} # not required. Purge L3 interfaces not defined in the I(aggregate) parameter.
state: ${2|present,absent|} # not required. choices: present;absent. State of the L3 interface configuration.
name: ${3:undefined} # not required. Name of the L3 interface.
ipv6: ${4:undefined} # not required. IPv6 of the L3 interface.
aggregate: ${5:undefined} # not required. List of L3 interfaces definitions
ipv4: ${6:undefined} # not required. IPv4 of the L3 interface.
"""
'net_linkagg':
'prefix': "net_linkagg_snippet"
'description': "Manage link aggregation groups on network devices"
'body': """
net_linkagg:
name: ${1:undefined} # required. Name of the link aggregation group.
members: ${2:undefined} # required. List of members interfaces of the link aggregation group. The value can be single interface or list of interfaces.
purge: ${3:false} # not required. Purge link aggregation groups not defined in the I(aggregate) parameter.
state: ${4|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the link aggregation group.
min_links: ${5:undefined} # not required. Minimum members that should be up before bringing up the link aggregation group.
aggregate: ${6:undefined} # not required. List of link aggregation definitions.
mode: ${7|on,active,passive|} # not required. choices: on;active;passive. Mode of the link aggregation group. A value of C(on) will enable LACP. C(active) configures the link to actively information about the state of the link, or it can be configured in C(passive) mode ie. send link state information only when received them from another link.
"""
'net_lldp':
'prefix': "net_lldp_snippet"
'description': "Manage LLDP service configuration on network devices"
'body': """
net_lldp:
state: ${1|present,absent|} # not required. choices: present;absent. State of the LLDP service configuration.
"""
'net_lldp_interface':
'prefix': "net_lldp_interface_snippet"
'description': "Manage LLDP interfaces configuration on network devices"
'body': """
net_lldp_interface:
aggregate: ${1:undefined} # not required. List of interfaces LLDP should be configured on.
purge: ${2:false} # not required. Purge interfaces not defined in the aggregate parameter.
state: ${3|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. State of the LLDP configuration.
name: ${4:undefined} # not required. Name of the interface LLDP should be configured on.
"""
'net_logging':
'prefix': "net_logging_snippet"
'description': "Manage logging on network devices"
'body': """
net_logging:
purge: ${1:false} # not required. Purge logging not defined in the I(aggregate) parameter.
aggregate: ${2:undefined} # not required. List of logging definitions.
state: ${3|present,absent|} # not required. choices: present;absent. State of the logging configuration.
name: ${4:undefined} # not required. If value of C(dest) is I(host) it indicates file-name the host name to be notified.
level: ${5:undefined} # not required. Set logging severity levels.
dest: ${6|console,host|} # not required. choices: console;host. Destination of the logs.
facility: ${7:undefined} # not required. Set logging facility.
"""
'net_ping':
'prefix': "net_ping_snippet"
'description': "Tests reachability using ping from a network device"
'body': """
net_ping:
dest: ${1:undefined} # required. The IP Address or hostname (resolvable by switch) of the remote node.
count: ${2:5} # not required. Number of packets to send.
state: ${3|absent,present|} # not required. choices: absent;present. Determines if the expected result is success or fail.
vrf: ${4:default} # not required. The VRF to use for forwarding.
source: ${5:null} # not required. The source IP Address.
"""
'net_static_route':
'prefix': "net_static_route_snippet"
'description': "Manage static IP routes on network appliances (routers, switches et. al.)"
'body': """
net_static_route:
next_hop: ${1:undefined} # required. Next hop IP of the static route.
mask: ${2:undefined} # required. Network prefix mask of the static route.
prefix: ${3:undefined} # required. Network prefix of the static route.
purge: ${4:false} # not required. Purge static routes not defined in the I(aggregate) parameter.
state: ${5|present,absent|} # not required. choices: present;absent. State of the static route configuration.
aggregate: ${6:undefined} # not required. List of static route definitions
admin_distance: ${7:undefined} # not required. Admin distance of the static route.
"""
'net_system':
'prefix': "net_system_snippet"
'description': "Manage the system attributes on network devices"
'body': """
net_system:
state: ${1|present,absent|} # not required. choices: present;absent. State of the configuration values in the device's current active configuration. When set to I(present), the values should be configured in the device active configuration and when set to I(absent) the values should not be in the device active configuration
lookup_source: ${2:undefined} # not required. Provides one or more source interfaces to use for performing DNS lookups. The interface provided in C(lookup_source) must be a valid interface configured on the device.
name_servers: ${3:undefined} # not required. List of DNS name servers by IP address to use to perform name resolution lookups. This argument accepts either a list of DNS servers See examples.
domain_search: ${4:undefined} # not required. Provides the list of domain suffixes to append to the hostname for the purpose of doing name resolution. This argument accepts a list of names and will be reconciled with the current active configuration on the running node.
hostname: ${5:undefined} # not required. Configure the device hostname parameter. This option takes an ASCII string value.
domain_name: ${6:undefined} # not required. Configure the IP domain name on the remote device to the provided value. Value should be in the dotted name form and will be appended to the C(hostname) to create a fully-qualified domain name.
"""
'net_user':
'prefix': "net_user_snippet"
'description': "Manage the aggregate of local users on network device"
'body': """
net_user:
update_password: ${1|on_create,always|} # not required. choices: on_create;always. Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to C(always), the password will always be updated in the device and when set to C(on_create) the password will be updated only if the username is created.
configured_password: ${2:undefined} # not required. The password to be configured on the remote network device. The password needs to be provided in clear and it will be encrypted on the device. Please note that this option is not same as C(provider password).
aggregate: ${3:undefined} # not required. The set of username objects to be configured on the remote network device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the C(name) argument.
name: ${4:undefined} # not required. The username to be configured on the remote network device. This argument accepts a string value and is mutually exclusive with the C(aggregate) argument. Please note that this option is not same as C(provider username).
purge: ${5:false} # not required. Instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user (the current defined set of users).
privilege: ${6:undefined} # not required. The C(privilege) argument configures the privilege level of the user when logged into the system. This argument accepts integer values in the range of 1 to 15.
state: ${7|present,absent|} # not required. choices: present;absent. Configures the state of the username definition as it relates to the device operational configuration. When set to I(present), the username(s) should be configured in the device active configuration and when set to I(absent) the username(s) should not be in the device active configuration
role: ${8:undefined} # not required. Configures the role for the username in the device running configuration. The argument accepts a string value defining the role name. This argument does not check if the role has been configured on the device.
nopassword: ${9:undefined} # not required. Defines the username without assigning a password. This will allow the user to login to the system without being authenticated by a password.
sshkey: ${10:undefined} # not required. Specifies the SSH public key to configure for the given username. This argument accepts a valid SSH key value.
"""
'net_vlan':
'prefix': "net_vlan_snippet"
'description': "Manage VLANs on network devices"
'body': """
net_vlan:
purge: ${1:false} # not required. Purge VLANs not defined in the I(aggregate) parameter.
state: ${2|present,absent,active,suspend|} # not required. choices: present;absent;active;suspend. State of the VLAN configuration.
name: ${3:undefined} # not required. Name of the VLAN.
aggregate: ${4:undefined} # not required. List of VLANs definitions.
interfaces: ${5:undefined} # not required. List of interfaces the VLAN should be configured on.
vlan_id: ${6:undefined} # not required. ID of the VLAN.
"""
'net_vrf':
'prefix': "net_vrf_snippet"
'description': "Manage VRFs on network devices"
'body': """
net_vrf:
aggregate: ${1:undefined} # not required. List of VRFs definitions
purge: ${2:false} # not required. Purge VRFs not defined in the I(aggregate) parameter.
interfaces: ${3:undefined} # not required. List of interfaces the VRF should be configured on.
name: ${4:undefined} # not required. Name of the VRF.
state: ${5|present,absent|} # not required. choices: present;absent. State of the VRF configuration.
"""
'netact_cm_command':
'prefix': "netact_cm_command_snippet"
'description': "Manage network configuration data in Nokia Core and Radio networks"
'body': """
netact_cm_command:
operation: ${1|upload,provision,import,export,Provision_Mass_Modification|} # required. choices: upload;provision;import;export;Provision_Mass_Modification. Supported operations allow user to upload actual configuration from the network, to import and provision prepared plans, or export reference or actual configuration for planning purposes. Provision_Mass_Modification enables provisioning the same parameters to multiple network elements. This operation supports modifications only to one object class at a time. With this option NetAct Configurator creates and provisions a plan to the network with the given scope and options.
DN: ${2:undefined} # not required. Sets the exact scope of the operation in form of a list of managed object Distinguished Names (DN) in the network. A single DN or a list of DNs can be given (comma separated list without spaces). Alternatively, if DN or a list of DNs is not given, working set (WS) or Maintenance Region (MR) must be provided as parameter to set the scope of operation.
planName: ${3:undefined} # not required. Specifies a plan name.
verbose: ${4:undefined} # not required. NetAct Configurator will print more info
opsName: ${5:undefined} # not required. user specified operation name
fileName: ${6:undefined} # not required. Specifies a file name. Valid for Import and Export operations.
typeOption: ${7|plan,actual,reference,template,siteTemplate|} # not required. choices: plan;actual;reference;template;siteTemplate. Specifies the type of the export operation.
WS: ${8:undefined} # not required. Sets the scope of the operation to use one or more pre-defined working sets (WS) in NetAct. A working set contains network elements selected by user according to defined criteria. A single WS name, or multiple WSs can be provided (comma-separated list without spaces). Alternatively, if a WS name or a list of WSs is not given, Distinguished Name (DN) or Maintenance Region(MR) must be provided as parameter to set the scope of operation.
MR: ${9:undefined} # not required. Sets the scope of the operation to network elements assigned to a Maintenance Region (MR) Value can be set as MR IDs including the Maintenance Region Collection (MRC) information (for example MRC-FIN1/MR-Hel). Multiple MRs can be given (comma-separated list without spaces) The value of this parameter is searched through MR IDs under given MRC. If there is no match, then it is searched from all MR names. Alternatively, if MR ID or a list or MR IDs is not given, Distinguished Name (DN) or Working Set (WS) must be provided as parameter to set the scope of operation.
extra_opts: ${10:undefined} # not required. Extra options to be set for operations. Check Configuration Management > Configuration Management Operating Procedures > Command Line Operations in Nokia NetAct user documentation for further information for extra options.
createBackupPlan: ${11:undefined} # not required. Specifies if backup plan generation is enabled.
backupPlanName: ${12:undefined} # not required. Specifies a backup plan name
fileFormat: ${13|RAML2,CSV,XLSX|} # not required. choices: RAML2;CSV;XLSX. Indicates file format.
inputFile: ${14:undefined} # not required. Specifies full path to plan file location for the import operation. This parameter (inputFile) or the fileName parameter must be filled. If both are present then the inputFile is used.
"""
'netapp_e_amg':
'prefix': "netapp_e_amg_snippet"
'description': "Create, Remove, and Update Asynchronous Mirror Groups"
'body': """
netapp_e_amg:
name: ${1:undefined} # required. The name of the async array you wish to target, or create.,If C(state) is present and the name isn't found, it will attempt to create.
secondaryArrayId: ${2:undefined} # required. The ID of the secondary array to be used in mirroing process
api_password: ${3:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${4:undefined} # required. A C(state) of present will either create or update the async mirror group.,A C(state) of absent will remove the async mirror group.
api_username: ${5:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${6:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
ssid: ${7:undefined} # required. The ID of the array to manage. This value must be unique for each array.
syncIntervalMinutes: ${8:10} # not required. The synchronization interval in minutes
recoveryWarnThresholdMinutes: ${9:20} # not required. Recovery point warning threshold (minutes). The user will be warned when the age of the last good failures point exceeds this value
repoUtilizationWarnThreshold: ${10:80} # not required. Recovery point warning threshold
interfaceType: ${11|iscsi,fibre|} # not required. choices: iscsi;fibre. The intended protocol to use if both Fibre and iSCSI are available.
manualSync: ${12:false} # not required. Setting this to true will cause other synchronization values to be ignored
syncWarnThresholdMinutes: ${13:10} # not required. The threshold (in minutes) for notifying the user that periodic synchronization has taken too long to complete.
validate_certs: ${14:true} # not required. Should https certificates be validated?
"""
'netapp_e_amg_role':
'prefix': "netapp_e_amg_role_snippet"
'description': "Update the role of a storage array within an Asynchronous Mirror Group (AMG)."
'body': """
netapp_e_amg_role:
ssid: ${1:undefined} # required. The ID of the primary storage array for the async mirror action
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
role: ${3|primary,secondary|} # required. choices: primary;secondary. Whether the array should be the primary or secondary array for the AMG
api_username: ${4:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${5:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
force: ${6:false} # not required. Whether to force the role reversal regardless of the online-state of the primary
validate_certs: ${7:true} # not required. Should https certificates be validated?
noSync: ${8|true,false|} # not required. choices: true;false. Whether to avoid synchronization prior to role reversal
"""
'netapp_e_amg_sync':
'prefix': "netapp_e_amg_sync_snippet"
'description': "Conduct synchronization actions on asynchronous mirror groups."
'body': """
netapp_e_amg_sync:
api_password: ${1:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${2|running,suspended|} # required. choices: running;suspended. The synchronization action you'd like to take.,If C(running) then it will begin syncing if there is no active sync or will resume a suspended sync. If there is already a sync in progress, it will return with an OK status.,If C(suspended) it will suspend any ongoing sync action, but return OK if there is no active sync or if the sync is already suspended
api_username: ${3:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${4:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
name: ${5:undefined} # required. The name of the async mirror group you wish to target
ssid: ${6:undefined} # not required. The ID of the storage array containing the AMG you wish to target
delete_recovery_point: ${7|true,false|} # not required. choices: true;false. Indicates whether the failures point can be deleted on the secondary if necessary to achieve the synchronization.,If true, and if the amount of unsynchronized data exceeds the CoW repository capacity on the secondary for any member volume, the last failures point will be deleted and synchronization will continue.,If false, the synchronization will be suspended if the amount of unsynchronized data exceeds the CoW Repository capacity on the secondary and the failures point will be preserved.,NOTE: This only has impact for newly launched syncs.
validate_certs: ${8:true} # not required. Should https certificates be validated?
"""
'netapp_e_auth':
'prefix': "netapp_e_auth_snippet"
'description': "Sets or updates the password for a storage array."
'body': """
netapp_e_auth:
new_password: ${1:undefined} # required. The password you would like to set. Cannot be more than 30 characters.
ssid: ${2:undefined} # not required. the identifier of the storage array in the Web Services Proxy.
name: ${3:undefined} # not required. The name of the storage array. Note that if more than one storage array with this name is detected, the task will fail and you'll have to use the ID instead.
api_password: ${4:undefined} # not required. The password used to authenticate against the API,This can optionally be set via an environment variable, API_PASSWORD
current_password: ${5:undefined} # not required. The current admin password. This is not required if the password hasn't been set before.
api_username: ${6:undefined} # not required. The username used to authenticate against the API,This can optionally be set via an environment variable, API_USERNAME
validate_certs: ${7:true} # not required. Should https certificates be validated?
set_admin: ${8:false} # not required. Boolean value on whether to update the admin password. If set to false then the RO account is updated.
api_url: ${9:undefined} # not required. The full API url.,Example: http://ENDPOINT:8080/devmgr/v2,This can optionally be set via an environment variable, API_URL
"""
'netapp_e_facts':
'prefix': "netapp_e_facts_snippet"
'description': "Get facts about NetApp E-Series arrays"
'body': """
netapp_e_facts:
api_password: ${1:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_username: ${2:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
ssid: ${3:undefined} # required. The ID of the array to manage. This value must be unique for each array.
api_url: ${4:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
validate_certs: ${5:true} # not required. Should https certificates be validated?
"""
'netapp_e_flashcache':
'prefix': "netapp_e_flashcache_snippet"
'description': "Manage NetApp SSD caches"
'body': """
netapp_e_flashcache:
ssid: ${1:undefined} # required. The ID of the array to manage (as configured on the web services proxy).
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${3|present,absent|} # required. choices: present;absent. Whether the specified SSD cache should exist or not.
api_username: ${4:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${5:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
name: ${6:undefined} # required. The name of the SSD cache to manage
cache_size_min: ${7:undefined} # not required. The minimum size (in size_units) of the ssd cache. The cache will be expanded if this exceeds the current size of the cache.
io_type: ${8|filesystem,database,media|} # not required. choices: filesystem;database;media. The type of workload to optimize the cache for.
disk_count: ${9:undefined} # not required. The minimum number of disks to use for building the cache. The cache will be expanded if this number exceeds the number of disks already in place
size_unit: ${10|bytes,b,kb,mb,gb,tb,pb,eb,zb,yb|} # not required. choices: bytes;b;kb;mb;gb;tb;pb;eb;zb;yb. The unit to be applied to size arguments
validate_certs: ${11:true} # not required. Should https certificates be validated?
"""
'netapp_e_host':
'prefix': "netapp_e_host_snippet"
'description': "manage eseries hosts"
'body': """
netapp_e_host:
name: ${1:undefined} # required. If the host doesn't yet exist, the label to assign at creation time.,If the hosts already exists, this is what is used to identify the host to apply any desired changes
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_username: ${3:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${4:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
host_type_index: ${5:undefined} # required. The index that maps to host type you wish to create. It is recommended to use the M(netapp_e_facts) module to gather this information. Alternatively you can use the WSP portal to retrieve the information.
ssid: ${6:undefined} # required. The ID of the array to manage. This value must be unique for each array.
group: ${7:undefined} # not required. the group you want the host to be a member of
validate_certs: ${8:true} # not required. Should https certificates be validated?
ports: ${9:undefined} # not required. a list of of dictionaries of host ports you wish to associate with the newly created host
"""
'netapp_e_hostgroup':
'prefix': "netapp_e_hostgroup_snippet"
'description': "Manage NetApp Storage Array Host Groups"
'body': """
netapp_e_hostgroup:
ssid: ${1:undefined} # required. The ID of the array to manage (as configured on the web services proxy).
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${3|present,absent|} # required. choices: present;absent. Whether the specified host group should exist or not.
api_username: ${4:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${5:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
new_name: ${6:undefined} # not required. specify this when you need to update the name of a host group
hosts: ${7:undefined} # not required. a list of host names/labels to add to the group
validate_certs: ${8:true} # not required. Should https certificates be validated?
id: ${9:undefined} # not required. The id number of the host group to manage. Either this or C(name) must be supplied.
name: ${10:undefined} # not required. The name of the host group to manage. Either this or C(id_num) must be supplied.
"""
'netapp_e_lun_mapping':
'prefix': "netapp_e_lun_mapping_snippet"
'description': "Create or Remove LUN Mappings"
'body': """
netapp_e_lun_mapping:
api_username: ${1:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${3|present,absent|} # required. choices: present;absent. Present will ensure the mapping exists, absent will remove the mapping.,All parameters I(lun), I(target), I(target_type) and I(volume_name) must still be supplied.
volume_name: ${4:undefined} # required. The name of the volume you wish to include in the mapping.
api_url: ${5:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
ssid: ${6:undefined} # required. The ID of the array to manage. This value must be unique for each array.
target: ${7:undefined} # not required. The name of host or hostgroup you wish to assign to the mapping,If omitted, the default hostgroup is used.,If the supplied I(volume_name) is associated with a different target, it will be updated to what is supplied here.
target_type: ${8|host,group|} # not required. choices: host;group. Whether the target is a host or group.,Required if supplying an explicit target.
validate_certs: ${9:true} # not required. Should https certificates be validated?
lun: ${10:0} # not required. The LUN number you wish to give the mapping,If the supplied I(volume_name) is associated with a different LUN, it will be updated to what is supplied here.
"""
'netapp_e_snapshot_group':
'prefix': "netapp_e_snapshot_group_snippet"
'description': "Manage snapshot groups"
'body': """
netapp_e_snapshot_group:
api_password: ${1:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
name: ${2:undefined} # required. The name to give the snapshot group
state: ${3|present,absent|} # required. choices: present;absent. Whether to ensure the group is present or absent.
storage_pool_name: ${4:undefined} # required. The name of the storage pool on which to allocate the repository volume.
api_username: ${5:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
base_volume_name: ${6:undefined} # required. The name of the base volume or thin volume to use as the base for the new snapshot group.,If a snapshot group with an identical C(name) already exists but with a different base volume an error will be returned.
api_url: ${7:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
repo_pct: ${8:20} # not required. The size of the repository in relation to the size of the base volume
warning_threshold: ${9:80} # not required. The repository utilization warning threshold, as a percentage of the repository volume capacity.
rollback_priority: ${10|highest,high,medium,low,lowest,__UNDEFINED|} # not required. choices: highest;high;medium;low;lowest;__UNDEFINED. The importance of the rollback operation.,This value is overridden by consistency group setting if this snapshot group is associated with a consistency group
delete_limit: ${11:30} # not required. The automatic deletion indicator.,If non-zero, the oldest snapshot image will be automatically deleted when creating a new snapshot image to keep the total number of snapshot images limited to the number specified.,This value is overridden by the consistency group setting if this snapshot group is associated with a consistency group.
full_policy: ${12|purgepit,unknown,failbasewrites,__UNDEFINED|} # not required. choices: purgepit;unknown;failbasewrites;__UNDEFINED. The behavior on when the data repository becomes full.,This value is overridden by consistency group setting if this snapshot group is associated with a consistency group
validate_certs: ${13:true} # not required. Should https certificates be validated?
"""
'netapp_e_snapshot_images':
'prefix': "netapp_e_snapshot_images_snippet"
'description': "Create and delete snapshot images"
'body': """
netapp_e_snapshot_images:
state: ${1|create,remove|} # required. choices: create;remove. Whether a new snapshot image should be created or oldest be deleted.
api_url: ${2:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
snapshot_group: ${3:undefined} # required. The name of the snapshot group in which you want to create a snapshot image.
api_username: ${4:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_password: ${5:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
validate_certs: ${6:true} # not required. Should https certificates be validated?
"""
'netapp_e_snapshot_volume':
'prefix': "netapp_e_snapshot_volume_snippet"
'description': "Manage E/EF-Series snapshot volumes."
'body': """
netapp_e_snapshot_volume:
snapshot_image_id: ${1:undefined} # required. The identifier of the snapshot image used to create the new snapshot volume.,Note: You'll likely want to use the M(netapp_e_facts) module to find the ID of the image you want.
ssid: ${2:undefined} # required. storage array ID
api_password: ${3:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
view_mode: ${4|modeUnknown,readWrite,readOnly,__UNDEFINED|} # required. choices: modeUnknown;readWrite;readOnly;__UNDEFINED. The snapshot volume access mode
state: ${5|absent,present|} # required. choices: absent;present. Whether to create or remove the snapshot volume
storage_pool_name: ${6:undefined} # required. Name of the storage pool on which to allocate the repository volume.
api_username: ${7:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${8:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
name: ${9:undefined} # required. The name you wish to give the snapshot volume
repo_percentage: ${10:20} # not required. The size of the view in relation to the size of the base volume
full_threshold: ${11:85} # not required. The repository utilization warning threshold percentage
validate_certs: ${12:true} # not required. Should https certificates be validated?
"""
'netapp_e_storage_system':
'prefix': "netapp_e_storage_system_snippet"
'description': "Add/remove arrays from the Web Services Proxy"
'body': """
netapp_e_storage_system:
ssid: ${1:undefined} # required. The ID of the array to manage. This value must be unique for each array.
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_username: ${3:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${4|present,absent|} # required. choices: present;absent. Whether the specified array should be configured on the Web Services Proxy or not.
api_url: ${5:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
controller_addresses: ${6:undefined} # required. The list addresses for the out-of-band management adapter or the agent host. Mutually exclusive of array_wwn parameter.
meta_tags: ${7:None} # not required. Optional meta tags to associate to this storage system
array_wwn: ${8:undefined} # not required. The WWN of the array to manage. Only necessary if in-band managing multiple arrays on the same agent host. Mutually exclusive of controller_addresses parameter.
array_password: ${9:undefined} # not required. The management password of the array to manage, if set.
enable_trace: ${10:false} # not required. Enable trace logging for SYMbol calls to the storage system.
validate_certs: ${11:true} # not required. Should https certificates be validated?
"""
'netapp_e_storagepool':
'prefix': "netapp_e_storagepool_snippet"
'description': "Manage disk groups and disk pools"
'body': """
netapp_e_storagepool:
name: ${1:undefined} # required. The name of the storage pool to manage
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
raid_level: ${3|raidAll,raid0,raid1,raid3,raid5,raid6,raidDiskPool|} # required. choices: raidAll;raid0;raid1;raid3;raid5;raid6;raidDiskPool. Only required when the requested state is 'present'. The RAID level of the storage pool to be created.
api_url: ${4:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
state: ${5|present,absent|} # required. choices: present;absent. Whether the specified storage pool should exist or not.,Note that removing a storage pool currently requires the removal of all defined volumes first.
api_username: ${6:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
ssid: ${7:undefined} # required. The ID of the array to manage. This value must be unique for each array.
criteria_size_unit: ${8|bytes,b,kb,mb,gb,tb,pb,eb,zb,yb|} # not required. choices: bytes;b;kb;mb;gb;tb;pb;eb;zb;yb. The unit used to interpret size parameters
criteria_drive_require_fde: ${9:undefined} # not required. Whether full disk encryption ability is required for drives to be added to the storage pool
criteria_min_usable_capacity: ${10:undefined} # not required. The minimum size of the storage pool (in size_unit). The pool will be expanded if this value exceeds itscurrent size.
erase_secured_drives: ${11|true,false|} # not required. choices: true;false. Whether to erase secured disks before adding to storage pool
secure_pool: ${12|true,false|} # not required. choices: true;false. Whether to convert to a secure storage pool. Will only work if all drives in the pool are security capable.
criteria_drive_min_size: ${13:undefined} # not required. The minimum individual drive size (in size_unit) to consider when choosing drives for the storage pool.
remove_volumes: ${14:false} # not required. Prior to removing a storage pool, delete all volumes in the pool.
criteria_drive_type: ${15|hdd,ssd|} # not required. choices: hdd;ssd. The type of disk (hdd or ssd) to use when searching for candidates to use.
criteria_drive_count: ${16:undefined} # not required. The number of disks to use for building the storage pool. The pool will be expanded if this number exceeds the number of disks already in place
criteria_drive_interface_type: ${17|sas,sas4k,fibre,fibre520b,scsi,sata,pata|} # not required. choices: sas;sas4k;fibre;fibre520b;scsi;sata;pata. The interface type to use when selecting drives for the storage pool (no value means all interface types will be considered)
validate_certs: ${18:true} # not required. Should https certificates be validated?
reserve_drive_count: ${19:undefined} # not required. Set the number of drives reserved by the storage pool for reconstruction operations. Only valide on raid disk pools.
"""
'netapp_e_volume':
'prefix': "netapp_e_volume_snippet"
'description': "Manage storage volumes (standard and thin)"
'body': """
netapp_e_volume:
ssid: ${1:undefined} # required. The ID of the array to manage. This value must be unique for each array.
name: ${2:undefined} # required. The name of the volume to manage
api_password: ${3:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${4|present,absent|} # required. choices: present;absent. Whether the specified volume should exist or not.
storage_pool_name: ${5:undefined} # required. Required only when requested state is 'present'. The name of the storage pool the volume should exist on.
api_username: ${6:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
api_url: ${7:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API.
thin_volume_repo_size: ${8:undefined} # required. Initial size of the thin volume repository volume (in size_unit)
size: ${9:undefined} # required. Required only when state = 'present'. The size of the volume in (size_unit).
segment_size_kb: ${10:512} # not required. The segment size of the new volume
ssd_cache_enabled: ${11|yes,no,true,false|} # not required. choices: yes;no;true;false. Whether an existing SSD cache should be enabled on the volume (fails if no SSD cache defined)
data_assurance_enabled: ${12:false} # not required. If data assurance should be enabled for the volume
thin_provision: ${13|yes,no,true,false|} # not required. choices: yes;no;true;false. Whether the volume should be thin provisioned. Thin volumes can only be created on disk pools (raidDiskPool).
size_unit: ${14|bytes,b,kb,mb,gb,tb,pb,eb,zb,yb|} # not required. choices: bytes;b;kb;mb;gb;tb;pb;eb;zb;yb. The unit used to interpret the size parameter
thin_volume_max_repo_size: ${15:same as size (in size_unit)} # not required. Maximum size that the thin volume repository volume will automatically expand to
validate_certs: ${16:true} # not required. Should https certificates be validated?
"""
'netapp_e_volume_copy':
'prefix': "netapp_e_volume_copy_snippet"
'description': "Create volume copy pairs"
'body': """
netapp_e_volume_copy:
api_url: ${1:undefined} # required. The url to the SANtricity WebServices Proxy or embedded REST API, for example C(https://prod-1.wahoo.acme.com/devmgr/v2).
api_password: ${2:undefined} # required. The password to authenticate with the SANtricity WebServices Proxy or embedded REST API.
state: ${3|present,absent|} # required. choices: present;absent. Whether the specified volume copy pair should exist or not.
api_username: ${4:undefined} # required. The username to authenticate with the SANtricity WebServices Proxy or embedded REST API.
ssid: ${5:undefined} # required. The ID of the array to manage. This value must be unique for each array.
create_copy_pair_if_does_not_exist: ${6|true,false|} # not required. choices: true;false. Defines if a copy pair will be created if it does not exist.,If set to True destination_volume_id and source_volume_id are required.
search_volume_id: ${7:undefined} # not required. Searches for all valid potential target and source volumes that could be used in a copy_pair,Mutually exclusive with volume_copy_pair_id, destination_volume_id and source_volume_id
source_volume_id: ${8:undefined} # not required. The id of the volume copy source.,If used, must be paired with destination_volume_id,Mutually exclusive with volume_copy_pair_id, and search_volume_id
destination_volume_id: ${9:undefined} # not required. The id of the volume copy destination.,If used, must be paired with source_volume_id,Mutually exclusive with volume_copy_pair_id, and search_volume_id
volume_copy_pair_id: ${10:undefined} # not required. The id of a given volume copy pair,Mutually exclusive with destination_volume_id, source_volume_id, and search_volume_id,Can use to delete or check presence of volume pairs,Must specify this or (destination_volume_id and source_volume_id)
start_stop_copy: ${11:undefined} # not required. starts a re-copy or stops a copy in progress,Note: If you stop the initial file copy before it it done the copy pair will be destroyed,Requires volume_copy_pair_id
validate_certs: ${12:true} # not required. Should https certificates be validated?
"""
'netconf_config':
'prefix': "netconf_config_snippet"
'description': "netconf device configuration"
'body': """
netconf_config:
username: ${1:undefined} # required. the username to authenticate with
host: ${2:undefined} # required. the hostname or ip address of the netconf device
password: ${3:undefined} # required. password of the user to authenticate with
xml: ${4:undefined} # not required. the XML content to send to the device
save: ${5:false} # not required. The C(save) argument instructs the module to save the running- config to the startup-config if changed.
allow_agent: ${6:true} # not required. if true, enables querying SSH agent (if found) for keys,if false, disables querying the SSH agent for ssh keys
src: ${7:undefined} # not required. Specifies the source path to the xml file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(xml).
look_for_keys: ${8:true} # not required. if true, enables looking in the usual locations for ssh keys (e.g. ~/.ssh/id_*),if false, disables looking for ssh keys
hostkey_verify: ${9:true} # not required. if true, the ssh host key of the device must match a ssh key present on the host,if false, the ssh host key of the device is not checked
datastore: ${10:auto} # not required. auto, uses candidate and fallback to running,candidate, edit <candidate/> datastore and then commit,running, edit <running/> datastore directly
port: ${11:830} # not required. the netconf port
"""
'netscaler':
'prefix': "netscaler_snippet"
'description': "Manages Citrix NetScaler entities"
'body': """
netscaler:
name: ${1:hostname} # required. Name of the entity.
nsc_host: ${2:undefined} # required. Hostname or ip of your netscaler.
user: ${3:undefined} # required. Username.
password: ${4:undefined} # required. Password.
type: ${5|server,service|} # not required. choices: server;service. Type of the entity.
nsc_protocol: ${6:https} # not required. Protocol used to access netscaler.
action: ${7|disable,enable|} # not required. choices: disable;enable. The action you want to perform on the entity.
validate_certs: ${8:yes} # not required. If C(no), SSL certificates for the target url will not be validated.,This should only be used on personally controlled sites using self-signed certificates.
"""
'netscaler_cs_action':
'prefix': "netscaler_cs_action_snippet"
'description': "Manage content switching actions"
'body': """
netscaler_cs_action:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
comment: ${4:undefined} # not required. Comments associated with this cs action.
name: ${5:undefined} # not required. Name for the content switching action. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space C( ), colon C(:), at sign C(@), equal sign C(=), and hyphen C(-) characters. Can be changed after the content switching action is created.
save_config: ${6:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
state: ${7|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
targetlbvserver: ${8:undefined} # not required. Name of the load balancing virtual server to which the content is switched.
nitro_protocol: ${9|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
targetvserver: ${10:undefined} # not required. Name of the VPN virtual server to which the content is switched.
validate_certs: ${11:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
nitro_timeout: ${12:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
targetvserverexpr: ${13:undefined} # not required. Information about this content switching action.
"""
'netscaler_cs_policy':
'prefix': "netscaler_cs_policy_snippet"
'description': "Manage content switching policy"
'body': """
netscaler_cs_policy:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
policyname: ${4:undefined} # not required. Name for the content switching policy. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore, hash C(#), period C(.), space C( ), colon C(:), at sign C(@), equal sign C(=), and hyphen C(-) characters. Cannot be changed after a policy is created.,The following requirement applies only to the NetScaler CLI:,If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, my policy or my policy).,Minimum length = 1
domain: ${5:undefined} # not required. The domain name. The string value can range to 63 characters.,Minimum length = 1
url: ${6:undefined} # not required. URL string that is matched with the URL of a request. Can contain a wildcard character. Specify the string value in the following format: C([[prefix] [*]] [.suffix]).,Minimum length = 1,Maximum length = 208
save_config: ${7:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
state: ${8|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
rule: ${9:undefined} # not required. Expression, or name of a named expression, against which traffic is evaluated. Written in the classic or default syntax.,Note:,Maximum length of a string literal in the expression is 255 characters. A longer string can be split into smaller strings of up to 255 characters each, and the smaller strings concatenated with the + operator. For example, you can create a 500-character string as follows: '\"<string of 255 characters>\" + \"<string of 245 characters>\""
nitro_protocol: ${10|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
action: ${11:undefined} # not required. Content switching action that names the target load balancing virtual server to which the traffic is switched.
validate_certs: ${12:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
nitro_timeout: ${13:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
"""
'netscaler_cs_vserver':
'prefix': "netscaler_cs_vserver_snippet"
'description': "Manage content switching vserver"
'body': """
netscaler_cs_vserver:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
comment: ${4:undefined} # not required. Information about this virtual server.
oracleserverversion: ${5|10G,11G|} # not required. choices: 10G;11G. Oracle server version.
precedence: ${6|RULE,URL|} # not required. choices: RULE;URL. Type of precedence to use for both RULE-based and URL-based policies on the content switching virtual server. With the default C(RULE) setting, incoming requests are evaluated against the rule-based content switching policies. If none of the rules match, the URL in the request is evaluated against the URL-based content switching policies.
domainname: ${7:undefined} # not required. Domain name for which to change the time to live (TTL) and/or backup service IP address.,Minimum length = 1
backupvserver: ${8:undefined} # not required. Name of the backup virtual server that you are configuring. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space C( ), colon C(:), at sign C(@), equal sign C(=), and hyphen C(-) characters. Can be changed after the backup virtual server is created. You can assign a different backup virtual server or rename the existing virtual server.,Minimum length = 1
rtspnat: ${9:undefined} # not required. Enable network address translation (NAT) for real-time streaming protocol (RTSP) connections.
nitro_timeout: ${10:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
backupip: ${11:undefined} # not required. .,Minimum length = 1
disabled: ${12:no} # not required. When set to C(yes) the cs vserver will be disabled.,When set to C(no) the cs vserver will be enabled.,Note that due to limitations of the underlying NITRO API a C(disabled) state change alone does not cause the module result to report a changed status.
nitro_protocol: ${13|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
mysqlprotocolversion: ${14:undefined} # not required. The protocol version returned by the mysql vserver.
listenpolicy: ${15:undefined} # not required. String specifying the listen policy for the content switching virtual server. Can be either the name of an existing expression or an in-line expression.
ssl_certkey: ${16:undefined} # not required. The name of the ssl certificate that is bound to this service.,The ssl certificate must already exist.,Creating the certificate can be done with the M(netscaler_ssl_certkey) module.,This option is only applicable only when C(servicetype) is C(SSL).
icmpvsrresponse: ${17|PASSIVE,ACTIVE|} # not required. choices: PASSIVE;ACTIVE. Can be active or passive.
ttl: ${18:undefined} # not required. .,Minimum value = C(1)
redirecturl: ${19:undefined} # not required. URL to which traffic is redirected if the virtual server becomes unavailable. The service type of the virtual server should be either C(HTTP) or C(SSL).,Caution: Make sure that the domain in the URL does not match the domain specified for a content switching policy. If it does, requests are continuously redirected to the unavailable virtual server.,Minimum length = 1
ipmask: ${20:undefined} # not required. IP mask, in dotted decimal notation, for the IP Pattern parameter. Can have leading or trailing non-zero octets (for example, C(255.255.240.0) or C(0.0.255.255)). Accordingly, the mask specifies whether the first n bits or the last n bits of the destination IP address in a client request are to be matched with the corresponding bits in the IP pattern. The former is called a forward mask. The latter is called a reverse mask.
authnprofile: ${21:undefined} # not required. Name of the authentication profile to be used when authentication is turned on.
redirectportrewrite: ${22|enabled,disabled|} # not required. choices: enabled;disabled. State of port rewrite while performing HTTP redirect.
port: ${23:undefined} # not required. Port number for content switching virtual server.,Minimum value = 1,Range C(1) - C(65535),* in CLI is represented as 65535 in NITRO API
clttimeout: ${24:undefined} # not required. Idle time, in seconds, after which the client connection is terminated. The default values are:,Minimum value = C(0),Maximum value = C(31536000)
authenticationhost: ${25:undefined} # not required. FQDN of the authentication virtual server. The service type of the virtual server should be either C(HTTP) or C(SSL).,Minimum length = 3,Maximum length = 252
servicetype: ${26|HTTP,SSL,TCP,FTP,RTSP,SSL_TCP,UDP,DNS,SIP_UDP,SIP_TCP,SIP_SSL,ANY,RADIUS,RDP,MYSQL,MSSQL,DIAMETER,SSL_DIAMETER,DNS_TCP,ORACLE,SMPP|} # not required. choices: HTTP;SSL;TCP;FTP;RTSP;SSL_TCP;UDP;DNS;SIP_UDP;SIP_TCP;SIP_SSL;ANY;RADIUS;RDP;MYSQL;MSSQL;DIAMETER;SSL_DIAMETER;DNS_TCP;ORACLE;SMPP. Protocol used by the virtual server.
insertvserveripport: ${27|OFF,VIPADDR,V6TOV4MAPPING|} # not required. choices: OFF;VIPADDR;V6TOV4MAPPING. Insert the virtual server's VIP address and port number in the request header. Available values function as follows:,C(VIPADDR) - Header contains the vserver's IP address and port number without any translation.,C(OFF) - The virtual IP and port header insertion option is disabled.,C(V6TOV4MAPPING) - Header contains the mapped IPv4 address corresponding to the IPv6 address of the vserver and the port number. An IPv6 address can be mapped to a user-specified IPv4 address using the set ns ip6 command.
sopersistence: ${28|enabled,disabled|} # not required. choices: enabled;disabled. Maintain source-IP based persistence on primary and backup virtual servers.
mysqlservercapabilities: ${29:undefined} # not required. The server capabilities returned by the mysql vserver.
mysqlserverversion: ${30:undefined} # not required. The server version string returned by the mysql vserver.,Minimum length = 1,Maximum length = 31
mysqlcharacterset: ${31:undefined} # not required. The character set returned by the mysql vserver.
authn401: ${32:undefined} # not required. Enable HTTP 401-response based authentication.
vipheader: ${33:undefined} # not required. Name of virtual server IP and port header, for use with the VServer IP Port Insertion parameter.,Minimum length = 1
pushvserver: ${34:undefined} # not required. Name of the load balancing virtual server, of type C(PUSH) or C(SSL_PUSH), to which the server pushes updates received on the client-facing load balancing virtual server.,Minimum length = 1
authentication: ${35:undefined} # not required. Authenticate users who request a connection to the content switching virtual server.
authnvsname: ${36:undefined} # not required. Name of authentication virtual server that authenticates the incoming user requests to this content switching virtual server. .,Minimum length = 1,Maximum length = 252
netprofile: ${37:undefined} # not required. The name of the network profile.,Minimum length = 1,Maximum length = 127
pushmulticlients: ${38:undefined} # not required. Allow multiple Web 2.0 connections from the same client to connect to the virtual server and expect updates.
td: ${39:undefined} # not required. Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.,Minimum value = 0,Maximum value = 4094
mssqlserverversion: ${40|70,2000,2000SP1,2005,2008,2008R2,2012,2014|} # not required. choices: 70;2000;2000SP1;2005;2008;2008R2;2012;2014. The version of the MSSQL server.
lbvserver: ${41:undefined} # not required. The default Load Balancing virtual server.
httpprofilename: ${42:undefined} # not required. Name of the HTTP profile containing HTTP configuration settings for the virtual server. The service type of the virtual server should be either C(HTTP) or C(SSL).,Minimum length = 1,Maximum length = 127
rhistate: ${43|PASSIVE,ACTIVE|} # not required. choices: PASSIVE;ACTIVE. A host route is injected according to the setting on the virtual servers,* If set to C(PASSIVE) on all the virtual servers that share the IP address, the appliance always injects the hostroute.,* If set to C(ACTIVE) on all the virtual servers that share the IP address, the appliance injects even if one virtual server is UP.,* If set to C(ACTIVE) on some virtual servers and C(PASSIVE) on the others, the appliance, injects even if one virtual server set to C(ACTIVE) is UP.
targettype: ${44|GSLB|} # not required. choices: GSLB. Virtual server target type.
state: ${45|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
save_config: ${46:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
sothreshold: ${47:undefined} # not required. Depending on the spillover method, the maximum number of connections or the maximum total bandwidth (Kbps) that a virtual server can handle before spillover occurs.,Minimum value = C(1),Maximum value = C(4294967287)
cookietimeout: ${48:undefined} # not required. .,Minimum value = C(0),Maximum value = C(1440)
appflowlog: ${49|enabled,disabled|} # not required. choices: enabled;disabled. Enable logging appflow flow information.
sobackupaction: ${50|DROP,ACCEPT,REDIRECT|} # not required. choices: DROP;ACCEPT;REDIRECT. Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists.
dbprofilename: ${51:undefined} # not required. Name of the DB profile.,Minimum length = 1,Maximum length = 127
cookiedomain: ${52:undefined} # not required. .,Minimum length = 1
cacheable: ${53:undefined} # not required. Use this option to specify whether a virtual server, used for load balancing or content switching, routes requests to the cache redirection virtual server before sending it to the configured servers.
l2conn: ${54:undefined} # not required. Use L2 Parameters to identify a connection.
ipv46: ${55:undefined} # not required. IP address of the content switching virtual server.,Minimum length = 1
name: ${56:undefined} # not required. Name for the content switching virtual server. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space, colon C(:), at sign C(@), equal sign C(=), and hyphen C(-) characters.,Cannot be changed after the CS virtual server is created.,Minimum length = 1
ippattern: ${57:undefined} # not required. IP address pattern, in dotted decimal notation, for identifying packets to be accepted by the virtual server. The IP Mask parameter specifies which part of the destination IP address is matched against the pattern. Mutually exclusive with the IP Address parameter.,For example, if the IP pattern assigned to the virtual server is C(198.51.100.0) and the IP mask is C(255.255.240.0) (a forward mask), the first 20 bits in the destination IP addresses are matched with the first 20 bits in the pattern. The virtual server accepts requests with IP addresses that range from 198.51.96.1 to 198.51.111.254. You can also use a pattern such as C(0.0.2.2) and a mask such as C(0.0.255.255) (a reverse mask).,If a destination IP address matches more than one IP pattern, the pattern with the longest match is selected, and the associated virtual server processes the request. For example, if the virtual servers, C(vs1) and C(vs2), have the same IP pattern, C(0.0.100.128), but different IP masks of C(0.0.255.255) and C(0.0.224.255), a destination IP address of 198.51.100.128 has the longest match with the IP pattern of C(vs1). If a destination IP address matches two or more virtual servers to the same extent, the request is processed by the virtual server whose port number matches the port number in the request.
disableprimaryondown: ${58|enabled,disabled|} # not required. choices: enabled;disabled. Continue forwarding the traffic to backup virtual server even after the primary server comes UP from the DOWN state.
validate_certs: ${59:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
tcpprofilename: ${60:undefined} # not required. Name of the TCP profile containing TCP configuration settings for the virtual server.,Minimum length = 1,Maximum length = 127
downstateflush: ${61|enabled,disabled|} # not required. choices: enabled;disabled. Flush all active transactions associated with a virtual server whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
sitedomainttl: ${62:undefined} # not required. .,Minimum value = C(1)
pushlabel: ${63:undefined} # not required. Expression for extracting the label from the response received from server. This string can be either an existing rule name or an inline expression. The service type of the virtual server should be either C(HTTP) or C(SSL).
sopersistencetimeout: ${64:undefined} # not required. Time-out value, in minutes, for spillover persistence.,Minimum value = C(2),Maximum value = C(1440)
casesensitive: ${65:undefined} # not required. Consider case in URLs (for policies that use URLs instead of RULES). For example, with the C(on) setting, the URLs /a/1.html and /A/1.HTML are treated differently and can have different targets (set by content switching policies). With the C(off) setting, /a/1.html and /A/1.HTML are switched to the same target.
range: ${66:undefined} # not required. Number of consecutive IP addresses, starting with the address specified by the IP Address parameter, to include in a range of addresses assigned to this virtual server.,Minimum value = C(1),Maximum value = C(254)
somethod: ${67|CONNECTION,DYNAMICCONNECTION,BANDWIDTH,HEALTH,NONE|} # not required. choices: CONNECTION;DYNAMICCONNECTION;BANDWIDTH;HEALTH;NONE. Type of spillover used to divert traffic to the backup virtual server when the primary virtual server reaches the spillover threshold. Connection spillover is based on the number of connections. Bandwidth spillover is based on the total Kbps of incoming and outgoing traffic.
push: ${68|enabled,disabled|} # not required. choices: enabled;disabled. Process traffic with the push virtual server that is bound to this content switching virtual server (specified by the Push VServer parameter). The service type of the push virtual server should be either C(HTTP) or C(SSL).
stateupdate: ${69|enabled,disabled|} # not required. choices: enabled;disabled. Enable state updates for a specific content switching virtual server. By default, the Content Switching virtual server is always UP, regardless of the state of the Load Balancing virtual servers bound to it. This parameter interacts with the global setting as follows:,Global Level | Vserver Level | Result,enabled enabled enabled,enabled disabled enabled,disabled enabled enabled,disabled disabled disabled,If you want to enable state updates for only some content switching virtual servers, be sure to disable the state update parameter.
dnsprofilename: ${70:undefined} # not required. Name of the DNS profile to be associated with the VServer. DNS profile properties will applied to the transactions processed by a VServer. This parameter is valid only for DNS and DNS-TCP VServers.,Minimum length = 1,Maximum length = 127
"""
'netscaler_gslb_service':
'prefix': "netscaler_gslb_service_snippet"
'description': "Manage gslb service entities in Netscaler."
'body': """
netscaler_gslb_service:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
comment: ${4:undefined} # not required. Any comments that you might want to associate with the GSLB service.
cnameentry: ${5:undefined} # not required. Canonical name of the GSLB service. Used in CNAME-based GSLB.,Minimum length = 1
appflowlog: ${6|enabled,disabled|} # not required. choices: enabled;disabled. Enable logging appflow flow information.
servername: ${7:undefined} # not required. Name of the server hosting the GSLB service.,Minimum length = 1
save_config: ${8:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
hashid: ${9:undefined} # not required. Unique hash identifier for the GSLB service, used by hash based load balancing methods.,Minimum value = C(1)
nitro_protocol: ${10|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
servicename: ${11:undefined} # not required. Name for the GSLB service. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space, colon C(:), at C(@), equals C(=), and hyphen C(-) characters. Can be changed after the GSLB service is created.,,Minimum length = 1
sitepersistence: ${12|ConnectionProxy,HTTPRedirect,NONE|} # not required. choices: ConnectionProxy;HTTPRedirect;NONE. Use cookie-based site persistence. Applicable only to C(HTTP) and C(SSL) GSLB services.
monitor_bindings: ${13:undefined} # not required. Bind monitors to this gslb service
maxbandwidth: ${14:undefined} # not required. Integer specifying the maximum bandwidth allowed for the service. A GSLB service whose bandwidth reaches the maximum is not considered when a GSLB decision is made, until its bandwidth consumption drops below the maximum.
publicport: ${15:undefined} # not required. The public port associated with the GSLB service's public IP address. The port is mapped to the service's private port number. Applicable to the local GSLB service. Optional.
port: ${16:undefined} # not required. Port on which the load balancing entity represented by this GSLB service listens.,Minimum value = 1,Range 1 - 65535,* in CLI is represented as 65535 in NITRO API
clttimeout: ${17:undefined} # not required. Idle time, in seconds, after which a client connection is terminated. Applicable if connection proxy based site persistence is used.,Minimum value = 0,Maximum value = 31536000
state: ${18|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
servicetype: ${19|HTTP,FTP,TCP,UDP,SSL,SSL_BRIDGE,SSL_TCP,NNTP,ANY,SIP_UDP,SIP_TCP,SIP_SSL,RADIUS,RDP,RTSP,MYSQL,MSSQL,ORACLE|} # not required. choices: HTTP;FTP;TCP;UDP;SSL;SSL_BRIDGE;SSL_TCP;NNTP;ANY;SIP_UDP;SIP_TCP;SIP_SSL;RADIUS;RDP;RTSP;MYSQL;MSSQL;ORACLE. Type of service to create.
monthreshold: ${20:undefined} # not required. Monitoring threshold value for the GSLB service. If the sum of the weights of the monitors that are bound to this GSLB service and are in the UP state is not equal to or greater than this threshold value, the service is marked as DOWN.,Minimum value = C(0),Maximum value = C(65535)
maxaaausers: ${21:undefined} # not required. Maximum number of SSL VPN users that can be logged on concurrently to the VPN virtual server that is represented by this GSLB service. A GSLB service whose user count reaches the maximum is not considered when a GSLB decision is made, until the count drops below the maximum.,Minimum value = C(0),Maximum value = C(65535)
maxclient: ${22:undefined} # not required. The maximum number of open connections that the service can support at any given time. A GSLB service whose connection count reaches the maximum is not considered when a GSLB decision is made, until the connection count drops below the maximum.,Minimum value = C(0),Maximum value = C(4294967294)
sitename: ${23:undefined} # not required. Name of the GSLB site to which the service belongs.,Minimum length = 1
ipaddress: ${24:undefined} # not required. IP address for the GSLB service. Should represent a load balancing, content switching, or VPN virtual server on the NetScaler appliance, or the IP address of another load balancing device.
downstateflush: ${25|enabled,disabled|} # not required. choices: enabled;disabled. Flush all active transactions associated with the GSLB service when its state transitions from UP to DOWN. Do not enable this option for services that must complete their transactions. Applicable if connection proxy based site persistence is used.
cipheader: ${26:undefined} # not required. Name for the HTTP header that stores the client's IP address. Used with the Client IP option. If client IP header insertion is enabled on the service and a name is not specified for the header, the NetScaler appliance uses the name specified by the cipHeader parameter in the set ns param command or, in the GUI, the Client IP Header parameter in the Configure HTTP Parameters dialog box.,Minimum length = 1
siteprefix: ${27:undefined} # not required. The site's prefix string. When the service is bound to a GSLB virtual server, a GSLB site domain is generated internally for each bound service-domain pair by concatenating the site prefix of the service and the name of the domain. If the special string NONE is specified, the site-prefix string is unset. When implementing HTTP redirect site persistence, the NetScaler appliance redirects GSLB requests to GSLB services by using their site domains.
publicip: ${28:undefined} # not required. The public IP address that a NAT device translates to the GSLB service's private IP address. Optional.
cip: ${29|enabled,disabled|} # not required. choices: enabled;disabled. In the request that is forwarded to the GSLB service, insert a header that stores the client's IP address. Client IP header insertion is used in connection-proxy based site persistence.
healthmonitor: ${30:undefined} # not required. Monitor the health of the GSLB service.
validate_certs: ${31:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
nitro_timeout: ${32:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
"""
'netscaler_gslb_site':
'prefix': "netscaler_gslb_site_snippet"
'description': "Manage gslb site entities in Netscaler."
'body': """
netscaler_gslb_site:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
publicip: ${4:undefined} # not required. Public IP address for the local site. Required only if the appliance is deployed in a private address space and the site has a public IP address hosted on an external firewall or a NAT device.,Minimum length = 1
siteipaddress: ${5:undefined} # not required. IP address for the GSLB site. The GSLB site uses this IP address to communicate with other GSLB sites. For a local site, use any IP address that is owned by the appliance (for example, a SNIP or MIP address, or the IP address of the ADNS service).,Minimum length = 1
metricexchange: ${6|enabled,disabled|} # not required. choices: enabled;disabled. Exchange metrics with other sites. Metrics are exchanged by using Metric Exchange Protocol (MEP). The appliances in the GSLB setup exchange health information once every second.,If you disable metrics exchange, you can use only static load balancing methods (such as round robin, static proximity, or the hash-based methods), and if you disable metrics exchange when a dynamic load balancing method (such as least connection) is in operation, the appliance falls back to round robin. Also, if you disable metrics exchange, you must use a monitor to determine the state of GSLB services. Otherwise, the service is marked as DOWN.
nwmetricexchange: ${7|enabled,disabled|} # not required. choices: enabled;disabled. Exchange, with other GSLB sites, network metrics such as round-trip time (RTT), learned from communications with various local DNS (LDNS) servers used by clients. RTT information is used in the dynamic RTT load balancing method, and is exchanged every 5 seconds.
sitename: ${8:undefined} # not required. Name for the GSLB site. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space C( ), colon C(:), at C(@), equals C(=), and hyphen C(-) characters. Cannot be changed after the virtual server is created.,Minimum length = 1
sitetype: ${9|REMOTE,LOCAL|} # not required. choices: REMOTE;LOCAL. Type of site to create. If the type is not specified, the appliance automatically detects and sets the type on the basis of the IP address being assigned to the site. If the specified site IP address is owned by the appliance (for example, a MIP address or SNIP address), the site is a local site. Otherwise, it is a remote site.
save_config: ${10:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
sessionexchange: ${11|enabled,disabled|} # not required. choices: enabled;disabled. Exchange persistent session entries with other GSLB sites every five seconds.
state: ${12|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
publicclip: ${13:undefined} # not required. IP address to be used to globally access the remote cluster when it is deployed behind a NAT. It can be same as the normal cluster IP address.
naptrreplacementsuffix: ${14:undefined} # not required. The naptr replacement suffix configured here will be used to construct the naptr replacement field in NAPTR record.,Minimum length = 1
nitro_protocol: ${15|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
parentsite: ${16:undefined} # not required. Parent site of the GSLB site, in a parent-child topology.
clip: ${17:undefined} # not required. Cluster IP address. Specify this parameter to connect to the remote cluster site for GSLB auto-sync. Note: The cluster IP address is defined when creating the cluster.
triggermonitor: ${18|ALWAYS,MEPDOWN,MEPDOWN_SVCDOWN|} # not required. choices: ALWAYS;MEPDOWN;MEPDOWN_SVCDOWN. Specify the conditions under which the GSLB service must be monitored by a monitor, if one is bound. Available settings function as follows:,* C(ALWAYS) - Monitor the GSLB service at all times.,* C(MEPDOWN) - Monitor the GSLB service only when the exchange of metrics through the Metrics Exchange Protocol (MEP) is disabled.,C(MEPDOWN_SVCDOWN) - Monitor the service in either of the following situations:,* The exchange of metrics through MEP is disabled.,* The exchange of metrics through MEP is enabled but the status of the service, learned through metrics exchange, is DOWN.
validate_certs: ${19:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
nitro_timeout: ${20:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
"""
'netscaler_gslb_vserver':
'prefix': "netscaler_gslb_vserver_snippet"
'description': "Configure gslb vserver entities in Netscaler."
'body': """
netscaler_gslb_vserver:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
comment: ${4:undefined} # not required. Any comments that you might want to associate with the GSLB virtual server.
save_config: ${5:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
sothreshold: ${6:undefined} # not required. Threshold at which spillover occurs. Specify an integer for the CONNECTION spillover method, a bandwidth value in kilobits per second for the BANDWIDTH method (do not enter the units), or a percentage for the HEALTH method (do not enter the percentage symbol).,Minimum value = C(1),Maximum value = C(4294967287)
sopersistence: ${7|enabled,disabled|} # not required. choices: enabled;disabled. If spillover occurs, maintain source IP address based persistence for both primary and backup GSLB virtual servers.
appflowlog: ${8|enabled,disabled|} # not required. choices: enabled;disabled. Enable logging appflow flow information.
persistenceid: ${9:undefined} # not required. The persistence ID for the GSLB virtual server. The ID is a positive integer that enables GSLB sites to identify the GSLB virtual server, and is required if source IP address based or spill over based persistence is enabled on the virtual server.,Minimum value = C(0),Maximum value = C(65535)
sobackupaction: ${10|DROP,ACCEPT,REDIRECT|} # not required. choices: DROP;ACCEPT;REDIRECT. Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists.
domain_bindings: ${11:undefined} # not required. List of bindings for domains for this glsb vserver.
dnsrecordtype: ${12|A,AAAA,CNAME,NAPTR|} # not required. choices: A;AAAA;CNAME;NAPTR. DNS record type to associate with the GSLB virtual server's domain name.,Default value: A,Possible values = A, AAAA, CNAME, NAPTR
disabled: ${13:false} # not required. When set to C(yes) the GSLB Vserver state will be set to C(disabled).,When set to C(no) the GSLB Vserver state will be set to C(enabled).,Note that due to limitations of the underlying NITRO API a C(disabled) state change alone does not cause the module result to report a changed status.
considereffectivestate: ${14|NONE,STATE_ONLY|} # not required. choices: NONE;STATE_ONLY. If the primary state of all bound GSLB services is DOWN, consider the effective states of all the GSLB services, obtained through the Metrics Exchange Protocol (MEP), when determining the state of the GSLB virtual server. To consider the effective state, set the parameter to STATE_ONLY. To disregard the effective state, set the parameter to NONE.,The effective state of a GSLB service is the ability of the corresponding virtual server to serve traffic. The effective state of the load balancing virtual server, which is transferred to the GSLB service, is UP even if only one virtual server in the backup chain of virtual servers is in the UP state.
netmask: ${15:undefined} # not required. IPv4 network mask for use in the SOURCEIPHASH load balancing method.,Minimum length = 1
state: ${16|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
v6netmasklen: ${17:undefined} # not required. Number of bits to consider, in an IPv6 source IP address, for creating the hash that is required by the C(SOURCEIPHASH) load balancing method.,Default value: C(128),Minimum value = C(1),Maximum value = C(128)
nitro_protocol: ${18|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
servicetype: ${19|HTTP,FTP,TCP,UDP,SSL,SSL_BRIDGE,SSL_TCP,NNTP,ANY,SIP_UDP,SIP_TCP,SIP_SSL,RADIUS,RDP,RTSP,MYSQL,MSSQL,ORACLE|} # not required. choices: HTTP;FTP;TCP;UDP;SSL;SSL_BRIDGE;SSL_TCP;NNTP;ANY;SIP_UDP;SIP_TCP;SIP_SSL;RADIUS;RDP;RTSP;MYSQL;MSSQL;ORACLE. Protocol used by services bound to the virtual server.,
persistencetype: ${20|SOURCEIP,NONE|} # not required. choices: SOURCEIP;NONE. Use source IP address based persistence for the virtual server.,After the load balancing method selects a service for the first packet, the IP address received in response to the DNS query is used for subsequent requests from the same client.
name: ${21:undefined} # not required. Name for the GSLB virtual server. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space, colon C(:), at C(@), equals C(=), and hyphen C(-) characters. Can be changed after the virtual server is created.,Minimum length = 1
disableprimaryondown: ${22|enabled,disabled|} # not required. choices: enabled;disabled. Continue to direct traffic to the backup chain even after the primary GSLB virtual server returns to the UP state. Used when spillover is configured for the virtual server.
backuplbmethod: ${23|ROUNDROBIN,LEASTCONNECTION,LEASTRESPONSETIME,SOURCEIPHASH,LEASTBANDWIDTH,LEASTPACKETS,STATICPROXIMITY,RTT,CUSTOMLOAD|} # not required. choices: ROUNDROBIN;LEASTCONNECTION;LEASTRESPONSETIME;SOURCEIPHASH;LEASTBANDWIDTH;LEASTPACKETS;STATICPROXIMITY;RTT;CUSTOMLOAD. Backup load balancing method. Becomes operational if the primary load balancing method fails or cannot be used. Valid only if the primary method is based on either round-trip time (RTT) or static proximity.
dynamicweight: ${24|SERVICECOUNT,SERVICEWEIGHT,DISABLED|} # not required. choices: SERVICECOUNT;SERVICEWEIGHT;DISABLED. Specify if the appliance should consider the service count, service weights, or ignore both when using weight-based load balancing methods. The state of the number of services bound to the virtual server help the appliance to select the service.
somethod: ${25|CONNECTION,DYNAMICCONNECTION,BANDWIDTH,HEALTH,NONE|} # not required. choices: CONNECTION;DYNAMICCONNECTION;BANDWIDTH;HEALTH;NONE. Type of threshold that, when exceeded, triggers spillover. Available settings function as follows:,* C(CONNECTION) - Spillover occurs when the number of client connections exceeds the threshold.,* C(DYNAMICCONNECTION) - Spillover occurs when the number of client connections at the GSLB virtual server exceeds the sum of the maximum client (Max Clients) settings for bound GSLB services. Do not specify a spillover threshold for this setting, because the threshold is implied by the Max Clients settings of the bound GSLB services.,* C(BANDWIDTH) - Spillover occurs when the bandwidth consumed by the GSLB virtual server's incoming and outgoing traffic exceeds the threshold.,* C(HEALTH) - Spillover occurs when the percentage of weights of the GSLB services that are UP drops below the threshold. For example, if services gslbSvc1, gslbSvc2, and gslbSvc3 are bound to a virtual server, with weights 1, 2, and 3, and the spillover threshold is 50%, spillover occurs if gslbSvc1 and gslbSvc3 or gslbSvc2 and gslbSvc3 transition to DOWN.,* C(NONE) - Spillover does not occur.
service_bindings: ${26:undefined} # not required. List of bindings for gslb services bound to this gslb virtual server.
nitro_timeout: ${27:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
sopersistencetimeout: ${28:undefined} # not required. Timeout for spillover persistence, in minutes.,Default value: C(2),Minimum value = C(2),Maximum value = C(1440)
validate_certs: ${29:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
persistmask: ${30:undefined} # not required. The optional IPv4 network mask applied to IPv4 addresses to establish source IP address based persistence.,Minimum length = 1
timeout: ${31:undefined} # not required. Idle time, in minutes, after which a persistence entry is cleared.,Default value: C(2),Minimum value = C(2),Maximum value = C(1440)
v6persistmasklen: ${32:undefined} # not required. Number of bits to consider in an IPv6 source IP address when creating source IP address based persistence sessions.,Default value: C(128),Minimum value = C(1),Maximum value = C(128)
mir: ${33|enabled,disabled|} # not required. choices: enabled;disabled. Include multiple IP addresses in the DNS responses sent to clients.
tolerance: ${34:undefined} # not required. Site selection tolerance, in milliseconds, for implementing the RTT load balancing method. If a site's RTT deviates from the lowest RTT by more than the specified tolerance, the site is not considered when the NetScaler appliance makes a GSLB decision. The appliance implements the round robin method of global server load balancing between sites whose RTT values are within the specified tolerance. If the tolerance is 0 (zero), the appliance always sends clients the IP address of the site with the lowest RTT.,Minimum value = C(0),Maximum value = C(100)
lbmethod: ${35|ROUNDROBIN,LEASTCONNECTION,LEASTRESPONSETIME,SOURCEIPHASH,LEASTBANDWIDTH,LEASTPACKETS,STATICPROXIMITY,RTT,CUSTOMLOAD|} # not required. choices: ROUNDROBIN;LEASTCONNECTION;LEASTRESPONSETIME;SOURCEIPHASH;LEASTBANDWIDTH;LEASTPACKETS;STATICPROXIMITY;RTT;CUSTOMLOAD. Load balancing method for the GSLB virtual server.,Default value: LEASTCONNECTION,Possible values = ROUNDROBIN, LEASTCONNECTION, LEASTRESPONSETIME, SOURCEIPHASH, LEASTBANDWIDTH, LEASTPACKETS, STATICPROXIMITY, RTT, CUSTOMLOAD
"""
'netscaler_lb_monitor':
'prefix': "netscaler_lb_monitor_snippet"
'description': "Manage load balancing monitors"
'body': """
netscaler_lb_monitor:
nitro_user: ${1:undefined} # required. The username with which to authenticate to the netscaler node.
nsip: ${2:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
lasversion: ${4:undefined} # not required. Version number of the Citrix Advanced Access Control Logon Agent. Required by the C(CITRIX-AAC-LAS) monitor.
secure: ${5:undefined} # not required. Use a secure SSL connection when monitoring a service. Applicable only to TCP based monitors. The secure option cannot be used with a C(CITRIX-AG) monitor, because a CITRIX-AG monitor uses a secure connection by default.
radnasip: ${6:undefined} # not required. Network Access Server (NAS) IP address to use as the source IP address when monitoring a RADIUS server. Applicable to monitors of type C(RADIUS) and C(RADIUS_ACCOUNTING).
Snmpoid: ${7:undefined} # not required. SNMP OID for C(SNMP) monitors.,Minimum length = 1
storefrontacctservice: ${8:undefined} # not required. Enable/Disable probing for Account Service. Applicable only to Store Front monitors. For multi-tenancy configuration users my skip account service.
radnasid: ${9:undefined} # not required. NAS-Identifier to send in the Access-Request packet. Applicable to monitors of type C(RADIUS).,Minimum length = 1
firmwarerevision: ${10:undefined} # not required. Firmware-Revision value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
ipaddress: ${11:undefined} # not required. Set of IP addresses expected in the monitoring response from the DNS server, if the record type is A or AAAA. Applicable to C(DNS) monitors.,Minimum length = 1
query: ${12:undefined} # not required. Domain name to resolve as part of monitoring the DNS service (for example, C(example.com)).
storedb: ${13|enabled,disabled|} # not required. choices: enabled;disabled. Store the database list populated with the responses to monitor probes. Used in database specific load balancing if C(MSSQL-ECV)/C(MYSQL-ECV) monitor is configured.
vendorid: ${14:undefined} # not required. Vendor-Id value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
authapplicationid: ${15:undefined} # not required. List of Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring CER message.,Minimum value = C(0),Maximum value = C(4294967295)
group: ${16:undefined} # not required. Name of a newsgroup available on the NNTP service that is to be monitored. The appliance periodically generates an NNTP query for the name of the newsgroup and evaluates the response. If the newsgroup is found on the server, the service is marked as UP. If the newsgroup does not exist or if the search fails, the service is marked as DOWN. Applicable to NNTP monitors.,Minimum length = 1
tos: ${17:undefined} # not required. Probe the service by encoding the destination IP address in the IP TOS (6) bits.
maxforwards: ${18:undefined} # not required. Maximum number of hops that the SIP request used for monitoring can traverse to reach the server. Applicable only to monitors of type C(SIP-UDP).,Minimum value = C(0),Maximum value = C(255)
send: ${19:undefined} # not required. String to send to the service. Applicable to C(TCP-ECV), C(HTTP-ECV), and C(UDP-ECV) monitors.
sipreguri: ${20:undefined} # not required. SIP user to be registered. Applicable only if the monitor is of type C(SIP-UDP) and the SIP Method parameter is set to C(REGISTER).,Minimum length = 1
rtsprequest: ${21:undefined} # not required. RTSP request to send to the server (for example, C(\"OPTIONS *\")).
trofscode: ${22:undefined} # not required. Code expected when the server is under maintenance.
successretries: ${23:undefined} # not required. Number of consecutive successful probes required to transition a service's state from DOWN to UP.,Minimum value = C(1),Maximum value = C(32)
iptunnel: ${24:undefined} # not required. Send the monitoring probe to the service through an IP tunnel. A destination IP address must be specified.
monitorname: ${25:undefined} # not required. Name for the monitor. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore, hash C(#), period C(.), space C( ), colon C(:), at C(@), equals C(=), and hyphen C(-) characters.,Minimum length = 1
nitro_timeout: ${26:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
units1: ${27|SEC,MSEC,MIN|} # not required. choices: SEC;MSEC;MIN. Unit of measurement for the Deviation parameter. Cannot be changed after the monitor is created.
units3: ${28|SEC,MSEC,MIN|} # not required. choices: SEC;MSEC;MIN. monitor interval units.
units2: ${29|SEC,MSEC,MIN|} # not required. choices: SEC;MSEC;MIN. Unit of measurement for the Down Time parameter. Cannot be changed after the monitor is created.
units4: ${30|SEC,MSEC,MIN|} # not required. choices: SEC;MSEC;MIN. monitor response timeout units.
scriptargs: ${31:undefined} # not required. String of arguments for the script. The string is copied verbatim into the request.
destport: ${32:undefined} # not required. TCP or UDP port to which to send the probe. If the parameter is set to 0, the port number of the service to which the monitor is bound is considered the destination port. For a monitor of type C(USER), however, the destination port is the port number that is included in the HTTP request sent to the dispatcher. Does not apply to monitors of type C(PING).
resptimeout: ${33:undefined} # not required. Amount of time for which the appliance must wait before it marks a probe as FAILED. Must be less than the value specified for the Interval parameter.,Note: For C(UDP-ECV) monitors for which a receive string is not configured, response timeout does not apply. For C(UDP-ECV) monitors with no receive string, probe failure is indicated by an ICMP port unreachable error received from the service.,Minimum value = C(1),Maximum value = C(20939)
downtime: ${34:undefined} # not required. Time duration for which to wait before probing a service that has been marked as DOWN. Expressed in milliseconds, seconds, or minutes.,Minimum value = C(1),Maximum value = C(20939)
password: ${35:undefined} # not required. Password that is required for logging on to the C(RADIUS), C(NNTP), C(FTP), C(FTP-EXTENDED), C(MYSQL), C(MSSQL), C(POP3), C(CITRIX-AG), C(CITRIX-XD-DDC), C(CITRIX-WI-EXTENDED), C(CITRIX-XNC-ECV) or C(CITRIX-XDM) server. Used in conjunction with the user name specified for the C(username) parameter.,Minimum length = 1
transparent: ${36:undefined} # not required. The monitor is bound to a transparent device such as a firewall or router. The state of a transparent device depends on the responsiveness of the services behind it. If a transparent device is being monitored, a destination IP address must be specified. The probe is sent to the specified IP address by using the MAC address of the transparent device.
retries: ${37:undefined} # not required. Maximum number of probes to send to establish the state of a service for which a monitoring probe failed.,Minimum value = C(1),Maximum value = C(127)
failureretries: ${38:undefined} # not required. Number of retries that must fail, out of the number specified for the Retries parameter, for a service to be marked as DOWN. For example, if the Retries parameter is set to 10 and the Failure Retries parameter is set to 6, out of the ten probes sent, at least six probes must fail if the service is to be marked as DOWN. The default value of 0 means that all the retries must fail if the service is to be marked as DOWN.,Minimum value = C(0),Maximum value = C(32)
snmpthreshold: ${39:undefined} # not required. Threshold for C(SNMP) monitors.,Minimum length = 1
nitro_protocol: ${40|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
radkey: ${41:undefined} # not required. Authentication key (shared secret text string) for RADIUS clients and servers to exchange. Applicable to monitors of type C(RADIUS) and C(RADIUS_ACCOUNTING).,Minimum length = 1
type: ${42|PING,TCP,HTTP,TCP-ECV,HTTP-ECV,UDP-ECV,DNS,FTP,LDNS-PING,LDNS-TCP,LDNS-DNS,RADIUS,USER,HTTP-INLINE,SIP-UDP,SIP-TCP,LOAD,FTP-EXTENDED,SMTP,SNMP,NNTP,MYSQL,MYSQL-ECV,MSSQL-ECV,ORACLE-ECV,LDAP,POP3,CITRIX-XML-SERVICE,CITRIX-WEB-INTERFACE,DNS-TCP,RTSP,ARP,CITRIX-AG,CITRIX-AAC-LOGINPAGE,CITRIX-AAC-LAS,CITRIX-XD-DDC,ND6,CITRIX-WI-EXTENDED,DIAMETER,RADIUS_ACCOUNTING,STOREFRONT,APPC,SMPP,CITRIX-XNC-ECV,CITRIX-XDM,CITRIX-STA-SERVICE,CITRIX-STA-SERVICE-NHOP|} # not required. choices: PING;TCP;HTTP;TCP-ECV;HTTP-ECV;UDP-ECV;DNS;FTP;LDNS-PING;LDNS-TCP;LDNS-DNS;RADIUS;USER;HTTP-INLINE;SIP-UDP;SIP-TCP;LOAD;FTP-EXTENDED;SMTP;SNMP;NNTP;MYSQL;MYSQL-ECV;MSSQL-ECV;ORACLE-ECV;LDAP;POP3;CITRIX-XML-SERVICE;CITRIX-WEB-INTERFACE;DNS-TCP;RTSP;ARP;CITRIX-AG;CITRIX-AAC-LOGINPAGE;CITRIX-AAC-LAS;CITRIX-XD-DDC;ND6;CITRIX-WI-EXTENDED;DIAMETER;RADIUS_ACCOUNTING;STOREFRONT;APPC;SMPP;CITRIX-XNC-ECV;CITRIX-XDM;CITRIX-STA-SERVICE;CITRIX-STA-SERVICE-NHOP. Type of monitor that you want to create.
database: ${43:undefined} # not required. Name of the database to connect to during authentication.,Minimum length = 1
snmpcommunity: ${44:undefined} # not required. Community name for C(SNMP) monitors.,Minimum length = 1
validatecred: ${45:undefined} # not required. Validate the credentials of the Xen Desktop DDC server user. Applicable to monitors of type C(CITRIX-XD-DDC).
productname: ${46:undefined} # not required. Product-Name value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.,Minimum length = 1
username: ${47:undefined} # not required. User name with which to probe the C(RADIUS), C(NNTP), C(FTP), C(FTP-EXTENDED), C(MYSQL), C(MSSQL), C(POP3), C(CITRIX-AG), C(CITRIX-XD-DDC), C(CITRIX-WI-EXTENDED), C(CITRIX-XNC) or C(CITRIX-XDM) server.,Minimum length = 1
metrictable: ${48:undefined} # not required. Metric table to which to bind metrics.,Minimum length = 1,Maximum length = 99
dispatcherport: ${49:undefined} # not required. Port number on which the dispatcher listens for the monitoring probe.
acctapplicationid: ${50:undefined} # not required. List of Acct-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message.,Minimum value = C(0),Maximum value = C(4294967295)
oraclesid: ${51:undefined} # not required. Name of the service identifier that is used to connect to the Oracle database during authentication.,Minimum length = 1
radaccounttype: ${52:undefined} # not required. Account Type to be used in Account Request Packet. Applicable to monitors of type C(RADIUS_ACCOUNTING).,Minimum value = 0,Maximum value = 15
binddn: ${53:undefined} # not required. The distinguished name with which an LDAP monitor can perform the Bind operation on the LDAP server. Optional. Applicable to C(LDAP) monitors.,Minimum length = 1
domain: ${54:undefined} # not required. Domain in which the XenDesktop Desktop Delivery Controller (DDC) servers or Web Interface servers are present. Required by C(CITRIX-XD-DDC) and C(CITRIX-WI-EXTENDED) monitors for logging on to the DDC servers and Web Interface servers, respectively.
vendorspecificacctapplicationids: ${55:undefined} # not required. List of Vendor-Specific-Acct-Application-Id attribute value pairs (AVPs) to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message.,Minimum value = C(0),Maximum value = C(4294967295)
resptimeoutthresh: ${56:undefined} # not required. Response time threshold, specified as a percentage of the Response Time-out parameter. If the response to a monitor probe has not arrived when the threshold is reached, the appliance generates an SNMP trap called monRespTimeoutAboveThresh. After the response time returns to a value below the threshold, the appliance generates a monRespTimeoutBelowThresh SNMP trap. For the traps to be generated, the \"MONITOR-RTO-THRESHOLD\" alarm must also be enabled.,Minimum value = C(0),Maximum value = C(100)
hostipaddress: ${57:undefined} # not required. Host-IP-Address value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. If Host-IP-Address is not specified, the appliance inserts the mapped IP (MIP) address or subnet IP (SNIP) address from which the CER request (the monitoring probe) is sent.,Minimum length = 1
sipuri: ${58:undefined} # not required. SIP URI string to send to the service (for example, C(sip:sip.test)). Applicable only to monitors of type C(SIP-UDP).,Minimum length = 1
attribute: ${59:undefined} # not required. Attribute to evaluate when the LDAP server responds to the query. Success or failure of the monitoring probe depends on whether the attribute exists in the response. Optional.,Minimum length = 1
save_config: ${60:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
vendorspecificvendorid: ${61:undefined} # not required. Vendor-Id to use in the Vendor-Specific-Application-Id grouped attribute-value pair (AVP) in the monitoring CER message. To specify Auth-Application-Id or Acct-Application-Id in Vendor-Specific-Application-Id, use vendorSpecificAuthApplicationIds or vendorSpecificAcctApplicationIds, respectively. Only one Vendor-Id is supported for all the Vendor-Specific-Application-Id AVPs in a CER monitoring message.,Minimum value = 1
destip: ${62:undefined} # not required. IP address of the service to which to send probes. If the parameter is set to 0, the IP address of the server to which the monitor is bound is considered the destination IP address.
scriptname: ${63:undefined} # not required. Path and name of the script to execute. The script must be available on the NetScaler appliance, in the /nsconfig/monitors/ directory.,Minimum length = 1
originrealm: ${64:undefined} # not required. Origin-Realm value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.,Minimum length = 1
dispatcherip: ${65:undefined} # not required. IP address of the dispatcher to which to send the probe.
radmsisdn: ${66:undefined} # not required. Calling Stations Id to be used in Account Request Packet. Applicable to monitors of type C(RADIUS_ACCOUNTING).,Minimum length = 1
secondarypassword: ${67:undefined} # not required. Secondary password that users might have to provide to log on to the Access Gateway server. Applicable to C(CITRIX-AG) monitors.
respcode: ${68:undefined} # not required. Response codes for which to mark the service as UP. For any other response code, the action performed depends on the monitor type. C(HTTP) monitors and C(RADIUS) monitors mark the service as C(DOWN), while C(HTTP-INLINE) monitors perform the action indicated by the Action parameter.
trofsstring: ${69:undefined} # not required. String expected from the server for the service to be marked as trofs. Applicable to HTTP-ECV/TCP-ECV monitors.
logonpointname: ${70:undefined} # not required. Name of the logon point that is configured for the Citrix Access Gateway Advanced Access Control software. Required if you want to monitor the associated login page or Logon Agent. Applicable to C(CITRIX-AAC-LAS) and C(CITRIX-AAC-LOGINPAGE) monitors.
kcdaccount: ${71:undefined} # not required. KCD Account used by C(MSSQL) monitor.,Minimum length = 1,Maximum length = 32
radapn: ${72:undefined} # not required. Called Station Id to be used in Account Request Packet. Applicable to monitors of type C(RADIUS_ACCOUNTING).,Minimum length = 1
hostname: ${73:undefined} # not required. Hostname in the FQDN format (Example: C(porche.cars.org)). Applicable to C(STOREFRONT) monitors.,Minimum length = 1
radframedip: ${74:undefined} # not required. Source ip with which the packet will go out . Applicable to monitors of type C(RADIUS_ACCOUNTING).
filename: ${75:undefined} # not required. Name of a file on the FTP server. The appliance monitors the FTP service by periodically checking the existence of the file on the server. Applicable to C(FTP-EXTENDED) monitors.,Minimum length = 1
application: ${76:undefined} # not required. Name of the application used to determine the state of the service. Applicable to monitors of type C(CITRIX-XML-SERVICE).,Minimum length = 1
state: ${77|enabled,disabled|} # not required. choices: enabled;disabled. State of the monitor. The C(disabled) setting disables not only the monitor being configured, but all monitors of the same type, until the parameter is set to C(enabled). If the monitor is bound to a service, the state of the monitor is not taken into account when the state of the service is determined.
netprofile: ${78:undefined} # not required. Name of the network profile.,Minimum length = 1,Maximum length = 127
alertretries: ${79:undefined} # not required. Number of consecutive probe failures after which the appliance generates an SNMP trap called monProbeFailed.,Minimum value = C(0),Maximum value = C(32)
radaccountsession: ${80:undefined} # not required. Account Session ID to be used in Account Request Packet. Applicable to monitors of type C(RADIUS_ACCOUNTING).,Minimum length = 1
deviation: ${81:undefined} # not required. Time value added to the learned average response time in dynamic response time monitoring (DRTM). When a deviation is specified, the appliance learns the average response time of bound services and adds the deviation to the average. The final value is then continually adjusted to accommodate response time variations over time. Specified in milliseconds, seconds, or minutes.,Minimum value = C(0),Maximum value = C(20939)
httprequest: ${82:undefined} # not required. HTTP request to send to the server (for example, C(\"HEAD /file.html\")).
supportedvendorids: ${83:undefined} # not required. List of Supported-Vendor-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum eight of these AVPs are supported in a monitoring message.,Minimum value = C(1),Maximum value = C(4294967295)
inbandsecurityid: ${84|NO_INBAND_SECURITY,TLS|} # not required. choices: NO_INBAND_SECURITY;TLS. Inband-Security-Id for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
basedn: ${85:undefined} # not required. The base distinguished name of the LDAP service, from where the LDAP server can begin the search for the attributes in the monitoring query. Required for C(LDAP) service monitoring.,Minimum length = 1
sitepath: ${86:undefined} # not required. URL of the logon page. For monitors of type C(CITRIX-WEB-INTERFACE), to monitor a dynamic page under the site path, terminate the site path with a slash C(/). Applicable to C(CITRIX-WEB-INTERFACE), C(CITRIX-WI-EXTENDED) and C(CITRIX-XDM) monitors.,Minimum length = 1
storefrontcheckbackendservices: ${87:undefined} # not required. This option will enable monitoring of services running on storefront server. Storefront services are monitored by probing to a Windows service that runs on the Storefront server and exposes details of which storefront services are running.
interval: ${88:undefined} # not required. Time interval between two successive probes. Must be greater than the value of Response Time-out.,Minimum value = C(1),Maximum value = C(20940)
sqlquery: ${89:undefined} # not required. SQL query for a C(MYSQL-ECV) or C(MSSQL-ECV) monitor. Sent to the database server after the server authenticates the connection.,Minimum length = 1
evalrule: ${90:undefined} # not required. Default syntax expression that evaluates the database server's response to a MYSQL-ECV or MSSQL-ECV monitoring query. Must produce a Boolean result. The result determines the state of the server. If the expression returns TRUE, the probe succeeds.,For example, if you want the appliance to evaluate the error message to determine the state of the server, use the rule C(MYSQL.RES.ROW(10) .TEXT_ELEM(2).EQ(\"MySQL\")).
sipmethod: ${91|OPTIONS,INVITE,REGISTER|} # not required. choices: OPTIONS;INVITE;REGISTER. SIP method to use for the query. Applicable only to monitors of type C(SIP-UDP).
customheaders: ${92:undefined} # not required. Custom header string to include in the monitoring probes.
mssqlprotocolversion: ${93|70,2000,2000SP1,2005,2008,2008R2,2012,2014|} # not required. choices: 70;2000;2000SP1;2005;2008;2008R2;2012;2014. Version of MSSQL server that is to be monitored.
recv: ${94:undefined} # not required. String expected from the server for the service to be marked as UP. Applicable to C(TCP-ECV), C(HTTP-ECV), and C(UDP-ECV) monitors.
querytype: ${95|Address,Zone,AAAA|} # not required. choices: Address;Zone;AAAA. Type of DNS record for which to send monitoring queries. Set to C(Address) for querying A records, C(AAAA) for querying AAAA records, and C(Zone) for querying the SOA record.
tosid: ${96:undefined} # not required. The TOS ID of the specified destination IP. Applicable only when the TOS parameter is set.,Minimum value = C(1),Maximum value = C(63)
reverse: ${97:undefined} # not required. Mark a service as DOWN, instead of UP, when probe criteria are satisfied, and as UP instead of DOWN when probe criteria are not satisfied.
storename: ${98:undefined} # not required. Store Name. For monitors of type C(STOREFRONT), C(storename) is an optional argument defining storefront service store name. Applicable to C(STOREFRONT) monitors.,Minimum length = 1
validate_certs: ${99:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
lrtm: ${100|enabled,disabled|} # not required. choices: enabled;disabled. Calculate the least response times for bound services. If this parameter is not enabled, the appliance does not learn the response times of the bound services. Also used for LRTM load balancing.
originhost: ${101:undefined} # not required. Origin-Host value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.,Minimum length = 1
filter: ${102:undefined} # not required. Filter criteria for the LDAP query. Optional.,Minimum length = 1
vendorspecificauthapplicationids: ${103:undefined} # not required. List of Vendor-Specific-Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message.,Minimum value = C(0),Maximum value = C(4294967295)
snmpversion: ${104|V1,V2|} # not required. choices: V1;V2. SNMP version to be used for C(SNMP) monitors.
action: ${105|NONE,LOG,DOWN|} # not required. choices: NONE;LOG;DOWN. Action to perform when the response to an inline monitor (a monitor of type C(HTTP-INLINE)) indicates that the service is down. A service monitored by an inline monitor is considered C(DOWN) if the response code is not one of the codes that have been specified for the Response Code parameter.,Available settings function as follows:,* C(NONE) - Do not take any action. However, the show service command and the show lb monitor command indicate the total number of responses that were checked and the number of consecutive error responses received after the last successful probe.,* C(LOG) - Log the event in NSLOG or SYSLOG.,* C(DOWN) - Mark the service as being down, and then do not direct any traffic to the service until the configured down time has expired. Persistent connections to the service are terminated as soon as the service is marked as C(DOWN). Also, log the event in NSLOG or SYSLOG.
"""
'netscaler_lb_vserver':
'prefix': "netscaler_lb_vserver_snippet"
'description': "Manage load balancing vserver configuration"
'body': """
netscaler_lb_vserver:
nitro_user: ${1:undefined} # required. The username with which to authenticate to the netscaler node.
nsip: ${2:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
servicebindings: ${4:undefined} # not required. List of services along with the weights that are load balanced.,The following suboptions are available.
comment: ${5:undefined} # not required. Any comments that you might want to associate with the virtual server.
rtspnat: ${6:undefined} # not required. Use network address translation (NAT) for RTSP data connections.
nitro_timeout: ${7:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
disabled: ${8:no} # not required. When set to C(yes) the lb vserver will be disabled.,When set to C(no) the lb vserver will be enabled.,Note that due to limitations of the underlying NITRO API a C(disabled) state change alone does not cause the module result to report a changed status.
macmoderetainvlan: ${9|enabled,disabled|} # not required. choices: enabled;disabled. This option is used to retain vlan information of incoming packet when macmode is enabled.
dbslb: ${10|enabled,disabled|} # not required. choices: enabled;disabled. Enable database specific load balancing for MySQL and MSSQL service types.
listenpolicy: ${11:undefined} # not required. Default syntax expression identifying traffic accepted by the virtual server. Can be either an expression (for example, C(CLIENT.IP.DST.IN_SUBNET(192.0.2.0/24)) or the name of a named expression. In the above example, the virtual server accepts all requests whose destination IP address is in the 192.0.2.0/24 subnet.
disableprimaryondown: ${12|enabled,disabled|} # not required. choices: enabled;disabled. If the primary virtual server goes down, do not allow it to return to primary status until manually enabled.
ipmask: ${13:undefined} # not required. IP mask, in dotted decimal notation, for the IP Pattern parameter. Can have leading or trailing non-zero octets (for example, C(255.255.240.0) or C(0.0.255.255)). Accordingly, the mask specifies whether the first n bits or the last n bits of the destination IP address in a client request are to be matched with the corresponding bits in the IP pattern. The former is called a forward mask. The latter is called a reverse mask.
insertvserveripport: ${14|OFF,VIPADDR,V6TOV4MAPPING|} # not required. choices: OFF;VIPADDR;V6TOV4MAPPING. Insert an HTTP header, whose value is the IP address and port number of the virtual server, before forwarding a request to the server. The format of the header is <vipHeader>: <virtual server IP address>_<port number >, where vipHeader is the name that you specify for the header. If the virtual server has an IPv6 address, the address in the header is enclosed in brackets ([ and ]) to separate it from the port number. If you have mapped an IPv4 address to a virtual server's IPv6 address, the value of this parameter determines which IP address is inserted in the header, as follows:,* C(VIPADDR) - Insert the IP address of the virtual server in the HTTP header regardless of whether the virtual server has an IPv4 address or an IPv6 address. A mapped IPv4 address, if configured, is ignored.,* C(V6TOV4MAPPING) - Insert the IPv4 address that is mapped to the virtual server's IPv6 address. If a mapped IPv4 address is not configured, insert the IPv6 address.,* C(OFF) - Disable header insertion.
redirectportrewrite: ${15|enabled,disabled|} # not required. choices: enabled;disabled. Rewrite the port and change the protocol to ensure successful HTTP redirects from services.
clttimeout: ${16:undefined} # not required. Idle time, in seconds, after which a client connection is terminated.,Minimum value = C(0),Maximum value = C(31536000)
authenticationhost: ${17:undefined} # not required. Fully qualified domain name (FQDN) of the authentication virtual server to which the user must be redirected for authentication. Make sure that the Authentication parameter is set to C(yes).,Minimum length = 3,Maximum length = 252
servicetype: ${18|HTTP,FTP,TCP,UDP,SSL,SSL_BRIDGE,SSL_TCP,DTLS,NNTP,DNS,DHCPRA,ANY,SIP_UDP,SIP_TCP,SIP_SSL,DNS_TCP,RTSP,PUSH,SSL_PUSH,RADIUS,RDP,MYSQL,MSSQL,DIAMETER,SSL_DIAMETER,TFTP,ORACLE,SMPP,SYSLOGTCP,SYSLOGUDP,FIX,SSL_FIX|} # not required. choices: HTTP;FTP;TCP;UDP;SSL;SSL_BRIDGE;SSL_TCP;DTLS;NNTP;DNS;DHCPRA;ANY;SIP_UDP;SIP_TCP;SIP_SSL;DNS_TCP;RTSP;PUSH;SSL_PUSH;RADIUS;RDP;MYSQL;MSSQL;DIAMETER;SSL_DIAMETER;TFTP;ORACLE;SMPP;SYSLOGTCP;SYSLOGUDP;FIX;SSL_FIX. Protocol used by the service (also called the service type).
mysqlservercapabilities: ${19:undefined} # not required. Server capabilities that the virtual server advertises to clients.
state: ${20|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
vipheader: ${21:undefined} # not required. Name for the inserted header. The default name is vip-header.,Minimum length = 1
pushvserver: ${22:undefined} # not required. Name of the load balancing virtual server, of type PUSH or SSL_PUSH, to which the server pushes updates received on the load balancing virtual server that you are configuring.,Minimum length = 1
dataoffset: ${23:undefined} # not required. Offset to be considered when extracting a token from the TCP payload. Applicable to virtual servers, of type TCP, using the token method of load balancing. Must be within the first 24 KB of the TCP payload.,Minimum value = C(0),Maximum value = C(25400)
datalength: ${24:undefined} # not required. Length of the token to be extracted from the data segment of an incoming packet, for use in the token method of load balancing. The length of the token, specified in bytes, must not be greater than 24 KB. Applicable to virtual servers of type TCP.,Minimum value = C(1),Maximum value = C(100)
rhistate: ${25|PASSIVE,ACTIVE|} # not required. choices: PASSIVE;ACTIVE. Route Health Injection (RHI) functionality of the NetSaler appliance for advertising the route of the VIP address associated with the virtual server. When Vserver RHI Level (RHI) parameter is set to VSVR_CNTRLD, the following are different RHI behaviors for the VIP address on the basis of RHIstate (RHI STATE) settings on the virtual servers associated with the VIP address:,* If you set C(rhistate) to C(PASSIVE) on all virtual servers, the NetScaler ADC always advertises the route for the VIP address.,* If you set C(rhistate) to C(ACTIVE) on all virtual servers, the NetScaler ADC advertises the route for the VIP address if at least one of the associated virtual servers is in UP state.,* If you set C(rhistate) to C(ACTIVE) on some and PASSIVE on others, the NetScaler ADC advertises the route for the VIP address if at least one of the associated virtual servers, whose C(rhistate) set to C(ACTIVE), is in UP state.
td: ${26:undefined} # not required. Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.,Minimum value = C(0),Maximum value = C(4094)
httpprofilename: ${27:undefined} # not required. Name of the HTTP profile whose settings are to be applied to the virtual server.,Minimum length = 1,Maximum length = 127
newservicerequestincrementinterval: ${28:undefined} # not required. Interval, in seconds, between successive increments in the load on a new service or a service whose state has just changed from DOWN to UP. A value of 0 (zero) specifies manual slow start.,Minimum value = C(0),Maximum value = C(3600)
appflowlog: ${29|enabled,disabled|} # not required. choices: enabled;disabled. Apply AppFlow logging to the virtual server.
dbprofilename: ${30:undefined} # not required. Name of the DB profile whose settings are to be applied to the virtual server.,Minimum length = 1,Maximum length = 127
netmask: ${31:undefined} # not required. IPv4 subnet mask to apply to the destination IP address or source IP address when the load balancing method is C(DESTINATIONIPHASH) or C(SOURCEIPHASH).,Minimum length = 1
processlocal: ${32|enabled,disabled|} # not required. choices: enabled;disabled. By turning on this option packets destined to a vserver in a cluster will not under go any steering. Turn this option for single packet request response mode or when the upstream device is performing a proper RSS for connection based distribution.
minautoscalemembers: ${33:undefined} # not required. Minimum number of members expected to be present when vserver is used in Autoscale.,Minimum value = C(0),Maximum value = C(5000)
name: ${34:undefined} # not required. Name for the virtual server. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore, hash C(#), period C(.), space C( ), colon C(:), at sign C(@), equal sign C(=), and hyphen C(-) characters. Can be changed after the virtual server is created.,Minimum length = 1
backuplbmethod: ${35|ROUNDROBIN,LEASTCONNECTION,LEASTRESPONSETIME,SOURCEIPHASH,LEASTBANDWIDTH,LEASTPACKETS,CUSTOMLOAD|} # not required. choices: ROUNDROBIN;LEASTCONNECTION;LEASTRESPONSETIME;SOURCEIPHASH;LEASTBANDWIDTH;LEASTPACKETS;CUSTOMLOAD. Backup load balancing method. Becomes operational if the primary load balancing me,thod fails or cannot be used.,Valid only if the primary method is based on static proximity.
downstateflush: ${36|enabled,disabled|} # not required. choices: enabled;disabled. Flush all active transactions associated with a virtual server whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
pushlabel: ${37:undefined} # not required. Expression for extracting a label from the server's response. Can be either an expression or the name of a named expression.
persistmask: ${38:undefined} # not required. Persistence mask for IP based persistence types, for IPv4 virtual servers.,Minimum length = 1
timeout: ${39:undefined} # not required. Time period for which a persistence session is in effect.,Minimum value = C(0),Maximum value = C(1440)
v6persistmasklen: ${40:undefined} # not required. Persistence mask for IP based persistence types, for IPv6 virtual servers.,Minimum value = C(1),Maximum value = C(128)
persistavpno: ${41:undefined} # not required. Persist AVP number for Diameter Persistency.,In case this AVP is not defined in Base RFC 3588 and it is nested inside a Grouped AVP,,define a sequence of AVP numbers (max 3) in order of parent to child. So say persist AVP number X,is nested inside AVP Y which is nested in Z, then define the list as Z Y X.,Minimum value = C(1)
recursionavailable: ${42:undefined} # not required. When set to YES, this option causes the DNS replies from this vserver to have the RA bit turned on. Typically one would set this option to YES, when the vserver is load balancing a set of DNS servers thatsupport recursive queries.
validate_certs: ${43:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
dnsprofilename: ${44:undefined} # not required. Name of the DNS profile to be associated with the VServer. DNS profile properties will be applied to the transactions processed by a VServer. This parameter is valid only for DNS and DNS-TCP VServers.,Minimum length = 1,Maximum length = 127
maxautoscalemembers: ${45:undefined} # not required. Maximum number of members expected to be present when vserver is used in Autoscale.,Minimum value = C(0),Maximum value = C(5000)
oracleserverversion: ${46|10G,11G|} # not required. choices: 10G;11G. Oracle server version.
m: ${47|IP,MAC,IPTUNNEL,TOS|} # not required. choices: IP;MAC;IPTUNNEL;TOS. Redirection mode for load balancing. Available settings function as follows:,* C(IP) - Before forwarding a request to a server, change the destination IP address to the server's IP address.,* C(MAC) - Before forwarding a request to a server, change the destination MAC address to the server's MAC address. The destination IP address is not changed. MAC-based redirection mode is used mostly in firewall load balancing deployments.,* C(IPTUNNEL) - Perform IP-in-IP encapsulation for client IP packets. In the outer IP headers, set the destination IP address to the IP address of the server and the source IP address to the subnet IP (SNIP). The client IP packets are not modified. Applicable to both IPv4 and IPv6 packets.,* C(TOS) - Encode the virtual server's TOS ID in the TOS field of the IP header.,You can use either the C(IPTUNNEL) or the C(TOS) option to implement Direct Server Return (DSR).
save_config: ${48:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
bypassaaaa: ${49:undefined} # not required. If this option is enabled while resolving DNS64 query AAAA queries are not sent to back end dns server.
somethod: ${50|CONNECTION,DYNAMICCONNECTION,BANDWIDTH,HEALTH,NONE|} # not required. choices: CONNECTION;DYNAMICCONNECTION;BANDWIDTH;HEALTH;NONE. Type of threshold that, when exceeded, triggers spillover. Available settings function as follows:,* C(CONNECTION) - Spillover occurs when the number of client connections exceeds the threshold.,* DYNAMICCONNECTION - Spillover occurs when the number of client connections at the virtual server exceeds the sum of the maximum client (Max Clients) settings for bound services. Do not specify a spillover threshold for this setting, because the threshold is implied by the Max Clients settings of bound services.,* C(BANDWIDTH) - Spillover occurs when the bandwidth consumed by the virtual server's incoming and outgoing traffic exceeds the threshold.,* C(HEALTH) - Spillover occurs when the percentage of weights of the services that are UP drops below the threshold. For example, if services svc1, svc2, and svc3 are bound to a virtual server, with weights 1, 2, and 3, and the spillover threshold is 50%, spillover occurs if svc1 and svc3 or svc2 and svc3 transition to DOWN.,* C(NONE) - Spillover does not occur.
nitro_protocol: ${51|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
mysqlprotocolversion: ${52:undefined} # not required. MySQL protocol version that the virtual server advertises to clients.
icmpvsrresponse: ${53|PASSIVE,ACTIVE|} # not required. choices: PASSIVE;ACTIVE. How the NetScaler appliance responds to ping requests received for an IP address that is common to one or more virtual servers. Available settings function as follows:,* If set to C(PASSIVE) on all the virtual servers that share the IP address, the appliance always responds to the ping requests.,* If set to C(ACTIVE) on all the virtual servers that share the IP address, the appliance responds to the ping requests if at least one of the virtual servers is UP. Otherwise, the appliance does not respond.,* If set to C(ACTIVE) on some virtual servers and PASSIVE on the others, the appliance responds if at least one virtual server with the ACTIVE setting is UP. Otherwise, the appliance does not respond.,Note: This parameter is available at the virtual server level. A similar parameter, ICMP Response, is available at the IP address level, for IPv4 addresses of type VIP. To set that parameter, use the add ip command in the CLI or the Create IP dialog box in the GUI.
authnprofile: ${54:undefined} # not required. Name of the authentication profile to be used when authentication is turned on.
port: ${55:undefined} # not required. Port number for the virtual server.,Range C(1) - C(65535),* in CLI is represented as C(65535) in NITRO API
servicegroupbindings: ${56:undefined} # not required. List of service groups along with the weights that are load balanced.,The following suboptions are available.
ssl_certkey: ${57:undefined} # not required. The name of the ssl certificate that is bound to this service.,The ssl certificate must already exist.,Creating the certificate can be done with the M(netscaler_ssl_certkey) module.,This option is only applicable only when C(servicetype) is C(SSL).
persistencebackup: ${58|SOURCEIP,NONE|} # not required. choices: SOURCEIP;NONE. Backup persistence type for the virtual server. Becomes operational if the primary persistence mechanism fails.
mysqlserverversion: ${59:undefined} # not required. MySQL server version string that the virtual server advertises to clients.,Minimum length = 1,Maximum length = 31
mysqlcharacterset: ${60:undefined} # not required. Character set that the virtual server advertises to clients.
authn401: ${61:undefined} # not required. Enable or disable user authentication with HTTP 401 responses.
authentication: ${62:undefined} # not required. Enable or disable user authentication.
authnvsname: ${63:undefined} # not required. Name of an authentication virtual server with which to authenticate users.,Minimum length = 1,Maximum length = 252
healththreshold: ${64:undefined} # not required. Threshold in percent of active services below which vserver state is made down. If this threshold is 0, vserver state will be up even if one bound service is up.,Minimum value = C(0),Maximum value = C(100)
netprofile: ${65:undefined} # not required. Name of the network profile to associate with the virtual server. If you set this parameter, the virtual server uses only the IP addresses in the network profile as source IP addresses when initiating connections with servers.,Minimum length = 1,Maximum length = 127
pushmulticlients: ${66:undefined} # not required. Allow multiple Web 2.0 connections from the same client to connect to the virtual server and expect updates.
mssqlserverversion: ${67|70,2000,2000SP1,2005,2008,2008R2,2012,2014|} # not required. choices: 70;2000;2000SP1;2005;2008;2008R2;2012;2014. For a load balancing virtual server of type C(MSSQL), the Microsoft SQL Server version. Set this parameter if you expect some clients to run a version different from the version of the database. This setting provides compatibility between the client-side and server-side connections by ensuring that all communication conforms to the server's version.
lbmethod: ${68|ROUNDROBIN,LEASTCONNECTION,LEASTRESPONSETIME,URLHASH,DOMAINHASH,DESTINATIONIPHASH,SOURCEIPHASH,SRCIPDESTIPHASH,LEASTBANDWIDTH,LEASTPACKETS,TOKEN,SRCIPSRCPORTHASH,LRTM,CALLIDHASH,CUSTOMLOAD,LEASTREQUEST,AUDITLOGHASH,STATICPROXIMITY|} # not required. choices: ROUNDROBIN;LEASTCONNECTION;LEASTRESPONSETIME;URLHASH;DOMAINHASH;DESTINATIONIPHASH;SOURCEIPHASH;SRCIPDESTIPHASH;LEASTBANDWIDTH;LEASTPACKETS;TOKEN;SRCIPSRCPORTHASH;LRTM;CALLIDHASH;CUSTOMLOAD;LEASTREQUEST;AUDITLOGHASH;STATICPROXIMITY. Load balancing method. The available settings function as follows:,* C(ROUNDROBIN) - Distribute requests in rotation, regardless of the load. Weights can be assigned to services to enforce weighted round robin distribution.,* C(LEASTCONNECTION) (default) - Select the service with the fewest connections.,* C(LEASTRESPONSETIME) - Select the service with the lowest average response time.,* C(LEASTBANDWIDTH) - Select the service currently handling the least traffic.,* C(LEASTPACKETS) - Select the service currently serving the lowest number of packets per second.,* C(CUSTOMLOAD) - Base service selection on the SNMP metrics obtained by custom load monitors.,* C(LRTM) - Select the service with the lowest response time. Response times are learned through monitoring probes. This method also takes the number of active connections into account.,Also available are a number of hashing methods, in which the appliance extracts a predetermined portion of the request, creates a hash of the portion, and then checks whether any previous requests had the same hash value. If it finds a match, it forwards the request to the service that served those previous requests. Following are the hashing methods:,* C(URLHASH) - Create a hash of the request URL (or part of the URL).,* C(DOMAINHASH) - Create a hash of the domain name in the request (or part of the domain name). The domain name is taken from either the URL or the Host header. If the domain name appears in both locations, the URL is preferred. If the request does not contain a domain name, the load balancing method defaults to C(LEASTCONNECTION).,* C(DESTINATIONIPHASH) - Create a hash of the destination IP address in the IP header.,* C(SOURCEIPHASH) - Create a hash of the source IP address in the IP header.,* C(TOKEN) - Extract a token from the request, create a hash of the token, and then select the service to which any previous requests with the same token hash value were sent.,* C(SRCIPDESTIPHASH) - Create a hash of the string obtained by concatenating the source IP address and destination IP address in the IP header.,* C(SRCIPSRCPORTHASH) - Create a hash of the source IP address and source port in the IP header.,* C(CALLIDHASH) - Create a hash of the SIP Call-ID header.
hashlength: ${69:undefined} # not required. Number of bytes to consider for the hash value used in the URLHASH and DOMAINHASH load balancing methods.,Minimum value = C(1),Maximum value = C(4096)
resrule: ${70:undefined} # not required. Default syntax expression specifying which part of a server's response to use for creating rule based persistence sessions (persistence type RULE). Can be either an expression or the name of a named expression.,Example:,C(HTTP.RES.HEADER(\"setcookie\").VALUE(0).TYPECAST_NVLIST_T('=',';').VALUE(\"server1\")).
connfailover: ${71|DISABLED,STATEFUL,STATELESS|} # not required. choices: DISABLED;STATEFUL;STATELESS. Mode in which the connection failover feature must operate for the virtual server. After a failover, established TCP connections and UDP packet flows are kept active and resumed on the secondary appliance. Clients remain connected to the same servers. Available settings function as follows:,* C(STATEFUL) - The primary appliance shares state information with the secondary appliance, in real time, resulting in some runtime processing overhead.,* C(STATELESS) - State information is not shared, and the new primary appliance tries to re-create the packet flow on the basis of the information contained in the packets it receives.,* C(DISABLED) - Connection failover does not occur.
sothreshold: ${72:undefined} # not required. Threshold at which spillover occurs. Specify an integer for the C(CONNECTION) spillover method, a bandwidth value in kilobits per second for the C(BANDWIDTH) method (do not enter the units), or a percentage for the C(HEALTH) method (do not enter the percentage symbol).,Minimum value = C(1),Maximum value = C(4294967287)
sopersistence: ${73|enabled,disabled|} # not required. choices: enabled;disabled. If spillover occurs, maintain source IP address based persistence for both primary and backup virtual servers.
dns64: ${74|enabled,disabled|} # not required. choices: enabled;disabled. This argument is for enabling/disabling the C(dns64) on lbvserver.
sobackupaction: ${75|DROP,ACCEPT,REDIRECT|} # not required. choices: DROP;ACCEPT;REDIRECT. Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists.
skippersistency: ${76|Bypass,ReLb,None|} # not required. choices: Bypass;ReLb;None. This argument decides the behavior incase the service which is selected from an existing persistence session has reached threshold.
cacheable: ${77:undefined} # not required. Route cacheable requests to a cache redirection virtual server. The load balancing virtual server can forward requests only to a transparent cache redirection virtual server that has an IP address and port combination of *:80, so such a cache redirection virtual server must be configured on the appliance.
l2conn: ${78:undefined} # not required. Use Layer 2 parameters (channel number, MAC address, and VLAN ID) in addition to the 4-tuple (<source IP>:<source port>::<destination IP>:<destination port>) that is used to identify a connection. Allows multiple TCP and non-TCP connections with the same 4-tuple to co-exist on the NetScaler appliance.
v6netmasklen: ${79:undefined} # not required. Number of bits to consider in an IPv6 destination or source IP address, for creating the hash that is required by the C(DESTINATIONIPHASH) and C(SOURCEIPHASH) load balancing methods.,Minimum value = C(1),Maximum value = C(128)
sessionless: ${80|enabled,disabled|} # not required. choices: enabled;disabled. Perform load balancing on a per-packet basis, without establishing sessions. Recommended for load balancing of intrusion detection system (IDS) servers and scenarios involving direct server return (DSR), where session information is unnecessary.
ipv46: ${81:undefined} # not required. IPv4 or IPv6 address to assign to the virtual server.
persistencetype: ${82|SOURCEIP,COOKIEINSERT,SSLSESSION,RULE,URLPASSIVE,CUSTOMSERVERID,DESTIP,SRCIPDESTIP,CALLID,RTSPSID,DIAMETER,FIXSESSION,NONE|} # not required. choices: SOURCEIP;COOKIEINSERT;SSLSESSION;RULE;URLPASSIVE;CUSTOMSERVERID;DESTIP;SRCIPDESTIP;CALLID;RTSPSID;DIAMETER;FIXSESSION;NONE. Type of persistence for the virtual server. Available settings function as follows:,* C(SOURCEIP) - Connections from the same client IP address belong to the same persistence session.,* C(COOKIEINSERT) - Connections that have the same HTTP Cookie, inserted by a Set-Cookie directive from a server, belong to the same persistence session.,* C(SSLSESSION) - Connections that have the same SSL Session ID belong to the same persistence session.,* C(CUSTOMSERVERID) - Connections with the same server ID form part of the same session. For this persistence type, set the Server ID (CustomServerID) parameter for each service and configure the Rule parameter to identify the server ID in a request.,* C(RULE) - All connections that match a user defined rule belong to the same persistence session.,* C(URLPASSIVE) - Requests that have the same server ID in the URL query belong to the same persistence session. The server ID is the hexadecimal representation of the IP address and port of the service to which the request must be forwarded. This persistence type requires a rule to identify the server ID in the request.,* C(DESTIP) - Connections to the same destination IP address belong to the same persistence session.,* C(SRCIPDESTIP) - Connections that have the same source IP address and destination IP address belong to the same persistence session.,* C(CALLID) - Connections that have the same CALL-ID SIP header belong to the same persistence session.,* C(RTSPSID) - Connections that have the same RTSP Session ID belong to the same persistence session.,* FIXSESSION - Connections that have the same SenderCompID and TargetCompID values belong to the same persistence session.
tosid: ${83:undefined} # not required. TOS ID of the virtual server. Applicable only when the load balancing redirection mode is set to TOS.,Minimum value = C(1),Maximum value = C(63)
ippattern: ${84:undefined} # not required. IP address pattern, in dotted decimal notation, for identifying packets to be accepted by the virtual server. The IP Mask parameter specifies which part of the destination IP address is matched against the pattern. Mutually exclusive with the IP Address parameter.,For example, if the IP pattern assigned to the virtual server is C(198.51.100.0) and the IP mask is C(255.255.240.0) (a forward mask), the first 20 bits in the destination IP addresses are matched with the first 20 bits in the pattern. The virtual server accepts requests with IP addresses that range from C(198.51.96.1) to C(198.51.111.254). You can also use a pattern such as C(0.0.2.2) and a mask such as C(0.0.255.255) (a reverse mask).,If a destination IP address matches more than one IP pattern, the pattern with the longest match is selected, and the associated virtual server processes the request. For example, if virtual servers C(vs1) and C(vs2) have the same IP pattern, C(0.0.100.128), but different IP masks of C(0.0.255.255) and C(0.0.224.255), a destination IP address of C(198.51.100.128) has the longest match with the IP pattern of vs1. If a destination IP address matches two or more virtual servers to the same extent, the request is processed by the virtual server whose port number matches the port number in the request.
tcpprofilename: ${85:undefined} # not required. Name of the TCP profile whose settings are to be applied to the virtual server.,Minimum length = 1,Maximum length = 127
backuppersistencetimeout: ${86:undefined} # not required. Time period for which backup persistence is in effect.,Minimum value = C(2),Maximum value = C(1440)
newservicerequestunit: ${87|PER_SECOND,PERCENT|} # not required. choices: PER_SECOND;PERCENT. Units in which to increment load at each interval in slow-start mode.
redirurl: ${88:undefined} # not required. URL to which to redirect traffic if the virtual server becomes unavailable.,WARNING! Make sure that the domain in the URL does not match the domain specified for a content switching policy. If it does, requests are continuously redirected to the unavailable virtual server.,Minimum length = 1
cookiename: ${89:undefined} # not required. Use this parameter to specify the cookie name for C(COOKIE) peristence type. It specifies the name of cookie with a maximum of 32 characters. If not specified, cookie name is internally generated.
listenpriority: ${90:undefined} # not required. Integer specifying the priority of the listen policy. A higher number specifies a lower priority. If a request matches the listen policies of more than one virtual server the virtual server whose listen policy has the highest priority (the lowest priority number) accepts the request.,Minimum value = C(0),Maximum value = C(101)
sopersistencetimeout: ${91:undefined} # not required. Timeout for spillover persistence, in minutes.,Minimum value = C(2),Maximum value = C(1440)
range: ${92:undefined} # not required. Number of IP addresses that the appliance must generate and assign to the virtual server. The virtual server then functions as a network virtual server, accepting traffic on any of the generated IP addresses. The IP addresses are generated automatically, as follows:,* For a range of n, the last octet of the address specified by the IP Address parameter increments n-1 times.,* If the last octet exceeds 255, it rolls over to 0 and the third octet increments by 1.,Note: The Range parameter assigns multiple IP addresses to one virtual server. To generate an array of virtual servers, each of which owns only one IP address, use brackets in the IP Address and Name parameters to specify the range. For example:,add lb vserver my_vserver[1-3] HTTP 192.0.2.[1-3] 80.,Minimum value = C(1),Maximum value = C(254)
newservicerequest: ${93:undefined} # not required. Number of requests, or percentage of the load on existing services, by which to increase the load on a new service at each interval in slow-start mode. A non-zero value indicates that slow-start is applicable. A zero value indicates that the global RR startup parameter is applied. Changing the value to zero will cause services currently in slow start to take the full traffic as determined by the LB method. Subsequently, any new services added will use the global RR factor.
push: ${94|enabled,disabled|} # not required. choices: enabled;disabled. Process traffic with the push virtual server that is bound to this load balancing virtual server.
"""
'netscaler_nitro_request':
'prefix': "netscaler_nitro_request_snippet"
'description': "Issue Nitro API requests to a Netscaler instance."
'body': """
netscaler_nitro_request:
expected_nitro_errorcode: ${1:0} # required. A list of numeric values that signify that the operation was successful.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the Netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the Netscaler node.
instance_name: ${4:undefined} # not required. The name of the target Netscaler instance when issuing a Nitro request through a MAS proxy.
args: ${5:undefined} # not required. A dictionary which defines the key arguments by which we will select the Nitro object to operate on.,It is required for the following I(operation) values: C(get_by_args), C('delete_by_args').
resource: ${6:undefined} # not required. The type of resource we are operating on.,It is required for all I(operation) values except C(mas_login) and C(save_config).
operation: ${7|add,update,get,get_by_args,get_filtered,get_all,delete,delete_by_args,count,mas_login,save_config,action|} # not required. choices: add;update;get;get_by_args;get_filtered;get_all;delete;delete_by_args;count;mas_login;save_config;action. Define the Nitro operation that we want to perform.
filter: ${8:undefined} # not required. A dictionary which defines the filter with which to refine the Nitro objects returned by the C(get_filtered) I(operation).
instance_ip: ${9:undefined} # not required. The IP address of the target Netscaler instance when issuing a Nitro request through a MAS proxy.
name: ${10:undefined} # not required. The name of the resource we are operating on.,It is required for the following I(operation) values: C(update), C(get), C(delete).
nitro_protocol: ${11|http,https|} # not required. choices: http;https. Which protocol to use when accessing the Nitro API objects.
instance_id: ${12:undefined} # not required. The id of the target Netscaler instance when issuing a Nitro request through a MAS proxy.
nsip: ${13:undefined} # not required. The IP address of the Netscaler or MAS instance where the Nitro API calls will be made.,The port can be specified with the colon C(:). E.g. C(192.168.1.1:555).
action: ${14:undefined} # not required. The action to perform when the I(operation) value is set to C(action).,Some common values for this parameter are C(enable), C(disable), C(rename).
attributes: ${15:undefined} # not required. The attributes of the Nitro object we are operating on.,It is required for the following I(operation) values: C(add), C(update), C(action).
validate_certs: ${16:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
nitro_auth_token: ${17:undefined} # not required. The authentication token provided by the C(mas_login) operation. It is required when issuing Nitro API calls through a MAS proxy.
"""
'netscaler_save_config':
'prefix': "netscaler_save_config_snippet"
'description': "Save Netscaler configuration."
'body': """
netscaler_save_config:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. C(192.168.1.1:555).
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
nitro_protocol: ${4|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
validate_certs: ${5:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
nitro_timeout: ${6:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler.
"""
'netscaler_server':
'prefix': "netscaler_server_snippet"
'description': "Manage server configuration"
'body': """
netscaler_server:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
comment: ${4:undefined} # not required. Any information about the server.
delay: ${5:undefined} # not required. Time, in seconds, after which all the services configured on the server are disabled.,This option is meaningful only when setting the I(disabled) option to C(true)
domain: ${6:undefined} # not required. Domain name of the server. For a domain based configuration, you must create the server first.,Minimum length = 1
name: ${7:undefined} # not required. Name for the server.,Must begin with an ASCII alphabetic or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space C( ), colon C(:), at C(@), equals C(=), and hyphen C(-) characters.,Can be changed after the name is created.,Minimum length = 1
ipv6address: ${8:false} # not required. Support IPv6 addressing mode. If you configure a server with the IPv6 addressing mode, you cannot use the server in the IPv4 addressing mode.
state: ${9|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
validate_certs: ${10:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
save_config: ${11:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
domainresolveretry: ${12:5} # not required. Time, in seconds, for which the NetScaler appliance must wait, after DNS resolution fails, before sending the next DNS query to resolve the domain name.,Minimum value = C(5),Maximum value = C(20939)
translationmask: ${13:undefined} # not required. The netmask of the translation ip.
nitro_timeout: ${14:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
disabled: ${15:false} # not required. When set to C(true) the server state will be set to C(disabled).,When set to C(false) the server state will be set to C(enabled).,Note that due to limitations of the underlying NITRO API a C(disabled) state change alone does not cause the module result to report a changed status.
nitro_protocol: ${16|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
translationip: ${17:undefined} # not required. IP address used to transform the server's DNS-resolved IP address.
graceful: ${18:undefined} # not required. Shut down gracefully, without accepting any new connections, and disabling each service when all of its connections are closed.,This option is meaningful only when setting the I(disabled) option to C(true)
td: ${19:undefined} # not required. Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.,Minimum value = C(0),Maximum value = C(4094)
ipaddress: ${20:undefined} # not required. IPv4 or IPv6 address of the server. If you create an IP address based server, you can specify the name of the server, instead of its IP address, when creating a service. Note: If you do not create a server entry, the server IP address that you enter when you create a service becomes the name of the server.
"""
'netscaler_service':
'prefix': "netscaler_service_snippet"
'description': "Manage service configuration in Netscaler"
'body': """
netscaler_service:
nitro_user: ${1:undefined} # required. The username with which to authenticate to the netscaler node.
nsip: ${2:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
comment: ${4:undefined} # not required. Any information about the service.
tcpb: ${5:undefined} # not required. Enable TCP buffering for the service.
cachetype: ${6|TRANSPARENT,REVERSE,FORWARD|} # not required. choices: TRANSPARENT;REVERSE;FORWARD. Cache type supported by the cache server.
ip: ${7:undefined} # not required. IP to assign to the service.,Minimum length = 1
servername: ${8:undefined} # not required. Name of the server that hosts the service.,Minimum length = 1
save_config: ${9:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
disabled: ${10:false} # not required. When set to C(yes) the service state will be set to DISABLED.,When set to C(no) the service state will be set to ENABLED.,Note that due to limitations of the underlying NITRO API a C(disabled) state change alone does not cause the module result to report a changed status.
nitro_protocol: ${11|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
maxreq: ${12:undefined} # not required. Maximum number of requests that can be sent on a persistent connection to the service.,Note: Connection requests beyond this value are rejected.,Minimum value = 0,Maximum value = 65535
monitor_bindings: ${13:undefined} # not required. A list of load balancing monitors to bind to this service.,Each monitor entry is a dictionary which may contain the following options.,Note that if not using the built in monitors they must first be setup.
maxbandwidth: ${14:undefined} # not required. Maximum bandwidth, in Kbps, allocated to the service.,Minimum value = 0,Maximum value = 4294967287
svrtimeout: ${15:undefined} # not required. Time, in seconds, after which to terminate an idle server connection.,Minimum value = 0,Maximum value = 31536000
port: ${16:undefined} # not required. Port number of the service.,Range 1 - 65535,* in CLI is represented as 65535 in NITRO API
clttimeout: ${17:undefined} # not required. Time, in seconds, after which to terminate an idle client connection.,Minimum value = 0,Maximum value = 31536000
servicetype: ${18|HTTP,FTP,TCP,UDP,SSL,SSL_BRIDGE,SSL_TCP,DTLS,NNTP,RPCSVR,DNS,ADNS,SNMP,RTSP,DHCPRA,ANY,SIP_UDP,SIP_TCP,SIP_SSL,DNS_TCP,ADNS_TCP,MYSQL,MSSQL,ORACLE,RADIUS,RADIUSListener,RDP,DIAMETER,SSL_DIAMETER,TFTP,SMPP,PPTP,GRE,SYSLOGTCP,SYSLOGUDP,FIX,SSL_FIX|} # not required. choices: HTTP;FTP;TCP;UDP;SSL;SSL_BRIDGE;SSL_TCP;DTLS;NNTP;RPCSVR;DNS;ADNS;SNMP;RTSP;DHCPRA;ANY;SIP_UDP;SIP_TCP;SIP_SSL;DNS_TCP;ADNS_TCP;MYSQL;MSSQL;ORACLE;RADIUS;RADIUSListener;RDP;DIAMETER;SSL_DIAMETER;TFTP;SMPP;PPTP;GRE;SYSLOGTCP;SYSLOGUDP;FIX;SSL_FIX. Protocol in which data is exchanged with the service.
cacheable: ${19:false} # not required. Use the transparent cache redirection virtual server to forward requests to the cache server.,Note: Do not specify this parameter if you set the Cache Type parameter.
cleartextport: ${20:undefined} # not required. Port to which clear text data must be sent after the appliance decrypts incoming SSL traffic. Applicable to transparent SSL services.,Minimum value = 1
maxclient: ${21:undefined} # not required. Maximum number of simultaneous open connections to the service.,Minimum value = 0,Maximum value = 4294967294
processlocal: ${22|enabled,disabled|} # not required. choices: enabled;disabled. By turning on this option packets destined to a service in a cluster will not under go any steering. Turn this option for single packet request response mode or when the upstream device is performing a proper RSS for connection based distribution.
graceful: ${23:false} # not required. Shut down gracefully, not accepting any new connections, and disabling the service when all of its connections are closed.
state: ${24|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
usip: ${25:undefined} # not required. Use the client's IP address as the source IP address when initiating a connection to the server. When creating a service, if you do not set this parameter, the service inherits the global Use Source IP setting (available in the enable ns mode and disable ns mode CLI commands, or in the System > Settings > Configure modes > Configure Modes dialog box). However, you can override this setting after you create the service.
netprofile: ${26:undefined} # not required. Network profile to use for the service.,Minimum length = 1,Maximum length = 127
customserverid: ${27:None} # not required. Unique identifier for the service. Used when the persistency type for the virtual server is set to Custom Server ID.
td: ${28:undefined} # not required. Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.,Minimum value = 0,Maximum value = 4094
httpprofilename: ${29:undefined} # not required. Name of the HTTP profile that contains HTTP configuration settings for the service.,Minimum length = 1,Maximum length = 127
pathmonitorindv: ${30:undefined} # not required. Individual Path monitoring decisions.
pathmonitor: ${31:undefined} # not required. Path monitoring for clustering.
appflowlog: ${32|enabled,disabled|} # not required. choices: enabled;disabled. Enable logging of AppFlow information.
rtspsessionidremap: ${33:false} # not required. Enable RTSP session ID mapping for the service.
monthreshold: ${34:undefined} # not required. Minimum sum of weights of the monitors that are bound to this service. Used to determine whether to mark a service as UP or DOWN.,Minimum value = 0,Maximum value = 65535
hashid: ${35:undefined} # not required. A numerical identifier that can be used by hash based load balancing methods. Must be unique for each service.,Minimum value = 1
serverid: ${36:undefined} # not required. The identifier for the service. This is used when the persistency type is set to Custom Server ID.
ipaddress: ${37:undefined} # not required. The new IP address of the service.
accessdown: ${38:false} # not required. Use Layer 2 mode to bridge the packets sent to this service if it is marked as DOWN. If the service is DOWN, and this parameter is disabled, the packets are dropped.
name: ${39:undefined} # not required. Name for the service. Must begin with an ASCII alphabetic or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space C( ), colon C(:), at C(@), equals C(=), and hyphen C(-) characters. Cannot be changed after the service has been created.,Minimum length = 1
tcpprofilename: ${40:undefined} # not required. Name of the TCP profile that contains TCP configuration settings for the service.,Minimum length = 1,Maximum length = 127
sp: ${41:undefined} # not required. Enable surge protection for the service.
downstateflush: ${42|enabled,disabled|} # not required. choices: enabled;disabled. Flush all active transactions associated with a service whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
cipheader: ${43:undefined} # not required. Name for the HTTP header whose value must be set to the IP address of the client. Used with the Client IP parameter. If you set the Client IP parameter, and you do not specify a name for the header, the appliance uses the header name specified for the global Client IP Header parameter (the cipHeader parameter in the set ns param CLI command or the Client IP Header parameter in the Configure HTTP Parameters dialog box at System > Settings > Change HTTP parameters). If the global Client IP Header parameter is not specified, the appliance inserts a header with the name \"client-ip.\".,Minimum length = 1
nitro_timeout: ${44:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
cip: ${45|enabled,disabled|} # not required. choices: enabled;disabled. Before forwarding a request to the service, insert an HTTP header with the client's IPv4 or IPv6 address as its value. Used if the server needs the client's IP address for security, accounting, or other purposes, and setting the Use Source IP parameter is not a viable option.
healthmonitor: ${46:true} # not required. Monitor the health of this service
useproxyport: ${47:undefined} # not required. Use the proxy port as the source port when initiating connections with the server. With the NO setting, the client-side connection port is used as the source port for the server-side connection.,Note: This parameter is available only when the Use Source IP (USIP) parameter is set to YES.
cka: ${48:undefined} # not required. Enable client keep-alive for the service.
cmp: ${49:undefined} # not required. Enable compression for the service.
validate_certs: ${50:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
dnsprofilename: ${51:undefined} # not required. Name of the DNS profile to be associated with the service. DNS profile properties will applied to the transactions processed by a service. This parameter is valid only for ADNS and ADNS-TCP services.,Minimum length = 1,Maximum length = 127
"""
'netscaler_servicegroup':
'prefix': "netscaler_servicegroup_snippet"
'description': "Manage service group configuration in Netscaler"
'body': """
netscaler_servicegroup:
nitro_user: ${1:undefined} # required. The username with which to authenticate to the netscaler node.
nsip: ${2:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
comment: ${4:undefined} # not required. Any information about the service group.
tcpb: ${5:undefined} # not required. Enable TCP buffering for the service group.
cachetype: ${6|TRANSPARENT,REVERSE,FORWARD|} # not required. choices: TRANSPARENT;REVERSE;FORWARD. Cache type supported by the cache server.
save_config: ${7:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
disabled: ${8:false} # not required. When set to C(yes) the service group state will be set to DISABLED.,When set to C(no) the service group state will be set to ENABLED.,Note that due to limitations of the underlying NITRO API a C(disabled) state change alone does not cause the module result to report a changed status.
nitro_protocol: ${9|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
maxreq: ${10:undefined} # not required. Maximum number of requests that can be sent on a persistent connection to the service group.,Note: Connection requests beyond this value are rejected.,Minimum value = C(0),Maximum value = C(65535)
maxbandwidth: ${11:undefined} # not required. Maximum bandwidth, in Kbps, allocated for all the services in the service group.,Minimum value = C(0),Maximum value = C(4294967287)
graceful: ${12:undefined} # not required. Wait for all existing connections to the service to terminate before shutting down the service.
svrtimeout: ${13:undefined} # not required. Time, in seconds, after which to terminate an idle server connection.,Minimum value = C(0),Maximum value = C(31536000)
clttimeout: ${14:undefined} # not required. Time, in seconds, after which to terminate an idle client connection.,Minimum value = C(0),Maximum value = C(31536000)
servicetype: ${15|HTTP,FTP,TCP,UDP,SSL,SSL_BRIDGE,SSL_TCP,DTLS,NNTP,RPCSVR,DNS,ADNS,SNMP,RTSP,DHCPRA,ANY,SIP_UDP,SIP_TCP,SIP_SSL,DNS_TCP,ADNS_TCP,MYSQL,MSSQL,ORACLE,RADIUS,RADIUSListener,RDP,DIAMETER,SSL_DIAMETER,TFTP,SMPP,PPTP,GRE,SYSLOGTCP,SYSLOGUDP,FIX,SSL_FIX|} # not required. choices: HTTP;FTP;TCP;UDP;SSL;SSL_BRIDGE;SSL_TCP;DTLS;NNTP;RPCSVR;DNS;ADNS;SNMP;RTSP;DHCPRA;ANY;SIP_UDP;SIP_TCP;SIP_SSL;DNS_TCP;ADNS_TCP;MYSQL;MSSQL;ORACLE;RADIUS;RADIUSListener;RDP;DIAMETER;SSL_DIAMETER;TFTP;SMPP;PPTP;GRE;SYSLOGTCP;SYSLOGUDP;FIX;SSL_FIX. Protocol used to exchange data with the service.
cacheable: ${16:undefined} # not required. Use the transparent cache redirection virtual server to forward the request to the cache server.,Note: Do not set this parameter if you set the Cache Type.
autoscale: ${17|DISABLED,DNS,POLICY|} # not required. choices: DISABLED;DNS;POLICY. Auto scale option for a servicegroup.
maxclient: ${18:undefined} # not required. Maximum number of simultaneous open connections for the service group.,Minimum value = C(0),Maximum value = C(4294967294)
monitorbindings: ${19:undefined} # not required. A list of monitornames to bind to this service,Note that the monitors must have already been setup possibly using the M(netscaler_lb_monitor) module or some other method
servicegroupname: ${20:undefined} # not required. Name of the service group. Must begin with an ASCII alphabetic or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space C( ), colon C(:), at C(@), equals C(=), and hyphen C(-) characters. Can be changed after the name is created.,Minimum length = 1
state: ${21|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
usip: ${22:undefined} # not required. Use client's IP address as the source IP address when initiating connection to the server. With the NO setting, which is the default, a mapped IP (MIP) address or subnet IP (SNIP) address is used as the source IP address to initiate server side connections.
netprofile: ${23:undefined} # not required. Network profile for the service group.,Minimum length = 1,Maximum length = 127
rtspsessionidremap: ${24:undefined} # not required. Enable RTSP session ID mapping for the service group.
httpprofilename: ${25:undefined} # not required. Name of the HTTP profile that contains HTTP configuration settings for the service group.,Minimum length = 1,Maximum length = 127
pathmonitorindv: ${26:undefined} # not required. Individual Path monitoring decisions.
pathmonitor: ${27:undefined} # not required. Path monitoring for clustering.
appflowlog: ${28|enabled,disabled|} # not required. choices: enabled;disabled. Enable logging of AppFlow information for the specified service group.
servicemembers: ${29:undefined} # not required. A list of dictionaries describing each service member of the service group.
monthreshold: ${30:undefined} # not required. Minimum sum of weights of the monitors that are bound to this service. Used to determine whether to mark a service as UP or DOWN.,Minimum value = C(0),Maximum value = C(65535)
memberport: ${31:undefined} # not required. member port.
cka: ${32:undefined} # not required. Enable client keep-alive for the service group.
tcpprofilename: ${33:undefined} # not required. Name of the TCP profile that contains TCP configuration settings for the service group.,Minimum length = 1,Maximum length = 127
sp: ${34:undefined} # not required. Enable surge protection for the service group.
downstateflush: ${35|enabled,disabled|} # not required. choices: enabled;disabled. Flush all active transactions associated with all the services in the service group whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
cipheader: ${36:undefined} # not required. Name of the HTTP header whose value must be set to the IP address of the client. Used with the Client IP parameter. If client IP insertion is enabled, and the client IP header is not specified, the value of Client IP Header parameter or the value set by the set ns config command is used as client's IP header name.,Minimum length = 1
nitro_timeout: ${37:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
cip: ${38|enabled,disabled|} # not required. choices: enabled;disabled. Insert the Client IP header in requests forwarded to the service.
healthmonitor: ${39:undefined} # not required. Monitor the health of this service. Available settings function as follows:,C(yes) - Send probes to check the health of the service.,C(no) - Do not send probes to check the health of the service. With the NO option, the appliance shows the service as UP at all times.
useproxyport: ${40:undefined} # not required. Use the proxy port as the source port when initiating connections with the server. With the NO setting, the client-side connection port is used as the source port for the server-side connection.,Note: This parameter is available only when the Use Source IP C(usip) parameter is set to C(yes).
validate_certs: ${41:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
cmp: ${42:undefined} # not required. Enable compression for the specified service.
"""
'netscaler_ssl_certkey':
'prefix': "netscaler_ssl_certkey_snippet"
'description': "Manage ssl cerificate keys."
'body': """
netscaler_ssl_certkey:
nsip: ${1:undefined} # required. The ip address of the netscaler appliance where the nitro API calls will be made.,The port can be specified with the colon (:). E.g. 192.168.1.1:555.
nitro_user: ${2:undefined} # required. The username with which to authenticate to the netscaler node.
nitro_pass: ${3:undefined} # required. The password with which to authenticate to the netscaler node.
certkey: ${4:undefined} # not required. Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore C(_) character, and must contain only ASCII alphanumeric, underscore C(_), hash C(#), period C(.), space C( ), colon C(:), at C(@), equals C(=), and hyphen C(-) characters. Cannot be changed after the certificate-key pair is created.,The following requirement applies only to the NetScaler CLI:,If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, \"my cert\" or 'my cert').,Minimum length = 1
nitro_protocol: ${5|http,https|} # not required. choices: http;https. Which protocol to use when accessing the nitro API objects.
passplain: ${6:undefined} # not required. Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format.,Minimum length = 1
save_config: ${7:true} # not required. If true the module will save the configuration on the netscaler node if it makes any changes.,The module will not save the configuration on the netscaler node if it made no changes.
inform: ${8|DER,PEM,PFX|} # not required. choices: DER;PEM;PFX. Input format of the certificate and the private-key files. The three formats supported by the appliance are:,PEM - Privacy Enhanced Mail,DER - Distinguished Encoding Rule,PFX - Personal Information Exchange.
cert: ${9:undefined} # not required. Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path.,Minimum length = 1
state: ${10|present,absent|} # not required. choices: present;absent. The state of the resource being configured by the module on the netscaler node.,When present the resource will be created if needed and configured according to the module's parameters.,When absent the resource will be deleted from the netscaler node.
key: ${11:undefined} # not required. Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path.,Minimum length = 1
notificationperiod: ${12:undefined} # not required. Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire.,Minimum value = C(10),Maximum value = C(100)
expirymonitor: ${13|enabled,disabled|} # not required. choices: enabled;disabled. Issue an alert when the certificate is about to expire.
password: ${14:undefined} # not required. Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format.
validate_certs: ${15:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
nitro_timeout: ${16:310} # not required. Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
"""
'newrelic_deployment':
'prefix': "newrelic_deployment_snippet"
'description': "Notify newrelic about app deployments"
'body': """
newrelic_deployment:
token: ${1:undefined} # required. API token, to place in the x-api-key header.
application_id: ${2:undefined} # not required. (one of app_name or application_id are required) The application id, found in the URL when viewing the application in RPM
description: ${3:undefined} # not required. Text annotation for the deployment - notes for you
changelog: ${4:undefined} # not required. A list of changes for this deployment
appname: ${5:undefined} # not required. Name of the application
environment: ${6:undefined} # not required. The environment for this deployment
user: ${7:undefined} # not required. The name of the user/process that triggered this deployment
revision: ${8:undefined} # not required. A revision number (e.g., git commit SHA)
validate_certs: ${9|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
app_name: ${10:undefined} # not required. (one of app_name or application_id are required) The value of app_name in the newrelic.yml file used by the application
"""
'nexmo':
'prefix': "nexmo_snippet"
'description': "Send a SMS via nexmo"
'body': """
nexmo:
dest: ${1:undefined} # required. Phone number(s) to send SMS message to
api_secret: ${2:undefined} # required. Nexmo API Secret
src: ${3:undefined} # required. Nexmo Number to send from
msg: ${4:undefined} # required. Message to text to send. Messages longer than 160 characters will be split into multiple messages
api_key: ${5:undefined} # required. Nexmo API Key
force: ${6:false} # not required. If C(yes) do not get a cached copy.
url_password: ${7:undefined} # not required. The password for use in HTTP basic authentication.,If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
force_basic_auth: ${8:false} # not required. Credentials specified with I(url_username) and I(url_password) should be passed in HTTP Header.
http_agent: ${9:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
client_key: ${10:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
use_proxy: ${11:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url: ${12:undefined} # not required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
url_username: ${13:undefined} # not required. The username for use in HTTP basic authentication.,This parameter can be used without I(url_password) for sites that allow empty passwords
validate_certs: ${14|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
client_cert: ${15:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
"""
'nginx_status_facts':
'prefix': "nginx_status_facts_snippet"
'description': "Retrieve nginx status facts."
'body': """
nginx_status_facts:
url: ${1:undefined} # required. URL of the nginx status.
timeout: ${2:10} # not required. HTTP connection timeout in seconds.
"""
'nios_dns_view':
'prefix': "nios_dns_view_snippet"
'description': "Configure Infoblox NIOS DNS views"
'body': """
nios_dns_view:
name: ${1:undefined} # required. Specifies the name of the DNS view to add and/or remove from the system configuration based on the setting of the C(state) argument.
network_view: ${2:default} # required. Specifies the name of the network view to assign the configured DNS view to. The network view must already be configured on the target system.
comment: ${3:undefined} # not required. Configures a text string comment to be associated with the instance of this object. The provided text string will be configured on the object instance.
extattrs: ${4:undefined} # not required. Allows for the configuration of Extensible Attributes on the instance of the object. This argument accepts a set of key / value pairs for configuration.
state: ${5|present,absent|} # not required. choices: present;absent. Configures the intended state of the instance of the object on the NIOS server. When this value is set to C(present), the object is configured on the device and when this value is set to C(absent) the value is removed (if necessary) from the device.
provider: ${6:null} # not required. A dict object containing connection details.
"""
'nios_host_record':
'prefix': "nios_host_record_snippet"
'description': "Configure Infoblox NIOS host records"
'body': """
nios_host_record:
name: ${1:null} # required. Specifies the fully qualified hostname to add or remove from the system
view: ${2:default} # required. Sets the DNS view to associate this host record with. The DNS view must already be configured on the system
comment: ${3:undefined} # not required. Configures a text string comment to be associated with the instance of this object. The provided text string will be configured on the object instance.
extattrs: ${4:undefined} # not required. Allows for the configuration of Extensible Attributes on the instance of the object. This argument accepts a set of key / value pairs for configuration.
ipv6addrs: ${5:null} # not required. Configures the IPv6 addresses for the host record. This argument accepts a list of values (see options)
provider: ${6:null} # not required. A dict object containing connection details.
state: ${7|present,absent|} # not required. choices: present;absent. Configures the intended state of the instance of the object on the NIOS server. When this value is set to C(present), the object is configured on the device and when this value is set to C(absent) the value is removed (if necessary) from the device.
ipv4addrs: ${8:null} # not required. Configures the IPv4 addresses for this host record. This argument accepts a list of values (see suboptions)
ttl: ${9:null} # not required. Configures the TTL to be associated with this host record
"""
'nios_network':
'prefix': "nios_network_snippet"
'description': "Configure Infoblox NIOS network object"
'body': """
nios_network:
network: ${1:null} # required. Specifies the network to add or remove from the system. The value should use CIDR notation.
network_view: ${2:default} # required. Configures the name of the network view to associate with this configured instance.
comment: ${3:null} # not required. Configures a text string comment to be associated with the instance of this object. The provided text string will be configured on the object instance.
state: ${4|present,absent|} # not required. choices: present;absent. Configures the intended state of the instance of the object on the NIOS server. When this value is set to C(present), the object is configured on the device and when this value is set to C(absent) the value is removed (if necessary) from the device.
extattrs: ${5:null} # not required. Allows for the configuration of Extensible Attributes on the instance of the object. This argument accepts a set of key / value pairs for configuration.
provider: ${6:null} # not required. A dict object containing connection details.
options: ${7:null} # not required. Configures the set of DHCP options to be included as part of the configured network instance. This argument accepts a list of values (see suboptions). When configuring suboptions at least one of C(name) or C(num) must be specified.
"""
'nios_network_view':
'prefix': "nios_network_view_snippet"
'description': "Configure Infoblox NIOS network views"
'body': """
nios_network_view:
name: ${1:undefined} # required. Specifies the name of the network view to either add or remove from the configuration.
comment: ${2:null} # not required. Configures a text string comment to be associated with the instance of this object. The provided text string will be configured on the object instance.
state: ${3|present,absent|} # not required. choices: present;absent. Configures the intended state of the instance of the object on the NIOS server. When this value is set to C(present), the object is configured on the device and when this value is set to C(absent) the value is removed (if necessary) from the device.
provider: ${4:null} # not required. A dict object containing connection details.
extattrs: ${5:null} # not required. Allows for the configuration of Extensible Attributes on the instance of the object. This argument accepts a set of key / value pairs for configuration.
"""
'nios_zone':
'prefix': "nios_zone_snippet"
'description': "Configure Infoblox NIOS DNS zones"
'body': """
nios_zone:
fqdn: ${1:null} # required. Specifies the qualified domain name to either add or remove from the NIOS instance based on the configured C(state) value.
view: ${2:default} # required. Configures the DNS view name for the configured resource. The specified DNS zone must already exist on the running NIOS instance prior to configuring zones.
comment: ${3:undefined} # not required. Configures a text string comment to be associated with the instance of this object. The provided text string will be configured on the object instance.
state: ${4|present,absent|} # not required. choices: present;absent. Configures the intended state of the instance of the object on the NIOS server. When this value is set to C(present), the object is configured on the device and when this value is set to C(absent) the value is removed (if necessary) from the device.
provider: ${5:null} # not required. A dict object containing connection details.
grid_primary: ${6:undefined} # not required. Configures the grid primary servers for this zone.
extattrs: ${7:undefined} # not required. Allows for the configuration of Extensible Attributes on the instance of the object. This argument accepts a set of key / value pairs for configuration.
grid_secondaries: ${8:undefined} # not required. Configures the grid secondary servers for this zone.
"""
'nmcli':
'prefix': "nmcli_snippet"
'description': "Manage Networking"
'body': """
nmcli:
conn_name: ${1:undefined} # required. Where conn_name will be the name used to call the connection. when not provided a default name is generated: <type>[-<ifname>][-<num>]
state: ${2|present,absent|} # required. choices: present;absent. Whether the device should exist or not, taking action if the state is different from what is stated.
ingress: ${3:None} # not required. This is only used with VLAN - VLAN ingress priority mapping
slavepriority: ${4:32} # not required. This is only used with 'bridge-slave' - [<0-63>] - STP priority of this slave
path_cost: ${5:100} # not required. This is only used with 'bridge-slave' - [<1-65535>] - STP port cost for destinations via this slave
vlandev: ${6:None} # not required. This is only used with VLAN - parent device this VLAN is on, can use ifname
forwarddelay: ${7:15} # not required. This is only used with bridge - [forward-delay <2-30>] STP forwarding delay, in seconds
primary: ${8:None} # not required. This is only used with bond and is the primary interface name (for \"active-backup\" mode), this is the usually the 'ifname"
hairpin: ${9:true} # not required. This is only used with 'bridge-slave' - 'hairpin mode' for the slave, which allows frames to be sent back out through the slave the frame was received on.
egress: ${10:None} # not required. This is only used with VLAN - VLAN egress priority mapping
ageingtime: ${11:300} # not required. This is only used with bridge - [ageing-time <0-1000000>] the Ethernet MAC address aging time, in seconds
dns4: ${12:None} # not required. A list of upto 3 dns servers, ipv4 format e.g. To add two IPv4 DNS server addresses: \"192.0.2.53 198.51.100.53\"
dns4_search: ${13:None} # not required. A list of DNS search domains.
arp_ip_target: ${14:None} # not required. This is only used with bond - ARP IP target
dhcp_client_id: ${15:None} # not required. DHCP Client Identifier sent to the DHCP server.
maxage: ${16:20} # not required. This is only used with bridge - [max-age <6-42>] STP maximum message age, in seconds
vlanid: ${17:None} # not required. This is only used with VLAN - VLAN ID in range <0-4095>
priority: ${18:128} # not required. This is only used with 'bridge' - sets STP priority
gw4: ${19:undefined} # not required. The IPv4 gateway for this interface using this format ie: \"192.0.2.1\"
gw6: ${20:None} # not required. The IPv6 gateway for this interface using this format ie: \"2001:db8::1\"
master: ${21:None} # not required. master <master (ifname, or connection UUID or conn_name) of bridge, team, bond master connection profile.
stp: ${22:None} # not required. This is only used with bridge and controls whether Spanning Tree Protocol (STP) is enabled for this bridge
ifname: ${23:conn_name} # not required. Where IFNAME will be the what we call the interface name.,interface to bind the connection to. The connection will only be applicable to this interface name.,A special value of \"*\" can be used for interface-independent connections.,The ifname argument is mandatory for all connection types except bond, team, bridge and vlan.
type: ${24|ethernet,team,team-slave,bond,bond-slave,bridge,bridge-slave,vlan,generic|} # not required. choices: ethernet;team;team-slave;bond;bond-slave;bridge;bridge-slave;vlan;generic. This is the type of device or network connection that you wish to create or modify.,type C(generic) is added in version 2.5.
miimon: ${25:100} # not required. This is only used with bond - miimon
hellotime: ${26:2} # not required. This is only used with bridge - [hello-time <1-10>] STP hello time, in seconds
downdelay: ${27:None} # not required. This is only used with bond - downdelay
mac: ${28:None} # not required. This is only used with bridge - MAC address of the bridge (note: this requires a recent kernel feature, originally introduced in 3.15 upstream kernel)\n
ip6: ${29:None} # not required. The IPv6 address to this interface using this format ie: \"abbe::cafe\"
ip4: ${30:None} # not required. The IPv4 address to this interface using this format ie: \"192.0.2.24/24\"
autoconnect: ${31:true} # not required. Whether the connection should start on boot.,Whether the connection profile can be automatically activated
dns6_search: ${32:None} # not required. A list of DNS search domains.
dns6: ${33:undefined} # not required. A list of upto 3 dns servers, ipv6 format e.g. To add two IPv6 DNS server addresses: \"2001:4860:4860::8888 2001:4860:4860::8844\"
mtu: ${34:1500} # not required. The connection MTU, e.g. 9000. This can't be applied when creating the interface and is done once the interface has been created.,Can be used when modifying Team, VLAN, Ethernet (Future plans to implement wifi, pppoe, infiniband)
arp_interval: ${35:None} # not required. This is only used with bond - ARP interval
flags: ${36:None} # not required. This is only used with VLAN - flags
mode: ${37|balance-rr,active-backup,balance-xor,broadcast,802.3ad,balance-tlb,balance-alb|} # not required. choices: balance-rr;active-backup;balance-xor;broadcast;802.3ad;balance-tlb;balance-alb. This is the type of device or network connection that you wish to create for a bond, team or bridge.
updelay: ${38:None} # not required. This is only used with bond - updelay
"""
'nosh':
'prefix': "nosh_snippet"
'description': "Manage services with nosh"
'body': """
nosh:
name: ${1:undefined} # required. Name of the service to manage.
state: ${2|started,stopped,reset,restarted,reloaded|} # not required. choices: started;stopped;reset;restarted;reloaded. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service. C(reloaded) will send a SIGHUP or start the service. C(reset) will start or stop the service according to whether it is enabled or not.
preset: ${3|yes,no|} # not required. choices: yes;no. Enable or disable the service according to local preferences in *.preset files. Mutually exclusive with I(enabled). Only has an effect if set to true. Will take effect prior to I(state=reset).
enabled: ${4|yes,no|} # not required. choices: yes;no. Enable or disable the service, independently of C(*.preset) file preference or running state. Mutually exclusive with I(preset). Will take effect prior to I(state=reset).
user: ${5|yes,no|} # not required. choices: yes;no. Run system-control talking to the calling user's service manager, rather than the system-wide service manager.
"""
'npm':
'prefix': "npm_snippet"
'description': "Manage node.js packages with npm"
'body': """
npm:
executable: ${1:undefined} # not required. The executable location for npm.,This is useful if you are using a version manager, such as nvm
name: ${2:undefined} # not required. The name of a node.js library to install
global: ${3|yes,no|} # not required. choices: yes;no. Install the node.js library globally
ignore_scripts: ${4|yes,no|} # not required. choices: yes;no. Use the --ignore-scripts flag when installing.
state: ${5|present,absent,latest|} # not required. choices: present;absent;latest. The state of the node.js library
production: ${6|yes,no|} # not required. choices: yes;no. Install dependencies in production mode, excluding devDependencies
registry: ${7:undefined} # not required. The registry to install modules from.
version: ${8:undefined} # not required. The version to be installed
path: ${9:undefined} # not required. The base path where to install the node.js libraries
"""
'nso_action':
'prefix': "nso_action_snippet"
'description': "Executes Cisco NSO actions and verifies output."
'body': """
nso_action:
username: ${1:undefined} # required. NSO username
url: ${2:undefined} # required. NSO JSON-RPC URL, http://localhost:8080/jsonrpc
path: ${3:undefined} # required. Path to NSO action.
password: ${4:undefined} # required. NSO password
output_invalid: ${5:undefined} # not required. List of result parameter names that will cause the task to fail if they are present.\n
output_required: ${6:undefined} # not required. Required output parameters.\n
input: ${7:undefined} # not required. NSO action parameters.\n
validate_strict: ${8:undefined} # not required. If set to true, the task will fail if any output parameters not in output_required is present in the output.\n
"""
'nso_config':
'prefix': "nso_config_snippet"
'description': "Manage Cisco NSO configuration and service synchronization."
'body': """
nso_config:
url: ${1:undefined} # required. NSO JSON-RPC URL, http://localhost:8080/jsonrpc
username: ${2:undefined} # required. NSO username
password: ${3:undefined} # required. NSO password
data: ${4:undefined} # required. NSO data in format as | display json converted to YAML. List entries can be annotated with a __state entry. Set to in-sync/deep-in-sync for services to verify service is in sync with the network. Set to absent in list entries to ensure they are deleted if they exist in NSO.\n
"""
'nso_query':
'prefix': "nso_query_snippet"
'description': "Query data from Cisco NSO."
'body': """
nso_query:
xpath: ${1:undefined} # required. XPath selection relative to the root.
fields: ${2:undefined} # required. List of fields to select from matching nodes.\n
username: ${3:undefined} # required. NSO username
password: ${4:undefined} # required. NSO password
url: ${5:undefined} # required. NSO JSON-RPC URL, http://localhost:8080/jsonrpc
"""
'nso_show':
'prefix': "nso_show_snippet"
'description': "Displays data from Cisco NSO."
'body': """
nso_show:
url: ${1:undefined} # required. NSO JSON-RPC URL, http://localhost:8080/jsonrpc
path: ${2:undefined} # required. Path to NSO data.
username: ${3:undefined} # required. NSO username
password: ${4:undefined} # required. NSO password
operational: ${5:false} # not required. Controls whether or not operational data is included in the result.\n
"""
'nso_verify':
'prefix': "nso_verify_snippet"
'description': "Verifies Cisco NSO configuration."
'body': """
nso_verify:
url: ${1:undefined} # required. NSO JSON-RPC URL, http://localhost:8080/jsonrpc
username: ${2:undefined} # required. NSO username
password: ${3:undefined} # required. NSO password
data: ${4:undefined} # required. NSO data in format as C(| display json) converted to YAML. List entries can be annotated with a C(__state) entry. Set to in-sync/deep-in-sync for services to verify service is in sync with the network. Set to absent in list entries to ensure they are deleted if they exist in NSO.\n
"""
'nsupdate':
'prefix': "nsupdate_snippet"
'description': "Manage DNS records."
'body': """
nsupdate:
zone: ${1:undefined} # required. DNS record will be modified on this C(zone).
server: ${2:undefined} # required. Apply DNS modification on this server.
record: ${3:undefined} # required. Sets the DNS record to modify.
key_algorithm: ${4|HMAC-MD5.SIG-ALG.REG.INT,hmac-md5,hmac-sha1,hmac-sha224,hmac-sha256,hamc-sha384,hmac-sha512|} # not required. choices: HMAC-MD5.SIG-ALG.REG.INT;hmac-md5;hmac-sha1;hmac-sha224;hmac-sha256;hamc-sha384;hmac-sha512. Specify key algorithm used by C(key_secret).
key_name: ${5:undefined} # not required. Use TSIG key name to authenticate against DNS C(server)
value: ${6:None} # not required. Sets the record value.
state: ${7|present,absent|} # not required. choices: present;absent. Manage DNS record.
ttl: ${8:3600} # not required. Sets the record TTL.
type: ${9:A} # not required. Sets the record type.
port: ${10:53} # not required. Use this TCP port when connecting to C(server).
key_secret: ${11:undefined} # not required. Use TSIG key secret, associated with C(key_name), to authenticate against C(server)
"""
'nuage_vspk':
'prefix': "nuage_vspk_snippet"
'description': "Manage Nuage VSP environments"
'body': """
nuage_vspk:
auth: ${1:null} # required. Dict with the authentication information required to connect to a Nuage VSP environment.,Requires a I(api_username) parameter (example csproot).,Requires either a I(api_password) parameter (example csproot) or a I(api_certificate) and I(api_key) parameters, which point to the certificate and key files for certificate based authentication.,Requires a I(api_enterprise) parameter (example csp).,Requires a I(api_url) parameter (example https://10.0.0.10:8443).,Requires a I(api_version) parameter (example v4_0).
type: ${2:null} # required. The type of entity you want to work on (example Enterprise).,This should match the objects CamelCase class name in VSPK-Python.,This Class name can be found on U(https://nuagenetworks.github.io/vspkdoc/index.html).
parent_type: ${3:null} # not required. The type of parent the ID is specified for (example Enterprise).,This should match the objects CamelCase class name in VSPK-Python.,This Class name can be found on U(https://nuagenetworks.github.io/vspkdoc/index.html).,If specified, I(parent_id) also needs to be specified.
properties: ${4:null} # not required. Properties are the key, value pairs of the different properties an entity has.,If no I(id) and no I(match_filter) is specified, these are used to find or determine if the entity exists.
match_filter: ${5:null} # not required. A filter used when looking (both in I(command) and I(state) for entities, in the format the Nuage VSP API expects.,If I(match_filter) is defined, it will take precedence over the I(properties), but not on the I(id)
parent_id: ${6:null} # not required. The ID of the parent of the entity you want to work on.,When I(state) is specified, the entity will be gathered from this parent, if it exists, unless an I(id) is specified.,When I(command=find) is specified, the entity will be searched for in this parent, unless an I(id) is specified.,If specified, I(parent_type) also needs to be specified.
state: ${7|present,absent|} # not required. choices: present;absent. Specifies the desired state of the entity.,If I(state=present), in case the entity already exists, will update the entity if it is needed.,If I(state=present), in case the relationship with the parent is a member relationship, will assign the entity as a member of the parent.,If I(state=absent), in case the relationship with the parent is a member relationship, will unassign the entity as a member of the parent.,Either I(state) or I(command) needs to be defined, both can not be defined at the same time.
command: ${8|find,change_password,wait_for_job,get_csp_enterprise|} # not required. choices: find;change_password;wait_for_job;get_csp_enterprise. Specifies a command to be executed.,With I(command=find), if I(parent_id) and I(parent_type) are defined, it will only search within the parent. Otherwise, if allowed, will search in the root object.,With I(command=find), if I(id) is specified, it will only return the single entity matching the id.,With I(command=find), otherwise, if I(match_filter) is define, it will use that filter to search.,With I(command=find), otherwise, if I(properties) are defined, it will do an AND search using all properties.,With I(command=change_password), a password of a user can be changed. Warning - In case the password is the same as the existing, it will throw an error.,With I(command=wait_for_job), the module will wait for a job to either have a status of SUCCESS or ERROR. In case an ERROR status is found, the module will exit with an error.,With I(command=wait_for_job), the job will always be returned, even if the state is ERROR situation.,Either I(state) or I(command) needs to be defined, both can not be defined at the same time.
id: ${9:null} # not required. The ID of the entity you want to work on.,In combination with I(command=find), it will only return the single entity.,In combination with I(state), it will either update or delete this entity.,Will take precedence over I(match_filter) and I(properties) whenever an entity needs to be found.
children: ${10:null} # not required. Can be used to specify a set of child entities.,A mandatory property of each child is the I(type).,Supported optional properties of each child are I(id), I(properties) and I(match_filter).,The function of each of these properties is the same as in the general task definition.,This can be used recursively,Only useable in case I(state=present).
"""
'nxos_aaa_server':
'prefix': "nxos_aaa_server_snippet"
'description': "Manages AAA server global configuration."
'body': """
nxos_aaa_server:
state: ${1|present,default|} # required. choices: present;default. Manage the state of the resource.
server_type: ${2|radius,tacacs|} # required. choices: radius;tacacs. The server type is either radius or tacacs.
server_timeout: ${3:undefined} # not required. Global AAA server timeout period, in seconds or keyword 'default. Range is 1-60. Device default is 5.
deadtime: ${4:null} # not required. Duration for which a non-reachable AAA server is skipped, in minutes or keyword 'default. Range is 1-1440. Device default is 0.
directed_request: ${5|enabled,disabled|} # not required. choices: enabled;disabled. Enables direct authentication requests to AAA server or keyword 'default' Device default is disabled.
encrypt_type: ${6|0,7|} # not required. choices: 0;7. The state of encryption applied to the entered global key. O clear text, 7 encrypted. Type-6 encryption is not supported.
global_key: ${7:undefined} # not required. Global AAA shared secret or keyword 'default'.
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_aaa_server_host':
'prefix': "nxos_aaa_server_host_snippet"
'description': "Manages AAA server host-specific configuration."
'body': """
nxos_aaa_server_host:
server_type: ${1|radius,tacacs|} # required. choices: radius;tacacs. The server type is either radius or tacacs.
address: ${2:undefined} # required. Address or name of the radius or tacacs host.
encrypt_type: ${3|0,7|} # not required. choices: 0;7. The state of encryption applied to the entered key. O for clear text, 7 for encrypted. Type-6 encryption is not supported.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
auth_port: ${5:undefined} # not required. Alternate UDP port for RADIUS authentication or keyword 'default'.
tacacs_port: ${6:undefined} # not required. Alternate TCP port TACACS Server or keyword 'default'.
host_timeout: ${7:undefined} # not required. Timeout period for specified host, in seconds or keyword 'default. Range is 1-60.
state: ${8|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
key: ${9:undefined} # not required. Shared secret for the specified host or keyword 'default'.
acct_port: ${10:undefined} # not required. Alternate UDP port for RADIUS accounting or keyword 'default'.
"""
'nxos_acl':
'prefix': "nxos_acl_snippet"
'description': "Manages access list entries for ACLs."
'body': """
nxos_acl:
name: ${1:undefined} # required. Case sensitive name of the access list (ACL).
src_port_op: ${2|any,eq,gt,lt,neq,range|} # not required. choices: any;eq;gt;lt;neq;range. Source port operands such as eq, neq, gt, lt, range.
psh: ${3|enable|} # not required. choices: enable. Match on the PSH bit.
seq: ${4:null} # not required. Sequence number of the entry (ACE).
src: ${5:null} # not required. Source ip and mask using IP/MASK notation and supports keyword 'any'.
dest: ${6:null} # not required. Destination ip and mask using IP/MASK notation and supports the keyword 'any'.
syn: ${7|enable|} # not required. choices: enable. Match on the SYN bit.
dscp: ${8|af11,af12,af13,af21,af22,af23,af31,af32,af33,af41,af42,af43,cs1,cs2,cs3,cs4,cs5,cs6,cs7,default,ef|} # not required. choices: af11;af12;af13;af21;af22;af23;af31;af32;af33;af41;af42;af43;cs1;cs2;cs3;cs4;cs5;cs6;cs7;default;ef. Match packets with given dscp value.
time_range: ${9:null} # not required. Name of time-range to apply.
dest_port_op: ${10|any,eq,gt,lt,neq,range|} # not required. choices: any;eq;gt;lt;neq;range. Destination port operands such as eq, neq, gt, lt, range.
rst: ${11|enable|} # not required. choices: enable. Match on the RST bit.
dest_port2: ${12:null} # not required. Second (end) port when using range operand.
established: ${13|enable|} # not required. choices: enable. Match established connections.
remark: ${14:null} # not required. If action is set to remark, this is the description.
urg: ${15|enable|} # not required. choices: enable. Match on the URG bit.
log: ${16|enable|} # not required. choices: enable. Log matches against this entry.
proto: ${17:null} # not required. Port number or protocol (as supported by the switch).
ack: ${18|enable|} # not required. choices: enable. Match on the ACK bit.
src_port1: ${19:null} # not required. Port/protocol and also first (lower) port when using range operand.
precedence: ${20|critical,flash,flash-override,immediate,internet,network,priority,routine|} # not required. choices: critical;flash;flash-override;immediate;internet;network;priority;routine. Match packets with given precedence.
state: ${21|present,absent,delete_acl|} # not required. choices: present;absent;delete_acl. Specify desired state of the resource.
provider: ${22:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
action: ${23|permit,deny,remark|} # not required. choices: permit;deny;remark. Action of the ACE.
dest_port1: ${24:null} # not required. Port/protocol and also first (lower) port when using range operand.
fragments: ${25|enable|} # not required. choices: enable. Check non-initial fragments.
fin: ${26|enable|} # not required. choices: enable. Match on the FIN bit.
src_port2: ${27:null} # not required. Second (end) port when using range operand.
"""
'nxos_acl_interface':
'prefix': "nxos_acl_interface_snippet"
'description': "Manages applying ACLs to interfaces."
'body': """
nxos_acl_interface:
interface: ${1:undefined} # required. Full name of interface, e.g. I(Ethernet1/1).
direction: ${2|ingress,egress|} # required. choices: ingress;egress. Direction ACL to be applied in on the interface.
name: ${3:undefined} # required. Case sensitive name of the access list (ACL).
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
state: ${5|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
"""
'nxos_banner':
'prefix': "nxos_banner_snippet"
'description': "Manage multiline banners on Cisco NXOS devices"
'body': """
nxos_banner:
banner: ${1|exec,motd|} # required. choices: exec;motd. Specifies which banner that should be configured on the remote device.
text: ${2:null} # not required. The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires I(state=present).
state: ${3|present,absent|} # not required. choices: present;absent. Specifies whether or not the configuration is present in the current devices active running configuration.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_bgp':
'prefix': "nxos_bgp_snippet"
'description': "Manages BGP configuration."
'body': """
nxos_bgp:
asn: ${1:undefined} # required. BGP autonomous system number. Valid values are String, Integer in ASPLAIN or ASDOT notation.
neighbor_down_fib_accelerate: ${2|true,false|} # not required. choices: true;false. Enable/Disable handle BGP neighbor down event, due to various reasons.
confederation_peers: ${3:null} # not required. AS confederation parameters.
confederation_id: ${4:null} # not required. Routing domain confederation AS.
event_history_cli: ${5|size_small,size_medium,size_large,size_disable,default|} # not required. choices: size_small;size_medium;size_large;size_disable;default. Enable/Disable cli event history buffer.
bestpath_always_compare_med: ${6|true,false|} # not required. choices: true;false. Enable/Disable MED comparison on paths from different autonomous systems.
cluster_id: ${7:null} # not required. Route Reflector Cluster-ID.
shutdown: ${8|true,false|} # not required. choices: true;false. Administratively shutdown the BGP protocol.
log_neighbor_changes: ${9|true,false|} # not required. choices: true;false. Enable/Disable message logging for neighbor up/down event.
bestpath_aspath_multipath_relax: ${10|true,false|} # not required. choices: true;false. Enable/Disable load sharing across the providers with different (but equal-length) AS paths.
graceful_restart_timers_stalepath_time: ${11:null} # not required. Set maximum time that BGP keeps the stale routes from the restarting BGP peer.
maxas_limit: ${12:null} # not required. Specify Maximum number of AS numbers allowed in the AS-path attribute. Valid values are between 1 and 512.
bestpath_med_confed: ${13|true,false|} # not required. choices: true;false. Enable/Disable enforcement of bestpath to do a MED comparison only between paths originated within a confederation.
isolate: ${14|true,false|} # not required. choices: true;false. Enable/Disable isolate this router from BGP perspective.
timer_bgp_keepalive: ${15:null} # not required. Set BGP keepalive timer.
bestpath_cost_community_ignore: ${16|true,false|} # not required. choices: true;false. Enable/Disable Ignores the cost community for BGP best-path calculations.
fast_external_fallover: ${17|true,false|} # not required. choices: true;false. Enable/Disable immediately reset the session if the link to a directly connected BGP peer goes down. Only supported in the global BGP context.
state: ${18|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
disable_policy_batching: ${19|true,false|} # not required. choices: true;false. Enable/Disable the batching evaluation of prefix advertisement to all peers.
suppress_fib_pending: ${20|true,false|} # not required. choices: true;false. Enable/Disable advertise only routes programmed in hardware to peers.
bestpath_med_missing_as_worst: ${21|true,false|} # not required. choices: true;false. Enable/Disable assigns the value of infinity to received routes that do not carry the MED attribute, making these routes the least desirable.
router_id: ${22:null} # not required. Router Identifier (ID) of the BGP router VRF instance.
timer_bestpath_limit: ${23:null} # not required. Specify timeout for the first best path after a restart, in seconds.
bestpath_compare_neighborid: ${24|true,false|} # not required. choices: true;false. Enable/Disable neighborid. Use this when more paths available than max path config.
provider: ${25:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
local_as: ${26:null} # not required. Local AS number to be used within a VRF instance.
event_history_periodic: ${27|size_small,size_medium,size_large,size_disable,default|} # not required. choices: size_small;size_medium;size_large;size_disable;default. Enable/Disable periodic event history buffer.
disable_policy_batching_ipv4_prefix_list: ${28:null} # not required. Enable/Disable the batching evaluation of prefix advertisements to all peers with prefix list.
vrf: ${29:null} # not required. Name of the VRF. The name 'default' is a valid VRF representing the global BGP.
graceful_restart_helper: ${30|true,false|} # not required. choices: true;false. Enable/Disable graceful restart helper mode.
timer_bgp_hold: ${31:null} # not required. Set BGP hold timer.
event_history_events: ${32|size_small,size_medium,size_large,size_disable,default|} # not required. choices: size_small;size_medium;size_large;size_disable;default. Enable/Disable event history buffer.
disable_policy_batching_ipv6_prefix_list: ${33:undefined} # not required. Enable/Disable the batching evaluation of prefix advertisements to all peers with prefix list.
event_history_detail: ${34|size_small,size_medium,size_large,size_disable,default|} # not required. choices: size_small;size_medium;size_large;size_disable;default. Enable/Disable detail event history buffer.
graceful_restart: ${35|true,false|} # not required. choices: true;false. Enable/Disable graceful restart.
flush_routes: ${36|true,false|} # not required. choices: true;false. Enable/Disable flush routes in RIB upon controlled restart. On NX-OS, this property is only supported in the global BGP context.
enforce_first_as: ${37|true,false|} # not required. choices: true;false. Enable/Disable enforces the neighbor autonomous system to be the first AS number listed in the AS path attribute for eBGP. On NX-OS, this property is only supported in the global BGP context.
bestpath_med_non_deterministic: ${38|true,false|} # not required. choices: true;false. Enable/Disable deterministic selection of the best MED pat from among the paths from the same autonomous system.
reconnect_interval: ${39:null} # not required. The BGP reconnection interval for dropped sessions. Valid values are between 1 and 60.
graceful_restart_timers_restart: ${40:null} # not required. Set maximum time for a restart sent to the BGP peer.
bestpath_compare_routerid: ${41|true,false|} # not required. choices: true;false. Enable/Disable comparison of router IDs for identical eBGP paths.
"""
'nxos_bgp_af':
'prefix': "nxos_bgp_af_snippet"
'description': "Manages BGP Address-family configuration."
'body': """
nxos_bgp_af:
afi: ${1|ipv4,ipv6,vpnv4,vpnv6,l2vpn|} # required. choices: ipv4;ipv6;vpnv4;vpnv6;l2vpn. Address Family Identifier.
safi: ${2|unicast,multicast,evpn|} # required. choices: unicast;multicast;evpn. Sub Address Family Identifier.
vrf: ${3:undefined} # required. Name of the VRF. The name 'default' is a valid VRF representing the global bgp.
asn: ${4:undefined} # required. BGP autonomous system number. Valid values are String, Integer in ASPLAIN or ASDOT notation.
dampening_max_suppress_time: ${5:null} # not required. Specify max suppress time for route-flap dampening stable route. Valid values are integer and keyword 'default'.
additional_paths_send: ${6|true,false|} # not required. choices: true;false. Enables the send capability of additional paths for all of the neighbors under this address family for which the capability has not been disabled.
additional_paths_install: ${7|true,false|} # not required. choices: true;false. Install a backup path into the forwarding table and provide prefix independent convergence (PIC) in case of a PE-CE link failure.
dampening_state: ${8|true,false|} # not required. choices: true;false. Enable/disable route-flap dampening.
additional_paths_receive: ${9|true,false|} # not required. choices: true;false. Enables the receive capability of additional paths for all of the neighbors under this address family for which the capability has not been disabled.
suppress_inactive: ${10|true,false|} # not required. choices: true;false. Advertises only active routes to peers.
dampening_routemap: ${11:null} # not required. Specify route-map for route-flap dampening. Valid values are a string defining the name of the route-map.
distance_ibgp: ${12:null} # not required. Sets the administrative distance for iBGP routes. Valid values are Integer or keyword 'default'.
distance_local: ${13:null} # not required. Sets the administrative distance for local BGP routes. Valid values are Integer or keyword 'default'.
advertise_l2vpn_evpn: ${14|true,false|} # not required. choices: true;false. Advertise evpn routes.
default_information_originate: ${15|true,false|} # not required. choices: true;false. Default information originate.
networks: ${16:null} # not required. Networks to configure. Valid value is a list of network prefixes to advertise. The list must be in the form of an array. Each entry in the array must include a prefix address and an optional route-map. For example [['10.0.0.0/16', 'routemap_LA'], ['192.168.1.1', 'Chicago'], ['192.168.2.0/24'], ['192.168.3.0/24', 'routemap_NYC']].
state: ${17|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
next_hop_route_map: ${18:null} # not required. Configure a route-map for valid nexthops. Valid values are a string defining the name of the route-map.
provider: ${19:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
table_map_filter: ${20|true,false|} # not required. choices: true;false. Filters routes rejected by the route-map and does not download them to the RIB.
default_metric: ${21:null} # not required. Sets default metrics for routes redistributed into BGP. Valid values are Integer or keyword 'default"
client_to_client: ${22|true,false|} # not required. choices: true;false. Configure client-to-client route reflection.
dampen_igp_metric: ${23:null} # not required. Specify dampen value for IGP metric-related changes, in seconds. Valid values are integer and keyword 'default'.
additional_paths_selection: ${24:null} # not required. Configures the capability of selecting additional paths for a prefix. Valid values are a string defining the name of the route-map.
maximum_paths_ibgp: ${25:null} # not required. Configures the maximum number of ibgp equal-cost paths for load sharing. Valid value is an integer in the range 1-64.
distance_ebgp: ${26:null} # not required. Sets the administrative distance for eBGP routes. Valid values are Integer or keyword 'default'.
redistribute: ${27:null} # not required. A list of redistribute directives. Multiple redistribute entries are allowed. The list must be in the form of a nested array. the first entry of each array defines the source-protocol to redistribute from; the second entry defines a route-map name. A route-map is highly advised but may be optional on some platforms, in which case it may be omitted from the array list. For example [['direct', 'rm_direct'], ['lisp', 'rm_lisp']].
dampening_reuse_time: ${28:undefined} # not required. Specify route reuse time for route-flap dampening. Valid values are integer and keyword 'default'.
maximum_paths: ${29:null} # not required. Configures the maximum number of equal-cost paths for load sharing. Valid value is an integer in the range 1-64.
inject_map: ${30:null} # not required. An array of route-map names which will specify prefixes to inject. Each array entry must first specify the inject-map name, secondly an exist-map name, and optionally the copy-attributes keyword which indicates that attributes should be copied from the aggregate. For example [['lax_inject_map', 'lax_exist_map'], ['nyc_inject_map', 'nyc_exist_map', 'copy-attributes'], ['fsd_inject_map', 'fsd_exist_map']].
dampening_suppress_time: ${31:null} # not required. Specify route suppress time for route-flap dampening. Valid values are integer and keyword 'default'.
table_map: ${32:null} # not required. Apply table-map to filter routes downloaded into URIB. Valid values are a string.
dampening_half_time: ${33:null} # not required. Specify decay half-life in minutes for route-flap dampening. Valid values are integer and keyword 'default'.
"""
'nxos_bgp_neighbor':
'prefix': "nxos_bgp_neighbor_snippet"
'description': "Manages BGP neighbors configurations."
'body': """
nxos_bgp_neighbor:
asn: ${1:undefined} # required. BGP autonomous system number. Valid values are string, Integer in ASPLAIN or ASDOT notation.
neighbor: ${2:undefined} # required. Neighbor Identifier. Valid values are string. Neighbors may use IPv4 or IPv6 notation, with or without prefix length.
update_source: ${3:null} # not required. Specify source interface of BGP session and updates.
maximum_peers: ${4:null} # not required. Specify Maximum number of peers for this neighbor prefix Valid values are between 1 and 1000, or 'default', which does not impose the limit. Note that this parameter is accepted only on neighbors with address/prefix.
timers_holdtime: ${5:null} # not required. Specify holdtime timer value. Valid values are integers between 0 and 3600 in terms of seconds, or 'default', which is 180.
local_as: ${6:null} # not required. Specify the local-as number for the eBGP neighbor. Valid values are String or Integer in ASPLAIN or ASDOT notation, or 'default', which means not to configure it.
pwd_type: ${7|3des,cisco_type_7,default|} # not required. choices: 3des;cisco_type_7;default. Specify the encryption type the password will use. Valid values are '3des' or 'cisco_type_7' encryption or keyword 'default'.
timers_keepalive: ${8:null} # not required. Specify keepalive timer value. Valid values are integers between 0 and 3600 in terms of seconds, or 'default', which is 60.
dynamic_capability: ${9|true,false|} # not required. choices: true;false. Configure whether or not to enable dynamic capability.
vrf: ${10:default} # not required. Name of the VRF. The name 'default' is a valid VRF representing the global bgp.
shutdown: ${11|true,false|} # not required. choices: true;false. Configure to administratively shutdown this neighbor.
low_memory_exempt: ${12|true,false|} # not required. choices: true;false. Specify whether or not to shut down this neighbor under memory pressure.
log_neighbor_changes: ${13|enable,disable,inherit|} # not required. choices: enable;disable;inherit. Specify whether or not to enable log messages for neighbor up/down event.
remove_private_as: ${14|enable,disable,all,replace-as|} # not required. choices: enable;disable;all;replace-as. Specify the config to remove private AS number from outbound updates. Valid values are 'enable' to enable this config, 'disable' to disable this config, 'all' to remove all private AS number, or 'replace-as', to replace the private AS number.
suppress_4_byte_as: ${15|true,false|} # not required. choices: true;false. Configure to suppress 4-byte AS Capability.
connected_check: ${16|true,false|} # not required. choices: true;false. Configure whether or not to check for directly connected peer.
remote_as: ${17:null} # not required. Specify Autonomous System Number of the neighbor. Valid values are String or Integer in ASPLAIN or ASDOT notation, or 'default', which means not to configure it.
ebgp_multihop: ${18:null} # not required. Specify multihop TTL for a remote peer. Valid values are integers between 2 and 255, or keyword 'default' to disable this property.
description: ${19:null} # not required. Description of the neighbor.
pwd: ${20:null} # not required. Specify the password for neighbor. Valid value is string.
state: ${21|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
transport_passive_only: ${22|true,false|} # not required. choices: true;false. Specify whether or not to only allow passive connection setup. Valid values are 'true', 'false', and 'default', which defaults to 'false'. This property can only be configured when the neighbor is in 'ip' address format without prefix length.
capability_negotiation: ${23|true,false|} # not required. choices: true;false. Configure whether or not to negotiate capability with this neighbor.
provider: ${24:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_bgp_neighbor_af':
'prefix': "nxos_bgp_neighbor_af_snippet"
'description': "Manages BGP address-family's neighbors configuration."
'body': """
nxos_bgp_neighbor_af:
afi: ${1|ipv4,ipv6,vpnv4,vpnv6,l2vpn|} # required. choices: ipv4;ipv6;vpnv4;vpnv6;l2vpn. Address Family Identifier.
safi: ${2|unicast,multicast,evpn|} # required. choices: unicast;multicast;evpn. Sub Address Family Identifier.
asn: ${3:undefined} # required. BGP autonomous system number. Valid values are String, Integer in ASPLAIN or ASDOT notation.
neighbor: ${4:undefined} # required. Neighbor Identifier. Valid values are string. Neighbors may use IPv4 or IPv6 notation, with or without prefix length.
default_originate: ${5|true,false|} # not required. choices: true;false. Activate the default-originate feature.
route_reflector_client: ${6|true,false|} # not required. choices: true;false. Router reflector client.
additional_paths_send: ${7|enable,disable,inherit|} # not required. choices: enable;disable;inherit. Valid values are enable for basic command enablement; disable for disabling the command at the neighbor af level (it adds the disable keyword to the basic command); and inherit to remove the command at this level (the command value is inherited from a higher BGP layer).
soo: ${8:null} # not required. Site-of-origin. Valid values are a string defining a VPN extcommunity or 'default'.
additional_paths_receive: ${9|enable,disable,inherit|} # not required. choices: enable;disable;inherit. Valid values are enable for basic command enablement; disable for disabling the command at the neighbor af level (it adds the disable keyword to the basic command); and inherit to remove the command at this level (the command value is inherited from a higher BGP layer).
suppress_inactive: ${10|true,false,default|} # not required. choices: true;false;default. suppress-inactive feature.
unsuppress_map: ${11:null} # not required. unsuppress-map. Valid values are a string defining a route-map name or 'default'.
prefix_list_out: ${12:null} # not required. Valid values are a string defining a prefix-list name, or 'default'.
as_override: ${13|true,false|} # not required. choices: true;false. Activate the as-override feature.
filter_list_out: ${14:null} # not required. Valid values are a string defining a filter-list name, or 'default'.
allowas_in: ${15:null} # not required. Activate allowas-in property
max_prefix_warning: ${16|true,false|} # not required. choices: true;false. Optional warning-only keyword. Requires max_prefix_limit. May not be combined with max_prefix_interval.
max_prefix_threshold: ${17:null} # not required. Optional threshold percentage at which to generate a warning. Valid values are an integer value. Requires max_prefix_limit.
state: ${18|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
provider: ${19:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
advertise_map_non_exist: ${20:null} # not required. Conditional route advertisement. This property requires two route maps, an advertise-map and an exist-map. Valid values are an array specifying both the advertise-map name and the non-exist-map name, or simply 'default' e.g. ['my_advertise_map', 'my_non_exist_map']. This command is mutually exclusive with the advertise_map_exist property.
default_originate_route_map: ${21:null} # not required. Route-map for the default_originate property. Valid values are a string defining a route-map name, or 'default'. This is mutually exclusive with default_originate.
send_community: ${22|none,both,extended,standard,default|} # not required. choices: none;both;extended;standard;default. send-community attribute.
disable_peer_as_check: ${23|true,false|} # not required. choices: true;false. Disable checking of peer AS-number while advertising
filter_list_in: ${24:null} # not required. Valid values are a string defining a filter-list name, or 'default'.
weight: ${25:null} # not required. Weight value. Valid values are an integer value or 'default'.
vrf: ${26:default} # not required. Name of the VRF. The name 'default' is a valid VRF representing the global bgp.
max_prefix_limit: ${27:null} # not required. maximum-prefix limit value. Valid values are an integer value or 'default'.
route_map_in: ${28:null} # not required. Valid values are a string defining a route-map name, or 'default'.
soft_reconfiguration_in: ${29|enable,always,inherit|} # not required. choices: enable;always;inherit. Valid values are 'enable' for basic command enablement; 'always' to add the always keyword to the basic command; and 'inherit' to remove the command at this level (the command value is inherited from a higher BGP layer).
max_prefix_interval: ${30:null} # not required. Optional restart interval. Valid values are an integer. Requires max_prefix_limit. May not be combined with max_prefix_warning.
route_map_out: ${31:null} # not required. Valid values are a string defining a route-map name, or 'default'.
next_hop_self: ${32|true,false|} # not required. choices: true;false. Activate the next-hop-self feature.
prefix_list_in: ${33:null} # not required. Valid values are a string defining a prefix-list name, or 'default'.
next_hop_third_party: ${34|true,false|} # not required. choices: true;false. Activate the next-hop-third-party feature.
advertise_map_exist: ${35:null} # not required. Conditional route advertisement. This property requires two route maps, an advertise-map and an exist-map. Valid values are an array specifying both the advertise-map name and the exist-map name, or simply 'default' e.g. ['my_advertise_map', 'my_exist_map']. This command is mutually exclusive with the advertise_map_non_exist property.
allowas_in_max: ${36:null} # not required. Max-occurrences value for allowas_in. Valid values are an integer value or 'default'. This is mutually exclusive with allowas_in.
"""
'nxos_command':
'prefix': "nxos_command_snippet"
'description': "Run arbitrary command on Cisco NXOS devices"
'body': """
nxos_command:
commands: ${1:undefined} # required. The commands to send to the remote NXOS device. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retires as expired.,The I(commands) argument also accepts an alternative form that allows for complex values that specify the command to run and the output format to return. This can be done on a command by command basis. The complex argument supports the keywords C(command) and C(output) where C(command) is the command to run and C(output) is one of 'text' or 'json'.
retries: ${2:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditionals.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditional, the interval indicates how to long to wait before trying the command again.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
wait_for: ${5:null} # not required. Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured retries, the task fails. See examples.
match: ${6:all} # not required. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the I(wait_for) must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'nxos_config':
'prefix': "nxos_config_snippet"
'description': "Manage Cisco NXOS configuration sections"
'body': """
nxos_config:
force: ${1:false} # not required. The force argument instructs the module to not consider the current devices running-config. When set to true, this will cause the module to push the contents of I(src) into the device without first checking if already configured.,Note this argument should be considered deprecated. To achieve the equivalent, set the C(match=none) which is idempotent. This argument will be removed in a future release.
after: ${2:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
diff_against: ${3|startup,intended,running|} # not required. choices: startup;intended;running. When using the C(ansible-playbook --diff) command line argument the module can generate diffs against different sources.,When this option is configure as I(startup), the module will return the diff of the running-config against the startup-config.,When this option is configured as I(intended), the module will return the diff of the running-config against the configuration provided in the C(intended_config) argument.,When this option is configured as I(running), the module will return the before and after diff of the running-config with respect to any changes made to the device configuration.
replace: ${4|line,block,config|} # not required. choices: line;block;config. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct. I(replace config) is supported only on Nexus 9K device.
running_config: ${5:null} # not required. The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The I(running_config) argument allows the implementer to pass in the configuration to use as the base config for comparison.
diff_ignore_lines: ${6:undefined} # not required. Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches.
src: ${7:null} # not required. The I(src) argument provides a path to the configuration file to load into the remote system. The path can either be a full system path to the configuration file if the value starts with / or relative to the root of the implemented role or playbook. This argument is mutually exclusive with the I(lines) and I(parents) arguments.
save: ${8:false} # not required. The C(save) argument instructs the module to save the running-config to startup-config. This operation is performed after any changes are made to the current running config. If no changes are made, the configuration is still saved to the startup config. This option will always cause the module to return changed.,This option is deprecated as of Ansible 2.4, use C(save_when)
replace_src: ${9:null} # not required. The I(replace_src) argument provides path to the configuration file to load into the remote system. This argument is used to replace the entire config with a flat-file. This is used with argument I(replace) with value I(config). This is mutually exclusive with the I(lines) and I(src) arguments. This argument is supported on Nexus 9K device. Use I(nxos_file_copy) module to copy the flat file to remote device and then use the path with this argument.
lines: ${10:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
intended_config: ${11:undefined} # not required. The C(intended_config) provides the master configuration that the node should conform to and is used to check the final running-config against. This argument will not modify any settings on the remote device and is strictly used to check the compliance of the current device's configuration against. When specifying this argument, the task should also modify the C(diff_against) value and set it to I(intended).
parents: ${12:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
defaults: ${13:false} # not required. The I(defaults) argument will influence how the running-config is collected from the device. When the value is set to true, the command used to collect the running-config is append with the all keyword. When the value is set to false, the command is issued without the all keyword
provider: ${14:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
before: ${15:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
save_when: ${16|always,never,modified|} # not required. choices: always;never;modified. When changes are made to the device running-configuration, the changes are not copied to non-volatile storage by default. Using this argument will change that before. If the argument is set to I(always), then the running-config will always be copied to the startup-config and the I(modified) flag will always be set to True. If the argument is set to I(modified), then the running-config will only be copied to the startup-config if it has changed since the last save to startup-config. If the argument is set to I(never), the running-config will never be copied to the startup-config
backup: ${17:no} # not required. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created.
match: ${18|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
"""
'nxos_evpn_global':
'prefix': "nxos_evpn_global_snippet"
'description': "Handles the EVPN control plane for VXLAN."
'body': """
nxos_evpn_global:
nv_overlay_evpn: ${1|true,false|} # required. choices: true;false. EVPN control plane.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_evpn_vni':
'prefix': "nxos_evpn_vni_snippet"
'description': "Manages Cisco EVPN VXLAN Network Identifier (VNI)."
'body': """
nxos_evpn_vni:
route_distinguisher: ${1:null} # required. The VPN Route Distinguisher (RD). The RD is combined with the IPv4 or IPv6 prefix learned by the PE router to create a globally unique address.
vni: ${2:null} # required. The EVPN VXLAN Network Identifier.
state: ${3|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
route_target_import: ${4:null} # not required. Sets the route-target 'import' extended communities.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
route_target_export: ${6:null} # not required. Sets the route-target 'export' extended communities.
route_target_both: ${7:null} # not required. Enables/Disables route-target settings for both import and export target communities using a single property.
"""
'nxos_facts':
'prefix': "nxos_facts_snippet"
'description': "Gets facts about NX-OS switches"
'body': """
nxos_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, legacy, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_feature':
'prefix': "nxos_feature_snippet"
'description': "Manage features in NX-OS switches."
'body': """
nxos_feature:
feature: ${1:undefined} # required. Name of feature.
state: ${2|enabled,disabled|} # not required. choices: enabled;disabled. Desired state of the feature.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_file_copy':
'prefix': "nxos_file_copy_snippet"
'description': "Copy a file to a remote NXOS device over SCP."
'body': """
nxos_file_copy:
local_file: ${1:undefined} # required. Path to local file. Local directory must exist.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
remote_file: ${3:null} # not required. Remote file path of the copy. Remote directories must exist. If omitted, the name of the local file will be used.
file_system: ${4:null} # not required. The remote file system of the device. If omitted, devices that support a I(file_system) parameter will use their default values.
connect_ssh_port: ${5:22} # not required. SSH port to connect to server during transfer of file
"""
'nxos_gir':
'prefix': "nxos_gir_snippet"
'description': "Trigger a graceful removal or insertion (GIR) of the switch."
'body': """
nxos_gir:
state: ${1|present,absent|} # required. choices: present;absent. Specify desired state of the resource.
system_mode_maintenance_on_reload_reset_reason: ${2|hw_error,svc_failure,kern_failure,wdog_timeout,fatal_error,lc_failure,match_any,manual_reload|} # not required. choices: hw_error;svc_failure;kern_failure;wdog_timeout;fatal_error;lc_failure;match_any;manual_reload. Boots the switch into maintenance mode automatically in the event of a specified system crash.
system_mode_maintenance: ${3|true,false|} # not required. choices: true;false. When C(system_mode_maintenance=true) it puts all enabled protocols in maintenance mode (using the isolate command). When C(system_mode_maintenance=false) it puts all enabled protocols in normal mode (using the no isolate command).
system_mode_maintenance_dont_generate_profile: ${4|true,false|} # not required. choices: true;false. When C(system_mode_maintenance_dont_generate_profile=true) it prevents the dynamic searching of enabled protocols and executes commands configured in a maintenance-mode profile. Use this option if you want the system to use a maintenance-mode profile that you have created. When C(system_mode_maintenance_dont_generate_profile=false) it prevents the dynamic searching of enabled protocols and executes commands configured in a normal-mode profile. Use this option if you want the system to use a normal-mode profile that you have created.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
system_mode_maintenance_shutdown: ${6|true,false|} # not required. choices: true;false. Shuts down all protocols, vPC domains, and interfaces except the management interface (using the shutdown command). This option is disruptive while C(system_mode_maintenance) (which uses the isolate command) is not.
system_mode_maintenance_timeout: ${7:null} # not required. Keeps the switch in maintenance mode for a specified number of minutes. Range is 5-65535.
"""
'nxos_gir_profile_management':
'prefix': "nxos_gir_profile_management_snippet"
'description': "Create a maintenance-mode or normal-mode profile for GIR."
'body': """
nxos_gir_profile_management:
mode: ${1|maintenance,normal|} # required. choices: maintenance;normal. Configure the profile as Maintenance or Normal mode.
commands: ${2:null} # not required. List of commands to be included into the profile.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
state: ${4|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
"""
'nxos_hsrp':
'prefix': "nxos_hsrp_snippet"
'description': "Manages HSRP configuration on NX-OS switches."
'body': """
nxos_hsrp:
group: ${1:undefined} # required. HSRP group number.
interface: ${2:undefined} # required. Full name of interface that is being managed for HSRP.
auth_type: ${3|text,md5|} # not required. choices: text;md5. Authentication type.
preempt: ${4|enabled,disabled|} # not required. choices: enabled;disabled. Enable/Disable preempt.
auth_string: ${5:undefined} # not required. Authentication string. If this needs to be hidden(for md5 type), the string should be 7 followed by the key string. Otherwise, it can be 0 followed by key string or just key string (for backward compatibility). For text type, this should be just be a key string. if this is 'default', authentication is removed.
vip: ${6:undefined} # not required. HSRP virtual IP address or keyword 'default"
priority: ${7:undefined} # not required. HSRP priority or keyword 'default'.
state: ${8|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
version: ${9|1,2|} # not required. choices: 1;2. HSRP version.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_igmp':
'prefix': "nxos_igmp_snippet"
'description': "Manages IGMP global configuration."
'body': """
nxos_igmp:
state: ${1|present,default|} # not required. choices: present;default. Manages desired state of the resource.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
enforce_rtr_alert: ${3|true,false|} # not required. choices: true;false. Enables or disables the enforce router alert option check for IGMPv2 and IGMPv3 packets.
restart: ${4|true,false|} # not required. choices: true;false. Restarts the igmp process (using an exec config command).
flush_routes: ${5|true,false|} # not required. choices: true;false. Removes routes when the IGMP process is restarted. By default, routes are not flushed.
"""
'nxos_igmp_interface':
'prefix': "nxos_igmp_interface_snippet"
'description': "Manages IGMP interface configuration."
'body': """
nxos_igmp_interface:
interface: ${1:undefined} # required. The full interface name for IGMP configuration. e.g. I(Ethernet1/2).
startup_query_interval: ${2:null} # not required. Query interval used when the IGMP process starts up. The range is from 1 to 18000. The default is 31.
group_timeout: ${3:null} # not required. Sets the group membership timeout for IGMPv2. Values can range from 3 to 65,535 seconds. The default is 260 seconds.
oif_routemap: ${4:null} # not required. Configure a routemap for static outgoing interface (OIF).
oif_prefix: ${5:null} # not required. Configure a prefix for static outgoing interface (OIF).
querier_timeout: ${6:null} # not required. Sets the querier timeout that the software uses when deciding to take over as the querier. Values can range from 1 to 65535 seconds. The default is 255 seconds.
last_member_query_count: ${7:null} # not required. Sets the number of times that the software sends an IGMP query in response to a host leave message. Values can range from 1 to 5. The default is 2.
restart: ${8|true,false|} # not required. choices: true;false. Restart IGMP.
report_llg: ${9|true,false|} # not required. choices: true;false. Configures report-link-local-groups. Enables sending reports for groups in 224.0.0.0/24. Reports are always sent for nonlink local groups. By default, reports are not sent for link local groups.
last_member_qrt: ${10:null} # not required. Sets the query interval waited after sending membership reports before the software deletes the group state. Values can range from 1 to 25 seconds. The default is 1 second.
robustness: ${11:null} # not required. Sets the robustness variable. Values can range from 1 to 7. The default is 2.
startup_query_count: ${12:null} # not required. Query count used when the IGMP process starts up. The range is from 1 to 10. The default is 2.
immediate_leave: ${13|true,false|} # not required. choices: true;false. Enables the device to remove the group entry from the multicast routing table immediately upon receiving a leave message for the group. Use this command to minimize the leave latency of IGMPv2 group memberships on a given IGMP interface because the device does not send group-specific queries. The default is disabled.
state: ${14|present,default|} # not required. choices: present;default. Manages desired state of the resource.
version: ${15|2,3|} # not required. choices: 2;3. IGMP version. It can be 2 or 3.
provider: ${16:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
oif_source: ${17:null} # not required. Configure a source for static outgoing interface (OIF).
query_interval: ${18:null} # not required. Sets the frequency at which the software sends IGMP host query messages. Values can range from 1 to 18000 seconds. The default is 125 seconds.
query_mrt: ${19:null} # not required. Sets the response time advertised in IGMP queries. Values can range from 1 to 25 seconds. The default is 10 seconds.
"""
'nxos_igmp_snooping':
'prefix': "nxos_igmp_snooping_snippet"
'description': "Manages IGMP snooping global configuration."
'body': """
nxos_igmp_snooping:
link_local_grp_supp: ${1:undefined} # not required. Global link-local groups suppression.
report_supp: ${2:undefined} # not required. Global IGMPv1/IGMPv2 Report Suppression.
snooping: ${3:undefined} # not required. Enables/disables IGMP snooping on the switch.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
group_timeout: ${5:undefined} # not required. Group membership timeout value for all VLANs on the device. Accepted values are integer in range 1-10080, I(never) and I(default).
v3_report_supp: ${6:undefined} # not required. Global IGMPv3 Report Suppression and Proxy Reporting.
state: ${7|present,default|} # not required. choices: present;default. Manage the state of the resource.
"""
'nxos_install_os':
'prefix': "nxos_install_os_snippet"
'description': "Set boot options like boot, kickstart image and issu."
'body': """
nxos_install_os:
system_image_file: ${1:undefined} # required. Name of the system (or combined) image file on flash.
issu: ${2|required,desired,yes,no|} # not required. choices: required;desired;yes;no. Upgrade using In Service Software Upgrade (ISSU). (Only supported on N9k platforms),Selecting 'required' or 'yes' means that upgrades will only proceed if the switch is capable of ISSU.,Selecting 'desired' means that upgrades will use ISSU if possible but will fall back to disruptive upgrade if needed.,Selecting 'no' means do not use ISSU. Forced disruptive.
kickstart_image_file: ${3:null} # not required. Name of the kickstart image file on flash. (Not required on all Nexus platforms)
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_interface':
'prefix': "nxos_interface_snippet"
'description': "Manages physical attributes of interfaces."
'body': """
nxos_interface:
name: ${1:null} # required. Full name of interface, i.e. Ethernet1/1, port-channel10.
state: ${2|present,absent,default|} # required. choices: present;absent;default. Specify desired state of the resource.
neighbors: ${3:undefined} # not required. Check the operational state of given interface C(name) for LLDP neighbor.,The following suboptions are available. This is state check parameter only.
description: ${4:null} # not required. Interface description.
ip_forward: ${5|enable,disable|} # not required. choices: enable;disable. Enable/Disable ip forward feature on SVIs.
interface_type: ${6|loopback,portchannel,svi,nve|} # not required. choices: loopback;portchannel;svi;nve. Interface type to be unconfigured from the device.
rx_rate: ${7:undefined} # not required. Receiver rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
admin_state: ${8|up,down|} # not required. choices: up;down. Administrative state of the interface.
aggregate: ${9:undefined} # not required. List of Interfaces definitions.
speed: ${10:undefined} # not required. Interface link speed. Applicable for ethernet interface only.
tx_rate: ${11:undefined} # not required. Transmit rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
fabric_forwarding_anycast_gateway: ${12|true,false|} # not required. choices: true;false. Associate SVI with anycast gateway under VLAN configuration mode. Applicable for SVI interface only.
duplex: ${13|full,half,auto|} # not required. choices: full;half;auto. Interface link status. Applicable for ethernet interface only.
mtu: ${14:undefined} # not required. MTU for a specific interface. Must be an even number between 576 and 9216. Applicable for ethernet interface only.
delay: ${15:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state arguments.
mode: ${16|layer2,layer3|} # not required. choices: layer2;layer3. Manage Layer 2 or Layer 3 state of the interface. This option is supported for ethernet and portchannel interface. Applicable for ethernet and portchannel interface only.
provider: ${17:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_interface_ospf':
'prefix': "nxos_interface_ospf_snippet"
'description': "Manages configuration of an OSPF interface instance."
'body': """
nxos_interface_ospf:
area: ${1:undefined} # required. Ospf area associated with this cisco_interface_ospf instance. Valid values are a string, formatted as an IP address (i.e. \"0.0.0.0\") or as an integer.
interface: ${2:undefined} # required. Name of this cisco_interface resource. Valid value is a string.
ospf: ${3:undefined} # required. Name of the ospf instance.
hello_interval: ${4:null} # not required. Time between sending successive hello packets. Valid values are an integer or the keyword 'default'.
message_digest_algorithm_type: ${5|md5,default|} # not required. choices: md5;default. Algorithm used for authentication among neighboring routers within an area. Valid values are 'md5' and 'default'.
message_digest_key_id: ${6:null} # not required. Md5 authentication key-id associated with the ospf instance. If this is present, message_digest_encryption_type, message_digest_algorithm_type and message_digest_password are mandatory. Valid value is an integer and 'default'.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
message_digest_encryption_type: ${8|cisco_type_7,3des,default|} # not required. choices: cisco_type_7;3des;default. Specifies the scheme used for encrypting message_digest_password. Valid values are '3des' or 'cisco_type_7' encryption or 'default'.
dead_interval: ${9:null} # not required. Time interval an ospf neighbor waits for a hello packet before tearing down adjacencies. Valid values are an integer or the keyword 'default'.
state: ${10|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
cost: ${11:null} # not required. The cost associated with this cisco_interface_ospf instance.
passive_interface: ${12|true,false|} # not required. choices: true;false. Setting to true will prevent this interface from receiving HELLO packets. Valid values are 'true' and 'false'.
message_digest_password: ${13:null} # not required. Specifies the message_digest password. Valid value is a string.
message_digest: ${14|true,false|} # not required. choices: true;false. Enables or disables the usage of message digest authentication. Valid values are 'true' and 'false'.
"""
'nxos_ip_interface':
'prefix': "nxos_ip_interface_snippet"
'description': "Manages L3 attributes for IPv4 and IPv6 interfaces."
'body': """
nxos_ip_interface:
interface: ${1:undefined} # required. Full name of interface, i.e. Ethernet1/1, vlan10.
addr: ${2:null} # not required. IPv4 or IPv6 Address.
dot1q: ${3:null} # not required. Configures IEEE 802.1Q VLAN encapsulation on the subinterface. The range is from 2 to 4093.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
mask: ${5:null} # not required. Subnet mask for IPv4 or IPv6 Address in decimal format.
state: ${6|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
version: ${7|v4,v6|} # not required. choices: v4;v6. Version of IP address. If the IP address is IPV4 version should be v4. If the IP address is IPV6 version should be v6.
tag: ${8:0} # not required. Route tag for IPv4 or IPv6 Address in integer format.
allow_secondary: ${9:false} # not required. Allow to configure IPv4 secondary addresses on interface.
"""
'nxos_l2_interface':
'prefix': "nxos_l2_interface_snippet"
'description': "Manage Layer-2 interface on Cisco NXOS devices."
'body': """
nxos_l2_interface:
name: ${1:undefined} # required. Full name of the interface excluding any logical unit number, i.e. Ethernet1/1.
native_vlan: ${2:undefined} # not required. Native VLAN to be configured in trunk port. If C(mode=trunk), used as the trunk native VLAN ID.
access_vlan: ${3:undefined} # not required. Configure given VLAN in access port. If C(mode=access), used as the access VLAN ID.
trunk_vlans: ${4:undefined} # not required. List of VLANs to be configured in trunk port. If C(mode=trunk), used as the VLAN range to ADD or REMOVE from the trunk.
state: ${5|present,absent,unconfigured|} # not required. choices: present;absent;unconfigured. Manage the state of the Layer-2 Interface configuration.
trunk_allowed_vlans: ${6:undefined} # not required. List of allowed VLANs in a given trunk port. If C(mode=trunk), these are the only VLANs that will be configured on the trunk, i.e. \"2-10,15\".
mode: ${7|access,trunk|} # not required. choices: access;trunk. Mode in which interface needs to be configured.
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${9:undefined} # not required. List of Layer-2 interface definitions.
"""
'nxos_l3_interface':
'prefix': "nxos_l3_interface_snippet"
'description': "Manage L3 interfaces on Cisco NXOS network devices"
'body': """
nxos_l3_interface:
name: ${1:undefined} # not required. Name of the L3 interface.
ipv6: ${2:undefined} # not required. IPv6 of the L3 interface.
state: ${3|present,absent|} # not required. choices: present;absent. State of the L3 interface configuration.
ipv4: ${4:undefined} # not required. IPv4 of the L3 interface.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${6:undefined} # not required. List of L3 interfaces definitions.
"""
'nxos_linkagg':
'prefix': "nxos_linkagg_snippet"
'description': "Manage link aggregation groups on Cisco NXOS devices."
'body': """
nxos_linkagg:
group: ${1:undefined} # required. Channel-group number for the port-channel Link aggregation group.
force: ${2|true,false|} # not required. choices: true;false. When true it forces link aggregation group members to match what is declared in the members param. This can be used to remove members.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
purge: ${4:false} # not required. Purge links not defined in the I(aggregate) parameter.
state: ${5|present,absent|} # not required. choices: present;absent. State of the link aggregation group.
mode: ${6|active,passive,on|} # not required. choices: active;passive;on. Mode for the link aggregation group.
members: ${7:null} # not required. List of interfaces that will be managed in the link aggregation group.
min_links: ${8:null} # not required. Minimum number of ports required up before bringing up the link aggregation group.
aggregate: ${9:undefined} # not required. List of link aggregation definitions.
"""
'nxos_lldp':
'prefix': "nxos_lldp_snippet"
'description': "Manage LLDP configuration on Cisco NXOS network devices."
'body': """
nxos_lldp:
state: ${1|present,absent|} # not required. choices: present;absent. State of the LLDP configuration. If value is I(present) lldp will be enabled else if it is I(absent) it will be disabled.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_logging':
'prefix': "nxos_logging_snippet"
'description': "Manage logging on network devices"
'body': """
nxos_logging:
aggregate: ${1:undefined} # not required. List of logging definitions.
facility_level: ${2:undefined} # not required. Set logging serverity levels for facility based log messages.
name: ${3:undefined} # not required. If value of C(dest) is I(logfile) it indicates file-name.
facility: ${4:undefined} # not required. Facility name for logging.
dest: ${5|console,logfile,module,monitor|} # not required. choices: console;logfile;module;monitor. Destination of the logs.
dest_level: ${6:undefined} # not required. Set logging severity levels.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
state: ${8|present,absent|} # not required. choices: present;absent. State of the logging configuration.
"""
'nxos_mtu':
'prefix': "nxos_mtu_snippet"
'description': "Manages MTU settings on Nexus switch."
'body': """
nxos_mtu:
interface: ${1:null} # not required. Full name of interface, i.e. Ethernet1/1.
state: ${2|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
sysmtu: ${3:null} # not required. System jumbo MTU. Must be an even number between 576 and 9216.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
mtu: ${5:null} # not required. MTU for a specific interface. Must be an even number between 576 and 9216.
"""
'nxos_ntp':
'prefix': "nxos_ntp_snippet"
'description': "Manages core NTP configuration."
'body': """
nxos_ntp:
source_addr: ${1:undefined} # not required. Local source address from which NTP messages are sent or keyword 'default"
prefer: ${2|enabled,disabled|} # not required. choices: enabled;disabled. Makes given NTP server or peer the preferred NTP server or peer for the device.
server: ${3:undefined} # not required. Network address of NTP server.
state: ${4|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
vrf_name: ${5:undefined} # not required. Makes the device communicate with the given NTP server or peer over a specific VRF or keyword 'default'.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
peer: ${7:undefined} # not required. Network address of NTP peer.
key_id: ${8:undefined} # not required. Authentication key identifier to use with given NTP server or peer or keyword 'default'.
source_int: ${9:undefined} # not required. Local source interface from which NTP messages are sent. Must be fully qualified interface name or keyword 'default"
"""
'nxos_ntp_auth':
'prefix': "nxos_ntp_auth_snippet"
'description': "Manages NTP authentication."
'body': """
nxos_ntp_auth:
auth_type: ${1|text,encrypt|} # not required. choices: text;encrypt. Whether the given md5string is in cleartext or has been encrypted. If in cleartext, the device will encrypt it before storing it.
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
key_id: ${4:undefined} # not required. Authentication key identifier (numeric).
trusted_key: ${5|true,false|} # not required. choices: true;false. Whether the given key is required to be supplied by a time source for the device to synchronize to the time source.
authentication: ${6|on,off|} # not required. choices: on;off. Turns NTP authentication on or off.
md5string: ${7:undefined} # not required. MD5 String.
"""
'nxos_ntp_options':
'prefix': "nxos_ntp_options_snippet"
'description': "Manages NTP options."
'body': """
nxos_ntp_options:
master: ${1|true,false|} # not required. choices: true;false. Sets whether the device is an authoritative NTP server.
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
logging: ${4|true,false|} # not required. choices: true;false. Sets whether NTP logging is enabled on the device.
stratum: ${5:null} # not required. If C(master=true), an optional stratum can be supplied (1-15). The device default is 8.
"""
'nxos_nxapi':
'prefix': "nxos_nxapi_snippet"
'description': "Manage NXAPI configuration on an NXOS device."
'body': """
nxos_nxapi:
state: ${1|present,absent|} # not required. choices: present;absent. The C(state) argument controls whether or not the NXAPI feature is configured on the remote device. When the value is C(present) the NXAPI feature configuration is present in the device running-config. When the values is C(absent) the feature configuration is removed from the running-config.
http_port: ${2:80} # not required. Configure the port with which the HTTP server will listen on for requests. By default, NXAPI will bind the HTTP service to the standard HTTP port 80. This argument accepts valid port values in the range of 1 to 65535.
http: ${3|yes,no|} # not required. choices: yes;no. Controls the operating state of the HTTP protocol as one of the underlying transports for NXAPI. By default, NXAPI will enable the HTTP transport when the feature is first configured. To disable the use of the HTTP transport, set the value of this argument to False.
https_port: ${4:443} # not required. Configure the port with which the HTTPS server will listen on for requests. By default, NXAPI will bind the HTTPS service to the standard HTTPS port 443. This argument accepts valid port values in the range of 1 to 65535.
https: ${5|yes,no|} # not required. choices: yes;no. Controls the operating state of the HTTPS protocol as one of the underlying transports for NXAPI. By default, NXAPI will disable the HTTPS transport when the feature is first configured. To enable the use of the HTTPS transport, set the value of this argument to True.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
sandbox: ${7|yes,no|} # not required. choices: yes;no. The NXAPI feature provides a web base UI for developers for entering commands. This feature is initially disabled when the NXAPI feature is configured for the first time. When the C(sandbox) argument is set to True, the developer sandbox URL will accept requests and when the value is set to False, the sandbox URL is unavailable. This is supported on NX-OS 7K series.
"""
'nxos_ospf':
'prefix': "nxos_ospf_snippet"
'description': "Manages configuration of an ospf instance."
'body': """
nxos_ospf:
ospf: ${1:undefined} # required. Name of the ospf instance.
state: ${2|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_ospf_vrf':
'prefix': "nxos_ospf_vrf_snippet"
'description': "Manages a VRF for an OSPF router."
'body': """
nxos_ospf_vrf:
ospf: ${1:null} # required. Name of the OSPF instance.
router_id: ${2:null} # not required. Router Identifier (ID) of the OSPF router VRF instance.
timer_throttle_lsa_max: ${3:null} # not required. Specify the max interval for rate-limiting Link-State Advertisement (LSA) generation. Valid values are an integer, in milliseconds, or the keyword 'default'.
timer_throttle_spf_max: ${4:null} # not required. Specify the maximum wait time between Shortest Path First (SPF) calculations. Valid values are an integer, in milliseconds, or the keyword 'default'.
auto_cost: ${5:null} # not required. Specifies the reference bandwidth used to assign OSPF cost. Valid values are an integer, in Mbps, or the keyword 'default'.
timer_throttle_lsa_hold: ${6:null} # not required. Specify the hold interval for rate-limiting Link-State Advertisement (LSA) generation. Valid values are an integer, in milliseconds, or the keyword 'default'.
default_metric: ${7:null} # not required. Specify the default Metric value. Valid values are an integer or the keyword 'default'.
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
log_adjacency: ${9|log,detail,default|} # not required. choices: log;detail;default. Controls the level of log messages generated whenever a neighbor changes state. Valid values are 'log', 'detail', and 'default'.
timer_throttle_lsa_start: ${10:null} # not required. Specify the start interval for rate-limiting Link-State Advertisement (LSA) generation. Valid values are an integer, in milliseconds, or the keyword 'default'.
state: ${11|present,absent|} # not required. choices: present;absent. State of ospf vrf configuration.
vrf: ${12:default} # not required. Name of the resource instance. Valid value is a string. The name 'default' is a valid VRF representing the global OSPF.
passive_interface: ${13|true,false|} # not required. choices: true;false. Setting to true will suppress routing update on interface. Valid values are 'true' and 'false'.
timer_throttle_spf_start: ${14:null} # not required. Specify initial Shortest Path First (SPF) schedule delay. Valid values are an integer, in milliseconds, or the keyword 'default'.
timer_throttle_spf_hold: ${15:null} # not required. Specify minimum hold time between Shortest Path First (SPF) calculations. Valid values are an integer, in milliseconds, or the keyword 'default'.
"""
'nxos_overlay_global':
'prefix': "nxos_overlay_global_snippet"
'description': "Configures anycast gateway MAC of the switch."
'body': """
nxos_overlay_global:
anycast_gateway_mac: ${1:null} # required. Anycast gateway mac of the switch.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_pim':
'prefix': "nxos_pim_snippet"
'description': "Manages configuration of a PIM instance."
'body': """
nxos_pim:
ssm_range: ${1:undefined} # required. Configure group ranges for Source Specific Multicast (SSM). Valid values are multicast addresses or the keyword C(none) or keyword C(default). C(none) removes all SSM group ranges. C(default) will set ssm_range to the default multicast address. If you set multicast address, please ensure that it is not the same as the C(default), otherwise use the C(default) option.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_pim_interface':
'prefix': "nxos_pim_interface_snippet"
'description': "Manages PIM interface configuration."
'body': """
nxos_pim_interface:
jp_policy_out: ${1:null} # required. Policy for join-prune messages (outbound).
interface: ${2:undefined} # required. Full name of the interface such as Ethernet1/33.
hello_auth_key: ${3:null} # not required. Authentication for hellos on this interface.
dr_prio: ${4:undefined} # not required. Configures priority for PIM DR election on interface.
hello_interval: ${5|true,false|} # not required. choices: true;false. Hello interval in milliseconds for this interface.
jp_type_in: ${6|prefix,routemap|} # not required. choices: prefix;routemap. Type of policy mapped to C(jp_policy_in).
neighbor_type: ${7|prefix,routemap|} # not required. choices: prefix;routemap. Type of policy mapped to neighbor_policy.
state: ${8|present,default|} # not required. choices: present;default. Manages desired state of the resource.
neighbor_policy: ${9:null} # not required. Configures a neighbor policy for filtering adjacencies.
sparse: ${10|true,false|} # not required. choices: true;false. Enable/disable sparse-mode on the interface.
provider: ${11:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
jp_policy_in: ${12:null} # not required. Policy for join-prune messages (inbound).
border: ${13|true,false|} # not required. choices: true;false. Configures interface to be a boundary of a PIM domain.
jp_type_out: ${14|prefix,routemap|} # not required. choices: prefix;routemap. Type of policy mapped to C(jp_policy_out).
"""
'nxos_pim_rp_address':
'prefix': "nxos_pim_rp_address_snippet"
'description': "Manages configuration of an PIM static RP address instance."
'body': """
nxos_pim_rp_address:
state: ${1|present,absent,default|} # required. choices: present;absent;default. Specify desired state of the resource.
rp_address: ${2:undefined} # required. Configures a Protocol Independent Multicast (PIM) static rendezvous point (RP) address. Valid values are unicast addresses.
bidir: ${3|true,false|} # not required. choices: true;false. Group range is treated in PIM bidirectional mode.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
route_map: ${5:null} # not required. Route map policy for static RP. Valid values are route-map policy names.
prefix_list: ${6:null} # not required. Prefix list policy for static RP. Valid values are prefix-list policy names.
group_list: ${7:null} # not required. Group range for static RP. Valid values are multicast addresses.
"""
'nxos_ping':
'prefix': "nxos_ping_snippet"
'description': "Tests reachability using ping from Nexus switch."
'body': """
nxos_ping:
dest: ${1:undefined} # required. IP address or hostname (resolvable by switch) of remote node.
count: ${2:5} # not required. Number of packets to send.
source: ${3:undefined} # not required. Source IP Address or hostname (resolvable by switch)
state: ${4|absent,present|} # not required. choices: absent;present. Determines if the expected result is success or fail.
vrf: ${5:undefined} # not required. Outgoing VRF.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_portchannel':
'prefix': "nxos_portchannel_snippet"
'description': "Manages port-channel interfaces."
'body': """
nxos_portchannel:
group: ${1:undefined} # required. Channel-group number for the port-channel.
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
force: ${3|true,false|} # not required. choices: true;false. When true it forces port-channel members to match what is declared in the members param. This can be used to remove members.
mode: ${4|active,passive,on|} # not required. choices: active;passive;on. Mode for the port-channel, i.e. on, active, passive.
members: ${5:null} # not required. List of interfaces that will be managed in a given portchannel.
min_links: ${6:null} # not required. Min links required to keep portchannel up.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_reboot':
'prefix': "nxos_reboot_snippet"
'description': "Reboot a network device."
'body': """
nxos_reboot:
provider: ${1:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
confirm: ${2:false} # not required. Safeguard boolean. Set to true if you're sure you want to reboot.
"""
'nxos_rollback':
'prefix': "nxos_rollback_snippet"
'description': "Set a checkpoint or rollback to a checkpoint."
'body': """
nxos_rollback:
checkpoint_file: ${1:null} # not required. Name of checkpoint file to create. Mutually exclusive with rollback_to.
rollback_to: ${2:null} # not required. Name of checkpoint file to rollback to. Mutually exclusive with checkpoint_file.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_smu':
'prefix': "nxos_smu_snippet"
'description': "Perform SMUs on Cisco NX-OS devices."
'body': """
nxos_smu:
pkg: ${1:undefined} # required. Name of the remote package.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
file_system: ${3:null} # not required. The remote file system of the device. If omitted, devices that support a file_system parameter will use their default values.
"""
'nxos_snapshot':
'prefix': "nxos_snapshot_snippet"
'description': "Manage snapshots of the running states of selected features."
'body': """
nxos_snapshot:
action: ${1|create,add,compare,delete|} # required. choices: create;add;compare;delete. Define what snapshot action the module would perform.
description: ${2:null} # not required. Snapshot description to be used when C(action=create).
section: ${3:null} # not required. Used to name the show command output, to be used when C(action=add).
snapshot1: ${4:null} # not required. First snapshot to be used when C(action=compare).
comparison_results_file: ${5:null} # not required. Name of the file where snapshots comparison will be stored when C(action=compare).
snapshot2: ${6:null} # not required. Second snapshot to be used when C(action=compare).
element_key1: ${7:null} # not required. Specify the tags used to distinguish among row entries, to be used when C(action=add).
element_key2: ${8:null} # not required. Specify the tags used to distinguish among row entries, to be used when C(action=add).
snapshot_name: ${9:null} # not required. Snapshot name, to be used when C(action=create) or C(action=delete).
save_snapshot_locally: ${10|true,false|} # not required. choices: true;false. Specify to locally store a new created snapshot, to be used when C(action=create).
provider: ${11:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
path: ${12:./} # not required. Specify the path of the file where new created snapshot or snapshots comparison will be stored, to be used when C(action=create) and C(save_snapshot_locally=true) or C(action=compare).
row_id: ${13:null} # not required. Specifies the tag of each row entry of the show command's XML output, to be used when C(action=add).
show_command: ${14:null} # not required. Specify a new show command, to be used when C(action=add).
compare_option: ${15|summary,ipv4routes,ipv6routes|} # not required. choices: summary;ipv4routes;ipv6routes. Snapshot options to be used when C(action=compare).
"""
'nxos_snmp_community':
'prefix': "nxos_snmp_community_snippet"
'description': "Manages SNMP community configs."
'body': """
nxos_snmp_community:
community: ${1:undefined} # required. Case-sensitive community string.
group: ${2:undefined} # not required. Group to which the community belongs.
acl: ${3:undefined} # not required. ACL name to filter snmp requests or keyword 'default'.
access: ${4|ro,rw|} # not required. choices: ro;rw. Access type for community.
state: ${5|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_snmp_contact':
'prefix': "nxos_snmp_contact_snippet"
'description': "Manages SNMP contact info."
'body': """
nxos_snmp_contact:
state: ${1|present,absent|} # required. choices: present;absent. Manage the state of the resource.
contact: ${2:undefined} # required. Contact information.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_snmp_host':
'prefix': "nxos_snmp_host_snippet"
'description': "Manages SNMP host configuration."
'body': """
nxos_snmp_host:
snmp_host: ${1:undefined} # required. IP address of hostname of target host.
vrf_filter: ${2:undefined} # not required. Name of VRF to filter. If state = absent, the vrf is removed from the filter.
udp: ${3:162} # not required. UDP port number (0-65535).
src_intf: ${4:undefined} # not required. Source interface. Must be fully qualified interface name. If state = absent, the interface is removed.
community: ${5:undefined} # not required. Community string or v3 username.
state: ${6|present,absent|} # not required. choices: present;absent. Manage the state of the resource. If state = present, the host is added to the configuration. If only vrf and/or vrf_filter and/or src_intf are given, they will be added to the existing host configuration. If state = absent, the host is removed if community parameter is given. It is possible to remove only vrf and/or src_int and/or vrf_filter by providing only those parameters and no community parameter.
version: ${7|v1,v2c,v3|} # not required. choices: v1;v2c;v3. SNMP version. If this is not specified, v1 is used.
v3: ${8|noauth,auth,priv|} # not required. choices: noauth;auth;priv. Use this when verion is v3. SNMPv3 Security level.
snmp_type: ${9|trap,inform|} # not required. choices: trap;inform. type of message to send to host. If this is not specified, trap type is used.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
vrf: ${11:undefined} # not required. VRF to use to source traffic to source. If state = absent, the vrf is removed.
"""
'nxos_snmp_location':
'prefix': "nxos_snmp_location_snippet"
'description': "Manages SNMP location information."
'body': """
nxos_snmp_location:
location: ${1:undefined} # required. Location information.
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_snmp_traps':
'prefix': "nxos_snmp_traps_snippet"
'description': "Manages SNMP traps."
'body': """
nxos_snmp_traps:
group: ${1|aaa,bfd,bgp,bridge,callhome,cfs,config,eigrp,entity,feature-control,generic,hsrp,license,link,lldp,mmode,ospf,pim,rf,rmon,snmp,storm-control,stpx,switchfabric,syslog,sysmgr,system,upgrade,vtp,all|} # required. choices: aaa;bfd;bgp;bridge;callhome;cfs;config;eigrp;entity;feature-control;generic;hsrp;license;link;lldp;mmode;ospf;pim;rf;rmon;snmp;storm-control;stpx;switchfabric;syslog;sysmgr;system;upgrade;vtp;all. Case sensitive group.
state: ${2|enabled,disabled|} # not required. choices: enabled;disabled. Manage the state of the resource.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_snmp_user':
'prefix': "nxos_snmp_user_snippet"
'description': "Manages SNMP users for monitoring."
'body': """
nxos_snmp_user:
user: ${1:undefined} # required. Name of the user.
authentication: ${2|md5,sha|} # not required. choices: md5;sha. Authentication parameters for the user.
state: ${3|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
encrypt: ${4:undefined} # not required. Enables AES-128 bit encryption when using privacy password.
privacy: ${5:undefined} # not required. Privacy password for the user. This is not idempotent
group: ${6:undefined} # not required. Group to which the user will belong to. If state = present, and the user is existing, the group is added to the user. If the user is not existing, user entry is created with this group argument. If state = absent, only the group is removed from the user entry. However, to maintain backward compatibility, if the existing user belongs to only one group, and if group argument is same as the existing user's group, then the user entry also is deleted.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
pwd: ${8:undefined} # not required. Authentication password when using md5 or sha. This is not idempotent
"""
'nxos_static_route':
'prefix': "nxos_static_route_snippet"
'description': "Manages static route configuration"
'body': """
nxos_static_route:
prefix: ${1:undefined} # required. Destination prefix of static route.
next_hop: ${2:undefined} # required. Next hop address or interface of static route. If interface, it must be the fully-qualified interface name.
pref: ${3:undefined} # not required. Preference or administrative difference of route (range 1-255) or keyword 'default'.
route_name: ${4:undefined} # not required. Name of the route or keyword 'default'. Used with the name parameter on the CLI.
state: ${5|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
tag: ${6:undefined} # not required. Route tag value (numeric) or keyword 'default'.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${8:undefined} # not required. List of static route definitions
vrf: ${9:default} # not required. VRF for static route.
"""
'nxos_switchport':
'prefix': "nxos_switchport_snippet"
'description': "Manages Layer 2 switchport interfaces."
'body': """
nxos_switchport:
interface: ${1:null} # required. Full name of the interface, i.e. Ethernet1/1.
native_vlan: ${2:null} # not required. If C(mode=trunk), used as the trunk native VLAN ID.
access_vlan: ${3:null} # not required. If C(mode=access), used as the access VLAN ID.
state: ${4|present,absent,unconfigured|} # not required. choices: present;absent;unconfigured. Manage the state of the resource.
trunk_allowed_vlans: ${5:null} # not required. if C(mode=trunk), these are the only VLANs that will be configured on the trunk, i.e. \"2-10,15\".
mode: ${6|access,trunk|} # not required. choices: access;trunk. Mode for the Layer 2 port.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
trunk_vlans: ${8:null} # not required. If C(mode=trunk), used as the VLAN range to ADD or REMOVE from the trunk.
"""
'nxos_system':
'prefix': "nxos_system_snippet"
'description': "Manage the system attributes on Cisco NXOS devices"
'body': """
nxos_system:
domain_lookup: ${1:undefined} # not required. Enables or disables the DNS lookup feature in Cisco NXOS. This argument accepts boolean values. When enabled, the system will try to resolve hostnames using DNS and when disabled, hostnames will not be resolved.
state: ${2|present,absent|} # not required. choices: present;absent. State of the configuration values in the device's current active configuration. When set to I(present), the values should be configured in the device active configuration and when set to I(absent) the values should not be in the device active configuration
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
name_servers: ${4:undefined} # not required. List of DNS name servers by IP address to use to perform name resolution lookups. This argument accepts either a list of DNS servers or a list of hashes that configure the name server and VRF name. See examples.
domain_search: ${5:undefined} # not required. Configures a list of domain name suffixes to search when performing DNS name resolution. This argument accepts either a list of domain names or a list of dicts that configure the domain name and VRF name. See examples.
hostname: ${6:undefined} # not required. Configure the device hostname parameter. This option takes an ASCII string value.
system_mtu: ${7:undefined} # not required. Specifies the mtu, must be an integer.
domain_name: ${8:undefined} # not required. Configures the default domain name suffix to be used when referencing this node by its FQDN. This argument accepts either a list of domain names or a list of dicts that configure the domain name and VRF name. See examples.
"""
'nxos_udld':
'prefix': "nxos_udld_snippet"
'description': "Manages UDLD global configuration params."
'body': """
nxos_udld:
reset: ${1|true|} # not required. choices: true. Ability to reset all ports shut down by UDLD. 'state' parameter cannot be 'absent' when this is present.
msg_time: ${2:null} # not required. Message time in seconds for UDLD packets or keyword 'default'.
aggressive: ${3|enabled,disabled|} # not required. choices: enabled;disabled. Toggles aggressive mode.
state: ${4|present,absent|} # not required. choices: present;absent. Manage the state of the resource. When set to 'absent', aggressive and msg_time are set to their default values.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_udld_interface':
'prefix': "nxos_udld_interface_snippet"
'description': "Manages UDLD interface configuration params."
'body': """
nxos_udld_interface:
interface: ${1:undefined} # required. FULL name of the interface, i.e. Ethernet1/1-
mode: ${2|enabled,disabled,aggressive|} # required. choices: enabled;disabled;aggressive. Manages UDLD mode for an interface.
state: ${3|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_user':
'prefix': "nxos_user_snippet"
'description': "Manage the collection of local users on Nexus devices"
'body': """
nxos_user:
update_password: ${1|on_create,always|} # not required. choices: on_create;always. Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to C(always), the password will always be updated in the device and when set to C(on_create) the password will be updated only if the username is created.
configured_password: ${2:undefined} # not required. The password to be configured on the network device. The password needs to be provided in cleartext and it will be encrypted on the device. Please note that this option is not same as C(provider password).
name: ${3:null} # not required. The username to be configured on the remote Cisco Nexus device. This argument accepts a string value and is mutually exclusive with the C(aggregate) argument.
purge: ${4:false} # not required. The C(purge) argument instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user which cannot be deleted per nxos constraints.
state: ${5|present,absent|} # not required. choices: present;absent. The C(state) argument configures the state of the username definition as it relates to the device operational configuration. When set to I(present), the username(s) should be configured in the device active configuration and when set to I(absent) the username(s) should not be in the device active configuration
role: ${6:null} # not required. The C(role) argument configures the role for the username in the device running configuration. The argument accepts a string value defining the role name. This argument does not check if the role has been configured on the device.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${8:null} # not required. The set of username objects to be configured on the remote Cisco Nexus device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the C(name) argument.
sshkey: ${9:null} # not required. The C(sshkey) argument defines the SSH public key to configure for the username. This argument accepts a valid SSH key value.
"""
'nxos_vlan':
'prefix': "nxos_vlan_snippet"
'description': "Manages VLAN resources and attributes."
'body': """
nxos_vlan:
purge: ${1:false} # not required. Purge VLANs not defined in the I(aggregate) parameter. This parameter can be used without aggregate as well.
vlan_state: ${2|active,suspend|} # not required. choices: active;suspend. Manage the vlan operational state of the VLAN This is being deprecated in favor of state.
name: ${3:null - Name of VLAN or keyword 'default'.} # not required. Name of VLAN.
interfaces: ${4:undefined} # not required. List of interfaces that should be associated to the VLAN or keyword 'default'.
mapped_vni: ${5:null} # not required. The Virtual Network Identifier (VNI) ID that is mapped to the VLAN. Valid values are integer and keyword 'default'. Range 4096-16773119.
delay: ${6:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state arguments.
associated_interfaces: ${7:undefined} # not required. This is a intent option and checks the operational state of the for given vlan C(name) for associated interfaces. If the value in the C(associated_interfaces) does not match with the operational state of vlan interfaces on device it will result in failure.
state: ${8|present,absent|} # not required. choices: present;absent. Manage the state of the resource.
admin_state: ${9|up,down|} # not required. choices: up;down. Manage the VLAN administrative state of the VLAN equivalent to shut/no shut in VLAN config mode.
mode: ${10|ce,fabricpath|} # not required. choices: ce;fabricpath. Set VLAN mode to classical ethernet or fabricpath. This is a valid option for Nexus 5000 and 7000 series.
provider: ${11:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${12:undefined} # not required. List of VLANs definitions.
vlan_range: ${13:null} # not required. Range of VLANs such as 2-10 or 2,5,10-15, etc.
vlan_id: ${14:null} # not required. Single VLAN ID.
"""
'nxos_vpc':
'prefix': "nxos_vpc_snippet"
'description': "Manages global VPC configuration"
'body': """
nxos_vpc:
domain: ${1:undefined} # required. VPC domain
state: ${2|present,absent|} # required. choices: present;absent. Manages desired state of the resource
system_priority: ${3:null} # not required. System priority device. Remember they must match between peers.
role_priority: ${4:null} # not required. Role priority for device. Remember lower is better.
auto_recovery: ${5|true,false|} # not required. choices: true;false. Enables/Disables auto recovery
pkl_vrf: ${6:management} # not required. VRF used for peer keepalive link
delay_restore: ${7:null} # not required. manages delay restore command and config value in seconds
peer_gw: ${8|true,false|} # not required. choices: true;false. Enables/Disables peer gateway
provider: ${9:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
pkl_dest: ${10:null} # not required. Destination (remote) IP address used for peer keepalive link
pkl_src: ${11:null} # not required. Source IP address used for peer keepalive link
"""
'nxos_vpc_interface':
'prefix': "nxos_vpc_interface_snippet"
'description': "Manages interface VPC configuration"
'body': """
nxos_vpc_interface:
state: ${1|present,absent|} # required. choices: present;absent. Manages desired state of the resource.
portchannel: ${2:undefined} # required. Group number of the portchannel that will be configured.
vpc: ${3:null} # not required. VPC group/id that will be configured on associated portchannel.
peer_link: ${4:null} # not required. Set to true/false for peer link config on associated portchannel.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_vrf':
'prefix': "nxos_vrf_snippet"
'description': "Manages global VRF configuration."
'body': """
nxos_vrf:
name: ${1:undefined} # required. Name of VRF to be managed.
rd: ${2:null} # not required. VPN Route Distinguisher (RD). Valid values are a string in one of the route-distinguisher formats (ASN2:NN, ASN4:NN, or IPV4:NN); the keyword 'auto', or the keyword 'default'.
interfaces: ${3:undefined} # not required. List of interfaces to check the VRF has been configured correctly or keyword 'default'.
vni: ${4:null} # not required. Specify virtual network identifier. Valid values are Integer or keyword 'default'.
purge: ${5:false} # not required. Purge VRFs not defined in the I(aggregate) parameter.
associated_interfaces: ${6:undefined} # not required. This is a intent option and checks the operational state of the for given vrf C(name) for associated interfaces. If the value in the C(associated_interfaces) does not match with the operational state of vrf interfaces on device it will result in failure.
state: ${7|present,absent|} # not required. choices: present;absent. Manages desired state of the resource.
delay: ${8:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state arguments.
admin_state: ${9|up,down|} # not required. choices: up;down. Administrative state of the VRF.
provider: ${10:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${11:undefined} # not required. List of VRFs definitions.
description: ${12:null} # not required. Description of the VRF or keyword 'default'.
"""
'nxos_vrf_af':
'prefix': "nxos_vrf_af_snippet"
'description': "Manages VRF AF."
'body': """
nxos_vrf_af:
afi: ${1|ipv4,ipv6|} # required. choices: ipv4;ipv6. Address-Family Identifier (AFI).
safi: ${2|unicast,multicast|} # required. choices: unicast;multicast. Sub Address-Family Identifier (SAFI).,Deprecated in 2.4
vrf: ${3:undefined} # required. Name of the VRF.
state: ${4|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
route_target_both_auto_evpn: ${5|true,false|} # not required. choices: true;false. Enable/Disable the EVPN route-target 'auto' setting for both import and export target communities.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_vrf_interface':
'prefix': "nxos_vrf_interface_snippet"
'description': "Manages interface specific VRF configuration."
'body': """
nxos_vrf_interface:
interface: ${1:undefined} # required. Full name of interface to be managed, i.e. Ethernet1/1.
vrf: ${2:undefined} # required. Name of VRF to be managed.
state: ${3|present,absent|} # not required. choices: present;absent. Manages desired state of the resource.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_vrrp':
'prefix': "nxos_vrrp_snippet"
'description': "Manages VRRP configuration on NX-OS switches."
'body': """
nxos_vrrp:
group: ${1:undefined} # required. VRRP group number.
interface: ${2:undefined} # required. Full name of interface that is being managed for VRRP.
preempt: ${3|True,False|} # not required. choices: True;False. Enable/Disable preempt.
vip: ${4:null} # not required. VRRP virtual IP address.
authentication: ${5:null} # not required. Clear text authentication string.
priority: ${6:null} # not required. VRRP priority.
state: ${7|present,absent|} # not required. choices: present;absent. Specify desired state of the resource.
admin_state: ${8|shutdown,no shutdown|} # not required. choices: shutdown;no shutdown. Used to enable or disable the VRRP process.
provider: ${9:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_vtp_domain':
'prefix': "nxos_vtp_domain_snippet"
'description': "Manages VTP domain configuration."
'body': """
nxos_vtp_domain:
domain: ${1:undefined} # required. VTP domain name.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_vtp_password':
'prefix': "nxos_vtp_password_snippet"
'description': "Manages VTP password configuration."
'body': """
nxos_vtp_password:
vtp_password: ${1:null} # not required. VTP password
state: ${2|present,absent|} # not required. choices: present;absent. Manage the state of the resource
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_vtp_version':
'prefix': "nxos_vtp_version_snippet"
'description': "Manages VTP version configuration."
'body': """
nxos_vtp_version:
version: ${1|1,2|} # required. choices: 1;2. VTP version number.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
"""
'nxos_vxlan_vtep':
'prefix': "nxos_vxlan_vtep_snippet"
'description': "Manages VXLAN Network Virtualization Endpoint (NVE)."
'body': """
nxos_vxlan_vtep:
interface: ${1:undefined} # required. Interface name for the VXLAN Network Virtualization Endpoint.
state: ${2|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
description: ${3:null} # not required. Description of the NVE interface.
shutdown: ${4|true,false|} # not required. choices: true;false. Administratively shutdown the NVE interface.
source_interface: ${5:null} # not required. Specify the loopback interface whose IP address should be used for the NVE interface.
provider: ${6:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
host_reachability: ${7|true,false|} # not required. choices: true;false. Specify mechanism for host reachability advertisement.
source_interface_hold_down_time: ${8:null} # not required. Suppresses advertisement of the NVE loopback address until the overlay has converged.
"""
'nxos_vxlan_vtep_vni':
'prefix': "nxos_vxlan_vtep_vni_snippet"
'description': "Creates a Virtual Network Identifier member (VNI)"
'body': """
nxos_vxlan_vtep_vni:
vni: ${1:undefined} # required. ID of the Virtual Network Identifier.
interface: ${2:undefined} # required. Interface name for the VXLAN Network Virtualization Endpoint.
assoc_vrf: ${3|true,false|} # not required. choices: true;false. This attribute is used to identify and separate processing VNIs that are associated with a VRF and used for routing. The VRF and VNI specified with this command must match the configuration of the VNI under the VRF.
multicast_group: ${4:null} # not required. The multicast group (range) of the VNI. Valid values are string and keyword 'default'.
state: ${5|present,absent|} # not required. choices: present;absent. Determines whether the config should be present or not on the device.
peer_list: ${6:null} # not required. Set the ingress-replication static peer list. Valid values are an array, a space-separated string of ip addresses, or the keyword 'default'.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,This option is only required if you are using NX-API.,For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).,HORIZONTALLINE,A dict object containing connection details.
ingress_replication: ${8|bgp,static,default|} # not required. choices: bgp;static;default. Specifies mechanism for host reachability advertisement.
suppress_arp: ${9|true,false|} # not required. choices: true;false. Suppress arp under layer 2 VNI.
"""
'oc':
'prefix': "oc_snippet"
'description': "Manage OpenShift Resources"
'body': """
oc:
kind: ${1:undefined} # required. The kind of the resource upon which to take action.
token: ${2:undefined} # required. The token with which to authenticate against the OpenShift cluster.
state: ${3|present,absent|} # required. choices: present;absent. If the state is present, and the resource doesn't exist, it shall be created using the inline definition. If the state is present and the resource exists, the definition will be updated, again using an inline definition. If the state is absent, the resource will be deleted if it exists.
name: ${4:undefined} # not required. The name of the resource on which to take action.
namespace: ${5:undefined} # not required. The namespace of the resource upon which to take action.
host: ${6:127.0.0.1} # not required. Hostname or address of the OpenShift API endpoint. By default, this is expected to be the current inventory host.
inline: ${7:undefined} # not required. The inline definition of the resource. This is mutually exclusive with name, namespace and kind.
validate_certs: ${8:true} # not required. If C(no), SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates.
port: ${9:8443} # not required. The port number of the API endpoint.
"""
'office_365_connector_card':
'prefix': "office_365_connector_card_snippet"
'description': "Use webhooks to create Connector Card messages within an Office 365 group"
'body': """
office_365_connector_card:
webhook: ${1:undefined} # required. The webhook URL is given to you when you create a new Connector.
sections: ${2:undefined} # not required. Contains a list of sections to display in the card.,For more information see https://dev.outlook.com/Connectors/reference.
title: ${3:undefined} # not required. A title for the Connector message. Shown at the top of the message.
color: ${4:undefined} # not required. Accent color used for branding or indicating status in the card.
text: ${5:undefined} # not required. The main text of the card.,This will be rendered below the sender information and optional title,,and above any sections or actions present.
actions: ${6:undefined} # not required. This array of objects will power the action links,found at the bottom of the card.
summary: ${7:undefined} # not required. A string used for summarizing card content.,This will be shown as the message subject.,This is required if the text parameter isn't populated.
"""
'ohai':
'prefix': "ohai_snippet"
'description': "Returns inventory data from I(Ohai)"
'body': """
ohai:
"""
'omapi_host':
'prefix': "omapi_host_snippet"
'description': "Setup OMAPI hosts."
'body': """
omapi_host:
macaddr: ${1:undefined} # required. Sets the lease host MAC address.
key_name: ${2:undefined} # required. Sets the TSIG key name for authenticating against OMAPI server.
state: ${3|present,absent|} # required. choices: present;absent. Create or remove OMAPI host.
key: ${4:undefined} # required. Sets the TSIG key content for authenticating against OMAPI server.
statements: ${5:} # not required. Attach a list of OMAPI DHCP statements with host lease (without ending semicolon).
name: ${6:None} # not required. Sets the host lease hostname (mandatory if state=present).
host: ${7:localhost} # not required. Sets OMAPI server host to interact with.
ddns: ${8:false} # not required. Enable dynamic DNS updates for this host.
ip: ${9:None} # not required. Sets the lease host IP address.
port: ${10:7911} # not required. Sets the OMAPI server port to interact with.
"""
'oneandone_firewall_policy':
'prefix': "oneandone_firewall_policy_snippet"
'description': "Configure 1&1 firewall policy."
'body': """
oneandone_firewall_policy:
firewall_policy: ${1:undefined} # required. The identifier (id or name) of the firewall policy used with update state.
name: ${2:undefined} # required. Firewall policy name used with present state. Used as identifier (id or name) when used with absent state. maxLength=128
auth_token: ${3:undefined} # required. Authenticating API token provided by 1&1.
add_rules: ${4:undefined} # not required. A list of rules that will be added to an existing firewall policy. It is syntax is the same as the one used for rules parameter. Used in combination with update state.
rules: ${5:undefined} # not required. A list of rules that will be set for the firewall policy. Each rule must contain protocol parameter, in addition to three optional parameters (port_from, port_to, and source)
remove_server_ips: ${6:undefined} # not required. A list of server IP ids to be unassigned from a firewall policy. Used in combination with update state.
wait_interval: ${7:5} # not required. Defines the number of seconds to wait when using the _wait_for methods
state: ${8|present,absent,update|} # not required. choices: present;absent;update. Define a firewall policy state to create, remove, or update.
wait_timeout: ${9:600} # not required. how long before wait gives up, in seconds
add_server_ips: ${10:undefined} # not required. A list of server identifiers (id or name) to be assigned to a firewall policy. Used in combination with update state.
api_url: ${11:undefined} # not required. Custom API URL. Overrides the ONEANDONE_API_URL environement variable.
wait: ${12|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
remove_rules: ${13:undefined} # not required. A list of rule ids that will be removed from an existing firewall policy. Used in combination with update state.
description: ${14:undefined} # not required. Firewall policy description. maxLength=256
"""
'oneandone_load_balancer':
'prefix': "oneandone_load_balancer_snippet"
'description': "Configure 1&1 load balancer."
'body': """
oneandone_load_balancer:
load_balancer: ${1:undefined} # required. The identifier (id or name) of the load balancer used with update state.
rules: ${2:undefined} # required. A list of rule objects that will be set for the load balancer. Each rule must contain protocol, port_balancer, and port_server parameters, in addition to source parameter, which is optional.
auth_token: ${3:undefined} # required. Authenticating API token provided by 1&1.
health_check_test: ${4|NONE,TCP,HTTP,ICMP|} # required. choices: NONE;TCP;HTTP;ICMP. Type of the health check. At the moment, HTTP is not allowed.
persistence_time: ${5:undefined} # required. Persistence time in seconds. Required if persistence is enabled. minimum=30, maximum=1200, multipleOf=1
health_check_interval: ${6:undefined} # required. Health check period in seconds. minimum=5, maximum=300, multipleOf=1
name: ${7:undefined} # required. Load balancer name used with present state. Used as identifier (id or name) when used with absent state. maxLength=128
method: ${8|ROUND_ROBIN,LEAST_CONNECTIONS|} # required. choices: ROUND_ROBIN;LEAST_CONNECTIONS. Balancing procedure.
persistence: ${9:undefined} # required. Persistence.
add_rules: ${10:undefined} # not required. A list of rules that will be added to an existing load balancer. It is syntax is the same as the one used for rules parameter. Used in combination with update state.
description: ${11:undefined} # not required. Description of the load balancer. maxLength=256
health_check_parse: ${12:undefined} # not required. Regular expression to check. Required for HTTP health check. maxLength=64
wait_timeout: ${13:600} # not required. how long before wait gives up, in seconds
add_server_ips: ${14:undefined} # not required. A list of server identifiers (id or name) to be assigned to a load balancer. Used in combination with update state.
health_check_path: ${15:undefined} # not required. Url to call for cheking. Required for HTTP health check. maxLength=1000
wait: ${16|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
datacenter: ${17|US,ES,DE,GB|} # not required. choices: US;ES;DE;GB. ID or country code of the datacenter where the load balancer will be created.
api_url: ${18:undefined} # not required. Custom API URL. Overrides the ONEANDONE_API_URL environement variable.
wait_interval: ${19:5} # not required. Defines the number of seconds to wait when using the _wait_for methods
remove_server_ips: ${20:undefined} # not required. A list of server IP ids to be unassigned from a load balancer. Used in combination with update state.
state: ${21|present,absent,update|} # not required. choices: present;absent;update. Define a load balancer state to create, remove, or update.
remove_rules: ${22:undefined} # not required. A list of rule ids that will be removed from an existing load balancer. Used in combination with update state.
"""
'oneandone_monitoring_policy':
'prefix': "oneandone_monitoring_policy_snippet"
'description': "Configure 1&1 monitoring policy."
'body': """
oneandone_monitoring_policy:
name: ${1:undefined} # required. Monitoring policy name used with present state. Used as identifier (id or name) when used with absent state. maxLength=128
thresholds: ${2:undefined} # required. Monitoring policy thresholds. Each of the suboptions have warning and critical, which both have alert and value suboptions. Warning is used to set limits for warning alerts, critical is used to set critical alerts. alert enables alert, and value is used to advise when the value is exceeded.
agent: ${3:undefined} # required. Set true for using agent.
email: ${4:undefined} # required. User's email. maxLength=128
monitoring_policy: ${5:undefined} # required. The identifier (id or name) of the monitoring policy used with update state.
processes: ${6:undefined} # required. Array of processes that will be monitoring.
auth_token: ${7:undefined} # required. Authenticating API token provided by 1&1.
ports: ${8:undefined} # required. Array of ports that will be monitoring.
add_ports: ${9:undefined} # not required. Ports to add to the monitoring policy.
wait_timeout: ${10:600} # not required. how long before wait gives up, in seconds
remove_servers: ${11:undefined} # not required. Servers to remove from the monitoring policy.
update_ports: ${12:undefined} # not required. Ports to be updated on the monitoring policy.
description: ${13:undefined} # not required. Monitoring policy description. maxLength=256
api_url: ${14:undefined} # not required. Custom API URL. Overrides the ONEANDONE_API_URL environement variable.
wait_interval: ${15:5} # not required. Defines the number of seconds to wait when using the _wait_for methods
remove_processes: ${16:undefined} # not required. Processes to remove from the monitoring policy.
add_servers: ${17:undefined} # not required. Servers to add to the monitoring policy.
state: ${18|present,absent,update|} # not required. choices: present;absent;update. Define a monitoring policy's state to create, remove, update.
update_processes: ${19:undefined} # not required. Processes to be updated on the monitoring policy.
remove_ports: ${20:undefined} # not required. Ports to remove from the monitoring policy.
add_processes: ${21:undefined} # not required. Processes to add to the monitoring policy.
wait: ${22|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
"""
'oneandone_private_network':
'prefix': "oneandone_private_network_snippet"
'description': "Configure 1&1 private networking."
'body': """
oneandone_private_network:
auth_token: ${1:undefined} # required. Authenticating API token provided by 1&1.
name: ${2:undefined} # required. Private network name used with present state. Used as identifier (id or name) when used with absent state.
private_network: ${3:undefined} # required. The identifier (id or name) of the network used with update state.
datacenter: ${4:undefined} # not required. The identifier of the datacenter where the private network will be created
description: ${5:undefined} # not required. Set a description for the network.
wait_interval: ${6:5} # not required. Defines the number of seconds to wait when using the _wait_for methods
network_address: ${7:undefined} # not required. Set a private network space, i.e. 192.168.1.0
subnet_mask: ${8:undefined} # not required. Set the netmask for the private network, i.e. 255.255.255.0
state: ${9|present,absent,update|} # not required. choices: present;absent;update. Define a network's state to create, remove, or update.
wait_timeout: ${10:600} # not required. how long before wait gives up, in seconds
add_members: ${11:undefined} # not required. List of server identifiers (name or id) to be added to the private network.
wait: ${12|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
remove_members: ${13:undefined} # not required. List of server identifiers (name or id) to be removed from the private network.
api_url: ${14:undefined} # not required. Custom API URL. Overrides the ONEANDONE_API_URL environement variable.
"""
'oneandone_public_ip':
'prefix': "oneandone_public_ip_snippet"
'description': "Configure 1&1 public IPs."
'body': """
oneandone_public_ip:
auth_token: ${1:undefined} # required. Authenticating API token provided by 1&1.
public_ip_id: ${2:undefined} # required. The ID of the public IP used with update and delete states.
datacenter: ${3:undefined} # not required. ID of the datacenter where the IP will be created (only for unassigned IPs).
api_url: ${4:undefined} # not required. Custom API URL. Overrides the ONEANDONE_API_URL environement variable.
wait_interval: ${5:5} # not required. Defines the number of seconds to wait when using the _wait_for methods
reverse_dns: ${6:undefined} # not required. Reverse DNS name. maxLength=256
state: ${7|present,absent,update|} # not required. choices: present;absent;update. Define a public ip state to create, remove, or update.
wait_timeout: ${8:600} # not required. how long before wait gives up, in seconds
type: ${9|IPV4,IPV6|} # not required. choices: IPV4;IPV6. Type of IP. Currently, only IPV4 is available.
wait: ${10|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
"""
'oneandone_server':
'prefix': "oneandone_server_snippet"
'description': "Create, destroy, start, stop, and reboot a 1&1 Host server."
'body': """
oneandone_server:
auth_token: ${1:undefined} # required. Authenticating API token provided by 1&1. Overrides the ONEANDONE_AUTH_TOKEN environement variable.
fixed_instance_size: ${2|S,M,L,XL,XXL,3XL,4XL,5XL|} # required. choices: S;M;L;XL;XXL;3XL;4XL;5XL. The instance size name or ID of the server. It is required only for 'present' state, and it is mutually exclusive with vcore, cores_per_processor, ram, and hdds parameters.
load_balancer: ${3:undefined} # not required. The load balancer name or ID.
vcore: ${4:undefined} # not required. The total number of processors. It must be provided with cores_per_processor, ram, and hdds parameters.
description: ${5:undefined} # not required. The description of the server.
server_type: ${6|cloud,baremetal,k8s_node|} # not required. choices: cloud;baremetal;k8s_node. The type of server to be built.
auto_increment: ${7|yes,no|} # not required. choices: yes;no. When creating multiple servers at once, whether to differentiate hostnames by appending a count after them or substituting the count where there is a %02d or %03d in the hostname string.
ram: ${8:undefined} # not required. The amount of RAM memory. It must be provided with with vcore, cores_per_processor, and hdds parameters.
ssh_key: ${9:None} # not required. User's public SSH key (contents, not path).
wait_timeout: ${10:600} # not required. how long before wait gives up, in seconds
private_network: ${11:undefined} # not required. The private network name or ID.
monitoring_policy: ${12:undefined} # not required. The monitoring policy name or ID.
wait: ${13|yes,no|} # not required. choices: yes;no. Wait for the server to be in state 'running' before returning. Also used for delete operation (set to 'false' if you don't want to wait for each individual server to be deleted before moving on with other tasks.)
count: ${14:1} # not required. The number of servers to create.
datacenter: ${15|US,ES,DE,GB|} # not required. choices: US;ES;DE;GB. The datacenter location.
firewall_policy: ${16:undefined} # not required. The firewall policy name or ID.
api_url: ${17:undefined} # not required. Custom API URL. Overrides the ONEANDONE_API_URL environement variable.
cores_per_processor: ${18:undefined} # not required. The number of cores per processor. It must be provided with vcore, ram, and hdds parameters.
hdds: ${19:undefined} # not required. A list of hard disks with nested \"size\" and \"is_main\" properties. It must be provided with vcore, cores_per_processor, and ram parameters.
wait_interval: ${20:5} # not required. Defines the number of seconds to wait when using the wait_for methods
hostname: ${21:undefined} # not required. The hostname or ID of the server. Only used when state is 'present'.
appliance: ${22:undefined} # not required. The operating system name or ID for the server. It is required only for 'present' state.
server: ${23:undefined} # not required. Server identifier (ID or hostname). It is required for all states except 'running' and 'present'.
state: ${24|present,absent,running,stopped|} # not required. choices: present;absent;running;stopped. Define a server's state to create, remove, start or stop it.
"""
'oneview_datacenter_facts':
'prefix': "oneview_datacenter_facts_snippet"
'description': "Retrieve facts about the OneView Data Centers"
'body': """
oneview_datacenter_facts:
params: ${1:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(filter): A general filter/query string to narrow the list of items returned. - C(sort): The sort order of the returned data set.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
name: ${3:undefined} # not required. Data Center name.
options: ${4:undefined} # not required. Retrieve additional facts. Options available: 'visualContent'.
"""
'oneview_enclosure_facts':
'prefix': "oneview_enclosure_facts_snippet"
'description': "Retrieve facts about one or more Enclosures"
'body': """
oneview_enclosure_facts:
params: ${1:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(filter): A general filter/query string to narrow the list of items returned. - C(sort): The sort order of the returned data set.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
name: ${3:undefined} # not required. Enclosure name.
options: ${4:undefined} # not required. List with options to gather additional facts about an Enclosure and related resources. Options allowed: C(script), C(environmentalConfiguration), and C(utilization). For the option C(utilization), you can provide specific parameters.
"""
'oneview_ethernet_network':
'prefix': "oneview_ethernet_network_snippet"
'description': "Manage OneView Ethernet Network resources"
'body': """
oneview_ethernet_network:
data: ${1:undefined} # required. List with Ethernet Network properties.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
state: ${3|present,absent,default_bandwidth_reset|} # not required. choices: present;absent;default_bandwidth_reset. Indicates the desired state for the Ethernet Network resource. - C(present) will ensure data properties are compliant with OneView. - C(absent) will remove the resource from OneView, if it exists. - C(default_bandwidth_reset) will reset the network connection template to the default.
validate_etag: ${4|true,false|} # not required. choices: true;false. When the ETag Validation is enabled, the request will be conditionally processed only if the current ETag for the resource matches the ETag provided in the data.
"""
'oneview_ethernet_network_facts':
'prefix': "oneview_ethernet_network_facts_snippet"
'description': "Retrieve the facts about one or more of the OneView Ethernet Networks"
'body': """
oneview_ethernet_network_facts:
params: ${1:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(filter): A general filter/query string to narrow the list of items returned. - C(sort): The sort order of the returned data set.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
name: ${3:undefined} # not required. Ethernet Network name.
options: ${4:undefined} # not required. List with options to gather additional facts about an Ethernet Network and related resources. Options allowed: C(associatedProfiles) and C(associatedUplinkGroups).
"""
'oneview_fc_network':
'prefix': "oneview_fc_network_snippet"
'description': "Manage OneView Fibre Channel Network resources."
'body': """
oneview_fc_network:
data: ${1:undefined} # required. List with the Fibre Channel Network properties.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
state: ${3|present,absent|} # not required. choices: present;absent. Indicates the desired state for the Fibre Channel Network resource. C(present) will ensure data properties are compliant with OneView. C(absent) will remove the resource from OneView, if it exists.
validate_etag: ${4|true,false|} # not required. choices: true;false. When the ETag Validation is enabled, the request will be conditionally processed only if the current ETag for the resource matches the ETag provided in the data.
"""
'oneview_fc_network_facts':
'prefix': "oneview_fc_network_facts_snippet"
'description': "Retrieve the facts about one or more of the OneView Fibre Channel Networks"
'body': """
oneview_fc_network_facts:
params: ${1:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(filter): A general filter/query string to narrow the list of items returned. - C(sort): The sort order of the returned data set.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
name: ${3:undefined} # not required. Fibre Channel Network name.
"""
'oneview_fcoe_network':
'prefix': "oneview_fcoe_network_snippet"
'description': "Manage OneView FCoE Network resources"
'body': """
oneview_fcoe_network:
data: ${1:undefined} # required. List with FCoE Network properties.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
state: ${3|present,absent|} # not required. choices: present;absent. Indicates the desired state for the FCoE Network resource. C(present) will ensure data properties are compliant with OneView. C(absent) will remove the resource from OneView, if it exists.
validate_etag: ${4|true,false|} # not required. choices: true;false. When the ETag Validation is enabled, the request will be conditionally processed only if the current ETag for the resource matches the ETag provided in the data.
"""
'oneview_fcoe_network_facts':
'prefix': "oneview_fcoe_network_facts_snippet"
'description': "Retrieve the facts about one or more of the OneView FCoE Networks"
'body': """
oneview_fcoe_network_facts:
params: ${1:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(filter): A general filter/query string to narrow the list of items returned. - C(sort): The sort order of the returned data set.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
name: ${3:undefined} # not required. FCoE Network name.
"""
'oneview_logical_interconnect_group':
'prefix': "oneview_logical_interconnect_group_snippet"
'description': "Manage OneView Logical Interconnect Group resources"
'body': """
oneview_logical_interconnect_group:
data: ${1:undefined} # required. List with the Logical Interconnect Group properties.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
state: ${3|absent,present|} # not required. choices: absent;present. Indicates the desired state for the Logical Interconnect Group resource. C(absent) will remove the resource from OneView, if it exists. C(present) will ensure data properties are compliant with OneView.
validate_etag: ${4|true,false|} # not required. choices: true;false. When the ETag Validation is enabled, the request will be conditionally processed only if the current ETag for the resource matches the ETag provided in the data.
"""
'oneview_logical_interconnect_group_facts':
'prefix': "oneview_logical_interconnect_group_facts_snippet"
'description': "Retrieve facts about one or more of the OneView Logical Interconnect Groups"
'body': """
oneview_logical_interconnect_group_facts:
params: ${1:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(filter): A general filter/query string to narrow the list of items returned. - C(sort): The sort order of the returned data set.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
name: ${3:undefined} # not required. Logical Interconnect Group name.
"""
'oneview_network_set':
'prefix': "oneview_network_set_snippet"
'description': "Manage HPE OneView Network Set resources"
'body': """
oneview_network_set:
data: ${1:undefined} # required. List with the Network Set properties.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
state: ${3|present,absent|} # not required. choices: present;absent. Indicates the desired state for the Network Set resource. - C(present) will ensure data properties are compliant with OneView. - C(absent) will remove the resource from OneView, if it exists.
validate_etag: ${4|true,false|} # not required. choices: true;false. When the ETag Validation is enabled, the request will be conditionally processed only if the current ETag for the resource matches the ETag provided in the data.
"""
'oneview_network_set_facts':
'prefix': "oneview_network_set_facts_snippet"
'description': "Retrieve facts about the OneView Network Sets"
'body': """
oneview_network_set_facts:
params: ${1:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(filter): A general filter/query string to narrow the list of items returned. - C(sort): The sort order of the returned data set.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
name: ${3:undefined} # not required. Network Set name.
options: ${4:undefined} # not required. List with options to gather facts about Network Set. Option allowed: C(withoutEthernet). The option C(withoutEthernet) retrieves the list of network_sets excluding Ethernet networks.
"""
'oneview_san_manager':
'prefix': "oneview_san_manager_snippet"
'description': "Manage OneView SAN Manager resources"
'body': """
oneview_san_manager:
data: ${1:undefined} # required. List with SAN Manager properties.
config: ${2:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
state: ${3|present,absent,connection_information_set|} # not required. choices: present;absent;connection_information_set. Indicates the desired state for the Uplink Set resource. - C(present) ensures data properties are compliant with OneView. - C(absent) removes the resource from OneView, if it exists. - C(connection_information_set) updates the connection information for the SAN Manager. This operation is non-idempotent.
validate_etag: ${4|true,false|} # not required. choices: true;false. When the ETag Validation is enabled, the request will be conditionally processed only if the current ETag for the resource matches the ETag provided in the data.
"""
'oneview_san_manager_facts':
'prefix': "oneview_san_manager_facts_snippet"
'description': "Retrieve facts about one or more of the OneView SAN Managers"
'body': """
oneview_san_manager_facts:
config: ${1:undefined} # not required. Path to a .json configuration file containing the OneView client configuration. The configuration file is optional and when used should be present in the host running the ansible commands. If the file path is not provided, the configuration will be loaded from environment variables. For links to example configuration files or how to use the environment variables verify the notes section.
provider_display_name: ${2:undefined} # not required. Provider Display Name.
params: ${3:undefined} # not required. List of params to delimit, filter and sort the list of resources.,params allowed: - C(start): The first item to return, using 0-based indexing. - C(count): The number of resources to return. - C(query): A general query string to narrow the list of resources returned. - C(sort): The sort order of the returned data set.
"""
'onyx_bgp':
'prefix': "onyx_bgp_snippet"
'description': "Configures BGP on Mellanox ONYX network devices"
'body': """
onyx_bgp:
as_number: ${1:undefined} # required. Local AS number.
router_id: ${2:undefined} # not required. Router IP address. Required if I(state=present).
state: ${3|present,absent|} # not required. choices: present;absent. BGP state.
networks: ${4:undefined} # not required. List of advertised networks.
neighbors: ${5:undefined} # not required. List of neighbors. Required if I(state=present).
"""
'onyx_command':
'prefix': "onyx_command_snippet"
'description': "Run commands on remote devices running Mellanox ONYX"
'body': """
onyx_command:
commands: ${1:undefined} # required. List of commands to send to the remote Mellanox ONYX network device. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. A dict object containing connection details.
wait_for: ${5:undefined} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'onyx_config':
'prefix': "onyx_config_snippet"
'description': "Manage Mellanox ONYX configuration sections"
'body': """
onyx_config:
src: ${1:undefined} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
backup: ${2|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
after: ${3:undefined} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${4:undefined} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
replace: ${5|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct
parents: ${6:undefined} # not required. The ordered set of parents that uniquely identify the section the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
provider: ${7:null} # not required. A dict object containing connection details.
save: ${8|yes,no|} # not required. choices: yes;no. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
config: ${9:undefined} # not required. The C(config) argument allows the playbook designer to supply the base configuration to be used to validate configuration changes necessary. If this argument is provided, the module will not download the running-config from the remote node.
match: ${10|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${11:undefined} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'onyx_facts':
'prefix': "onyx_facts_snippet"
'description': "Collect facts from Mellanox ONYX network devices"
'body': """
onyx_facts:
gather_subset: ${1:version} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, version, module, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
"""
'onyx_interface':
'prefix': "onyx_interface_snippet"
'description': "Manage Interfaces on Mellanox ONYX network devices"
'body': """
onyx_interface:
name: ${1:undefined} # required. Name of the Interface.
rx_rate: ${2:undefined} # not required. Receiver rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
duplex: ${3|full,half,auto|} # not required. choices: full;half;auto. Interface link status
enabled: ${4:undefined} # not required. Interface link status.
mtu: ${5:undefined} # not required. Maximum size of transmit packet.
delay: ${6:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are I(state) with values C(up)/C(down).
purge: ${7:false} # not required. Purge Interfaces not defined in the aggregate parameter. This applies only for logical interface.
state: ${8|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the Interface configuration, C(up) means present and operationally up and C(down) means present and operationally C(down)
aggregate: ${9:undefined} # not required. List of Interfaces definitions.
speed: ${10|1G,10G,25G,40G,50G,56G,100G|} # not required. choices: 1G;10G;25G;40G;50G;56G;100G. Interface link speed.
tx_rate: ${11:undefined} # not required. Transmit rate in bits per second (bps).,This is state check parameter only.,Supports conditionals, see L(Conditionals in Networking Modules,../network/user_guide/network_working_with_command_output.html)
description: ${12:undefined} # not required. Description of Interface.
"""
'onyx_l2_interface':
'prefix': "onyx_l2_interface_snippet"
'description': "Manage Layer-2 interface on Mellanox ONYX network devices"
'body': """
onyx_l2_interface:
access_vlan: ${1:undefined} # not required. Configure given VLAN in access port.
state: ${2|present,absent|} # not required. choices: present;absent. State of the Layer-2 Interface configuration.
trunk_allowed_vlans: ${3:undefined} # not required. List of allowed VLANs in a given trunk port.
name: ${4:undefined} # not required. Name of the interface.
aggregate: ${5:undefined} # not required. List of Layer-2 interface definitions.
mode: ${6|access,trunk,hybrid|} # not required. choices: access;trunk;hybrid. Mode in which interface needs to be configured.
"""
'onyx_l3_interface':
'prefix': "onyx_l3_interface_snippet"
'description': "Manage L3 interfaces on Mellanox ONYX network devices"
'body': """
onyx_l3_interface:
purge: ${1:false} # not required. Purge L3 interfaces not defined in the I(aggregate) parameter.
state: ${2|present,absent|} # not required. choices: present;absent. State of the L3 interface configuration.
name: ${3:undefined} # not required. Name of the L3 interface.
ipv6: ${4:undefined} # not required. IPv6 of the L3 interface (not supported for now).
aggregate: ${5:undefined} # not required. List of L3 interfaces definitions
ipv4: ${6:undefined} # not required. IPv4 of the L3 interface.
"""
'onyx_linkagg':
'prefix': "onyx_linkagg_snippet"
'description': "Manage link aggregation groups on Mellanox ONYX network devices"
'body': """
onyx_linkagg:
name: ${1:undefined} # required. Name of the link aggregation group.
members: ${2:undefined} # required. List of members interfaces of the link aggregation group. The value can be single interface or list of interfaces.
purge: ${3:false} # not required. Purge link aggregation groups not defined in the I(aggregate) parameter.
state: ${4|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the link aggregation group.
aggregate: ${5:undefined} # not required. List of link aggregation definitions.
mode: ${6|on,active,passive|} # not required. choices: on;active;passive. Mode of the link aggregation group. A value of C(on) will enable LACP. C(active) configures the link to actively information about the state of the link, or it can be configured in C(passive) mode ie. send link state information only when received them from another link.
"""
'onyx_lldp':
'prefix': "onyx_lldp_snippet"
'description': "Manage LLDP configuration on Mellanox ONYX network devices"
'body': """
onyx_lldp:
state: ${1|present,absent|} # not required. choices: present;absent. State of the LLDP protocol configuration.
"""
'onyx_lldp_interface':
'prefix': "onyx_lldp_interface_snippet"
'description': "Manage LLDP interfaces configuration on Mellanox ONYX network devices"
'body': """
onyx_lldp_interface:
aggregate: ${1:undefined} # not required. List of interfaces LLDP should be configured on.
purge: ${2:false} # not required. Purge interfaces not defined in the aggregate parameter.
state: ${3|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. State of the LLDP configuration.
name: ${4:undefined} # not required. Name of the interface LLDP should be configured on.
"""
'onyx_magp':
'prefix': "onyx_magp_snippet"
'description': "Manage MAGP protocol on Mellanox ONYX network devices"
'body': """
onyx_magp:
interface: ${1:undefined} # required. VLAN Interface name.
magp_id: ${2:undefined} # required. MAGP instance number 1-255
router_mac: ${3:undefined} # not required. MAGP router MAC address.
state: ${4|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. MAGP state.
router_ip: ${5:undefined} # not required. MAGP router IP address.
"""
'onyx_mlag_ipl':
'prefix': "onyx_mlag_ipl_snippet"
'description': "Manage IPL (inter-peer link) on Mellanox ONYX network devices"
'body': """
onyx_mlag_ipl:
name: ${1:undefined} # required. Name of the interface (port-channel) IPL should be configured on.
vlan_interface: ${2:undefined} # not required. Name of the IPL vlan interface.
state: ${3|present,absent|} # not required. choices: present;absent. IPL state.
peer_address: ${4:undefined} # not required. IPL peer IP address.
"""
'onyx_mlag_vip':
'prefix': "onyx_mlag_vip_snippet"
'description': "Configures MLAG VIP on Mellanox ONYX network devices"
'body': """
onyx_mlag_vip:
delay: ${1:12} # not required. Delay interval, in seconds, waiting for the changes on mlag VIP to take effect.
state: ${2|present,absent|} # not required. choices: present;absent. MLAG VIP state.
group_name: ${3:undefined} # not required. MLAG group name. Required if I(state=present).
ipaddress: ${4:undefined} # not required. Virtual IP address of the MLAG. Required if I(state=present).
mac_address: ${5:undefined} # not required. MLAG system MAC address. Required if I(state=present).
"""
'onyx_ospf':
'prefix': "onyx_ospf_snippet"
'description': "Manage OSPF protocol on Mellanox ONYX network devices"
'body': """
onyx_ospf:
ospf: ${1:undefined} # required. OSPF instance number 1-65535
router_id: ${2:undefined} # not required. OSPF router ID. Required if I(state=present).
interfaces: ${3:undefined} # not required. List of interfaces and areas. Required if I(state=present).
state: ${4|present,absent|} # not required. choices: present;absent. OSPF state.
"""
'onyx_pfc_interface':
'prefix': "onyx_pfc_interface_snippet"
'description': "Manage priority flow control on ONYX network devices"
'body': """
onyx_pfc_interface:
aggregate: ${1:undefined} # not required. List of interfaces PFC should be configured on.
purge: ${2:false} # not required. Purge interfaces not defined in the aggregate parameter.
state: ${3|enabled,disabled|} # not required. choices: enabled;disabled. State of the PFC configuration.
name: ${4:undefined} # not required. Name of the interface PFC should be configured on.
"""
'onyx_protocol':
'prefix': "onyx_protocol_snippet"
'description': "Enables/Disables protocols on Mellanox ONYX network devices"
'body': """
onyx_protocol:
spanning_tree: ${1|enabled,disabled|} # not required. choices: enabled;disabled. Spanning Tree support
lldp: ${2|enabled,disabled|} # not required. choices: enabled;disabled. LLDP protocol
mlag: ${3|enabled,disabled|} # not required. choices: enabled;disabled. MLAG protocol
magp: ${4|enabled,disabled|} # not required. choices: enabled;disabled. MAGP protocol
ip_routing: ${5|enabled,disabled|} # not required. choices: enabled;disabled. IP routing support
lacp: ${6|enabled,disabled|} # not required. choices: enabled;disabled. LACP protocol
ip_l3: ${7|enabled,disabled|} # not required. choices: enabled;disabled. IP L3 support
igmp_snooping: ${8|enabled,disabled|} # not required. choices: enabled;disabled. IP IGMP snooping
dcb_pfc: ${9|enabled,disabled|} # not required. choices: enabled;disabled. DCB priority flow control
ospf: ${10|enabled,disabled|} # not required. choices: enabled;disabled. OSPF protocol
bgp: ${11|enabled,disabled|} # not required. choices: enabled;disabled. BGP protocol
"""
'onyx_vlan':
'prefix': "onyx_vlan_snippet"
'description': "Manage VLANs on Mellanox ONYX network devices"
'body': """
onyx_vlan:
aggregate: ${1:undefined} # not required. List of VLANs definitions.
purge: ${2:false} # not required. Purge VLANs not defined in the I(aggregate) parameter.
state: ${3|present,absent|} # not required. choices: present;absent. State of the VLAN configuration.
name: ${4:undefined} # not required. Name of the VLAN.
vlan_id: ${5:undefined} # not required. ID of the VLAN.
"""
'open_iscsi':
'prefix': "open_iscsi_snippet"
'description': "Manage iscsi targets with open-iscsi"
'body': """
open_iscsi:
auto_node_startup: ${1|true,false|} # not required. choices: true;false. whether the target node should be automatically connected at startup
target: ${2:undefined} # not required. the iscsi target name
show_nodes: ${3|true,false|} # not required. choices: true;false. whether the list of nodes in the persistent iscsi database should be returned by the module
node_auth: ${4:CHAP} # not required. discovery.sendtargets.auth.authmethod
node_pass: ${5:undefined} # not required. discovery.sendtargets.auth.password
discover: ${6|true,false|} # not required. choices: true;false. whether the list of target nodes on the portal should be (re)discovered and added to the persistent iscsi database. Keep in mind that iscsiadm discovery resets configurtion, like node.startup to manual, hence combined with auto_node_startup=yes will always return a changed state.
portal: ${7:undefined} # not required. the ip address of the iscsi target
login: ${8|true,false|} # not required. choices: true;false. whether the target node should be connected
node_user: ${9:undefined} # not required. discovery.sendtargets.auth.username
port: ${10:3260} # not required. the port on which the iscsi target process listens
"""
'openbsd_pkg':
'prefix': "openbsd_pkg_snippet"
'description': "Manage packages on OpenBSD"
'body': """
openbsd_pkg:
name: ${1:undefined} # required. A name or a list of names of the packages.
state: ${2|absent,latest,present|} # not required. choices: absent;latest;present. C(present) will make sure the package is installed. C(latest) will make sure the latest version of the package is installed. C(absent) will make sure the specified package is not installed.
ports_dir: ${3:/usr/ports} # not required. When used in combination with the C(build) option, allows overriding the default ports source directory.
clean: ${4:no} # not required. When updating or removing packages, delete the extra configuration file(s) in the old packages which are annotated with @extra in the packaging-list.
quick: ${5:no} # not required. Replace or delete packages quickly; do not bother with checksums before removing normal files.
build: ${6:no} # not required. Build the package from source instead of downloading and installing a binary. Requires that the port source tree is already installed. Automatically builds and installs the 'sqlports' package, if it is not already installed.
"""
'opendj_backendprop':
'prefix': "opendj_backendprop_snippet"
'description': "Will update the backend configuration of OpenDJ via the dsconfig set-backend-prop command."
'body': """
opendj_backendprop:
name: ${1:undefined} # required. The configuration setting to update.
hostname: ${2:undefined} # required. The hostname of the OpenDJ server.
value: ${3:undefined} # required. The value for the configuration item.
port: ${4:undefined} # required. The Admin port on which the OpenDJ instance is available.
backend: ${5:undefined} # required. The name of the backend on which the property needs to be updated.
username: ${6:cn=Directory Manager} # not required. The username to connect to.
state: ${7:present} # not required. If configuration needs to be added/updated
passwordfile: ${8:undefined} # not required. Location to the password file which holds the password for the cn=Directory Manager user.,Either password or passwordfile is needed.
password: ${9:undefined} # not required. The password for the cn=Directory Manager user.,Either password or passwordfile is needed.
opendj_bindir: ${10:/opt/opendj/bin} # not required. The path to the bin directory of OpenDJ.
"""
'openshift_raw':
'prefix': "openshift_raw_snippet"
'description': "Manage OpenShift objects"
'body': """
openshift_raw:
username: ${1:undefined} # not required. Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment variable.
src: ${2:undefined} # not required. Provide a path to a file containing a valid YAML definition of an object to be created or updated. Mutually exclusive with I(resource_definition). NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the configuration read in from the I(src) file.,Reads from the local file system. To read from the Ansible controller's file system, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to I(resource_definition). See Examples below.
kind: ${3:undefined} # not required. Use to specify an object model. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(kind) from the I(resource_definition) will override this option.
verify_ssl: ${4:undefined} # not required. Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL environment variable.
force: ${5:false} # not required. If set to C(True), and I(state) is C(present), an existing object will be replaced.
description: ${6:undefined} # not required. Use only when creating a project, otherwise ignored. Adds a description to the project metadata.
kubeconfig: ${7:undefined} # not required. Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the openshift client will attempt to load the default configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG environment variable.
ssl_ca_cert: ${8:undefined} # not required. Path to a CA certificate used to authenticate with the API. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable.
cert_file: ${9:undefined} # not required. Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE environment variable.
namespace: ${10:undefined} # not required. Use to specify an object namespace. Useful when creating, deleting, or discovering an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind), and I(name) to identify a specfic object. If I(resource definition) is provided, the I(metadata.namespace) value from the I(resource_definition) will override this option.
host: ${11:undefined} # not required. Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
resource_definition: ${12:undefined} # not required. Provide a valid YAML definition for an object when creating or updating. NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition).
api_key: ${13:undefined} # not required. Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable.
state: ${14|present,absent|} # not required. choices: present;absent. Determines if an object should be created, patched, or deleted. When set to C(present), an object will be created, if it does not already exist. If set to C(absent), an existing object will be deleted. If set to C(present), an existing object will be patched, if its attributes differ from those specified using I(resource_definition) or I(src).
context: ${15:undefined} # not required. The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment variable.
display_name: ${16:undefined} # not required. Use only when creating a project, otherwise ignored. Adds a display name to the project metadata.
key_file: ${17:undefined} # not required. Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_HOST environment variable.
password: ${18:undefined} # not required. Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment variable.
api_version: ${19:v1} # not required. Use to specify the API version. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(kind), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(apiVersion) from the I(resource_definition) will override this option.
name: ${20:undefined} # not required. Use to specify an object name. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(metadata.name) value from the I(resource_definition) will override this option.
"""
'openshift_scale':
'prefix': "openshift_scale_snippet"
'description': "Set a new size for a Deployment Config, Deployment, Replica Set, Replication Controller, or Job."
'body': """
openshift_scale:
username: ${1:undefined} # not required. Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment variable.
ssl_ca_cert: ${2:undefined} # not required. Path to a CA certificate used to authenticate with the API. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable.
kind: ${3:undefined} # not required. Use to specify an object model. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(kind) from the I(resource_definition) will override this option.
api_key: ${4:undefined} # not required. Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable.
name: ${5:undefined} # not required. Use to specify an object name. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind) and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(metadata.name) value from the I(resource_definition) will override this option.
src: ${6:undefined} # not required. Provide a path to a file containing a valid YAML definition of an object to be created or updated. Mutually exclusive with I(resource_definition). NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the configuration read in from the I(src) file.,Reads from the local file system. To read from the Ansible controller's file system, use the file lookup plugin or template lookup plugin, combined with the from_yaml filter, and pass the result to I(resource_definition). See Examples below.
cert_file: ${7:undefined} # not required. Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE environment variable.
replicas: ${8:undefined} # not required. The desired number of replicas.
namespace: ${9:undefined} # not required. Use to specify an object namespace. Useful when creating, deleting, or discovering an object without providing a full resource definition. Use in conjunction with I(api_version), I(kind), and I(name) to identify a specfic object. If I(resource definition) is provided, the I(metadata.namespace) value from the I(resource_definition) will override this option.
verify_ssl: ${10:undefined} # not required. Whether or not to verify the API server's SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL environment variable.
kubeconfig: ${11:undefined} # not required. Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the openshift client will attempt to load the default configuration file from I(~/.kube/config.json). Can also be specified via K8S_AUTH_KUBECONFIG environment variable.
host: ${12:undefined} # not required. Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
wait_timeout: ${13:20} # not required. When C(wait) is I(True), the number of seconds to wait for the I(ready_replicas) status to equal I(replicas). If the status is not reached within the allotted time, an error will result. In the case of a Job, this option is ignored.
current_replicas: ${14:undefined} # not required. For Deployment, ReplicaSet, Replication Controller, only scale, if the number of existing replicas matches. In the case of a Job, update parallelism only if the current parallelism value matches.
context: ${15:undefined} # not required. The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment variable.
resource_version: ${16:undefined} # not required. Only attempt to scale, if the current object version matches.
resource_definition: ${17:undefined} # not required. Provide a valid YAML definition for an object when creating or updating. NOTE: I(kind), I(api_version), I(name), and I(namespace) will be overwritten by corresponding values found in the provided I(resource_definition).
key_file: ${18:undefined} # not required. Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_HOST environment variable.
password: ${19:undefined} # not required. Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment variable.
api_version: ${20:v1} # not required. Use to specify the API version. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with I(kind), I(name), and I(namespace) to identify a specific object. If I(resource definition) is provided, the I(apiVersion) from the I(resource_definition) will override this option.
wait: ${21:true} # not required. For Deployment, ReplicaSet, Replication Controller, wait for the status value of I(ready_replicas) to change to the number of I(replicas). In the case of a Job, this option is ignored.
"""
'openssl_certificate':
'prefix': "openssl_certificate_snippet"
'description': "Generate and/or check OpenSSL certificates"
'body': """
openssl_certificate:
path: ${1:undefined} # required. Remote absolute path where the generated certificate file should be created or is already located.
provider: ${2|selfsigned,assertonly,acme|} # required. choices: selfsigned;assertonly;acme. Name of the provider to use to generate/retrieve the OpenSSL certificate. The C(assertonly) provider will not generate files and fail if the certificate file is missing.
privatekey_passphrase: ${3:undefined} # not required. The passphrase for the I(privatekey_path).
subject_alt_name_strict: ${4:false} # not required. If set to True, the I(subject_alt_name) extension field must contain only these values.
seuser: ${5:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
force: ${6:false} # not required. Generate the certificate, even if it already exists.
csr_path: ${7:undefined} # not required. Path to the Certificate Signing Request (CSR) used to generate this certificate. This is not required in C(assertonly) mode.
acme_chain: ${8:true} # not required. Include the intermediate certificate to the generated certificate
extended_key_usage_strict: ${9:false} # not required. If set to True, the I(extended_key_usage) extension field must contain only these values.
key_usage: ${10:undefined} # not required. The I(key_usage) extension field must contain all these values.
owner: ${11:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
not_before: ${12:undefined} # not required. The certificate must start to become valid at this point in time. The timestamp is formatted as an ASN.1 TIME.
subject: ${13:undefined} # not required. Key/value pairs that must be present in the subject name field of the certificate. If you need to specify more than one value with the same key, use a list as value.
subject_strict: ${14:false} # not required. If set to True, the I(subject) field must contain only these values.
group: ${15:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
selfsigned_version: ${16:3} # not required. Version of the C(selfsigned) certificate. Nowadays it should almost always be C(3).
unsafe_writes: ${17:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
has_expired: ${18:false} # not required. Checks if the certificate is expired/not expired at the time the module is executed.
state: ${19|present,absent|} # not required. choices: present;absent. Whether the certificate should exist or not, taking action if the state is different from what is stated.
version: ${20:undefined} # not required. Version of the certificate. Nowadays it should almost always be 3.
selfsigned_digest: ${21:sha256} # not required. Digest algorithm to be used when self-signing the certificate
issuer: ${22:undefined} # not required. Key/value pairs that must be present in the issuer name field of the certificate. If you need to specify more than one value with the same key, use a list as value.
setype: ${23:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
key_usage_strict: ${24:false} # not required. If set to True, the I(key_usage) extension field must contain only these values.
subject_alt_name: ${25:undefined} # not required. The I(subject_alt_name) extension field must contain these values.
selevel: ${26:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
selfsigned_not_after: ${27:undefined} # not required. The timestamp at which the certificate stops being valid. The timestamp is formatted as an ASN.1 TIME. If this value is not specified, certificate will stop being valid 10 years from now.
acme_challenge_path: ${28:undefined} # not required. Path to the ACME challenge directory that is served on U(http://<HOST>:80/.well-known/acme-challenge/)
privatekey_path: ${29:undefined} # not required. Path to the private key to use when signing the certificate.
issuer_strict: ${30:false} # not required. If set to True, the I(issuer) field must contain only these values.
invalid_at: ${31:undefined} # not required. The certificate must be invalid at this point in time. The timestamp is formatted as an ASN.1 TIME.
acme_accountkey_path: ${32:undefined} # not required. Path to the accountkey for the C(acme) provider
serole: ${33:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
extended_key_usage: ${34:undefined} # not required. The I(extended_key_usage) extension field must contain all these values.
not_after: ${35:undefined} # not required. The certificate must expire at this point in time. The timestamp is formatted as an ASN.1 TIME.
signature_algorithms: ${36:undefined} # not required. list of algorithms that you would accept the certificate to be signed with (e.g. ['sha256WithRSAEncryption', 'sha512WithRSAEncryption']).
selfsigned_not_before: ${37:undefined} # not required. The timestamp at which the certificate starts being valid. The timestamp is formatted as an ASN.1 TIME. If this value is not specified, certificate will start being valid from now.
mode: ${38:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${39:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
valid_in: ${40:undefined} # not required. The certificate must still be valid in I(valid_in) seconds from now.
valid_at: ${41:undefined} # not required. The certificate must be valid at this point in time. The timestamp is formatted as an ASN.1 TIME.
"""
'openssl_csr':
'prefix': "openssl_csr_snippet"
'description': "Generate OpenSSL Certificate Signing Request (CSR)"
'body': """
openssl_csr:
privatekey_path: ${1:undefined} # required. Path to the privatekey to use when signing the certificate signing request
path: ${2:undefined} # required. Name of the file into which the generated OpenSSL certificate signing request will be written
privatekey_passphrase: ${3:undefined} # not required. The passphrase for the privatekey.
state_or_province_name: ${4:undefined} # not required. stateOrProvinceName field of the certificate signing request subject
extended_key_usage_critical: ${5:undefined} # not required. Should the extkeyUsage extension be considered as critical
force: ${6|true,false|} # not required. choices: true;false. Should the certificate signing request be forced regenerated by this ansible module
subject_alt_name: ${7:undefined} # not required. SAN extension to attach to the certificate signing request,This can either be a 'comma separated string' or a YAML list.,Values should be prefixed by their options. (i.e., C(email), C(URI), C(DNS), C(RID), C(IP), C(dirName), C(otherName) and the ones specific to your CA),More at U(https://tools.ietf.org/html/rfc5280#section-4.2.1.6)
selevel: ${8:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
basic_constraints: ${9:undefined} # not required. Indicates basic constraints, such as if the certificate is a CA.
subject_alt_name_critical: ${10:undefined} # not required. Should the subjectAltName extension be considered as critical
owner: ${11:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
ocsp_must_staple: ${12:undefined} # not required. Indicates that the certificate should contain the OCSP Must Staple extension (U(https://tools.ietf.org/html/rfc7633)).
key_usage: ${13:undefined} # not required. This defines the purpose (e.g. encipherment, signature, certificate signing) of the key contained in the certificate.,This can either be a 'comma separated string' or a YAML list.
common_name: ${14:undefined} # not required. commonName field of the certificate signing request subject
email_address: ${15:undefined} # not required. emailAddress field of the certificate signing request subject
digest: ${16:sha256} # not required. Digest used when signing the certificate signing request with the private key
subject: ${17:undefined} # not required. Key/value pairs that will be present in the subject name field of the certificate signing request.,If you need to specify more than one value with the same key, use a list as value.
key_usage_critical: ${18:undefined} # not required. Should the keyUsage extension be considered as critical
group: ${19:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
extended_key_usage: ${20:undefined} # not required. Additional restrictions (e.g. client authentication, server authentication) on the allowed purposes for which the public key may be used.,This can either be a 'comma separated string' or a YAML list.
organizational_unit_name: ${21:undefined} # not required. organizationalUnitName field of the certificate signing request subject
unsafe_writes: ${22:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
locality_name: ${23:undefined} # not required. localityName field of the certificate signing request subject
seuser: ${24:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
serole: ${25:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
organization_name: ${26:undefined} # not required. organizationName field of the certificate signing request subject
state: ${27|present,absent|} # not required. choices: present;absent. Whether the certificate signing request should exist or not, taking action if the state is different from what is stated.
version: ${28:1} # not required. Version of the certificate signing request
mode: ${29:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
basic_constraints_critical: ${30:undefined} # not required. Should the basicConstraints extension be considered as critical
country_name: ${31:undefined} # not required. countryName field of the certificate signing request subject
attributes: ${32:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
ocsp_must_staple_critical: ${33:undefined} # not required. Should the OCSP Must Staple extension be considered as critical,Warning: according to the RFC, this extension should not be marked as critical, as old clients not knowing about OCSP Must Staple are required to reject such certificates (see U(https://tools.ietf.org/html/rfc7633#section-4)).
setype: ${34:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'openssl_dhparam':
'prefix': "openssl_dhparam_snippet"
'description': "Generate OpenSSL Diffie-Hellman Parameters"
'body': """
openssl_dhparam:
path: ${1:undefined} # required. Name of the file in which the generated parameters will be saved.
force: ${2|true,false|} # not required. choices: true;false. Should the parameters be regenerated even it it already exists
unsafe_writes: ${3:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
selevel: ${4:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
seuser: ${5:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
serole: ${6:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
group: ${7:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
state: ${8|present,absent|} # not required. choices: present;absent. Whether the parameters should exist or not, taking action if the state is different from what is stated.
mode: ${9:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
setype: ${10:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
attributes: ${11:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
owner: ${12:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
size: ${13:4096} # not required. Size (in bits) of the generated DH-params
"""
'openssl_privatekey':
'prefix': "openssl_privatekey_snippet"
'description': "Generate OpenSSL private keys."
'body': """
openssl_privatekey:
path: ${1:undefined} # required. Name of the file in which the generated TLS/SSL private key will be written. It will have 0600 mode.
force: ${2|true,false|} # not required. choices: true;false. Should the key be regenerated even it it already exists
selevel: ${3:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
cipher: ${4:undefined} # not required. The cipher to encrypt the private key. (cipher can be found by running `openssl list-cipher-algorithms`)
passphrase: ${5:undefined} # not required. The passphrase for the private key.
owner: ${6:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
size: ${7:4096} # not required. Size (in bits) of the TLS/SSL key to generate
group: ${8:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
unsafe_writes: ${9:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
seuser: ${10:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
serole: ${11:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
state: ${12|present,absent|} # not required. choices: present;absent. Whether the private key should exist or not, taking action if the state is different from what is stated.
mode: ${13:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${14:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
type: ${15|RSA,DSA|} # not required. choices: RSA;DSA. The algorithm used to generate the TLS/SSL private key
setype: ${16:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'openssl_publickey':
'prefix': "openssl_publickey_snippet"
'description': "Generate an OpenSSL public key from its private key."
'body': """
openssl_publickey:
privatekey_path: ${1:undefined} # required. Path to the TLS/SSL private key from which to generate the public key.
path: ${2:undefined} # required. Name of the file in which the generated TLS/SSL public key will be written.
privatekey_passphrase: ${3:undefined} # not required. The passphrase for the privatekey.
force: ${4|true,false|} # not required. choices: true;false. Should the key be regenerated even it it already exists
format: ${5|PEM,OpenSSH|} # not required. choices: PEM;OpenSSH. The format of the public key.
selevel: ${6:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
owner: ${7:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
group: ${8:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
unsafe_writes: ${9:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
seuser: ${10:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
serole: ${11:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
state: ${12|present,absent|} # not required. choices: present;absent. Whether the public key should exist or not, taking action if the state is different from what is stated.
mode: ${13:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
attributes: ${14:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
setype: ${15:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
"""
'openvswitch_bridge':
'prefix': "openvswitch_bridge_snippet"
'description': "Manage Open vSwitch bridges"
'body': """
openvswitch_bridge:
bridge: ${1:undefined} # required. Name of bridge or fake bridge to manage
fail_mode: ${2|secure,standalone|} # not required. choices: secure;standalone. Set bridge fail-mode. The default value (None) is a No-op.
parent: ${3:None} # not required. Bridge parent of the fake bridge to manage
vlan: ${4:None} # not required. The VLAN id of the fake bridge to manage (must be between 0 and 4095). This parameter is required if I(parent) parameter is set.
state: ${5|present,absent|} # not required. choices: present;absent. Whether the bridge should exist
set: ${6:None} # not required. Run set command after bridge configuration. This parameter is non-idempotent, play will always return I(changed) state if present
timeout: ${7:5} # not required. How long to wait for ovs-vswitchd to respond
external_ids: ${8:None} # not required. A dictionary of external-ids. Omitting this parameter is a No-op. To clear all external-ids pass an empty value.
"""
'openvswitch_db':
'prefix': "openvswitch_db_snippet"
'description': "Configure open vswitch database."
'body': """
openvswitch_db:
record: ${1:undefined} # required. Identifies the recoard in the table.
key: ${2:undefined} # required. Identifies the key in the record column
table: ${3:undefined} # required. Identifies the table in the database.
col: ${4:undefined} # required. Identifies the column in the record.
value: ${5:undefined} # required. Expected value for the table, record, column and key.
state: ${6|present,absent|} # not required. choices: present;absent. Configures the state of the key. When set to I(present), the I(key) and I(value) pair will be set on the I(record) and when set to I(absent) the I(key) will not be set.
timeout: ${7:5} # not required. How long to wait for ovs-vswitchd to respond
"""
'openvswitch_port':
'prefix': "openvswitch_port_snippet"
'description': "Manage Open vSwitch ports"
'body': """
openvswitch_port:
bridge: ${1:undefined} # required. Name of bridge to manage
port: ${2:undefined} # required. Name of port to manage on the bridge
state: ${3|present,absent|} # not required. choices: present;absent. Whether the port should exist
set: ${4:None} # not required. Set a single property on a port.
timeout: ${5:5} # not required. How long to wait for ovs-vswitchd to respond
external_ids: ${6:[object Object]} # not required. Dictionary of external_ids applied to a port.
tag: ${7:undefined} # not required. VLAN tag for this port. Must be a value between 0 and 4095.
"""
'openwrt_init':
'prefix': "openwrt_init_snippet"
'description': "Manage services on OpenWrt."
'body': """
openwrt_init:
name: ${1:undefined} # required. Name of the service.
pattern: ${2:undefined} # not required. If the service does not respond to the 'running' command, name a substring to look for as would be found in the output of the I(ps) command as a stand-in for a 'running' result. If the string is found, the service will be assumed to be running.
state: ${3|started,stopped,restarted,reloaded|} # not required. choices: started;stopped;restarted;reloaded. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service. C(reloaded) will always reload.
enabled: ${4|yes,no|} # not required. choices: yes;no. Whether the service should start on boot. B(At least one of state and enabled are required.)
"""
'opkg':
'prefix': "opkg_snippet"
'description': "Package manager for OpenWrt"
'body': """
opkg:
name: ${1:undefined} # required. name of package to install/remove
force: ${2|,depends,maintainer,reinstall,overwrite,downgrade,space,postinstall,remove,checksum,removal-of-dependent-packages|} # not required. choices: ;depends;maintainer;reinstall;overwrite;downgrade;space;postinstall;remove;checksum;removal-of-dependent-packages. opkg --force parameter used
state: ${3|present,absent|} # not required. choices: present;absent. state of the package
update_cache: ${4|yes,no|} # not required. choices: yes;no. update the package db first
"""
'ordnance_config':
'prefix': "ordnance_config_snippet"
'description': "Manage Ordnance configuration sections"
'body': """
ordnance_config:
multiline_delimiter: ${1:@} # not required. This argument is used when pushing a multiline configuration element to the Ordnance router. It specifies the character to use as the delimiting character. This only applies to the configuration action
src: ${2:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
backup: ${3|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
after: ${4:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${5:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser.
replace: ${6|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${7:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
defaults: ${8|yes,no|} # not required. choices: yes;no. This argument specifies whether or not to collect all defaults when getting the remote device running config. When enabled, the module will get the current config by issuing the command C(show running-config all).
save: ${9|yes,no|} # not required. choices: yes;no. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
config: ${10:null} # not required. The C(config) argument allows the playbook designer to supply the base configuration to be used to validate configuration changes necessary. If this argument is provided, the module will not download the running-config from the remote node.
match: ${11|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${12:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'ordnance_facts':
'prefix': "ordnance_facts_snippet"
'description': "Collect facts from Ordnance Virtual Routers over SSH"
'body': """
ordnance_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
"""
'os_auth':
'prefix': "os_auth_snippet"
'description': "Retrieve an auth token"
'body': """
os_auth:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${2:undefined} # not required. Name of the region.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${4:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${6:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${7:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${8|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${9:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${10:180} # not required. How long should ansible wait for the requested resource.
cacert: ${11:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${12:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${13:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_client_config':
'prefix': "os_client_config_snippet"
'description': "Get OpenStack Client config"
'body': """
os_client_config:
clouds: ${1:} # not required. List of clouds to limit the return list to. No value means return information on all configured clouds
"""
'os_flavor_facts':
'prefix': "os_flavor_facts_snippet"
'description': "Retrieve facts about one or more flavors"
'body': """
os_flavor_facts:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
ram: ${2:false} # not required. A string used for filtering flavors based on the amount of RAM (in MB) desired. This string accepts the following special values: 'MIN' (return flavors with the minimum amount of RAM), and 'MAX' (return flavors with the maximum amount of RAM).,A specific amount of RAM may also be specified. Any flavors with this exact amount of RAM will be returned.,A range of acceptable RAM may be given using a special syntax. Simply prefix the amount of RAM with one of these acceptable range values: '<', '>', '<=', '>='. These values represent less than, greater than, less than or equal to, and greater than or equal to, respectively.
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${6:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
interface: ${7|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${9:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${10:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${11:true} # not required. Should ansible wait until the requested resource is complete.
name: ${12:None} # not required. A flavor name. Cannot be used with I(ram) or I(vcpus) or I(ephemeral).
verify: ${13:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
ephemeral: ${14:false} # not required. A string used for filtering flavors based on the amount of ephemeral storage. Format is the same as the I(ram) parameter
cert: ${15:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
vcpus: ${16:false} # not required. A string used for filtering flavors based on the number of virtual CPUs desired. Format is the same as the I(ram) parameter.
limit: ${17:None} # not required. Limits the number of flavors returned. All matching flavors are returned by default.
timeout: ${18:180} # not required. How long should ansible wait for the requested resource.
"""
'os_floating_ip':
'prefix': "os_floating_ip_snippet"
'description': "Add/Remove floating IP from an instance"
'body': """
os_floating_ip:
server: ${1:undefined} # required. The name or ID of the instance to which the IP address should be assigned.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
key: ${3:undefined} # not required. A path to a client key to use as part of the SSL transaction.
fixed_address: ${4:undefined} # not required. To which fixed IP of server the floating IP address should be attached to.
network: ${5:undefined} # not required. The name or ID of a neutron external network or a nova pool name.
region_name: ${6:undefined} # not required. Name of the region.
availability_zone: ${7:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${8:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${9:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${10:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
reuse: ${11:false} # not required. When I(state) is present, and I(floating_ip_address) is not present, this parameter can be used to specify whether we should try to reuse a floating IP address already allocated to the project.
nat_destination: ${12:None} # not required. The name or id of a neutron private network that the fixed IP to attach floating IP is on
purge: ${13:false} # not required. When I(state) is absent, indicates whether or not to delete the floating IP completely, or only detach it from the server. Default is to detach only.
interface: ${14|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${15|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
floating_ip_address: ${16:undefined} # not required. A floating IP address to attach or to detach. Required only if I(state) is absent. When I(state) is present can be used to specify a IP address to attach.
auth: ${17:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
timeout: ${18:60} # not required. Time to wait for an IP address to appear as attached. See wait.
cacert: ${19:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${20:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${21:false} # not required. When attaching a floating IP address, specify whether we should wait for it to appear as attached.
"""
'os_group':
'prefix': "os_group_snippet"
'description': "Manage OpenStack Identity Groups"
'body': """
os_group:
name: ${1:undefined} # required. Group name
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
description: ${3:None} # not required. Group description
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${8:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${9:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${12|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${13:180} # not required. How long should ansible wait for the requested resource.
cacert: ${14:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
domain_id: ${16:None} # not required. Domain id to create the group in if the cloud supports domains.
cloud: ${17:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
"""
'os_image':
'prefix': "os_image_snippet"
'description': "Add/Delete images from OpenStack Cloud"
'body': """
os_image:
name: ${1:None} # required. Name that has to be given to the image
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
kernel: ${3:None} # not required. The name of an existing kernel image that will be associated with this image
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
container_format: ${5:bare} # not required. The format of the container
min_ram: ${6:None} # not required. The minimum ram (in MB) required to boot this image
min_disk: ${7:None} # not required. The minimum disk space (in GB) required to boot this image
owner: ${8:None} # not required. The owner of the image
id: ${9:None} # not required. The Id of the image
cloud: ${10:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
verify: ${11:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
disk_format: ${12:qcow2} # not required. The format of the disk that is getting uploaded
filename: ${13:None} # not required. The path to the file which has to be uploaded
state: ${14|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
ramdisk: ${15:None} # not required. The name of an existing ramdisk image that will be associated with this image
region_name: ${16:undefined} # not required. Name of the region.
api_timeout: ${17:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${18:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${19:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${20:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
is_public: ${21:yes} # not required. Whether the image can be accessed publicly. Note that publicizing an image requires admin role by default.
properties: ${22:[object Object]} # not required. Additional properties to be associated with this image
wait: ${23:true} # not required. Should ansible wait until the requested resource is complete.
checksum: ${24:None} # not required. The checksum of the image
cert: ${25:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${26:180} # not required. How long should ansible wait for the requested resource.
interface: ${27|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
"""
'os_image_facts':
'prefix': "os_image_facts_snippet"
'description': "Retrieve facts about an image within OpenStack."
'body': """
os_image_facts:
image: ${1:undefined} # required. Name or ID of the image
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${5:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${9|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${10:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${11:180} # not required. How long should ansible wait for the requested resource.
cacert: ${12:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${13:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${14:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_ironic':
'prefix': "os_ironic_snippet"
'description': "Create/Delete Bare Metal Resources from OpenStack"
'body': """
os_ironic:
nics: ${1:undefined} # required. A list of network interface cards, eg, \" - mac: aa:bb:cc:aa:bb:cc\"
driver: ${2:None} # required. The name of the Ironic Driver to use with this node.
auth_type: ${3:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
cacert: ${5:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${6:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
uuid: ${7:None} # not required. globally unique identifier (UUID) to be given to the resource. Will be auto-generated if not specified, and name is specified.,Definition of a UUID will always take precedence to a name value.
ironic_url: ${8:None} # not required. If noauth mode is utilized, this is required to be set to the endpoint URL for the Ironic API. Use with \"auth\" and \"auth_type\" settings set to None.
state: ${9|present,absent|} # not required. choices: present;absent. Indicates desired state of the resource
chassis_uuid: ${10:None} # not required. Associate the node with a pre-defined chassis.
skip_update_of_driver_password: ${11:false} # not required. Allows the code that would assert changes to nodes to skip the update if the change is a single line consisting of the password field. As of Kilo, by default, passwords are always masked to API requests, which means the logic as a result always attempts to re-assert the password field.
region_name: ${12:undefined} # not required. Name of the region.
api_timeout: ${13:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${14:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${15:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${16|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
properties: ${17:undefined} # not required. Definition of the physical characteristics of this server, used for scheduling purposes
wait: ${18:true} # not required. Should ansible wait until the requested resource is complete.
name: ${19:None} # not required. unique name identifier to be given to the resource.
driver_info: ${20:undefined} # not required. Information for this server's driver. Will vary based on which driver is in use. Any sub-field which is populated will be validated during creation.
cert: ${21:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${22:180} # not required. How long should ansible wait for the requested resource.
verify: ${23:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
"""
'os_ironic_inspect':
'prefix': "os_ironic_inspect_snippet"
'description': "Explicitly triggers baremetal node introspection in ironic."
'body': """
os_ironic_inspect:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${2:undefined} # not required. Name of the region.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
api_timeout: ${4:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${5:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
interface: ${6|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
mac: ${7:None} # not required. unique mac address that is used to attempt to identify the host.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${9:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${10:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
name: ${11:None} # not required. unique name identifier to identify the host in Ironic.
uuid: ${12:None} # not required. globally unique identifier (UUID) to identify the host.
verify: ${13:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
cert: ${14:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
ironic_url: ${15:None} # not required. If noauth mode is utilized, this is required to be set to the endpoint URL for the Ironic API. Use with \"auth\" and \"auth_type\" settings set to None.
timeout: ${16:1200} # not required. A timeout in seconds to tell the role to wait for the node to complete introspection if wait is set to True.
wait: ${17:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_ironic_node':
'prefix': "os_ironic_node_snippet"
'description': "Activate/Deactivate Bare Metal Resources from OpenStack"
'body': """
os_ironic_node:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
availability_zone: ${2:undefined} # not required. Ignored. Present for backwards compatibility
maintenance_reason: ${3:None} # not required. A string expression regarding the reason a node is in a maintenance mode.
cacert: ${4:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${5:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
uuid: ${6:None} # not required. globally unique identifier (UUID) to be given to the resource.
verify: ${7:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
ironic_url: ${8:None} # not required. If noauth mode is utilized, this is required to be set to the endpoint URL for the Ironic API. Use with \"auth\" and \"auth_type\" settings set to None.
state: ${9|present,absent|} # not required. choices: present;absent. Indicates desired state of the resource
maintenance: ${10:false} # not required. A setting to allow the direct control if a node is in maintenance mode.
config_drive: ${11:None} # not required. A configdrive file or HTTP(S) URL that will be passed along to the node.
region_name: ${12:undefined} # not required. Name of the region.
power: ${13|present,absent|} # not required. choices: present;absent. A setting to allow power state to be asserted allowing nodes that are not yet deployed to be powered on, and nodes that are deployed to be powered off.
deploy: ${14|true,false|} # not required. choices: true;false. Indicates if the resource should be deployed. Allows for deployment logic to be disengaged and control of the node power or maintenance state to be changed.
api_timeout: ${15:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${16:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${17:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${18|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
wait: ${19:false} # not required. A boolean value instructing the module to wait for node activation or deactivation to complete before returning.
cert: ${20:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${21:180} # not required. An integer value representing the number of seconds to wait for the node activation or deactivation to complete.
instance_info: ${22:undefined} # not required. Definition of the instance information which is used to deploy the node. This information is only required when an instance is set to present.
"""
'os_keypair':
'prefix': "os_keypair_snippet"
'description': "Add/Delete a keypair from OpenStack"
'body': """
os_keypair:
name: ${1:None} # required. Name that has to be given to the key pair
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
public_key: ${3:None} # not required. The public key that would be uploaded to nova and injected into VMs upon creation.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${5:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${7:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${8:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${9:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${10|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${11|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${12:180} # not required. How long should ansible wait for the requested resource.
cacert: ${13:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${14:true} # not required. Should ansible wait until the requested resource is complete.
public_key_file: ${15:None} # not required. Path to local file containing ssh public key. Mutually exclusive with public_key.
cloud: ${16:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
region_name: ${17:undefined} # not required. Name of the region.
"""
'os_keystone_domain':
'prefix': "os_keystone_domain_snippet"
'description': "Manage OpenStack Identity Domains"
'body': """
os_keystone_domain:
name: ${1:undefined} # required. Name that has to be given to the instance
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
description: ${3:None} # not required. Description of the domain
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
enabled: ${8:true} # not required. Is the domain enabled
cert: ${9:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${10:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${11:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${12|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${13|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${14:180} # not required. How long should ansible wait for the requested resource.
cacert: ${15:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${16:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${17:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
"""
'os_keystone_domain_facts':
'prefix': "os_keystone_domain_facts_snippet"
'description': "Retrieve facts about one or more OpenStack domains"
'body': """
os_keystone_domain_facts:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${2:undefined} # not required. Name of the region.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${4:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
timeout: ${6:180} # not required. How long should ansible wait for the requested resource.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${9|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${10:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
filters: ${11:None} # not required. A dictionary of meta data to use for further filtering. Elements of this dictionary may be additional dictionaries.
cacert: ${12:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${13:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${14:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
name: ${15:undefined} # not required. Name or ID of the domain
"""
'os_keystone_endpoint':
'prefix': "os_keystone_endpoint_snippet"
'description': "Manage OpenStack Identity service endpoints"
'body': """
os_keystone_endpoint:
interface: ${1|admin,public,internal|} # required. choices: admin;public;internal. Interface of the service.
service: ${2:undefined} # required. Name or id of the service.
url: ${3:undefined} # required. URL of the service.
auth_type: ${4:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${5:undefined} # not required. Name of the region.
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
cacert: ${8:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
key: ${9:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cloud: ${10:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${11:true} # not required. Should ansible wait until the requested resource is complete.
verify: ${12:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
region: ${13:undefined} # not required. Region that the service belongs to. Note that I(region_name) is used for authentication.
enabled: ${14:true} # not required. Is the service enabled.
cert: ${15:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
state: ${16|present,absent|} # not required. choices: present;absent. Should the resource be C(present) or C(absent).
timeout: ${17:180} # not required. How long should ansible wait for the requested resource.
"""
'os_keystone_role':
'prefix': "os_keystone_role_snippet"
'description': "Manage OpenStack Identity Roles"
'body': """
os_keystone_role:
name: ${1:undefined} # required. Role Name
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${4:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${6:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${9|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${10|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${11:180} # not required. How long should ansible wait for the requested resource.
cacert: ${12:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${13:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${14:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
region_name: ${15:undefined} # not required. Name of the region.
"""
'os_keystone_service':
'prefix': "os_keystone_service_snippet"
'description': "Manage OpenStack Identity services"
'body': """
os_keystone_service:
name: ${1:undefined} # required. Name of the service
service_type: ${2:undefined} # required. The type of service
auth_type: ${3:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
interface: ${8|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
key: ${9:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${10:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${11:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
description: ${12:None} # not required. Description of the service
verify: ${13:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
enabled: ${14:true} # not required. Is the service enabled
cert: ${15:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
state: ${16|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${17:180} # not required. How long should ansible wait for the requested resource.
wait: ${18:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_network':
'prefix': "os_network_snippet"
'description': "Creates/removes networks from OpenStack"
'body': """
os_network:
name: ${1:undefined} # required. Name to be assigned to the network.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
provider_physical_network: ${4:None} # not required. The physical network where this network object is implemented.
cacert: ${5:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${6:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
verify: ${7:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
state: ${8|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource.
shared: ${9:false} # not required. Whether this network is shared or not.
region_name: ${10:undefined} # not required. Name of the region.
provider_network_type: ${11:None} # not required. The type of physical network that maps to this network resource.
api_timeout: ${12:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${13:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
external: ${14:false} # not required. Whether this network is externally accessible.
key: ${15:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${16|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
wait: ${17:true} # not required. Should ansible wait until the requested resource is complete.
admin_state_up: ${18:true} # not required. Whether the state should be marked as up or down.
project: ${19:None} # not required. Project name or ID containing the network (name admin-only)
cert: ${20:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
provider_segmentation_id: ${21:None} # not required. An isolated segment on the physical network. The I(network_type) attribute defines the segmentation model. For example, if the I(network_type) value is vlan, this ID is a vlan identifier. If the I(network_type) value is gre, this ID is a gre key.
timeout: ${22:180} # not required. How long should ansible wait for the requested resource.
"""
'os_networks_facts':
'prefix': "os_networks_facts_snippet"
'description': "Retrieve facts about one or more OpenStack networks."
'body': """
os_networks_facts:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${2:undefined} # not required. Name of the region.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${4:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
timeout: ${6:180} # not required. How long should ansible wait for the requested resource.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${9|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${10:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
filters: ${11:undefined} # not required. A dictionary of meta data to use for further filtering. Elements of this dictionary may be additional dictionaries.
cacert: ${12:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${13:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${14:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
name: ${15:undefined} # not required. Name or ID of the Network
"""
'os_nova_flavor':
'prefix': "os_nova_flavor_snippet"
'description': "Manage OpenStack compute flavors"
'body': """
os_nova_flavor:
name: ${1:undefined} # required. Flavor name.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
ram: ${4:null} # not required. Amount of memory, in MB.
cacert: ${5:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
disk: ${6:null} # not required. Size of local disk, in GB.
cloud: ${7:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
flavorid: ${8:auto} # not required. ID for the flavor. This is optional as a unique UUID will be assigned if a value is not specified.
verify: ${9:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
ephemeral: ${10:0} # not required. Ephemeral space size, in GB.
vcpus: ${11:null} # not required. Number of virtual CPUs.
state: ${12|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource. When I(state) is 'present', then I(ram), I(vcpus), and I(disk) are all required. There are no default values for those parameters.
swap: ${13:0} # not required. Swap space size, in MB.
region_name: ${14:undefined} # not required. Name of the region.
api_timeout: ${15:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${16:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
extra_specs: ${17:None} # not required. Metadata dictionary
key: ${18:undefined} # not required. A path to a client key to use as part of the SSL transaction.
rxtx_factor: ${19:1} # not required. RX/TX factor.
interface: ${20|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
is_public: ${21:true} # not required. Make flavor accessible to the public.
wait: ${22:true} # not required. Should ansible wait until the requested resource is complete.
cert: ${23:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${24:180} # not required. How long should ansible wait for the requested resource.
"""
'os_nova_host_aggregate':
'prefix': "os_nova_host_aggregate_snippet"
'description': "Manage OpenStack host aggregates"
'body': """
os_nova_host_aggregate:
name: ${1:undefined} # required. Name of the aggregate.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:None} # not required. Availability zone to create aggregate into.
verify: ${5:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${7:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${8:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${9:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${10|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${11|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
hosts: ${12:None} # not required. List of hosts to set for an aggregate.
timeout: ${13:180} # not required. How long should ansible wait for the requested resource.
cacert: ${14:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${16:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
metadata: ${17:None} # not required. Metadata dict.
"""
'os_object':
'prefix': "os_object_snippet"
'description': "Create or Delete objects and containers from OpenStack"
'body': """
os_object:
container: ${1:undefined} # required. The name of the container in which to create the object
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${6:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
interface: ${7|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${9:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${10:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${11:true} # not required. Should ansible wait until the requested resource is complete.
name: ${12:undefined} # not required. Name to be give to the object. If omitted, operations will be on the entire container
verify: ${13:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
cert: ${14:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
filename: ${15:undefined} # not required. Path to local file to be uploaded.
state: ${16|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${17:180} # not required. How long should ansible wait for the requested resource.
container_access: ${18|private,public|} # not required. choices: private;public. desired container access level.
"""
'os_port':
'prefix': "os_port_snippet"
'description': "Add/Update/Delete ports from an OpenStack cloud."
'body': """
os_port:
network: ${1:undefined} # required. Network ID or name this port belongs to.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
allowed_address_pairs: ${3:None} # not required. Allowed address pairs list. Allowed address pairs are supported with dictionary structure. e.g. allowed_address_pairs: - ip_address: 10.1.0.12 mac_address: ab:cd:ef:12:34:56 - ip_address: ...
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
extra_dhcp_opts: ${5:None} # not required. Extra dhcp options to be assigned to this port. Extra options are supported with dictionary structure. e.g. extra_dhcp_opts: - opt_name: opt name1 opt_value: value1 - opt_name: ...
interface: ${6|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
device_owner: ${7:None} # not required. The ID of the entity that uses this port.
fixed_ips: ${8:None} # not required. Desired IP and/or subnet for this port. Subnet is referenced by subnet_id and IP is referenced by ip_address.
security_groups: ${9:None} # not required. Security group(s) ID(s) or name(s) associated with the port (comma separated string or YAML list)
verify: ${10:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
state: ${11|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
cloud: ${12:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
mac_address: ${13:None} # not required. MAC address of this port.
wait: ${14:true} # not required. Should ansible wait until the requested resource is complete.
region_name: ${15:undefined} # not required. Name of the region.
api_timeout: ${16:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${17:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${18:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${19:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
device_id: ${20:None} # not required. Device ID of device using this port.
name: ${21:None} # not required. Name that has to be given to the port.
admin_state_up: ${22:None} # not required. Sets admin state.
cert: ${23:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
no_security_groups: ${24:false} # not required. Do not associate a security group with this port.
timeout: ${25:180} # not required. How long should ansible wait for the requested resource.
"""
'os_port_facts':
'prefix': "os_port_facts_snippet"
'description': "Retrieve facts about ports within OpenStack."
'body': """
os_port_facts:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${2:undefined} # not required. Name of the region.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${4:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
timeout: ${6:180} # not required. How long should ansible wait for the requested resource.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${9|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${10:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
filters: ${11:null} # not required. A dictionary of meta data to use for further filtering. Elements of this dictionary will be matched against the returned port dictionaries. Matching is currently limited to strings within the port dictionary, or strings within nested dictionaries.
cacert: ${12:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
port: ${13:null} # not required. Unique name or ID of a port.
cloud: ${14:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_project':
'prefix': "os_project_snippet"
'description': "Manage OpenStack Projects"
'body': """
os_project:
name: ${1:undefined} # required. Name for the project
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
api_timeout: ${5:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${6:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
interface: ${7|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
key: ${8:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${9:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
domain_id: ${10:None} # not required. Domain id to create the project in if the cloud supports domains. The domain_id parameter requires shade >= 1.8.0
cloud: ${11:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
description: ${12:None} # not required. Description for the project
verify: ${13:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
enabled: ${14:true} # not required. Is the project enabled
cert: ${15:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
state: ${16|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${17:180} # not required. How long should ansible wait for the requested resource.
wait: ${18:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_project_access':
'prefix': "os_project_access_snippet"
'description': "Manage OpenStack compute flavors acceess"
'body': """
os_project_access:
target_project_id: ${1:undefined} # required. Project id.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
resource_name: ${3:undefined} # not required. The resource name (eg. tiny).
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. The availability zone of the resource.
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${8:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${9:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${12|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource.
cloud: ${13:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
timeout: ${14:180} # not required. How long should ansible wait for the requested resource.
cacert: ${15:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
resource_type: ${16:undefined} # not required. The resource type (eg. nova_flavor, cinder_volume_type).
wait: ${17:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_project_facts':
'prefix': "os_project_facts_snippet"
'description': "Retrieve facts about one or more OpenStack projects"
'body': """
os_project_facts:
name: ${1:undefined} # required. Name or ID of the project
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
domain: ${3:None} # not required. Name or ID of the domain containing the project if the cloud supports domains
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
timeout: ${8:180} # not required. How long should ansible wait for the requested resource.
auth: ${9:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${12:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
filters: ${13:None} # not required. A dictionary of meta data to use for further filtering. Elements of this dictionary may be additional dictionaries.
cacert: ${14:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${16:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
"""
'os_quota':
'prefix': "os_quota_snippet"
'description': "Manage OpenStack Quotas"
'body': """
os_quota:
name: ${1:undefined} # required. Name of the OpenStack Project to manage.
snapshots_lvm: ${2:None} # not required. Number of LVM snapshots to allow.
server_groups: ${3:None} # not required. Number of server groups to allow.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
ram: ${5:None} # not required. Maximum amount of ram in MB to allow.
snapshots: ${6:None} # not required. Number of snapshots to allow.
instances: ${7:None} # not required. Maximum number of instances allowed.
backups: ${8:None} # not required. Maximum number of backups allowed.
fixed_ips: ${9:None} # not required. Number of fixed IP's to allow.
port: ${10:None} # not required. Number of Network ports to allow, this needs to be greater than the instances limit.
cloud: ${11:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
subnet: ${12:None} # not required. Number of subnets to allow.
per_volume_gigabytes: ${13:None} # not required. Maximum size in GB's of individual volumes.
network: ${14:None} # not required. Number of networks to allow.
floatingip: ${15:None} # not required. Number of floating IP's to allow in Network.
verify: ${16:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
volumes_lvm: ${17:None} # not required. Number of LVM volumes to allow.
floating_ips: ${18:None} # not required. Number of floating IP's to allow in Compute.
auth_type: ${19:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
properties: ${20:None} # not required. Number of properties to allow.
security_group_rule: ${21:None} # not required. Number of rules per security group to allow.
state: ${22:present} # not required. A value of present sets the quota and a value of absent resets the quota to system defaults.
injected_files: ${23:None} # not required. Number of injected files to allow.
gigabytes_lvm: ${24:None} # not required. Maximum size in GB's of individual lvm volumes.
wait: ${25:true} # not required. Should ansible wait until the requested resource is complete.
api_timeout: ${26:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
injected_path_size: ${27:None} # not required. Maximum path size.
region_name: ${28:undefined} # not required. Name of the region.
gigabytes: ${29:None} # not required. Maximum volume storage allowed for project.
backup_gigabytes: ${30:None} # not required. Maximum size of backups in GB's.
subnetpool: ${31:None} # not required. Number of subnet pools to allow.
key_pairs: ${32:None} # not required. Number of key pairs to allow.
interface: ${33|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
injected_file_size: ${34:None} # not required. Maximum file size in bytes.
key: ${35:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cores: ${36:None} # not required. Maximum number of CPU's per project.
cacert: ${37:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
rbac_policy: ${38:None} # not required. Number of policies to allow.
pool: ${39:None} # not required. Number of load balancer pools to allow.
server_group_members: ${40:None} # not required. Number of server group members to allow.
timeout: ${41:180} # not required. How long should ansible wait for the requested resource.
cert: ${42:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
volumes: ${43:None} # not required. Number of volumes to allow.
security_group: ${44:None} # not required. Number of security groups to allow.
router: ${45:None} # not required. Number of routers to allow.
auth: ${46:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
loadbalancer: ${47:None} # not required. Number of load balancers to allow.
"""
'os_recordset':
'prefix': "os_recordset_snippet"
'description': "Manage OpenStack DNS recordsets"
'body': """
os_recordset:
name: ${1:undefined} # required. Name of the recordset
zone: ${2:undefined} # required. Zone managing the recordset
records: ${3:undefined} # required. List of recordset definitions
recordset_type: ${4:undefined} # required. Recordset type
auth_type: ${5:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
availability_zone: ${6:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${7:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${8:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${9:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${10:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${11:undefined} # not required. A path to a client key to use as part of the SSL transaction.
state: ${12|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
region_name: ${13:undefined} # not required. Name of the region.
timeout: ${14:180} # not required. How long should ansible wait for the requested resource.
ttl: ${15:None} # not required. TTL (Time To Live) value in seconds
cacert: ${16:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${17:true} # not required. Should ansible wait until the requested resource is complete.
interface: ${18|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cloud: ${19:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
description: ${20:None} # not required. Description of the recordset
"""
'os_router':
'prefix': "os_router_snippet"
'description': "Create or delete routers from OpenStack"
'body': """
os_router:
name: ${1:undefined} # required. Name to be give to the router
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
key: ${3:undefined} # not required. A path to a client key to use as part of the SSL transaction.
enable_snat: ${4:true} # not required. Enable Source NAT (SNAT) attribute.
cert: ${5:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
network: ${6:None} # not required. Unique name or ID of the external gateway network.,required I(interfaces) or I(enable_snat) are provided.
region_name: ${7:undefined} # not required. Name of the region.
admin_state_up: ${8:true} # not required. Desired admin state of the created or existing router.
verify: ${9:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
interfaces: ${10:None} # not required. List of subnets to attach to the router internal interface. Default gateway associated with the subnet will be automatically attached with the router's internal interface. In order to provide an ip address different from the default gateway,parameters are passed as dictionary with keys as network name or ID(net), subnet name or ID (subnet) and the IP of port (portip) from the network. User defined portip is often required when a multiple router need to be connected to a single subnet for which the default gateway has been already used.
availability_zone: ${11:undefined} # not required. Ignored. Present for backwards compatibility
timeout: ${12:180} # not required. How long should ansible wait for the requested resource.
auth: ${13:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
project: ${14:None} # not required. Unique name or ID of the project.
interface: ${15|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${16|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
api_timeout: ${17:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cacert: ${18:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${19:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${20:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
external_fixed_ips: ${21:None} # not required. The IP address parameters for the external gateway network. Each is a dictionary with the subnet name or ID (subnet) and the IP address to assign on the subnet (ip). If no IP is specified, one is automatically assigned from that subnet.
"""
'os_security_group':
'prefix': "os_security_group_snippet"
'description': "Add/Delete security groups from an OpenStack cloud."
'body': """
os_security_group:
name: ${1:undefined} # required. Name that has to be given to the security group. This module requires that security group names be unique.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
description: ${3:None} # not required. Long description of the purpose of the security group
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${8:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${9:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${12|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${13:180} # not required. How long should ansible wait for the requested resource.
cacert: ${14:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${16:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
"""
'os_security_group_rule':
'prefix': "os_security_group_rule_snippet"
'description': "Add/Delete rule from an existing security group"
'body': """
os_security_group_rule:
security_group: ${1:undefined} # required. Name or ID of the security group
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
protocol: ${3|tcp,udp,icmp,112,None|} # not required. choices: tcp;udp;icmp;112;None. IP protocols TCP UDP ICMP 112 (VRRP)
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
interface: ${5|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cloud: ${6:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
verify: ${7:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
state: ${8|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
port_range_min: ${9:None} # not required. Starting port
direction: ${10|egress,ingress|} # not required. choices: egress;ingress. The direction in which the security group rule is applied. Not all providers support egress.
region_name: ${11:undefined} # not required. Name of the region.
port_range_max: ${12:None} # not required. Ending port
api_timeout: ${13:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${14:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${15:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${16:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${17:true} # not required. Should ansible wait until the requested resource is complete.
remote_ip_prefix: ${18:undefined} # not required. Source IP address(es) in CIDR notation (exclusive with remote_group)
remote_group: ${19:undefined} # not required. Name or ID of the Security group to link (exclusive with remote_ip_prefix)
cert: ${20:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${21:180} # not required. How long should ansible wait for the requested resource.
ethertype: ${22|IPv4,IPv6|} # not required. choices: IPv4;IPv6. Must be IPv4 or IPv6, and addresses represented in CIDR must match the ingress or egress rules. Not all providers support IPv6.
"""
'os_server':
'prefix': "os_server_snippet"
'description': "Create/Delete Compute Instances from OpenStack"
'body': """
os_server:
name: ${1:undefined} # required. Name that has to be given to the instance
image: ${2:undefined} # required. The name or id of the base image to boot.
auth_type: ${3:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
volumes: ${4:} # not required. A list of preexisting volumes names or ids to attach to the instance
availability_zone: ${5:undefined} # not required. Availability zone in which to create the server.
key_name: ${6:None} # not required. The key pair name to be used when creating a instance
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
image_exclude: ${8:undefined} # not required. Text to use to filter image names, for the case, such as HP, where there are multiple image names matching the common identifying portions. image_exclude is a negative match filter - it is text that may not exist in the image name. Defaults to \"(deprecated)\"
boot_volume: ${9:None} # not required. Volume name or id to use as the volume to boot from. Implies boot_from_volume. Mutually exclusive with image and boot_from_volume.
flavor_include: ${10:undefined} # not required. Text to use to filter flavor names, for the case, such as Rackspace, where there are multiple flavors that have the same ram count. flavor_include is a positive match filter - it must exist in the flavor name.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cloud: ${12:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
meta: ${13:None} # not required. A list of key value pairs that should be provided as a metadata to the new instance or a string containing a list of key-value pairs. Eg: meta: \"key1=value1,key2=value2\"
auth: ${14:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${15:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${16:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
terminate_volume: ${17:false} # not required. If true, delete volume when deleting instance (if booted from volume)
flavor: ${18:1} # not required. The name or id of the flavor in which the new instance has to be created. Mutually exclusive with flavor_ram
delete_fip: ${19:false} # not required. When I(state) is absent and this option is true, any floating IP associated with the instance will be deleted along with the instance.
security_groups: ${20:None} # not required. Names of the security groups to which the instance should be added. This may be a YAML list or a comma separated string.
scheduler_hints: ${21:None} # not required. Arbitrary key/value pairs to the scheduler for custom use
boot_from_volume: ${22:false} # not required. Should the instance boot from a persistent volume created based on the image given. Mututally exclusive with boot_volume.
userdata: ${23:None} # not required. Opaque blob of data which is made available to the instance
cert: ${24:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
network: ${25:None} # not required. Name or ID of a network to attach this instance to. A simpler version of the nics parameter, only one of network or nics should be supplied.
region_name: ${26:undefined} # not required. Name of the region.
nics: ${27:None} # not required. A list of networks to which the instance's interface should be attached. Networks may be referenced by net-id/net-name/port-id or port-name.,Also this accepts a string containing a list of (net/port)-(id/name) Eg: nics: \"net-id=uuid-1,port-name=myport\" Only one of network or nics should be supplied.
floating_ips: ${28:None} # not required. list of valid floating IPs that pre-exist to assign to this node
flavor_ram: ${29:1} # not required. The minimum amount of ram in MB that the flavor in which the new instance has to be created must have. Mutually exclusive with flavor.
volume_size: ${30:undefined} # not required. The size of the volume to create in GB if booting from volume based on an image.
state: ${31|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
auto_ip: ${32:yes} # not required. Ensure instance has public ip however the cloud wants to do that
config_drive: ${33:no} # not required. Whether to boot the server with config drive enabled
timeout: ${34:180} # not required. The amount of time the module should wait for the instance to get into active state.
verify: ${35:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
wait: ${36:yes} # not required. If the module should wait for the instance to be created.
reuse_ips: ${37:true} # not required. When I(auto_ip) is true and this option is true, the I(auto_ip) code will attempt to re-use unassigned floating ips in the project before creating a new one. It is important to note that it is impossible to safely do this concurrently, so if your use case involves concurrent server creation, it is highly recommended to set this to false and to delete the floating ip associated with a server when the server is deleted using I(delete_fip).
floating_ip_pools: ${38:None} # not required. Name of floating IP pool from which to choose a floating IP
"""
'os_server_action':
'prefix': "os_server_action_snippet"
'description': "Perform actions on Compute Instances from OpenStack"
'body': """
os_server_action:
server: ${1:undefined} # required. Name or ID of the instance
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
image: ${5:null} # not required. Image the server should be rebuilt with
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
interface: ${8|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
key: ${9:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${10:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${11:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${12:yes} # not required. If the module should wait for the instance action to be performed.
verify: ${13:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
cert: ${14:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${15:180} # not required. The amount of time the module should wait for the instance to perform the requested action.
action: ${16|stop,start,pause,unpause,lock,unlock,suspend,resume,rebuild|} # not required. choices: stop;start;pause;unpause;lock;unlock;suspend;resume;rebuild. Perform the given action. The lock and unlock actions always return changed as the servers API does not provide lock status.
"""
'os_server_facts':
'prefix': "os_server_facts_snippet"
'description': "Retrieve facts about one or more compute instances"
'body': """
os_server_facts:
detailed: ${1:false} # not required. when true, return additional detail about servers at the expense of additional API calls.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${5:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
server: ${8:None} # not required. restrict results to servers with names or UUID matching this glob expression (e.g., C<web*>).
key: ${9:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${10|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${11:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${12:180} # not required. How long should ansible wait for the requested resource.
cacert: ${13:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${14:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_server_group':
'prefix': "os_server_group_snippet"
'description': "Manage OpenStack server groups"
'body': """
os_server_group:
name: ${1:undefined} # required. Server group name.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
cert: ${3:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
timeout: ${8:180} # not required. How long should ansible wait for the requested resource.
auth: ${9:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${12|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource. When I(state) is 'present', then I(policies) is required.
policies: ${13:undefined} # not required. A list of one or more policy names to associate with the server group. The list must contain at least one policy name. The current valid policy names are anti-affinity, affinity, soft-anti-affinity and soft-affinity.
cacert: ${14:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${16:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
"""
'os_server_volume':
'prefix': "os_server_volume_snippet"
'description': "Attach/Detach Volumes from OpenStack VM's"
'body': """
os_server_volume:
server: ${1:undefined} # required. Name or ID of server you want to attach a volume to
volume: ${2:undefined} # required. Name or id of volume you want to attach to a server
auth_type: ${3:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
key: ${4:undefined} # not required. A path to a client key to use as part of the SSL transaction.
region_name: ${5:undefined} # not required. Name of the region.
availability_zone: ${6:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${7:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${8:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${9:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${10:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
cacert: ${11:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
state: ${12|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${13:180} # not required. How long should ansible wait for the requested resource.
device: ${14:None} # not required. Device you want to attach. Defaults to auto finding a device name.
interface: ${15|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cloud: ${16:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${17:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_stack':
'prefix': "os_stack_snippet"
'description': "Add/Remove Heat Stack"
'body': """
os_stack:
name: ${1:undefined} # required. Name of the stack that should be created, name could be char and digit, no space
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
key: ${3:undefined} # not required. A path to a client key to use as part of the SSL transaction.
rollback: ${4:false} # not required. Rollback stack creation
parameters: ${5:None} # not required. Dictionary of parameters for the stack creation
availability_zone: ${6:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${7:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${8:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${9:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${10:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
environment: ${11:None} # not required. List of environment files that should be used for the stack creation
interface: ${12|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${13|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
tag: ${14:None} # not required. Tag for the stack that should be created, name could be char and digit, no space
region_name: ${15:undefined} # not required. Name of the region.
timeout: ${16:3600} # not required. Maximum number of seconds to wait for the stack creation
cacert: ${17:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${18:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${19:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
template: ${20:None} # not required. Path of the template file to use for the stack creation
"""
'os_subnet':
'prefix': "os_subnet_snippet"
'description': "Add/Remove subnet to an OpenStack network"
'body': """
os_subnet:
name: ${1:undefined} # required. The name of the subnet that should be created. Although Neutron allows for non-unique subnet names, this module enforces subnet name uniqueness.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
no_gateway_ip: ${3:false} # not required. The gateway IP would not be assigned for this subnet
use_default_subnetpool: ${4:false} # not required. Use the default subnetpool for I(ip_version) to obtain a CIDR.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
ipv6_ra_mode: ${8|dhcpv6-stateful,dhcpv6-stateless,slaac|} # not required. choices: dhcpv6-stateful;dhcpv6-stateless;slaac. IPv6 router advertisement mode
host_routes: ${9:None} # not required. A list of host route dictionaries for the subnet.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${11:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
ipv6_address_mode: ${12|dhcpv6-stateful,dhcpv6-stateless,slaac|} # not required. choices: dhcpv6-stateful;dhcpv6-stateless;slaac. IPv6 address mode
cidr: ${13:None} # not required. The CIDR representation of the subnet that should be assigned to the subnet. Required when I(state) is 'present' and a subnetpool is not specified.
network_name: ${14:undefined} # not required. Name of the network to which the subnet should be attached,Required when I(state) is 'present"
allocation_pool_end: ${15:None} # not required. From the subnet pool the last IP that should be assigned to the virtual machines.
region_name: ${16:undefined} # not required. Name of the region.
enable_dhcp: ${17:true} # not required. Whether DHCP should be enabled for this subnet.
verify: ${18:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
dns_nameservers: ${19:None} # not required. List of DNS nameservers for this subnet.
cert: ${20:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
project: ${21:None} # not required. Project name or ID containing the subnet (name admin-only)
state: ${22|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
allocation_pool_start: ${23:None} # not required. From the subnet pool the starting address from which the IP should be allocated.
gateway_ip: ${24:None} # not required. The ip that would be assigned to the gateway for this subnet
cloud: ${25:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
timeout: ${26:180} # not required. How long should ansible wait for the requested resource.
ip_version: ${27:4} # not required. The IP version of the subnet 4 or 6
wait: ${28:true} # not required. Should ansible wait until the requested resource is complete.
interface: ${29|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
"""
'os_subnets_facts':
'prefix': "os_subnets_facts_snippet"
'description': "Retrieve facts about one or more OpenStack subnets."
'body': """
os_subnets_facts:
auth_type: ${1:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
subnet: ${2:undefined} # not required. Name or ID of the subnet
region_name: ${3:undefined} # not required. Name of the region.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${5:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
timeout: ${7:180} # not required. How long should ansible wait for the requested resource.
auth: ${8:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${9:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${10|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${11:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
filters: ${12:undefined} # not required. A dictionary of meta data to use for further filtering. Elements of this dictionary may be additional dictionaries.
cacert: ${13:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${14:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_user':
'prefix': "os_user_snippet"
'description': "Manage OpenStack Identity Users"
'body': """
os_user:
name: ${1:undefined} # required. Username for the user
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
update_password: ${3|always,on_create|} # not required. choices: always;on_create. C(always) will attempt to update password. C(on_create) will only set the password for newly created users.
availability_zone: ${4:undefined} # not required. Ignored. Present for backwards compatibility
domain: ${5:None} # not required. Domain to create the user in if the cloud supports domains
cacert: ${6:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${7:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
region_name: ${8:undefined} # not required. Name of the region.
default_project: ${9:None} # not required. Project name or ID that the user should be associated with by default
verify: ${10:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
state: ${11|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
email: ${12:None} # not required. Email address for the user
description: ${13:undefined} # not required. Description about the user
api_timeout: ${14:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${15:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${16:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${17|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
password: ${18:None} # not required. Password for the user
wait: ${19:true} # not required. Should ansible wait until the requested resource is complete.
enabled: ${20:true} # not required. Is the user enabled
cert: ${21:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${22:180} # not required. How long should ansible wait for the requested resource.
"""
'os_user_facts':
'prefix': "os_user_facts_snippet"
'description': "Retrieve facts about one or more OpenStack users"
'body': """
os_user_facts:
name: ${1:undefined} # required. Name or ID of the user
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
domain: ${3:None} # not required. Name or ID of the domain containing the user if the cloud supports domains
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
timeout: ${8:180} # not required. How long should ansible wait for the requested resource.
auth: ${9:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
cert: ${12:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
filters: ${13:None} # not required. A dictionary of meta data to use for further filtering. Elements of this dictionary may be additional dictionaries.
cacert: ${14:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
wait: ${15:true} # not required. Should ansible wait until the requested resource is complete.
cloud: ${16:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
"""
'os_user_group':
'prefix': "os_user_group_snippet"
'description': "Associate OpenStack Identity users and groups"
'body': """
os_user_group:
group: ${1:undefined} # required. Name or id for the group.
user: ${2:undefined} # required. Name or id for the user
auth_type: ${3:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${6:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${7:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${8:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${9:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${11|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
state: ${12|present,absent|} # not required. choices: present;absent. Should the user be present or absent in the group
timeout: ${13:180} # not required. How long should ansible wait for the requested resource.
cacert: ${14:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${15:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${16:true} # not required. Should ansible wait until the requested resource is complete.
"""
'os_user_role':
'prefix': "os_user_role_snippet"
'description': "Associate OpenStack Identity users and roles"
'body': """
os_user_role:
role: ${1:undefined} # required. Name or ID for the role.
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
domain: ${3:null} # not required. ID of the domain to scope the role association to. Valid only with keystone version 3, and required if I(project) is not specified.
region_name: ${4:undefined} # not required. Name of the region.
availability_zone: ${5:undefined} # not required. Ignored. Present for backwards compatibility
api_timeout: ${6:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${7:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
interface: ${8|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
user: ${9:null} # not required. Name or ID for the user. If I(user) is not specified, then I(group) is required. Both may not be specified.
key: ${10:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${11:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
cloud: ${12:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
wait: ${13:true} # not required. Should ansible wait until the requested resource is complete.
group: ${14:null} # not required. Name or ID for the group. Valid only with keystone version 3. If I(group) is not specified, then I(user) is required. Both may not be specified.
verify: ${15:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
cert: ${16:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
project: ${17:null} # not required. Name or ID of the project to scope the role association to. If you are using keystone version 2, then this value is required.
state: ${18|present,absent|} # not required. choices: present;absent. Should the roles be present or absent on the user.
timeout: ${19:180} # not required. How long should ansible wait for the requested resource.
"""
'os_volume':
'prefix': "os_volume_snippet"
'description': "Create/Delete Cinder Volumes"
'body': """
os_volume:
display_name: ${1:undefined} # required. Name of volume
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
availability_zone: ${3:undefined} # not required. Ignored. Present for backwards compatibility
image: ${4:None} # not required. Image name or id for boot from volume
cacert: ${5:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
snapshot_id: ${6:None} # not required. Volume snapshot id to create from
cloud: ${7:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
size: ${8:None} # not required. Size of volume in GB. This parameter is required when the I(state) parameter is 'present'.
verify: ${9:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
display_description: ${10:None} # not required. String describing the volume
state: ${11|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
scheduler_hints: ${12:None} # not required. Scheduler hints passed to volume API in form of dict
region_name: ${13:undefined} # not required. Name of the region.
api_timeout: ${14:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
auth: ${15:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
volume: ${16:None} # not required. Volume name or id to create from
key: ${17:undefined} # not required. A path to a client key to use as part of the SSL transaction.
interface: ${18|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
wait: ${19:true} # not required. Should ansible wait until the requested resource is complete.
volume_type: ${20:None} # not required. Volume type for volume
cert: ${21:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
timeout: ${22:180} # not required. How long should ansible wait for the requested resource.
"""
'os_zone':
'prefix': "os_zone_snippet"
'description': "Manage OpenStack DNS zones"
'body': """
os_zone:
name: ${1:undefined} # required. Zone name
auth_type: ${2:undefined} # not required. Name of the auth plugin to use. If the cloud uses something other than password authentication, the name of the plugin should be indicated here and the contents of the I(auth) parameter should be updated accordingly.
masters: ${3:None} # not required. Master nameservers (only applies if zone_type is secondary)
description: ${4:None} # not required. Zone description
region_name: ${5:undefined} # not required. Name of the region.
availability_zone: ${6:undefined} # not required. Ignored. Present for backwards compatibility
verify: ${7:undefined} # not required. Whether or not SSL API requests should be verified. Before 2.3 this defaulted to True.
api_timeout: ${8:undefined} # not required. How long should the socket layer wait before timing out for API calls. If this is omitted, nothing will be passed to the requests library.
cert: ${9:undefined} # not required. A path to a client certificate to use as part of the SSL transaction.
auth: ${10:undefined} # not required. Dictionary containing auth information as needed by the cloud's auth plugin strategy. For the default I(password) plugin, this would contain I(auth_url), I(username), I(password), I(project_name) and any information about domains if the cloud supports them. For other plugins, this param will need to contain whatever parameters that auth plugin requires. This parameter is not needed if a named cloud is provided or OpenStack OS_* environment variables are present.
key: ${11:undefined} # not required. A path to a client key to use as part of the SSL transaction.
cacert: ${12:undefined} # not required. A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
state: ${13|present,absent|} # not required. choices: present;absent. Should the resource be present or absent.
timeout: ${14:180} # not required. How long should ansible wait for the requested resource.
ttl: ${15:None} # not required. TTL (Time To Live) value in seconds
zone_type: ${16|primary,secondary|} # not required. choices: primary;secondary. Zone type
wait: ${17:true} # not required. Should ansible wait until the requested resource is complete.
interface: ${18|public,internal,admin|} # not required. choices: public;internal;admin. Endpoint URL type to fetch from the service catalog.
email: ${19:undefined} # not required. Email of the zone owner (only applies if zone_type is primary)
cloud: ${20:undefined} # not required. Named cloud or cloud config to operate against. If I(cloud) is a string, it references a named cloud config as defined in an OpenStack clouds.yaml file. Provides default values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is provided or if OpenStack OS_* environment variables are present. If I(cloud) is a dict, it contains a complete cloud configuration like would be in a section of clouds.yaml.
"""
'osx_defaults':
'prefix': "osx_defaults_snippet"
'description': "osx_defaults allows users to read, write, and delete Mac OS X user defaults from Ansible"
'body': """
osx_defaults:
key: ${1:undefined} # required. The key of the user preference
domain: ${2:NSGlobalDomain} # not required. The domain is a domain name of the form com.companyname.appname.
array_add: ${3|true,false|} # not required. choices: true;false. Add new elements to the array for a key which has an array as its value.
host: ${4:null} # not required. The host on which the preference should apply. The special value \"currentHost\" corresponds to the \"-currentHost\" switch of the defaults commandline tool.
type: ${5|array,bool,boolean,date,float,int,integer,string|} # not required. choices: array;bool;boolean;date;float;int;integer;string. The type of value to write.
state: ${6|present,absent|} # not required. choices: present;absent. The state of the user defaults
value: ${7:null} # not required. The value to write. Only required when state = present.
"""
'say':
'prefix': "say_snippet"
'description': "Makes a computer to speak."
'body': """
say:
msg: ${1:undefined} # required. What to say
voice: ${2:undefined} # not required. What voice to use
"""
'ovh_ip_loadbalancing_backend':
'prefix': "ovh_ip_loadbalancing_backend_snippet"
'description': "Manage OVH IP LoadBalancing backends"
'body': """
ovh_ip_loadbalancing_backend:
endpoint: ${1:undefined} # required. The endpoint to use ( for instance ovh-eu)
name: ${2:undefined} # required. Name of the LoadBalancing internal name (ip-X.X.X.X)
application_key: ${3:undefined} # required. The applicationKey to use
application_secret: ${4:undefined} # required. The application secret to use
consumer_key: ${5:undefined} # required. The consumer key to use
backend: ${6:undefined} # required. The IP address of the backend to update / modify / delete
weight: ${7:8} # not required. Determines the weight for this backend
probe: ${8|none,http,icmp,oco|} # not required. choices: none;http;icmp;oco. Determines the type of probe to use for this backend
state: ${9|present,absent|} # not required. choices: present;absent. Determines whether the backend is to be created/modified or deleted
timeout: ${10:120} # not required. The timeout in seconds used to wait for a task to be completed.
"""
'ovirt':
'prefix': "ovirt_snippet"
'description': "oVirt/RHEV platform management"
'body': """
ovirt:
user: ${1:undefined} # required. The user to authenticate with.
password: ${2:undefined} # required. Password of the user to authenticate with.
url: ${3:undefined} # required. The url of the oVirt instance.
instance_name: ${4:undefined} # required. The name of the instance to use.
instance_mem: ${5:undefined} # not required. The instance's amount of memory in MB.
instance_cores: ${6:1} # not required. Define the instance's number of cores.
instance_cpus: ${7:1} # not required. The instance's number of CPUs.
image: ${8:undefined} # not required. The template to use for the instance.
instance_hostname: ${9:undefined} # not required. Define the instance's Hostname.
instance_disksize: ${10:undefined} # not required. Size of the instance's disk in GB.
instance_nic: ${11:undefined} # not required. The name of the network interface in oVirt/RHEV.
instance_network: ${12:rhevm} # not required. The logical network the machine should belong to.
instance_type: ${13|desktop,server,high_performance|} # not required. choices: desktop;server;high_performance. Define whether the instance is a server, desktop or high_performance.,I(high_performance) is supported since Ansible 2.5 and oVirt/RHV 4.2.
sdomain: ${14:undefined} # not required. The Storage Domain where you want to create the instance's disk on.
instance_os: ${15:undefined} # not required. Type of Operating System.
instance_ip: ${16:undefined} # not required. Define the instance's IP.
zone: ${17:undefined} # not required. Deploy the image to this oVirt cluster.
disk_alloc: ${18|preallocated,thin|} # not required. choices: preallocated;thin. Define whether disk is thin or preallocated.
region: ${19:undefined} # not required. The oVirt/RHEV datacenter where you want to deploy to.
instance_dns: ${20:undefined} # not required. Define the instance's Primary DNS server.
instance_netmask: ${21:undefined} # not required. Define the instance's Netmask.
state: ${22|absent,present,restarted,shutdown,started|} # not required. choices: absent;present;restarted;shutdown;started. Create, terminate or remove instances.
instance_key: ${23:undefined} # not required. Define the instance's Authorized key.
instance_domain: ${24:undefined} # not required. Define the instance's Domain.
instance_rootpw: ${25:undefined} # not required. Define the instance's Root password.
resource_type: ${26|new,template|} # not required. choices: new;template. Whether you want to deploy an image or create an instance from scratch.
disk_int: ${27|ide,virtio|} # not required. choices: ide;virtio. Interface type of the disk.
"""
'ovirt_affinity_group':
'prefix': "ovirt_affinity_group_snippet"
'description': "Module to manage affinity groups in oVirt/RHV"
'body': """
ovirt_affinity_group:
name: ${1:undefined} # required. Name of the affinity group to manage.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
vm_enforcing: ${3:undefined} # not required. If I(yes) VM cannot start if it does not satisfy the C(vm_rule).
host_rule: ${4|negative,positive|} # not required. choices: negative;positive. If I(positive) I(all) VMs in this group should run on the this host.,If I(negative) I(no) VMs in this group should run on the this host.,This parameter is support since oVirt/RHV 4.1 version.
poll_interval: ${5:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${6:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${7:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
cluster: ${8:undefined} # not required. Name of the cluster of the affinity group.
state: ${9|absent,present|} # not required. choices: absent;present. Should the affinity group be present or absent.
hosts: ${10:undefined} # not required. List of the hosts names, which should have assigned this affinity group.,This parameter is support since oVirt/RHV 4.1 version.
timeout: ${11:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
vm_rule: ${12|disabled,negative,positive|} # not required. choices: disabled;negative;positive. If I(positive) I(all) VMs in this group should run on the host defined by C(host_rule).,If I(negative) I(no) VMs in this group should run on the host defined by C(host_rule).,If I(disabled) this affinity group doesn't take effect.
host_enforcing: ${13:undefined} # not required. If I(yes) VM cannot start on host if it does not satisfy the C(host_rule).,This parameter is support since oVirt/RHV 4.1 version.
wait: ${14:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
vms: ${15:undefined} # not required. List of the VMs names, which should have assigned this affinity group.
description: ${16:undefined} # not required. Description of the affinity group.
"""
'ovirt_affinity_label':
'prefix': "ovirt_affinity_label_snippet"
'description': "Module to manage affinity labels in oVirt/RHV"
'body': """
ovirt_affinity_label:
name: ${1:undefined} # required. Name of the affinity label to manage.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
poll_interval: ${3:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
state: ${4|present,absent|} # not required. choices: present;absent. Should the affinity label be present or absent.
nested_attributes: ${5:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
cluster: ${6:undefined} # not required. Name of the cluster where vms and hosts resides.
fetch_nested: ${7:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
hosts: ${8:undefined} # not required. List of the hosts names, which should have assigned this affinity label.
timeout: ${9:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
vms: ${10:undefined} # not required. List of the VMs names, which should have assigned this affinity label.
wait: ${11:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_affinity_label_facts':
'prefix': "ovirt_affinity_label_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV affinity labels"
'body': """
ovirt_affinity_label_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
name: ${2:undefined} # not required. Name of the affinity labels which should be listed.
host: ${3:undefined} # not required. Name of the host, which affinity labels should be listed.
vm: ${4:undefined} # not required. Name of the VM, which affinity labels should be listed.
fetch_nested: ${5:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${6:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_api_facts':
'prefix': "ovirt_api_facts_snippet"
'description': "Retrieve facts about the oVirt/RHV API"
'body': """
ovirt_api_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
fetch_nested: ${2:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${3:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_auth':
'prefix': "ovirt_auth_snippet"
'description': "Module to manage authentication to oVirt/RHV"
'body': """
ovirt_auth:
username: ${1:undefined} # not required. The name of the user. For example: I(admin@internal) Default value is set by I(OVIRT_USERNAME) environment variable.
ca_file: ${2:undefined} # not required. A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If C(ca_file) parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.
url: ${3:undefined} # not required. A string containing the base URL of the server. For example: I(https://server.example.com/ovirt-engine/api). Default value is set by I(OVIRT_URL) environment variable.
insecure: ${4:undefined} # not required. A boolean flag that indicates if the server TLS certificate and host name should be checked.
kerberos: ${5:undefined} # not required. A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.
compress: ${6:undefined} # not required. A boolean flag indicating if the SDK should ask the server to send compressed responses. The default is I(True). Note that this is a hint for the server, and that it may return uncompressed data even when this parameter is set to I(True).
state: ${7|present,absent|} # not required. choices: present;absent. Specifies if a token should be created or revoked.
headers: ${8:undefined} # not required. A dictionary of HTTP headers to be added to each API call.
token: ${9:undefined} # not required. SSO token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.
timeout: ${10:undefined} # not required. The maximum total time to wait for the response, in seconds. A value of zero (the default) means wait forever. If the timeout expires before the response is received an exception will be raised.
password: ${11:undefined} # not required. The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.
"""
'ovirt_cluster':
'prefix': "ovirt_cluster_snippet"
'description': "Module to manage clusters in oVirt/RHV"
'body': """
ovirt_cluster:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
name: ${2:undefined} # required. Name of the cluster to manage.
comment: ${3:undefined} # not required. Comment of the cluster.
ha_reservation: ${4:undefined} # not required. If I(True) enable the oVirt/RHV to monitor cluster capacity for highly available virtual machines.
fence_skip_if_connectivity_broken: ${5:undefined} # not required. If I(True) fencing will be temporarily disabled if the percentage of hosts in the cluster that are experiencing connectivity issues is greater than or equal to the defined threshold.,The threshold can be specified by C(fence_connectivity_threshold).
mac_pool: ${6:undefined} # not required. MAC pool to be used by this cluster.,C(Note:),This is supported since oVirt version 4.1.
virt: ${7:undefined} # not required. If I(True), hosts in this cluster will be used to run virtual machines.
threads_as_cores: ${8:undefined} # not required. If I(True) the exposed host threads would be treated as cores which can be utilized by virtual machines.
gluster: ${9:undefined} # not required. If I(True), hosts in this cluster will be used as Gluster Storage server nodes, and not for running virtual machines.,By default the cluster is created for virtual machine hosts.
vm_reason: ${10:undefined} # not required. If I(True) enable an optional reason field when a virtual machine is shut down from the Manager, allowing the administrator to provide an explanation for the maintenance.
fetch_nested: ${11:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
migration_bandwidth_limit: ${12:undefined} # not required. Set the I(custom) migration bandwidth limit.,This parameter is used only when C(migration_bandwidth) is I(custom).
switch_type: ${13|legacy,ovs|} # not required. choices: legacy;ovs. Type of switch to be used by all networks in given cluster. Either I(legacy) which is using linux brigde or I(ovs) using Open vSwitch.
data_center: ${14:undefined} # not required. Datacenter name where cluster reside.
ksm_numa: ${15:undefined} # not required. If I(True) enables KSM C(ksm) for best berformance inside NUMA nodes.
description: ${16:undefined} # not required. Description of the cluster.
cpu_arch: ${17|x86_64,ppc64,undefined|} # not required. choices: x86_64;ppc64;undefined. CPU architecture of cluster.
rng_sources: ${18:undefined} # not required. List that specify the random number generator devices that all hosts in the cluster will use.,Supported generators are: I(hwrng) and I(random).
network: ${19:undefined} # not required. Management network of cluster to access cluster hosts.
state: ${20|present,absent|} # not required. choices: present;absent. Should the cluster be present or absent
ksm: ${21:undefined} # not required. I I(True) MoM enables to run Kernel Same-page Merging I(KSM) when necessary and when it can yield a memory saving benefit that outweighs its CPU cost.
external_network_providers: ${22:undefined} # not required. List of references to the external network providers available in the cluster. If the automatic deployment of the external network provider is supported, the networks of the referenced network provider are available on every host in the cluster.,External network provider is described by following dictionary:,C(name) - Name of the external network provider. Either C(name) or C(id) is required.,C(id) - ID of the external network provider. Either C(name) or C(id) is required.,This is supported since oVirt version 4.2.
migration_compressed: ${23|true,false,inherit|} # not required. choices: true;false;inherit. If I(True) compression is used during live migration of the virtual machine.,Used only when C(migration_policy) is set to I(legacy).,Following options are supported:,C(true) - Override the global setting to I(true).,C(false) - Override the global setting to I(false).,C(inherit) - Use value which is set globally.
ballooning: ${24:undefined} # not required. If I(True) enable memory balloon optimization. Memory balloon is used to re-distribute / reclaim the host memory based on VM needs in a dynamic way.
migration_auto_converge: ${25|true,false,inherit|} # not required. choices: true;false;inherit. If I(True) auto-convergence is used during live migration of virtual machines.,Used only when C(migration_policy) is set to I(legacy).,Following options are supported:,C(true) - Override the global setting to I(true).,C(false) - Override the global setting to I(false).,C(inherit) - Use value which is set globally.
fence_enabled: ${26:undefined} # not required. If I(True) enables fencing on the cluster.,Fencing is enabled by default.
migration_policy: ${27|legacy,minimal_downtime,suspend_workload,post_copy|} # not required. choices: legacy;minimal_downtime;suspend_workload;post_copy. A migration policy defines the conditions for live migrating virtual machines in the event of host failure.,Following policies are supported:,C(legacy) - Legacy behavior of 3.6 version.,C(minimal_downtime) - Virtual machines should not experience any significant downtime.,C(suspend_workload) - Virtual machines may experience a more significant downtime.,C(post_copy) - Virtual machines should not experience any significant downtime. If the VM migration is not converging for a long time, the migration will be switched to post-copy. Added in version I(2.4).
nested_attributes: ${28:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
resilience_policy: ${29|do_not_migrate,migrate,migrate_highly_available|} # not required. choices: do_not_migrate;migrate;migrate_highly_available. The resilience policy defines how the virtual machines are prioritized in the migration.,Following values are supported:,C(do_not_migrate) - Prevents virtual machines from being migrated. ,C(migrate) - Migrates all virtual machines in order of their defined priority.,C(migrate_highly_available) - Migrates only highly available virtual machines to prevent overloading other hosts.
fence_connectivity_threshold: ${30:undefined} # not required. The threshold used by C(fence_skip_if_connectivity_broken).
spice_proxy: ${31:undefined} # not required. The proxy by which the SPICE client will connect to virtual machines.,The address must be in the following format: I(protocol://[host]:[port])
memory_policy: ${32|disabled,server,desktop|} # not required. choices: disabled;server;desktop. I(disabled) - Disables memory page sharing.,I(server) - Sets the memory page sharing threshold to 150% of the system memory on each host.,I(desktop) - Sets the memory page sharing threshold to 200% of the system memory on each host.
migration_bandwidth: ${33|auto,hypervisor_default,custom|} # not required. choices: auto;hypervisor_default;custom. The bandwidth settings define the maximum bandwidth of both outgoing and incoming migrations per host.,Following bandwidth options are supported:,C(auto) - Bandwidth is copied from the I(rate limit) [Mbps] setting in the data center host network QoS.,C(hypervisor_default) - Bandwidth is controlled by local VDSM setting on sending host.,C(custom) - Defined by user (in Mbps).
fence_skip_if_sd_active: ${34:undefined} # not required. If I(True) any hosts in the cluster that are Non Responsive and still connected to storage will not be fenced.
scheduling_policy: ${35:undefined} # not required. Name of the scheduling policy to be used for cluster.
wait: ${36:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
compatibility_version: ${37:undefined} # not required. The compatibility version of the cluster. All hosts in this cluster must support at least this compatibility version.
serial_policy_value: ${38:undefined} # not required. Allows you to specify a custom serial number.,This parameter is used only when C(serial_policy) is I(custom).
host_reason: ${39:undefined} # not required. If I(True) enable an optional reason field when a host is placed into maintenance mode from the Manager, allowing the administrator to provide an explanation for the maintenance.
poll_interval: ${40:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
cpu_type: ${41:undefined} # not required. CPU codename. For example I(Intel SandyBridge Family).
timeout: ${42:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
serial_policy: ${43:undefined} # not required. Specify a serial number policy for the virtual machines in the cluster.,Following options are supported:,C(vm) - Sets the virtual machine's UUID as its serial number.,C(host) - Sets the host's UUID as the virtual machine's serial number.,C(custom) - Allows you to specify a custom serial number in C(serial_policy_value).
trusted_service: ${44:undefined} # not required. If (True) enable integration with an OpenAttestation server.
"""
'ovirt_cluster_facts':
'prefix': "ovirt_cluster_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV clusters"
'body': """
ovirt_cluster_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search cluster X from datacenter Y use following pattern: name=X and datacenter=Y
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_datacenter':
'prefix': "ovirt_datacenter_snippet"
'description': "Module to manage data centers in oVirt/RHV"
'body': """
ovirt_datacenter:
name: ${1:undefined} # required. Name of the data center to manage.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
comment: ${3:undefined} # not required. Comment of the data center.
compatibility_version: ${4:undefined} # not required. Compatibility version of the data center.
force: ${5:false} # not required. This parameter can be used only when removing a data center. If I(True) data center will be forcibly removed, even though it contains some clusters. Default value is I(False), which means that only empty data center can be removed.
mac_pool: ${6:undefined} # not required. MAC pool to be used by this datacenter.,IMPORTANT: This option is deprecated in oVirt/RHV 4.1. You should use C(mac_pool) in C(ovirt_clusters) module, as MAC pools are set per cluster since 4.1.
local: ${7:undefined} # not required. I(True) if the data center should be local, I(False) if should be shared.,Default value is set by engine.
poll_interval: ${8:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${9:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${10:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
state: ${11|present,absent|} # not required. choices: present;absent. Should the data center be present or absent
timeout: ${12:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
wait: ${13:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
quota_mode: ${14|disabled,audit,enabled|} # not required. choices: disabled;audit;enabled. Quota mode of the data center. One of I(disabled), I(audit) or I(enabled)
description: ${15:undefined} # not required. Description of the data center.
"""
'ovirt_datacenter_facts':
'prefix': "ovirt_datacenter_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV datacenters"
'body': """
ovirt_datacenter_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search datacenter I(X) use following pattern: I(name=X)
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_disk':
'prefix': "ovirt_disk_snippet"
'description': "Module to manage Virtual Machine and floating disks in oVirt/RHV"
'body': """
ovirt_disk:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
profile: ${2:undefined} # not required. Disk profile name to be attached to disk. By default profile is chosen by oVirt/RHV engine.
vm_name: ${3:undefined} # not required. Name of the Virtual Machine to manage. Either C(vm_id) or C(vm_name) is required if C(state) is I(attached) or I(detached).
storage_domains: ${4:undefined} # not required. Storage domain names where disk should be copied.,C(**IMPORTANT**),There is no reliable way to achieve idempotency, so every time you specify this parameter the disks are copied, so please handle your playbook accordingly to not copy the disks all the time. This is valid only for VM and floating disks, template disks works as expected.
force: ${5:undefined} # not required. Please take a look at C(image_path) documentation to see the correct usage of this parameter.
description: ${6:undefined} # not required. Description of the disk image to manage.
sparsify: ${7:undefined} # not required. I(True) if the disk should be sparsified.,Sparsification frees space in the disk image that is not used by its filesystem. As a result, the image will occupy less space on the storage.,Note that this parameter isn't idempotent, as it's not possible to check if the disk should be or should not be sparsified.
poll_interval: ${8:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
logical_unit: ${9:undefined} # not required. Dictionary which describes LUN to be directly attached to VM:,C(address) - Address of the storage server. Used by iSCSI.,C(port) - Port of the storage server. Used by iSCSI.,C(target) - iSCSI target.,C(lun_id) - LUN id.,C(username) - CHAP Username to be used to access storage server. Used by iSCSI.,C(password) - CHAP Password of the user to be used to access storage server. Used by iSCSI.,C(storage_type) - Storage type either I(fcp) or I(iscsi).
nested_attributes: ${10:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
quota_id: ${11:undefined} # not required. Disk quota ID to be used for disk. By default quota is chosen by oVirt/RHV engine.
fetch_nested: ${12:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
download_image_path: ${13:undefined} # not required. Path on a file system where disk should be downloaded.,Note that you must have an valid oVirt/RHV engine CA in your system trust store or you must provide it in C(ca_file) parameter.,Note that the disk is not downloaded when the file already exists, but you can forcibly download the disk when using C(force) I (true).
interface: ${14|virtio,ide,virtio_scsi|} # not required. choices: virtio;ide;virtio_scsi. Driver of the storage interface.
vm_id: ${15:undefined} # not required. ID of the Virtual Machine to manage. Either C(vm_id) or C(vm_name) is required if C(state) is I(attached) or I(detached).
id: ${16:undefined} # not required. ID of the disk to manage. Either C(id) or C(name) is required.
size: ${17:undefined} # not required. Size of the disk. Size should be specified using IEC standard units. For example 10GiB, 1024MiB, etc.,Size can be only increased, not decreased.
storage_domain: ${18:undefined} # not required. Storage domain name where disk should be created. By default storage is chosen by oVirt/RHV engine.
openstack_volume_type: ${19:undefined} # not required. Name of the openstack volume type. This is valid when working with cinder.
bootable: ${20:undefined} # not required. I(True) if the disk should be bootable. By default when disk is created it isn't bootable.
format: ${21|raw,cow|} # not required. choices: raw;cow. Specify format of the disk.,Note that this option isn't idempotent as it's not currently possible to change format of the disk via API.
upload_image_path: ${22:undefined} # not required. Path to disk image, which should be uploaded.,Note that currently we support only compatibility version 0.10 of the qcow disk.,Note that you must have an valid oVirt/RHV engine CA in your system trust store or you must provide it in C(ca_file) parameter.,Note that there is no reliable way to achieve idempotency, so if you want to upload the disk even if the disk with C(id) or C(name) exists, then please use C(force) I(true). If you will use C(force) I(false), which is default, then the disk image won't be uploaded.
timeout: ${23:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
wait: ${24:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
name: ${25:undefined} # not required. Name of the disk to manage. Either C(id) or C(name)/C(alias) is required.
state: ${26|present,absent,attached,detached|} # not required. choices: present;absent;attached;detached. Should the Virtual Machine disk be present/absent/attached/detached.
shareable: ${27:undefined} # not required. I(True) if the disk should be shareable. By default when disk is created it isn't shareable.
sparse: ${28:undefined} # not required. I(True) if the disk should be sparse (also known as I(thin provision)). If the parameter is omitted, cow disks will be created as sparse and raw disks as I(preallocated),Note that this option isn't idempotent as it's not currently possible to change sparseness of the disk via API.
image_provider: ${29:undefined} # not required. When C(state) is I(exported) disk is exported to given Glance image provider.,C(**IMPORTANT**),There is no reliable way to achieve idempotency, so every time you specify this parameter the disk is exported, so please handle your playbook accordingly to not export the disk all the time. This option is valid only for template disks.
"""
'ovirt_disk_facts':
'prefix': "ovirt_disk_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV disks"
'body': """
ovirt_disk_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search Disk X from storage Y use following pattern: name=X and storage.name=Y
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_external_provider':
'prefix': "ovirt_external_provider_snippet"
'description': "Module to manage external providers in oVirt/RHV"
'body': """
ovirt_external_provider:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
username: ${2:undefined} # not required. Username to be used for login to external provider.,Applicable for all types.
read_only: ${3:undefined} # not required. Specify if the network should be read only.,Applicable if C(type) is I(network).
name: ${4:undefined} # not required. Name of the external provider to manage.
url: ${5:undefined} # not required. URL where external provider is hosted.,Applicable for those types: I(os_image), I(os_volume), I(network) and I(foreman).
tenant_name: ${6:undefined} # not required. Name of the tenant.,Applicable for those types: I(os_image), I(os_volume) and I(network).
poll_interval: ${7:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${8:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${9:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
state: ${10|present,absent|} # not required. choices: present;absent. Should the external be present or absent
authentication_url: ${11:undefined} # not required. Keystone authentication URL of the openstack provider.,Applicable for those types: I(os_image), I(os_volume) and I(network).
timeout: ${12:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
data_center: ${13:undefined} # not required. Name of the data center where provider should be attached.,Applicable for those type: I(os_volume).
wait: ${14:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
password: ${15:undefined} # not required. Password of the user specified in C(username) parameter.,Applicable for all types.
type: ${16|os_image,network,os_volume,foreman|} # not required. choices: os_image;network;os_volume;foreman. Type of the external provider.
network_type: ${17|external,neutron|} # not required. choices: external;neutron. Type of the external network provider either external (for example OVN) or neutron.,Applicable if C(type) is I(network).
description: ${18:undefined} # not required. Description of the external provider.
"""
'ovirt_external_provider_facts':
'prefix': "ovirt_external_provider_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV external providers"
'body': """
ovirt_external_provider_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
type: ${2|os_image,os_network,os_volume,foreman|} # required. choices: os_image;os_network;os_volume;foreman. Type of the external provider.
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
name: ${4:undefined} # not required. Name of the external provider, can be used as glob expression.
nested_attributes: ${5:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_group':
'prefix': "ovirt_group_snippet"
'description': "Module to manage groups in oVirt/RHV"
'body': """
ovirt_group:
name: ${1:undefined} # required. Name of the group to manage.
authz_name: ${2:undefined} # required. Authorization provider of the group. In previous versions of oVirt/RHV known as domain.
auth: ${3:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
namespace: ${4:undefined} # not required. Namespace of the authorization provider, where group resides.
state: ${5|present,absent|} # not required. choices: present;absent. Should the group be present/absent.
nested_attributes: ${6:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
poll_interval: ${7:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${8:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
timeout: ${9:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
wait: ${10:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_group_facts':
'prefix': "ovirt_group_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV groups"
'body': """
ovirt_group_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search group X use following pattern: name=X
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_host_networks':
'prefix': "ovirt_host_networks_snippet"
'description': "Module to manage host networks in oVirt/RHV"
'body': """
ovirt_host_networks:
name: ${1:undefined} # required. Name of the host to manage networks for.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
labels: ${3:undefined} # not required. List of names of the network label to be assigned to bond or interface.
poll_interval: ${4:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${5:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${6:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
networks: ${7:undefined} # not required. List of dictionary describing networks to be attached to interface or bond:,C(name) - Name of the logical network to be assigned to bond or interface.,C(boot_protocol) - Boot protocol one of the I(none), I(static) or I(dhcp).,C(address) - IP address in case of I(static) boot protocol is used.,C(netmask) - Subnet mask in case of I(static) boot protocol is used.,C(gateway) - Gateway in case of I(static) boot protocol is used.,C(version) - IP version. Either v4 or v6. Default is v4.
state: ${8|present,absent|} # not required. choices: present;absent. Should the host be present/absent.
timeout: ${9:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
interface: ${10:undefined} # not required. Name of the network interface where logical network should be attached.
wait: ${11:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
save: ${12:undefined} # not required. If I(true) network configuration will be persistent, by default they are temporary.
check: ${13:undefined} # not required. If I(true) verify connectivity between host and engine.,Network configuration changes will be rolled back if connectivity between engine and the host is lost after changing network configuration.
bond: ${14:undefined} # not required. Dictionary describing network bond:,C(name) - Bond name.,C(mode) - Bonding mode.,C(interfaces) - List of interfaces to create a bond.
"""
'ovirt_host_pm':
'prefix': "ovirt_host_pm_snippet"
'description': "Module to manage power management of hosts in oVirt/RHV"
'body': """
ovirt_host_pm:
name: ${1:undefined} # required. Name of the host to manage.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
username: ${3:undefined} # not required. Username to be used to connect to power management interface.
slot: ${4:undefined} # not required. Power management slot.
password: ${5:undefined} # not required. Password of the user specified in C(username) parameter.
poll_interval: ${6:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${7:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${8:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
order: ${9:undefined} # not required. Integer value specifying, by default it's added at the end.
port: ${10:undefined} # not required. Power management interface port.
state: ${11|present,absent|} # not required. choices: present;absent. Should the host be present/absent.
timeout: ${12:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
address: ${13:undefined} # not required. Address of the power management interface.
encrypt_options: ${14:undefined} # not required. If (true) options will be encrypted when send to agent.
type: ${15:undefined} # not required. Type of the power management. oVirt/RHV predefined values are I(drac5), I(ipmilan), I(rsa), I(bladecenter), I(alom), I(apc), I(apc_snmp), I(eps), I(wti), I(rsb), I(cisco_ucs), I(drac7), I(hpblade), I(ilo), I(ilo2), I(ilo3), I(ilo4), I(ilo_ssh), but user can have defined custom type.
options: ${16:undefined} # not required. Dictionary of additional fence agent options.,Additional information about options can be found at U(https://fedorahosted.org/cluster/wiki/FenceArguments).
wait: ${17:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_host_storage_facts':
'prefix': "ovirt_host_storage_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV HostStorages (applicable only for block storage)"
'body': """
ovirt_host_storage_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
host: ${2:undefined} # required. Host to get device list from.
fcp: ${3:undefined} # not required. Dictionary with values for fibre channel storage type:,C(address) - Address of the fibre channel storage server.,C(port) - Port of the fibre channel storage server.,C(lun_id) - LUN id.
iscsi: ${4:undefined} # not required. Dictionary with values for iSCSI storage type:,C(address) - Address of the iSCSI storage server.,C(target) - The target IQN for the storage device.,C(username) - A CHAP user name for logging into a target.,C(password) - A CHAP password for logging into a target.
fetch_nested: ${5:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${6:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_hosts':
'prefix': "ovirt_hosts_snippet"
'description': "Module to manage hosts in oVirt/RHV"
'body': """
ovirt_hosts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
name: ${2:undefined} # required. Name of the host to manage.
comment: ${3:undefined} # not required. Description of the host.
activate: ${4:true} # not required. If C(state) is I(present) activate the host.,This parameter is good to disable, when you don't want to change the state of host when using I(present) C(state).
force: ${5:false} # not required. If True host will be forcibly moved to desired state.
address: ${6:undefined} # not required. Host address. It can be either FQDN (preferred) or IP address.
power_management_enabled: ${7:undefined} # not required. Enable or disable power management of the host.,For more comprehensive setup of PM use C(ovirt_host_pm) module.
nested_attributes: ${8:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
cluster: ${9:undefined} # not required. Name of the cluster, where host should be created.
fetch_nested: ${10:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
hosted_engine: ${11:undefined} # not required. If I(deploy) it means this host should deploy also hosted engine components.,If I(undeploy) it means this host should un-deploy hosted engine components and this host will not function as part of the High Availability cluster.
override_iptables: ${12:undefined} # not required. If True host iptables will be overridden by host deploy script.,Note that C(override_iptables) is I(false) by default in oVirt/RHV.
kdump_integration: ${13|enabled,disabled|} # not required. choices: enabled;disabled. Specify if host will have enabled Kdump integration.
wait: ${14:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
check_upgrade: ${15:true} # not required. If I(true) and C(state) is I(upgraded) run check for upgrade action before executing upgrade action.
public_key: ${16:false} # not required. I(True) if the public key should be used to authenticate to host.,It's required in case C(password) is not set.
password: ${17:undefined} # not required. Password of the root. It's required in case C(public_key) is set to I(False).
spm_priority: ${18:undefined} # not required. SPM priority of the host. Integer value from 1 to 10, where higher number means higher priority.
iscsi: ${19:undefined} # not required. If C(state) is I(iscsidiscover) it means that the iscsi attribute is being used to discover targets,If C(state) is I(iscsilogin) it means that the iscsi attribute is being used to login to the specified targets passed as part of the iscsi attribute
poll_interval: ${20:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
kernel_params: ${21:undefined} # not required. List of kernel boot parameters.,Following are most common kernel parameters used for host:,Hostdev Passthrough & SR-IOV: intel_iommu=on,Nested Virtualization: kvm-intel.nested=1,Unsafe Interrupts: vfio_iommu_type1.allow_unsafe_interrupts=1,PCI Reallocation: pci=realloc,C(Note:),Modifying kernel boot parameters settings can lead to a host boot failure. Please consult the product documentation before doing any changes.,Kernel boot parameters changes require host deploy and restart. The host needs to be I(reinstalled) suceesfully and then to be I(rebooted) for kernel boot parameters to be applied.
state: ${22|present,absent,maintenance,upgraded,started,restarted,stopped,reinstalled,iscsidiscover,iscsilogin|} # not required. choices: present;absent;maintenance;upgraded;started;restarted;stopped;reinstalled;iscsidiscover;iscsilogin. State which should a host to be in after successful completion.,I(iscsilogin) and I(iscsidiscover) are supported since version 2.4.
timeout: ${23:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
override_display: ${24:undefined} # not required. Override the display address of all VMs on this host with specified address.
"""
'ovirt_hosts_facts':
'prefix': "ovirt_hosts_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV hosts"
'body': """
ovirt_hosts_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search host X from datacenter Y use following pattern: name=X and datacenter=Y
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_mac_pools':
'prefix': "ovirt_mac_pools_snippet"
'description': "Module to manage MAC pools in oVirt/RHV"
'body': """
ovirt_mac_pools:
name: ${1:undefined} # required. Name of the MAC pool to manage.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
ranges: ${3:undefined} # not required. List of MAC ranges. The from and to should be split by comma.,For example: 00:1a:4a:16:01:51,00:1a:4a:16:01:61
poll_interval: ${4:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${5:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${6:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
allow_duplicates: ${7:undefined} # not required. If (true) allow a MAC address to be used multiple times in a pool.,Default value is set by oVirt/RHV engine to I(false).
state: ${8|present,absent|} # not required. choices: present;absent. Should the mac pool be present or absent.
timeout: ${9:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
wait: ${10:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
description: ${11:undefined} # not required. Description of the MAC pool.
"""
'ovirt_networks':
'prefix': "ovirt_networks_snippet"
'description': "Module to manage logical networks in oVirt/RHV"
'body': """
ovirt_networks:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
name: ${2:undefined} # required. Name of the network to manage.
comment: ${3:undefined} # not required. Comment of the network.
timeout: ${4:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
description: ${5:undefined} # not required. Description of the network.
poll_interval: ${6:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${7:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${8:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
mtu: ${9:undefined} # not required. Maximum transmission unit (MTU) of the network.
wait: ${10:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
state: ${11|present,absent|} # not required. choices: present;absent. Should the network be present or absent
vm_network: ${12:undefined} # not required. If I(True) network will be marked as network for VM.,VM network carries traffic relevant to the virtual machine.
data_center: ${13:undefined} # not required. Datacenter name where network reside.
clusters: ${14:undefined} # not required. List of dictionaries describing how the network is managed in specific cluster.,C(name) - Cluster name.,C(assigned) - I(true) if the network should be assigned to cluster. Default is I(true).,C(required) - I(true) if the network must remain operational for all hosts associated with this network.,C(display) - I(true) if the network should marked as display network.,C(migration) - I(true) if the network should marked as migration network.,C(gluster) - I(true) if the network should marked as gluster network.
vlan_tag: ${15:undefined} # not required. Specify VLAN tag.
label: ${16:undefined} # not required. Name of the label to assign to the network.
"""
'ovirt_networks_facts':
'prefix': "ovirt_networks_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV networks"
'body': """
ovirt_networks_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search network starting with string vlan1 use: name=vlan1*
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_nics':
'prefix': "ovirt_nics_snippet"
'description': "Module to manage network interfaces of Virtual Machines in oVirt/RHV"
'body': """
ovirt_nics:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
name: ${2:undefined} # required. Name of the network interface to manage.
profile: ${3:undefined} # not required. Virtual network interface profile to be attached to VM network interface.
fetch_nested: ${4:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
network: ${5:undefined} # not required. Logical network to which the VM network interface should use, by default Empty network is used if network is not specified.
poll_interval: ${6:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
vm: ${7:undefined} # not required. Name of the Virtual Machine to manage.,You must provide either C(vm) parameter or C(template) parameter.
nested_attributes: ${8:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
state: ${9|absent,plugged,present,unplugged|} # not required. choices: absent;plugged;present;unplugged. Should the Virtual Machine NIC be present/absent/plugged/unplugged.
timeout: ${10:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
template: ${11:undefined} # not required. Name of the template to manage.,You must provide either C(vm) parameter or C(template) parameter.
mac_address: ${12:undefined} # not required. Custom MAC address of the network interface, by default it's obtained from MAC pool.
interface: ${13|e1000,pci_passthrough,rtl8139,rtl8139_virtio,spapr_vlan,virtio|} # not required. choices: e1000;pci_passthrough;rtl8139;rtl8139_virtio;spapr_vlan;virtio. Type of the network interface.
wait: ${14:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_nics_facts':
'prefix': "ovirt_nics_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV virtual machine network interfaces"
'body': """
ovirt_nics_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
vm: ${2:undefined} # required. Name of the VM where NIC is attached.
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
name: ${5:undefined} # not required. Name of the NIC, can be used as glob expression.
"""
'ovirt_permissions':
'prefix': "ovirt_permissions_snippet"
'description': "Module to manage permissions of users/groups in oVirt/RHV"
'body': """
ovirt_permissions:
authz_name: ${1:undefined} # required. Authorization provider of the user/group.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
poll_interval: ${3:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${4:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
object_type: ${5|cluster,cpu_profile,data_center,disk,disk_profile,host,network,storage_domain,system,template,vm,vm_pool,vnic_profile|} # not required. choices: cluster;cpu_profile;data_center;disk;disk_profile;host;network;storage_domain;system;template;vm;vm_pool;vnic_profile. The object where the permissions should be managed.
namespace: ${6:undefined} # not required. Namespace of the authorization provider, where user/group resides.
state: ${7|absent,present|} # not required. choices: absent;present. Should the permission be present/absent.
object_id: ${8:undefined} # not required. ID of the object where the permissions should be managed.
group_name: ${9:undefined} # not required. Name of the group to manage.,Note that if group does not exist in the system this module will fail, you should ensure the group exists by using M(ovirt_groups) module.
object_name: ${10:undefined} # not required. Name of the object where the permissions should be managed.
role: ${11:UserRole} # not required. Name of the role to be assigned to user/group on specific object.
nested_attributes: ${12:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
timeout: ${13:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
user_name: ${14:undefined} # not required. Username of the user to manage. In most LDAPs it's I(uid) of the user, but in Active Directory you must specify I(UPN) of the user.,Note that if user does not exist in the system this module will fail, you should ensure the user exists by using M(ovirt_users) module.
wait: ${15:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_permissions_facts':
'prefix': "ovirt_permissions_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV permissions"
'body': """
ovirt_permissions_facts:
authz_name: ${1:undefined} # required. Authorization provider of the user/group. In previous versions of oVirt/RHV known as domain.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
namespace: ${3:undefined} # not required. Namespace of the authorization provider, where user/group resides.
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
group_name: ${5:undefined} # not required. Name of the group to manage.
fetch_nested: ${6:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
user_name: ${7:undefined} # not required. Username of the user to manage. In most LDAPs it's I(uid) of the user, but in Active Directory you must specify I(UPN) of the user.
"""
'ovirt_quotas':
'prefix': "ovirt_quotas_snippet"
'description': "Module to manage datacenter quotas in oVirt/RHV"
'body': """
ovirt_quotas:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
data_center: ${2:undefined} # required. Name of the datacenter where quota should be managed.
name: ${3:undefined} # required. Name of the quota to manage.
timeout: ${4:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
description: ${5:undefined} # not required. Description of the quota to manage.
cluster_grace: ${6:undefined} # not required. Cluster grace(hard limit) defined in percentage (1-100).
cluster_threshold: ${7:undefined} # not required. Cluster threshold(soft limit) defined in percentage (0-100).
poll_interval: ${8:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${9:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${10:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
state: ${11|present,absent|} # not required. choices: present;absent. Should the quota be present/absent.
storage_grace: ${12:undefined} # not required. Storage grace(hard limit) defined in percentage (1-100).
storage_threshold: ${13:undefined} # not required. Storage threshold(soft limit) defined in percentage (0-100).
clusters: ${14:undefined} # not required. List of dictionary of cluster limits, which is valid to specific cluster.,If cluster isn't spefied it's valid to all clusters in system:,C(cluster) - Name of the cluster.,C(memory) - Memory limit (in GiB).,C(cpu) - CPU limit.
storages: ${15:undefined} # not required. List of dictionary of storage limits, which is valid to specific storage.,If storage isn't spefied it's valid to all storages in system:,C(storage) - Name of the storage.,C(size) - Size limit (in GiB).
wait: ${16:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_quotas_facts':
'prefix': "ovirt_quotas_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV quotas"
'body': """
ovirt_quotas_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
data_center: ${2:undefined} # required. Name of the datacenter where quota resides.
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
name: ${4:undefined} # not required. Name of the quota, can be used as glob expression.
nested_attributes: ${5:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_scheduling_policies_facts':
'prefix': "ovirt_scheduling_policies_facts_snippet"
'description': "Retrieve facts about one or more oVirt scheduling policies"
'body': """
ovirt_scheduling_policies_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
id: ${2:undefined} # required. ID of the scheduling policy.
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
name: ${5:undefined} # not required. Name of the scheduling policy, can be used as glob expression.
"""
'ovirt_snapshots':
'prefix': "ovirt_snapshots_snippet"
'description': "Module to manage Virtual Machine Snapshots in oVirt/RHV"
'body': """
ovirt_snapshots:
vm_name: ${1:undefined} # required. Name of the Virtual Machine to manage.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
description: ${3:undefined} # not required. Description of the snapshot.
use_memory: ${4:undefined} # not required. If I(true) and C(state) is I(present) save memory of the Virtual Machine if it's running.,If I(true) and C(state) is I(restore) restore memory of the Virtual Machine.,Note that Virtual Machine will be paused while saving the memory.
poll_interval: ${5:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
state: ${6|restore,present,absent|} # not required. choices: restore;present;absent. Should the Virtual Machine snapshot be restore/present/absent.
nested_attributes: ${7:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
fetch_nested: ${8:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
timeout: ${9:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
snapshot_id: ${10:undefined} # not required. ID of the snapshot to manage.
wait: ${11:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_snapshots_facts':
'prefix': "ovirt_snapshots_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV virtual machine snapshots"
'body': """
ovirt_snapshots_facts:
vm: ${1:undefined} # required. Name of the VM with snapshot.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
description: ${3:undefined} # not required. Description of the snapshot, can be used as glob expression.
fetch_nested: ${4:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${5:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
snapshot_id: ${6:undefined} # not required. Id of the snaphost we want to retrieve facts about.
"""
'ovirt_storage_connections':
'prefix': "ovirt_storage_connections_snippet"
'description': "Module to manage storage connections in oVirt"
'body': """
ovirt_storage_connections:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
username: ${2:undefined} # not required. A CHAP username for logging into a target.
force: ${3:undefined} # not required. This parameter is releven only when updating a connection.,If I(true) the storage domain don't have to be in I(MAINTENANCE) state, so the storage connection is updated.
poll_interval: ${4:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
nested_attributes: ${5:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
fetch_nested: ${6:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
mount_options: ${7:undefined} # not required. Option which will be passed when mounting storage.
address: ${8:undefined} # not required. Address of the storage server. E.g.: myserver.mydomain.com
nfs_timeout: ${9:undefined} # not required. The time in tenths of a second to wait for a response before retrying NFS requests. Range 0 to 65535.
path: ${10:undefined} # not required. Path of the mount point of the storage. E.g.: /path/to/my/data
password: ${11:undefined} # not required. A CHAP password for logging into a target.
nfs_version: ${12:undefined} # not required. NFS version. One of: I(auto), I(v3), I(v4) or I(v4_1).
wait: ${13:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
target: ${14:undefined} # not required. The target IQN for the storage device.
id: ${15:undefined} # not required. Id of the storage connection to manage.
storage: ${16:undefined} # not required. Name of the storage domain to be used with storage connection.
nfs_retrans: ${17:undefined} # not required. The number of times to retry a request before attempting further recovery actions. Range 0 to 65535.
port: ${18:undefined} # not required. Port of the iSCSI storage server.
state: ${19|present,absent|} # not required. choices: present;absent. Should the storage connection be present or absent.
timeout: ${20:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
vfs_type: ${21:undefined} # not required. Virtual File System type.
type: ${22:undefined} # not required. Storage type. For example: I(nfs), I(iscsi), etc.
"""
'ovirt_storage_domains':
'prefix': "ovirt_storage_domains_snippet"
'description': "Module to manage storage domains in oVirt/RHV"
'body': """
ovirt_storage_domains:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
comment: ${2:undefined} # not required. Comment of the storage domain.
fcp: ${3:undefined} # not required. Dictionary with values for fibre channel storage type:,C(address) - Address of the fibre channel storage server.,C(port) - Port of the fibre channel storage server.,C(lun_id) - LUN id.,C(override_luns) - If I(True) FCP storage domain luns will be overridden before adding.,Note that these parameters are not idempotent.
fetch_nested: ${4:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
description: ${5:undefined} # not required. Description of the storage domain.
format: ${6:undefined} # not required. If I(True) storage domain will be formatted after removing it from oVirt/RHV.,This parameter is relevant only when C(state) is I(absent).
warning_low_space: ${7:undefined} # not required. Inidcates the minimum percentage of a free space in a storage domain to present a warning.
nested_attributes: ${8:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
glusterfs: ${9:undefined} # not required. Dictionary with values for GlusterFS storage type:,C(address) - Address of the Gluster server. E.g.: myserver.mydomain.com,C(path) - Path of the mount point. E.g.: /path/to/my/data,C(mount_options) - Option which will be passed when mounting storage.,Note that these parameters are not idempotent.
localfs: ${10:undefined} # not required. Dictionary with values for localfs storage type:,C(path) - Path of the mount point. E.g.: /path/to/my/data,Note that these parameters are not idempotent.
discard_after_delete: ${11:undefined} # not required. If I(True) storage domain blocks will be discarded upon deletion. Enabled by default.,This parameter is relevant only for block based storage domains.
data_center: ${12:undefined} # not required. Data center name where storage domain should be attached.,This parameter isn't idempotent, it's not possible to change data center of storage domain.
id: ${13:undefined} # not required. Id of the storage domain to be imported.
wait: ${14:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
domain_function: ${15|data,iso,export|} # not required. choices: data;iso;export. Function of the storage domain.,This parameter isn't idempotent, it's not possible to change domain function of storage domain.
name: ${16:undefined} # not required. Name of the storage domain to manage. (Not required when state is I(imported))
critical_space_action_blocker: ${17:undefined} # not required. Inidcates the minimal free space the storage domain should contain in percentages.
iscsi: ${18:undefined} # not required. Dictionary with values for iSCSI storage type:,C(address) - Address of the iSCSI storage server.,C(port) - Port of the iSCSI storage server.,C(target) - The target IQN for the storage device.,C(lun_id) - LUN id(s).,C(username) - A CHAP user name for logging into a target.,C(password) - A CHAP password for logging into a target.,C(override_luns) - If I(True) ISCSI storage domain luns will be overridden before adding.,C(target_lun_map) - List of dictionary containing targets and LUNs.\",Note that these parameters are not idempotent.,Parameter C(target_lun_map) is supported since Ansible 2.5.
posixfs: ${19:undefined} # not required. Dictionary with values for PosixFS storage type:,C(path) - Path of the mount point. E.g.: /path/to/my/data,C(vfs_type) - Virtual File System type.,C(mount_options) - Option which will be passed when mounting storage.,Note that these parameters are not idempotent.
poll_interval: ${20:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
host: ${21:undefined} # not required. Host to be used to mount storage.
state: ${22|present,absent,maintenance,unattached,update_ovf_store|} # not required. choices: present;absent;maintenance;unattached;update_ovf_store. Should the storage domain be present/absent/maintenance/unattached/imported/update_ovf_store,I(imported) is supported since version 2.4.,I(update_ovf_store) is supported since version 2.5, currently if C(wait) is (true), we don't wait for update.
nfs: ${23:undefined} # not required. Dictionary with values for NFS storage type:,C(address) - Address of the NFS server. E.g.: myserver.mydomain.com,C(path) - Path of the mount point. E.g.: /path/to/my/data,C(version) - NFS version. One of: I(auto), I(v3), I(v4) or I(v4_1).,C(timeout) - The time in tenths of a second to wait for a response before retrying NFS requests. Range 0 to 65535.,C(retrans) - The number of times to retry a request before attempting further recovery actions. Range 0 to 65535.,C(mount_options) - Option which will be passed when mounting storage.,Note that these parameters are not idempotent.
timeout: ${24:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
wipe_after_delete: ${25:undefined} # not required. Boolean flag which indicates whether the storage domain should wipe the data after delete.
destroy: ${26:undefined} # not required. Logical remove of the storage domain. If I(true) retains the storage domain's data for import.,This parameter is relevant only when C(state) is I(absent).
backup: ${27:undefined} # not required. Boolean flag which indicates whether the storage domain is configured as backup or not.
"""
'ovirt_storage_domains_facts':
'prefix': "ovirt_storage_domains_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV storage domains"
'body': """
ovirt_storage_domains_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search storage domain X from datacenter Y use following pattern: name=X and datacenter=Y
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_storage_templates_facts':
'prefix': "ovirt_storage_templates_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV templates relate to a storage domain."
'body': """
ovirt_storage_templates_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
unregistered: ${2:undefined} # not required. Flag which indicates whether to get unregistered templates which contain one or more disks which reside on a storage domain or diskless templates.
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_storage_vms_facts':
'prefix': "ovirt_storage_vms_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV virtual machines relate to a storage domain."
'body': """
ovirt_storage_vms_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
unregistered: ${2:undefined} # not required. Flag which indicates whether to get unregistered virtual machines which contain one or more disks which reside on a storage domain or diskless virtual machines.
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_tags':
'prefix': "ovirt_tags_snippet"
'description': "Module to manage tags in oVirt/RHV"
'body': """
ovirt_tags:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
name: ${2:undefined} # required. Name of the tag to manage.
description: ${3:undefined} # not required. Description of the tag to manage.
parent: ${4:undefined} # not required. Name of the parent tag.
fetch_nested: ${5:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${6:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
vms: ${7:undefined} # not required. List of the VMs names, which should have assigned this tag.
wait: ${8:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
poll_interval: ${9:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
state: ${10|present,absent,attached,detached|} # not required. choices: present;absent;attached;detached. Should the tag be present/absent/attached/detached.,C(Note): I(attached) and I(detached) states are supported since version 2.4.
hosts: ${11:undefined} # not required. List of the hosts names, which should have assigned this tag.
timeout: ${12:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
"""
'ovirt_tags_facts':
'prefix': "ovirt_tags_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV tags"
'body': """
ovirt_tags_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
name: ${2:undefined} # not required. Name of the tag which should be listed.
poll_interval: ${3:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
host: ${4:undefined} # not required. Name of the host, which tags should be listed.
nested_attributes: ${5:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
vm: ${6:undefined} # not required. Name of the VM, which tags should be listed.
fetch_nested: ${7:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
timeout: ${8:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
wait: ${9:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_templates':
'prefix': "ovirt_templates_snippet"
'description': "Module to manage virtual machine templates in oVirt/RHV"
'body': """
ovirt_templates:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
exclusive: ${2:undefined} # not required. When C(state) is I(exported) this parameter indicates if the existing templates with the same name should be overwritten.
description: ${3:undefined} # not required. Description of the template.
image_provider: ${4:undefined} # not required. When C(state) is I(imported) this parameter specifies the name of the image provider to be used.
image_disk: ${5:undefined} # not required. When C(state) is I(imported) and C(image_provider) is used this parameter specifies the name of disk to be imported as template.
vm: ${6:undefined} # not required. Name of the VM, which will be used to create template.
nested_attributes: ${7:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
cluster: ${8:undefined} # not required. Name of the cluster, where template should be created/imported.
fetch_nested: ${9:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
role_mappings: ${10:undefined} # not required. Mapper which maps role name between Template's OVF and the destination role this Template should be registered to, relevant when C(state) is registered. Role mapping is described by the following dictionary:,C(source_name): The name of the source role.,C(dest_name): The name of the destination role.
seal: ${11:false} # not required. 'Sealing' is an operation that erases all machine-specific configurations from a filesystem: This includes SSH keys, UDEV rules, MAC addresses, system ID, hostname, etc. If I(true) subsequent virtual machines made from this template will avoid configuration inheritance.,This parameter is used only when C(state) I(present).
id: ${12:undefined} # not required. ID of the template to be registered.
vnic_profile_mappings: ${13:undefined} # not required. Mapper which maps an external virtual NIC profile to one that exists in the engine when C(state) is registered. vnic_profile is described by the following dictionary:,C(source_network_name): The network name of the source network.,C(source_profile_name): The prfile name related to the source network.,C(target_profile_id): The id of the target profile id to be mapped to in the engine.
storage_domain: ${14:undefined} # not required. When C(state) is I(imported) this parameter specifies the name of the destination data storage domain. When C(state) is I(registered) this parameter specifies the name of the data storage domain of the unregistered template.
domain_mappings: ${15:undefined} # not required. Mapper which maps aaa domain name between Template's OVF and the destination aaa domain this Template should be registered to, relevant when C(state) is registered. The aaa domain mapping is described by the following dictionary:,C(source_name): The name of the source aaa domain.,C(dest_name): The name of the destination aaa domain.
export_domain: ${16:undefined} # not required. When C(state) is I(exported) or I(imported) this parameter specifies the name of the export storage domain.
template_image_disk_name: ${17:undefined} # not required. When C(state) is I(imported) and C(image_provider) is used this parameter specifies the new name for imported disk, if omitted then I(image_disk) name is used by default. This parameter is used only in case of importing disk image from Glance domain.
cpu_profile: ${18:undefined} # not required. CPU profile to be set to template.
poll_interval: ${19:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
wait: ${20:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
name: ${21:undefined} # not required. Name of the template to manage.
state: ${22|present,absent,exported,imported,registered|} # not required. choices: present;absent;exported;imported;registered. Should the template be present/absent/exported/imported/registered. When C(state) is I(registered) and the unregistered template's name belongs to an already registered in engine template in the same DC then we fail to register the unregistered template.
timeout: ${23:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
allow_partial_import: ${24:undefined} # not required. Boolean indication whether to allow partial registration of a template when C(state) is registered.
cluster_mappings: ${25:undefined} # not required. Mapper which maps cluster name between Template's OVF and the destination cluster this Template should be registered to, relevant when C(state) is registered. Cluster mapping is described by the following dictionary:,C(source_name): The name of the source cluster.,C(dest_name): The name of the destination cluster.
clone_permissions: ${26:false} # not required. If I(True) then the permissions of the VM (only the direct ones, not the inherited ones) will be copied to the created template.,This parameter is used only when C(state) I(present).
"""
'ovirt_templates_facts':
'prefix': "ovirt_templates_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV templates"
'body': """
ovirt_templates_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search template X from datacenter Y use following pattern: name=X and datacenter=Y
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_users':
'prefix': "ovirt_users_snippet"
'description': "Module to manage users in oVirt/RHV"
'body': """
ovirt_users:
name: ${1:undefined} # required. Name of the user to manage. In most LDAPs it's I(uid) of the user, but in Active Directory you must specify I(UPN) of the user.
authz_name: ${2:undefined} # required. Authorization provider of the user. In previous versions of oVirt/RHV known as domain.
auth: ${3:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
poll_interval: ${4:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
state: ${5|present,absent|} # not required. choices: present;absent. Should the user be present/absent.
nested_attributes: ${6:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
fetch_nested: ${7:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
timeout: ${8:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
wait: ${9:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
"""
'ovirt_users_facts':
'prefix': "ovirt_users_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV users"
'body': """
ovirt_users_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search user X use following pattern: name=X
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_vmpools':
'prefix': "ovirt_vmpools_snippet"
'description': "Module to manage VM pools in oVirt/RHV"
'body': """
ovirt_vmpools:
name: ${1:undefined} # required. Name of the VM pool to manage.
auth: ${2:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
timeout: ${3:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
description: ${4:undefined} # not required. Description of the VM pool.
poll_interval: ${5:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
fetch_nested: ${6:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${7:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
vm_per_user: ${8:undefined} # not required. Maximum number of VMs a single user can attach to from this pool.,Default value is set by engine.
cluster: ${9:undefined} # not required. Name of the cluster, where VM pool should be created.
state: ${10|present,absent|} # not required. choices: present;absent. Should the VM pool be present/absent.,Note that when C(state) is I(absent) all VMs in VM pool are stopped and removed.
prestarted: ${11:undefined} # not required. Number of pre-started VMs defines the number of VMs in run state, that are waiting to be attached to Users.,Default value is set by engine.
template: ${12:undefined} # not required. Name of the template, which will be used to create VM pool.
wait: ${13:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
type: ${14|manual,automatic|} # not required. choices: manual;automatic. Type of the VM pool. Either manual or automatic.,C(manual) - The administrator is responsible for explicitly returning the virtual machine to the pool. The virtual machine reverts to the original base image after the administrator returns it to the pool.,C(Automatic) - When the virtual machine is shut down, it automatically reverts to its base image and is returned to the virtual machine pool.,Default value is set by engine.
vm_count: ${15:undefined} # not required. Number of VMs in the pool.,Default value is set by engine.
"""
'ovirt_vmpools_facts':
'prefix': "ovirt_vmpools_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV vmpools"
'body': """
ovirt_vmpools_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
pattern: ${2:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search vmpool X: name=X
fetch_nested: ${3:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
"""
'ovirt_vms':
'prefix': "ovirt_vms_snippet"
'description': "Module to manage Virtual Machines in oVirt/RHV"
'body': """
ovirt_vms:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
comment: ${2:undefined} # not required. Comment of the Virtual Machine.
graphical_console: ${3:undefined} # not required. Assign graphical console to the virtual machine.,Graphical console is a dictionary which can have following values:,C(headless_mode) - If I(true) disable the graphics console for this virtual machine.,C(protocol) - Graphical protocol, one of I(VNC), I(SPICE), or both.
cloud_init_nics: ${4:undefined} # not required. List of dictionaries representing network interafaces to be setup by cloud init.,This option is used, when user needs to setup more network interfaces via cloud init.,If one network interface is enough, user should use C(cloud_init) I(nic_*) parameters. C(cloud_init) I(nic_*) parameters are merged with C(cloud_init_nics) parameters.,Dictionary can contain following values.,C(nic_boot_protocol) - Set boot protocol of the network interface of Virtual Machine. Can be one of C(none), C(dhcp) or C(static).,C(nic_ip_address) - If boot protocol is static, set this IP address to network interface of Virtual Machine.,C(nic_netmask) - If boot protocol is static, set this netmask to network interface of Virtual Machine.,C(nic_gateway) - If boot protocol is static, set this gateway to network interface of Virtual Machine.,C(nic_name) - Set name to network interface of Virtual Machine.,C(nic_on_boot) - If I(True) network interface will be set to start on boot.
boot_menu: ${5:undefined} # not required. I(True) enable menu to select boot device, I(False) to disable it. By default is chosen by oVirt/RHV engine.
xen: ${6:undefined} # not required. Dictionary of values to be used to connect to XEN and import a virtual machine to oVirt.,Dictionary can contain following values.,C(url) - The URL to be passed to the I(virt-v2v) tool for conversion. For example I(xen+ssh://root@zen.server). This is required parameter.,C(drivers_iso) - The name of the ISO containing drivers that can be used during the I(virt-v2v) conversion process.,C(sparse) - Specifies the disk allocation policy of the resulting virtual machine. I(true) for sparse, I(false) for preallocated. Default value is I(true).,C(storage_domain) - Specifies the target storage domain for converted disks. This is required parameter.
fetch_nested: ${7:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
watchdog: ${8:undefined} # not required. Assign watchdog device for the virtual machine.,Watchdogs is a dictionary which can have following values:,C(model) - Model of the watchdog device. For example: I(i6300esb), I(diag288) or I(null).,C(action) - Watchdog action to be performed when watchdog is triggered. For example: I(none), I(reset), I(poweroff), I(pause) or I(dump).
memory_max: ${9:undefined} # not required. Upper bound of virtual machine memory up to which memory hot-plug can be performed. Prefix uses IEC 60027-2 standard (for example 1GiB, 1024MiB).,Default value is set by engine.
cpu_sockets: ${10:undefined} # not required. Number of virtual CPUs sockets of the Virtual Machine.,Default value is set by oVirt/RHV engine.
high_availability: ${11:undefined} # not required. If I(yes) Virtual Machine will be set as highly available.,If I(no) Virtual Machine won't be set as highly available.,If no value is passed, default value is set by oVirt/RHV engine.
storage_domain: ${12:undefined} # not required. Name of the storage domain where all template disks should be created.,This parameter is considered only when C(template) is provided.,IMPORTANT - This parameter is not idempotent, if the VM exists and you specfiy different storage domain, disk won't move.
domain_mappings: ${13:undefined} # not required. Mapper which maps aaa domain name between VM's OVF and the destination aaa domain this VM should be registered to, relevant when C(state) is registered. The aaa domain mapping is described by the following dictionary:,C(source_name): The name of the source aaa domain.,C(dest_name): The name of the destination aaa domain.
disk_format: ${14|cow,raw|} # not required. choices: cow;raw. Specify format of the disk.,If C(cow) format is used, disk will by created as sparse, so space will be allocated for the volume as needed, also known as I(thin provision).,If C(raw) format is used, disk storage will be allocated right away, also known as I(preallocated).,Note that this option isn't idempotent as it's not currently possible to change format of the disk via API.,This parameter is considered only when C(template) and C(storage domain) is provided.
cpu_cores: ${15:undefined} # not required. Number of virtual CPUs cores of the Virtual Machine.,Default value is set by oVirt/RHV engine.
ballooning_enabled: ${16:undefined} # not required. If I(true), use memory ballooning.,Memory balloon is a guest device, which may be used to re-distribute / reclaim the host memory based on VM needs in a dynamic way. In this way it's possible to create memory over commitment states.
memory_guaranteed: ${17:undefined} # not required. Amount of minimal guaranteed memory of the Virtual Machine. Prefix uses IEC 60027-2 standard (for example 1GiB, 1024MiB).,C(memory_guaranteed) parameter can't be lower than C(memory) parameter.,Default value is set by engine.
memory: ${18:undefined} # not required. Amount of memory of the Virtual Machine. Prefix uses IEC 60027-2 standard (for example 1GiB, 1024MiB).,Default value is set by engine.
clone_permissions: ${19:no} # not required. If I(yes) then the permissions of the template (only the direct ones, not the inherited ones) will be copied to the created virtual machine.,This parameter is used only when C(state) is I(running) or I(present) and VM didn't exist before.
type: ${20|desktop,server,high_performance|} # not required. choices: desktop;server;high_performance. Type of the Virtual Machine.,Default value is set by oVirt/RHV engine.,I(high_performance) is supported since Ansible 2.5 and oVirt/RHV 4.2.
initrd_path: ${21:undefined} # not required. Path to an initial ramdisk to be used with the kernel specified by C(kernel_path) option.,Ramdisk image must be stored on either the ISO domain or on the host's storage.
lease: ${22:undefined} # not required. Name of the storage domain this virtual machine lease reside on.,NOTE - Supported since oVirt 4.1.
vnic_profile_mappings: ${23:undefined} # not required. Mapper which maps an external virtual NIC profile to one that exists in the engine when C(state) is registered. vnic_profile is described by the following dictionary:,C(source_network_name): The network name of the source network.,C(source_profile_name): The prfile name related to the source network.,C(target_profile_id): The id of the target profile id to be mapped to in the engine.
lun_mappings: ${24:undefined} # not required. Mapper which maps lun between VM's OVF and the destination lun this VM should contain, relevant when C(state) is registered. lun_mappings is described by the following dictionary: - C(logical_unit_id): The logical unit number to identify a logical unit, - C(logical_unit_port): The port being used to connect with the LUN disk. - C(logical_unit_portal): The portal being used to connect with the LUN disk. - C(logical_unit_address): The address of the block storage host. - C(logical_unit_target): The iSCSI specification located on an iSCSI server - C(logical_unit_username): Username to be used to connect to the block storage host. - C(logical_unit_password): Password to be used to connect to the block storage host. - C(storage_type): The storage type which the LUN reside on (iscsi or fcp)
serial_console: ${25:undefined} # not required. I(True) enable VirtIO serial console, I(False) to disable it. By default is chosen by oVirt/RHV engine.
sso: ${26:undefined} # not required. I(True) enable Single Sign On by Guest Agent, I(False) to disable it. By default is chosen by oVirt/RHV engine.
cpu_threads: ${27:undefined} # not required. Number of virtual CPUs sockets of the Virtual Machine.,Default value is set by oVirt/RHV engine.
quota_id: ${28:undefined} # not required. Virtual Machine quota ID to be used for disk. By default quota is chosen by oVirt/RHV engine.
use_latest_template_version: ${29:undefined} # not required. Specify if latest template version should be used, when running a stateless VM.,If this parameter is set to I(yes) stateless VM is created.
affinity_group_mappings: ${30:undefined} # not required. Mapper which maps affinty name between VM's OVF and the destination affinity this VM should be registered to, relevant when C(state) is registered.
operating_system: ${31|debian_7,freebsd,freebsdx64,other,other_linux,other_linux_ppc64,other_ppc64,rhel_3,rhel_4,rhel_4x64,rhel_5,rhel_5x64,rhel_6,rhel_6x64,rhel_6_ppc64,rhel_7x64,rhel_7_ppc64,sles_11,sles_11_ppc64,ubuntu_12_04,ubuntu_12_10,ubuntu_13_04,ubuntu_13_10,ubuntu_14_04,ubuntu_14_04_ppc64,windows_10,windows_10x64,windows_2003,windows_2003x64,windows_2008,windows_2008x64,windows_2008r2x64,windows_2008R2x64,windows_2012x64,windows_2012R2x64,windows_7,windows_7x64,windows_8,windows_8x64,windows_xp|} # not required. choices: debian_7;freebsd;freebsdx64;other;other_linux;other_linux_ppc64;other_ppc64;rhel_3;rhel_4;rhel_4x64;rhel_5;rhel_5x64;rhel_6;rhel_6x64;rhel_6_ppc64;rhel_7x64;rhel_7_ppc64;sles_11;sles_11_ppc64;ubuntu_12_04;ubuntu_12_10;ubuntu_13_04;ubuntu_13_10;ubuntu_14_04;ubuntu_14_04_ppc64;windows_10;windows_10x64;windows_2003;windows_2003x64;windows_2008;windows_2008x64;windows_2008r2x64;windows_2008R2x64;windows_2012x64;windows_2012R2x64;windows_7;windows_7x64;windows_8;windows_8x64;windows_xp. Operating system of the Virtual Machine.,Default value is set by oVirt/RHV engine.
serial_policy_value: ${32:undefined} # not required. Allows you to specify a custom serial number.,This parameter is used only when C(serial_policy) is I(custom).
name: ${33:undefined} # not required. Name of the Virtual Machine to manage.,If VM don't exists C(name) is required. Otherwise C(id) or C(name) can be used.
cpu_pinning: ${34:undefined} # not required. CPU Pinning topology to map virtual machine CPU to host CPU.,CPU Pinning topology is a list of dictionary which can have following values:,C(cpu) - Number of the host CPU.,C(vcpu) - Number of the virtual machine CPU.
timeout: ${35:180} # not required. The amount of time in seconds the module should wait for the instance to get into desired state.
kernel_params: ${36:undefined} # not required. Kernel command line parameters (formatted as string) to be used with the kernel specified by C(kernel_path) option.
cpu_shares: ${37:undefined} # not required. Set a CPU shares for this Virtual Machine.,Default value is set by oVirt/RHV engine.
affinity_label_mappings: ${38:undefined} # not required. Mappper which maps affinity label name between VM's OVF and the destination label this VM should be registered to, relevant when C(state) is registered.
disks: ${39:undefined} # not required. List of disks, which should be attached to Virtual Machine. Disk is described by following dictionary.,C(name) - Name of the disk. Either C(name) or C(id) is reuqired.,C(id) - ID of the disk. Either C(name) or C(id) is reuqired.,C(interface) - Interface of the disk, either I(virtio) or I(IDE), default is I(virtio).,C(bootable) - I(True) if the disk should be bootable, default is non bootable.,C(activate) - I(True) if the disk should be activated, default is activated.,NOTE - This parameter is used only when C(state) is I(running) or I(present) and is able to only attach disks. To manage disks of the VM in more depth please use M(ovirt_disks) module instead.
force: ${40:no} # not required. Please check to I(Synopsis) to more detailed description of force parameter, it can behave differently in different situations.
placement_policy: ${41:undefined} # not required. The configuration of the virtual machine's placement policy.,Placement policy can be one of the following values:,C(migratable) - Allow manual and automatic migration.,C(pinned) - Do not allow migration.,C(user_migratable) - Allow manual migration only.,If no value is passed, default value is set by oVirt/RHV engine.
usb_support: ${42:undefined} # not required. I(True) enable USB support, I(False) to disable it. By default is chosen by oVirt/RHV engine.
cluster: ${43:undefined} # not required. Name of the cluster, where Virtual Machine should be created.,Required if creating VM.
io_threads: ${44:undefined} # not required. Number of IO threads used by virtual machine. I(0) means IO threading disabled.
timezone: ${45:undefined} # not required. Sets time zone offset of the guest hardware clock.,For example C(Etc/GMT)
id: ${46:undefined} # not required. ID of the Virtual Machine to manage.
vmware: ${47:undefined} # not required. Dictionary of values to be used to connect to VMware and import a virtual machine to oVirt.,Dictionary can contain following values.,C(username) - The username to authenticate against the VMware.,C(password) - The password to authenticate against the VMware.,C(url) - The URL to be passed to the I(virt-v2v) tool for conversion. For example I(vpx://wmware_user@vcenter-host/DataCenter/Cluster/esxi-host?no_verify=1),C(drivers_iso) - The name of the ISO containing drivers that can be used during the I(virt-v2v) conversion process.,C(sparse) - Specifies the disk allocation policy of the resulting virtual machine. I(true) for sparse, I(false) for preallocated. Default value is I(true).,C(storage_domain) - Specifies the target storage domain for converted disks. This is required parameter.
soundcard_enabled: ${48:undefined} # not required. If I(true), the sound card is added to the virtual machine.
high_availability_priority: ${49:undefined} # not required. Indicates the priority of the virtual machine inside the run and migration queues. Virtual machines with higher priorities will be started and migrated before virtual machines with lower priorities. The value is an integer between 0 and 100. The higher the value, the higher the priority.,If no value is passed, default value is set by oVirt/RHV engine.
nics: ${50:undefined} # not required. List of NICs, which should be attached to Virtual Machine. NIC is described by following dictionary.,C(name) - Name of the NIC.,C(profile_name) - Profile name where NIC should be attached.,C(interface) - Type of the network interface. One of following I(virtio), I(e1000), I(rtl8139), default is I(virtio).,C(mac_address) - Custom MAC address of the network interface, by default it's obtained from MAC pool.,NOTE - This parameter is used only when C(state) is I(running) or I(present) and is able to only create NICs. To manage NICs of the VM in more depth please use M(ovirt_nics) module instead.
custom_properties: ${51:undefined} # not required. Properties sent to VDSM to configure various hooks.,Custom properties is a list of dictionary which can have following values:,C(name) - Name of the custom property. For example: I(hugepages), I(vhost), I(sap_agent), etc.,C(regexp) - Regular expression to set for custom property.,C(value) - Value to set for custom property.
sysprep: ${52:undefined} # not required. Dictionary with values for Windows Virtual Machine initialization using sysprep.,C(host_name) - Hostname to be set to Virtual Machine when deployed.,C(active_directory_ou) - Active Directory Organizational Unit, to be used for login of user.,C(org_name) - Organization name to be set to Windows Virtual Machine.,C(domain) - Domain to be set to Windows Virtual Machine.,C(timezone) - Timezone to be set to Windows Virtual Machine.,C(ui_language) - UI language of the Windows Virtual Machine.,C(system_locale) - System localization of the Windows Virtual Machine.,C(input_locale) - Input localization of the Windows Virtual Machine.,C(windows_license_key) - License key to be set to Windows Virtual Machine.,C(user_name) - Username to be used for set password to Windows Virtual Machine.,C(root_password) - Password to be set for username to Windows Virtual Machine.
cpu_mode: ${53:undefined} # not required. CPU mode of the virtual machine. It can be some of the following: I(host_passthrough), I(host_model) or I(custom).,For I(host_passthrough) CPU type you need to set C(placement_policy) to I(pinned).,If no value is passed, default value is set by oVirt/RHV engine.
state: ${54|absent,next_run,present,registered,running,stopped,suspended|} # not required. choices: absent;next_run;present;registered;running;stopped;suspended. Should the Virtual Machine be running/stopped/present/absent/suspended/next_run/registered. When C(state) is I(registered) and the unregistered VM's name belongs to an already registered in engine VM in the same DC then we fail to register the unregistered template.,I(present) state will create/update VM and don't change its state if it already exists.,I(running) state will create/update VM and start it.,I(next_run) state updates the VM and if the VM has next run configuration it will be rebooted.,Please check I(notes) to more detailed description of states.,I(registered) is supported since 2.4.
template: ${55:undefined} # not required. Name of the template, which should be used to create Virtual Machine.,Required if creating VM.,If template is not specified and VM doesn't exist, VM will be created from I(Blank) template.
cd_iso: ${56:undefined} # not required. ISO file from ISO storage domain which should be attached to Virtual Machine.,If you pass empty string the CD will be ejected from VM.,If used with C(state) I(running) or I(present) and VM is running the CD will be attached to VM.,If used with C(state) I(running) or I(present) and VM is down the CD will be attached to VM persistently.
cloud_init_persist: ${57:undefined} # not required. If I(true) the C(cloud_init) or C(sysprep) parameters will be saved for the virtual machine and won't be virtual machine won't be started as run-once.
kernel_path: ${58:undefined} # not required. Path to a kernel image used to boot the virtual machine.,Kernel image must be stored on either the ISO domain or on the host's storage.
rng_device: ${59:undefined} # not required. Random number generator (RNG). You can choose of one the following devices I(urandom), I(random) or I(hwrng).,In order to select I(hwrng), you must have it enabled on cluster first.,/dev/urandom is used for cluster version >= 4.1, and /dev/random for cluster version <= 4.0
description: ${60:undefined} # not required. Description of the Virtual Machine.
boot_devices: ${61|cdrom,hd,network|} # not required. choices: cdrom;hd;network. List of boot devices which should be used to boot. For example C([ cdrom, hd ]).,Default value is set by oVirt/RHV engine.
clone: ${62:no} # not required. If I(yes) then the disks of the created virtual machine will be cloned and independent of the template.,This parameter is used only when C(state) is I(running) or I(present) and VM didn't exist before.
kvm: ${63:undefined} # not required. Dictionary of values to be used to connect to kvm and import a virtual machine to oVirt.,Dictionary can contain following values.,C(name) - The name of the KVM virtual machine.,C(username) - The username to authenticate against the KVM.,C(password) - The password to authenticate against the KVM.,C(url) - The URL to be passed to the I(virt-v2v) tool for conversion. For example I(qemu:///system). This is required parameter.,C(drivers_iso) - The name of the ISO containing drivers that can be used during the I(virt-v2v) conversion process.,C(sparse) - Specifies the disk allocation policy of the resulting virtual machine. I(true) for sparse, I(false) for preallocated. Default value is I(true).,C(storage_domain) - Specifies the target storage domain for converted disks. This is required parameter.
nested_attributes: ${64:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
host: ${65:undefined} # not required. Specify host where Virtual Machine should be running. By default the host is chosen by engine scheduler.,This parameter is used only when C(state) is I(running) or I(present).
role_mappings: ${66:undefined} # not required. Mapper which maps role name between VM's OVF and the destination role this VM should be registered to, relevant when C(state) is registered. Role mapping is described by the following dictionary:,C(source_name): The name of the source role.,C(dest_name): The name of the destination role.
serial_policy: ${67:undefined} # not required. Specify a serial number policy for the Virtual Machine.,Following options are supported.,C(vm) - Sets the Virtual Machine's UUID as its serial number.,C(host) - Sets the host's UUID as the Virtual Machine's serial number.,C(custom) - Allows you to specify a custom serial number in C(serial_policy_value).
wait: ${68:undefined} # not required. I(True) if the module should wait for the entity to get into desired state.
stateless: ${69:undefined} # not required. If I(yes) Virtual Machine will be set as stateless.,If I(no) Virtual Machine will be unset as stateless.,If no value is passed, default value is set by oVirt/RHV engine.
cloud_init: ${70:undefined} # not required. Dictionary with values for Unix-like Virtual Machine initialization using cloud init.,C(host_name) - Hostname to be set to Virtual Machine when deployed.,C(timezone) - Timezone to be set to Virtual Machine when deployed.,C(user_name) - Username to be used to set password to Virtual Machine when deployed.,C(root_password) - Password to be set for user specified by C(user_name) parameter.,C(authorized_ssh_keys) - Use this SSH keys to login to Virtual Machine.,C(regenerate_ssh_keys) - If I(True) SSH keys will be regenerated on Virtual Machine.,C(custom_script) - Cloud-init script which will be executed on Virtual Machine when deployed. This is appended to the end of the cloud-init script generated by any other options.,C(dns_servers) - DNS servers to be configured on Virtual Machine.,C(dns_search) - DNS search domains to be configured on Virtual Machine.,C(nic_boot_protocol) - Set boot protocol of the network interface of Virtual Machine. Can be one of C(none), C(dhcp) or C(static).,C(nic_ip_address) - If boot protocol is static, set this IP address to network interface of Virtual Machine.,C(nic_netmask) - If boot protocol is static, set this netmask to network interface of Virtual Machine.,C(nic_gateway) - If boot protocol is static, set this gateway to network interface of Virtual Machine.,C(nic_name) - Set name to network interface of Virtual Machine.,C(nic_on_boot) - If I(True) network interface will be set to start on boot.
template_version: ${71:undefined} # not required. Version number of the template to be used for VM.,By default the latest available version of the template is used.
poll_interval: ${72:3} # not required. Number of the seconds the module waits until another poll request on entity status is sent.
instance_type: ${73:undefined} # not required. Name of virtual machine's hardware configuration.,By default no instance type is used.
reassign_bad_macs: ${74:undefined} # not required. Boolean indication whether to reassign bad macs when C(state) is registered.
smartcard_enabled: ${75:undefined} # not required. If I(true), use smart card authentication.
allow_partial_import: ${76:undefined} # not required. Boolean indication whether to allow partial registration of Virtual Machine when C(state) is registered.
cluster_mappings: ${77:undefined} # not required. Mapper which maps cluster name between VM's OVF and the destination cluster this VM should be registered to, relevant when C(state) is registered. Cluster mapping is described by the following dictionary:,C(source_name): The name of the source cluster.,C(dest_name): The name of the destination cluster.
delete_protected: ${78:undefined} # not required. If I(yes) Virtual Machine will be set as delete protected.,If I(no) Virtual Machine won't be set as delete protected.,If no value is passed, default value is set by oVirt/RHV engine.
"""
'ovirt_vms_facts':
'prefix': "ovirt_vms_facts_snippet"
'description': "Retrieve facts about one or more oVirt/RHV virtual machines"
'body': """
ovirt_vms_facts:
auth: ${1:undefined} # required. Dictionary with values needed to create HTTP/HTTPS connection to oVirt:,C(username)[I(required)] - The name of the user, something like I(admin@internal). Default value is set by I(OVIRT_USERNAME) environment variable.,C(password)[I(required)] - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable.,C(url)[I(required)] - A string containing the base URL of the server, usually something like `I(https://server.example.com/ovirt-engine/api)`. Default value is set by I(OVIRT_URL) environment variable.,C(token) - Token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable.,C(insecure) - A boolean flag that indicates if the server TLS certificate and host name should be checked.,C(ca_file) - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `C(ca_file)` parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable.,C(kerberos) - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.,C(headers) - Dictionary of HTTP headers to be added to each API call.
all_content: ${2:undefined} # not required. If I(true) all the attributes of the virtual machines should be included in the response.
pattern: ${3:undefined} # not required. Search term which is accepted by oVirt/RHV search backend.,For example to search VM X from cluster Y use following pattern: name=X and cluster=Y
nested_attributes: ${4:undefined} # not required. Specifies list of the attributes which should be fetched from the API.,This parameter apply only when C(fetch_nested) is I(true).
case_sensitive: ${5:undefined} # not required. If I(true) performed search will take case into account.
fetch_nested: ${6:undefined} # not required. If I(True) the module will fetch additional data from the API.,It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying C(nested_attributes).
max: ${7:undefined} # not required. The maximum number of results to return.
"""
'pacemaker_cluster':
'prefix': "pacemaker_cluster_snippet"
'description': "Manage pacemaker clusters"
'body': """
pacemaker_cluster:
state: ${1|cleanup,offline,online,restart|} # required. choices: cleanup;offline;online;restart. Indicate desired state of the cluster
node: ${2:undefined} # not required. Specify which node of the cluster you want to manage. None == the cluster status itself, 'all' == check the status of all nodes.
force: ${3:yes} # not required. Force the change of the cluster state
timeout: ${4:300} # not required. Timeout when the module should considered that the action has failed
"""
'package':
'prefix': "package_snippet"
'description': "Generic OS package manager"
'body': """
package:
state: ${1:undefined} # required. Whether to install (C(present), or remove (C(absent)) a package. Other states depend on the underlying package module, i.e C(latest).
name: ${2:undefined} # required. Package name, or package specifier with version, like C(name-1.0).,Be aware that packages are not always named the same and this module will not 'translate' them per distro.
use: ${3:auto} # not required. The required package manager module to use (yum, apt, etc). The default 'auto' will use existing facts or try to autodetect it.,You should only use this field if the automatic selection is not working for some reason.
"""
'package_facts':
'prefix': "package_facts_snippet"
'description': "package information as facts"
'body': """
package_facts:
manager: ${1|auto,rpm,apt|} # not required. choices: auto;rpm;apt. The package manager used by the system so we can query the package information
"""
'packet_device':
'prefix': "packet_device_snippet"
'description': "Manage a bare metal server in the Packet Host."
'body': """
packet_device:
project_id: ${1:undefined} # required. ID of project of the device.
features: ${2:undefined} # not required. Dict with \"features\" for device creation. See Packet API docs for details.
facility: ${3:undefined} # not required. Facility slug for device creation. See Packet API for current list - U(https://www.packet.net/developers/api/facilities/).
wait_for_public_IPv: ${4|4,6|} # not required. choices: 4;6. Whether to wait for the instance to be assigned a public IPv4/IPv6 address.,If set to 4, it will wait until IPv4 is assigned to the instance.,If set to 6, wait until public IPv6 is assigned to the instance.
auth_token: ${5:undefined} # not required. Packet api token. You can also supply it in env var C(PACKET_API_TOKEN).
count_offset: ${6:1} # not required. From which number to start the count.
user_data: ${7:undefined} # not required. Userdata blob made available to the machine
always_pxe: ${8:false} # not required. Persist PXE as the first boot option.,Normally, the PXE process happens only on the first boot. Set this arg to have your device continuously boot to iPXE.
hostnames: ${9:undefined} # not required. A hostname of a device, or a list of hostnames.,If given string or one-item list, you can use the C(\"%d\") Python string format to expand numbers from I(count).,If only one hostname, it might be expanded to list if I(count)>1.
plan: ${10:undefined} # not required. Plan slug for device creation. See Packet API for current list - U(https://www.packet.net/developers/api/plans/).
ipxe_script_url: ${11:undefined} # not required. URL of custom iPXE script for provisioning.,More about custome iPXE for Packet devices at U(https://help.packet.net/technical/infrastructure/custom-ipxe).
count: ${12:1} # not required. The number of devices to create. Count number can be included in hostname via the %d string formatter.
operating_system: ${13:undefined} # not required. OS slug for device creation. See Packet API for current list - U(https://www.packet.net/developers/api/operatingsystems/).
locked: ${14:false} # not required. Whether to lock a created device.
device_ids: ${15:undefined} # not required. List of device IDs on which to operate.
state: ${16|present,absent,active,inactive,rebooted|} # not required. choices: present;absent;active;inactive;rebooted. Desired state of the device.,If set to C(present) (the default), the module call will return immediately after the device-creating HTTP request successfully returns.,If set to C(active), the module call will block until all the specified devices are in state active due to the Packet API, or until I(wait_timeout).
wait_timeout: ${17:900} # not required. How long (seconds) to wait either for automatic IP address assignment, or for the device to reach the C(active) I(state).,If I(wait_for_public_IPv) is set and I(state) is C(active), the module will wait for both events consequently, applying the timeout twice.
"""
'packet_sshkey':
'prefix': "packet_sshkey_snippet"
'description': "Create/delete an SSH key in Packet host."
'body': """
packet_sshkey:
state: ${1|present,absent|} # not required. choices: present;absent. Indicate desired state of the target.
key: ${2:undefined} # not required. Public Key string ({type} {base64 encoded key} {description}).
fingerprint: ${3:undefined} # not required. Fingerprint of the key which you want to remove.
id: ${4:undefined} # not required. UUID of the key which you want to remove.
auth_token: ${5:undefined} # not required. Packet api token. You can also supply it in env var C(PACKET_API_TOKEN).
key_file: ${6:undefined} # not required. File with the public key.
label: ${7:undefined} # not required. Label for the key. If you keep it empty, it will be read from key string.
"""
'pacman':
'prefix': "pacman_snippet"
'description': "Manage packages with I(pacman)"
'body': """
pacman:
state: ${1|absent,latest,present|} # not required. choices: absent;latest;present. Desired state of the package.
upgrade: ${2:false} # not required. Whether or not to upgrade whole system.
force: ${3:false} # not required. When removing package - force remove package, without any checks. When update_cache - force redownload repo databases.
name: ${4:undefined} # not required. Name or list of names of the packages to install, upgrade, or remove.
update_cache: ${5:false} # not required. Whether or not to refresh the master package lists. This can be run as part of a package installation or as a separate step.
recurse: ${6:false} # not required. When removing a package, also remove its dependencies, provided that they are not required by other packages and were not explicitly installed by a user.
"""
'pagerduty':
'prefix': "pagerduty_snippet"
'description': "Create PagerDuty maintenance windows"
'body': """
pagerduty:
name: ${1||} # required. choices: . PagerDuty unique subdomain.
passwd: ${2||} # required. choices: . PagerDuty user password.
state: ${3|running,started,ongoing,absent|} # required. choices: running;started;ongoing;absent. Create a maintenance window or get a list of ongoing windows.
token: ${4||} # required. choices: . A pagerduty token, generated on the pagerduty site. Can be used instead of user/passwd combination.
user: ${5||} # required. choices: . PagerDuty user ID.
requester_id: ${6||} # required. choices: . ID of user making the request. Only needed when using a token and creating a maintenance_window.
service: ${7||} # not required. choices: . A comma separated list of PagerDuty service IDs.
minutes: ${8||} # not required. choices: . Maintenance window in minutes (this is added to the hours).
hours: ${9||} # not required. choices: . Length of maintenance window in hours.
validate_certs: ${10|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
desc: ${11||} # not required. choices: . Short description of maintenance window.
"""
'pagerduty_alert':
'prefix': "pagerduty_alert_snippet"
'description': "Trigger, acknowledge or resolve PagerDuty incidents"
'body': """
pagerduty_alert:
name: ${1:undefined} # required. PagerDuty unique subdomain.
state: ${2|triggered,acknowledged,resolved|} # required. choices: triggered;acknowledged;resolved. Type of event to be sent.
service_key: ${3:undefined} # required. The GUID of one of your \"Generic API\" services.,This is the \"service key\" listed on a Generic API's service detail page.
api_key: ${4:undefined} # required. The pagerduty API key (readonly access), generated on the pagerduty site.
client_url: ${5:undefined} # not required. The URL of the monitoring client that is triggering this event.
incident_key: ${6:undefined} # not required. Identifies the incident to which this I(state) should be applied.,For C(triggered) I(state) - If there's no open (i.e. unresolved) incident with this key, a new one will be created. If there's already an open incident with a matching key, this event will be appended to that incident's log. The event key provides an easy way to \"de-dup\" problem reports.,For C(acknowledged) or C(resolved) I(state) - This should be the incident_key you received back when the incident was first opened by a trigger event. Acknowledge events referencing resolved or nonexistent incidents will be discarded.
client: ${7:undefined} # not required. The name of the monitoring client that is triggering this event.
desc: ${8:Created via Ansible} # not required. For C(triggered) I(state) - Required. Short description of the problem that led to this trigger. This field (or a truncated version) will be used when generating phone calls, SMS messages and alert emails. It will also appear on the incidents tables in the PagerDuty UI. The maximum length is 1024 characters.,For C(acknowledged) or C(resolved) I(state) - Text that will appear in the incident's log associated with this event.
"""
'pam_limits':
'prefix': "pam_limits_snippet"
'description': "Modify Linux PAM limits"
'body': """
pam_limits:
domain: ${1:undefined} # required. A username, @groupname, wildcard, uid/gid range.
value: ${2:undefined} # required. The value of the limit.
limit_item: ${3|core,data,fsize,memlock,nofile,rss,stack,cpu,nproc,as,maxlogins,maxsyslogins,priority,locks,sigpending,msgqueue,nice,rtprio,chroot|} # required. choices: core;data;fsize;memlock;nofile;rss;stack;cpu;nproc;as;maxlogins;maxsyslogins;priority;locks;sigpending;msgqueue;nice;rtprio;chroot. The limit to be set
limit_type: ${4|hard,soft,-|} # required. choices: hard;soft;-. Limit type, see C(man limits) for an explanation
comment: ${5:} # not required. Comment associated with the limit.
use_max: ${6|yes,no|} # not required. choices: yes;no. If set to C(yes), the maximal value will be used or conserved. If the specified value is superior to the value in the file, file content is replaced with the new value, else content is not modified.
dest: ${7:/etc/security/limits.conf} # not required. Modify the limits.conf path.
use_min: ${8|yes,no|} # not required. choices: yes;no. If set to C(yes), the minimal value will be used or conserved. If the specified value is inferior to the value in the file, file content is replaced with the new value, else content is not modified.
backup: ${9|yes,no|} # not required. choices: yes;no. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
"""
'pamd':
'prefix': "pamd_snippet"
'description': "Manage PAM Modules"
'body': """
pamd:
control: ${1:undefined} # required. The control of the PAM rule being modified. This may be a complicated control with brackets. If this is the case, be sure to put \"[bracketed controls]\" in quotes. The type, control and module_path all must match a rule to be modified.
name: ${2:undefined} # required. The name generally refers to the PAM service file to change, for example system-auth.
module_path: ${3:undefined} # required. The module path of the PAM rule being modified. The type, control and module_path all must match a rule to be modified.
type: ${4:undefined} # required. The type of the PAM rule being modified. The type, control and module_path all must match a rule to be modified.
new_module_path: ${5:undefined} # not required. The new module path to be assigned to the new rule.
new_type: ${6:undefined} # not required. The new type to assign to the new rule.
state: ${7|updated,before,after,args_present,args_absent,absent|} # not required. choices: updated;before;after;args_present;args_absent;absent. The default of 'updated' will modify an existing rule if type, control and module_path all match an existing rule. With 'before', the new rule will be inserted before a rule matching type, control and module_path. Similarly, with 'after', the new rule will be inserted after an existing rule matching type, control and module_path. With either 'before' or 'after' new_type, new_control, and new_module_path must all be specified. If state is 'args_absent' or 'args_present', new_type, new_control, and new_module_path will be ignored. State 'absent' will remove the rule. The 'absent' state was added in version 2.4 and is only available in Ansible versions >= 2.4.
new_control: ${8:undefined} # not required. The new control to assign to the new rule.
path: ${9:/etc/pam.d/} # not required. This is the path to the PAM service files
module_arguments: ${10:undefined} # not required. When state is 'updated', the module_arguments will replace existing module_arguments. When state is 'args_absent' args matching those listed in module_arguments will be removed. When state is 'args_present' any args listed in module_arguments are added if missing from the existing rule. Furthermore, if the module argument takes a value denoted by '=', the value will be changed to that specified in module_arguments. Note that module_arguments is a list. Please see the examples for usage.
"""
'panos_admin':
'prefix': "panos_admin_snippet"
'description': "Add or modify PAN-OS user accounts password."
'body': """
panos_admin:
admin_password: ${1:undefined} # required. password for admin user
password: ${2:undefined} # required. password for authentication
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${4:admin} # not required. username for authentication
role: ${5:null} # not required. role for admin user
commit: ${6:true} # not required. commit if changed
admin_username: ${7:admin} # not required. username for admin user
"""
'panos_admpwd':
'prefix': "panos_admpwd_snippet"
'description': "change admin password of PAN-OS device using SSH with SSH key"
'body': """
panos_admpwd:
newpassword: ${1:undefined} # required. password to configure for admin on the PAN-OS device
key_filename: ${2:undefined} # required. filename of the SSH Key to use for authentication
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${4:admin} # not required. username for initial authentication
"""
'panos_cert_gen_ssh':
'prefix': "panos_cert_gen_ssh_snippet"
'description': "generates a self-signed certificate using SSH protocol with SSH key"
'body': """
panos_cert_gen_ssh:
password: ${1:null} # required. Password credentials to use for auth. Either I(key_filename) or I(password) is required.
cert_cn: ${2:null} # required. Certificate CN (common name) embedded in the certificate signature.
cert_friendly_name: ${3:null} # required. Human friendly certificate name (not CN but just a friendly name).
key_filename: ${4:null} # required. Location of the filename that is used for the auth. Either I(key_filename) or I(password) is required.
ip_address: ${5:null} # required. IP address (or hostname) of PAN-OS device being configured.
signed_by: ${6:null} # required. Undersigning authority (CA) that MUST already be presents on the device.
rsa_nbits: ${7:2048} # not required. Number of bits used by the RSA algorithm for the certificate generation.
"""
'panos_check':
'prefix': "panos_check_snippet"
'description': "check if PAN-OS device is ready for configuration"
'body': """
panos_check:
password: ${1:undefined} # required. password for authentication
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${3:admin} # not required. username for authentication
timeout: ${4:0} # not required. timeout of API calls
interval: ${5:0} # not required. time waited between checks
"""
'panos_commit':
'prefix': "panos_commit_snippet"
'description': "commit firewall's candidate configuration"
'body': """
panos_commit:
password: ${1:undefined} # required. password for authentication
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${3:admin} # not required. username for authentication
timeout: ${4:None} # not required. timeout for commit job
interval: ${5:0.5} # not required. interval for checking commit job
sync: ${6:true} # not required. if commit should be synchronous
"""
'panos_dag':
'prefix': "panos_dag_snippet"
'description': "create a dynamic address group"
'body': """
panos_dag:
dag_name: ${1:null} # required. name of the dynamic address group
password: ${2:null} # required. password for authentication
ip_address: ${3:null} # required. IP address (or hostname) of PAN-OS device
dag_filter: ${4:null} # required. dynamic filter user by the dynamic address group
username: ${5:admin} # not required. username for authentication
commit: ${6:true} # not required. commit if changed
"""
'panos_dag_tags':
'prefix': "panos_dag_tags_snippet"
'description': "Create tags for DAG's on PAN-OS devices."
'body': """
panos_dag_tags:
password: ${1:undefined} # required. password for authentication
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${3:admin} # not required. username for authentication
api_key: ${4:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
devicegroup: ${5:undefined} # not required. - Device groups are used for the Panorama interaction with Firewall(s). The group must exists on Panorama. If device group is not define we assume that we are contacting Firewall.\n
description: ${6:undefined} # not required. The purpose / objective of the static Address Group
tag_names: ${7:undefined} # not required. The list of the tags that will be added or removed from the IP address.
commit: ${8:true} # not required. commit if changed
operation: ${9:undefined} # not required. The action to be taken. Supported values are I(add)/I(update)/I(find)/I(delete).
ip_to_register: ${10:undefined} # not required. IP that will be registered with the given tag names.
"""
'panos_import':
'prefix': "panos_import_snippet"
'description': "import file on PAN-OS devices"
'body': """
panos_import:
password: ${1:undefined} # required. Password for device authentication.
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device.
username: ${3:admin} # not required. Username for device authentication.
category: ${4:software} # not required. Category of file uploaded. The default is software.
file: ${5:None} # not required. Location of the file to import into device.
url: ${6:None} # not required. URL of the file that will be imported to device.
"""
'panos_interface':
'prefix': "panos_interface_snippet"
'description': "configure data-port network interface for DHCP"
'body': """
panos_interface:
zone_name: ${1:undefined} # required. Name of the zone for the interface. If the zone does not exist it is created but if the zone exists and it is not of the layer3 type the operation will fail.\n
password: ${2:undefined} # required. Password credentials to use for auth.
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device being configured.
if_name: ${4:undefined} # required. Name of the interface to configure.
username: ${5:admin} # not required. Username credentials to use for auth.
create_default_route: ${6:false} # not required. Whether or not to add default route with router learned via DHCP.
commit: ${7:true} # not required. Commit if changed
"""
'panos_lic':
'prefix': "panos_lic_snippet"
'description': "apply authcode to a device/instance"
'body': """
panos_lic:
ip_address: ${1:undefined} # required. IP address (or hostname) of PAN-OS device
password: ${2:undefined} # required. password for authentication
auth_code: ${3:undefined} # required. authcode to be applied
username: ${4:admin} # not required. username for authentication
force: ${5:false} # not required. whether to apply authcode even if device is already licensed
"""
'panos_loadcfg':
'prefix': "panos_loadcfg_snippet"
'description': "load configuration on PAN-OS device"
'body': """
panos_loadcfg:
password: ${1:undefined} # required. password for authentication
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${3:admin} # not required. username for authentication
commit: ${4:true} # not required. commit if changed
file: ${5:None} # not required. configuration file to load
"""
'panos_match_rule':
'prefix': "panos_match_rule_snippet"
'description': "Test for match against a security rule on PAN-OS devices or Panorama management console."
'body': """
panos_match_rule:
vsys_id: ${1:vsys1} # required. ID of the VSYS object.
password: ${2:undefined} # required. Password credentials to use for auth unless I(api_key) is set.
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device being configured.
source_ip: ${4:undefined} # required. The source IP address.
username: ${5:admin} # not required. Username credentials to use for auth unless I(api_key) is set.
category: ${6:undefined} # not required. URL category
destination_ip: ${7:undefined} # not required. The destination IP address.
protocol: ${8:undefined} # not required. The IP protocol number from 1 to 255.
destination_port: ${9:undefined} # not required. The destination port.
to_interface: ${10:undefined} # not required. The inbound interface in a NAT rule.
rule_type: ${11:security} # not required. Type of rule. Valid types are I(security) or I(nat).
source_zone: ${12:undefined} # not required. The source zone.
source_user: ${13:undefined} # not required. The source user or group.
application: ${14:undefined} # not required. The application.
destination_zone: ${15:undefined} # not required. The destination zone.
source_port: ${16:undefined} # not required. The source port.
api_key: ${17:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
"""
'panos_mgtconfig':
'prefix': "panos_mgtconfig_snippet"
'description': "configure management settings of device"
'body': """
panos_mgtconfig:
password: ${1:undefined} # required. password for authentication
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${3:admin} # not required. username for authentication
panorama_primary: ${4:None} # not required. address of primary Panorama server
dns_server_secondary: ${5:None} # not required. address of secondary DNS server
dns_server_primary: ${6:None} # not required. address of primary DNS server
panorama_secondary: ${7:None} # not required. address of secondary Panorama server
commit: ${8:true} # not required. commit if changed
"""
'panos_nat_policy':
'prefix': "panos_nat_policy_snippet"
'description': "create a policy NAT rule"
'body': """
panos_nat_policy:
rule_name: ${1:undefined} # required. name of the SNAT rule
password: ${2:undefined} # required. password for authentication
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device
to_zone: ${4:undefined} # required. destination zone
from_zone: ${5:undefined} # required. list of source zones
username: ${6:admin} # not required. username for authentication
snat_bidirectional: ${7:false} # not required. bidirectional flag
dnat_port: ${8:None} # not required. dnat translated port
snat_interface_address: ${9:None} # not required. snat interface address
snat_address: ${10:None} # not required. snat translated address
dnat_address: ${11:None} # not required. dnat translated address
service: ${12:any} # not required. service
snat_type: ${13:None} # not required. type of source translation
destination: ${14:any} # not required. list of destination addresses
source: ${15:any} # not required. list of source addresses
override: ${16:false} # not required. attempt to override rule if one with the same name already exists
commit: ${17:true} # not required. commit if changed
snat_interface: ${18:None} # not required. snat interface
"""
'panos_nat_rule':
'prefix': "panos_nat_rule_snippet"
'description': "create a policy NAT rule"
'body': """
panos_nat_rule:
rule_name: ${1:undefined} # required. name of the SNAT rule
password: ${2:undefined} # required. Password credentials to use for auth unless I(api_key) is set.
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device being configured.
source_zone: ${4:undefined} # required. list of source zones
destination_zone: ${5:undefined} # required. destination zone
username: ${6:admin} # not required. Username credentials to use for auth unless I(api_key) is set.
destination_ip: ${7:any} # not required. list of destination addresses
dnat_port: ${8:None} # not required. dnat translated port
snat_bidirectional: ${9:false} # not required. bidirectional flag
snat_interface_address: ${10:None} # not required. snat interface address
snat_address_type: ${11:translated-address} # not required. type of source translation. Supported values are I(translated-address)/I(translated-address).
operation: ${12:undefined} # not required. The action to be taken. Supported values are I(add)/I(update)/I(find)/I(delete).
dnat_address: ${13:None} # not required. dnat translated address
service: ${14:any} # not required. service
snat_type: ${15:None} # not required. type of source translation
snat_static_address: ${16:None} # not required. Source NAT translated address. Used with Static-IP translation.
source_ip: ${17:any} # not required. list of source addresses
snat_dynamic_address: ${18:None} # not required. Source NAT translated address. Used with Dynamic-IP and Dynamic-IP-and-Port.
commit: ${19:true} # not required. Commit configuration if changed.
api_key: ${20:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
snat_interface: ${21:None} # not required. snat interface
"""
'panos_object':
'prefix': "panos_object_snippet"
'description': "create/read/update/delete object in PAN-OS or Panorama"
'body': """
panos_object:
password: ${1:undefined} # required. Password credentials to use for authentication.
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device or Panorama management console being configured.
operation: ${3:undefined} # required. The operation to be performed. Supported values are I(add)/I(delete)/I(find).
username: ${4:admin} # not required. Username credentials to use for authentication.
static_value: ${5:undefined} # not required. A group of address objects to be used in an addressgroup definition.
description: ${6:undefined} # not required. The description of the object.
color: ${7:undefined} # not required. - The color of the tag object. Valid values are I(red, green, blue, yellow, copper, orange, purple, gray, light green, cyan, light gray, blue gray, lime, black, gold, and brown).\n
address: ${8:undefined} # not required. The IP address of the host or network in CIDR notation.
services: ${9:undefined} # not required. The group of service objects used in a servicegroup definition.
devicegroup: ${10:None} # not required. - The name of the Panorama device group. The group must exist on Panorama. If device group is not defined it is assumed that we are contacting a firewall.\n
destination_port: ${11:undefined} # not required. The destination port to be used in a service object definition.
servicegroup: ${12:undefined} # not required. A group of service objects.
api_key: ${13:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
protocol: ${14:undefined} # not required. The IP protocol to be used in a service object definition. Valid values are I(tcp) or I(udp).
addressobject: ${15:undefined} # not required. The name of the address object.
tag_name: ${16:undefined} # not required. The name of an object or rule tag.
serviceobject: ${17:undefined} # not required. The name of the service object.
source_port: ${18:undefined} # not required. The source port to be used in a service object definition.
address_type: ${19:undefined} # not required. The type of address object definition. Valid types are I(ip-netmask) and I(ip-range).
dynamic_value: ${20:undefined} # not required. The filter match criteria to be used in a dynamic addressgroup definition.
addressgroup: ${21:undefined} # not required. A static group of address objects or dynamic address group.
"""
'panos_op':
'prefix': "panos_op_snippet"
'description': "execute arbitrary OP commands on PANW devices (e.g. show interface all)"
'body': """
panos_op:
cmd: ${1:undefined} # required. The OP command to be performed.
password: ${2:undefined} # required. Password credentials to use for authentication.
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device or Panorama management console being configured.
username: ${4:admin} # not required. Username credentials to use for authentication.
api_key: ${5:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
"""
'panos_pg':
'prefix': "panos_pg_snippet"
'description': "create a security profiles group"
'body': """
panos_pg:
pg_name: ${1:undefined} # required. name of the security profile group
password: ${2:undefined} # required. password for authentication
ip_address: ${3:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${4:admin} # not required. username for authentication
wildfire: ${5:None} # not required. name of the wildfire analysis profile
data_filtering: ${6:None} # not required. name of the data filtering profile
file_blocking: ${7:None} # not required. name of the file blocking profile
vulnerability: ${8:None} # not required. name of the vulnerability profile
spyware: ${9:None} # not required. name of the spyware profile
url_filtering: ${10:None} # not required. name of the url filtering profile
virus: ${11:None} # not required. name of the anti-virus profile
commit: ${12:true} # not required. commit if changed
"""
'panos_query_rules':
'prefix': "panos_query_rules_snippet"
'description': "PANOS module that allows search for security rules in PANW NGFW devices."
'body': """
panos_query_rules:
password: ${1:undefined} # required. Password credentials to use for authentication.
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS firewall or Panorama management console being queried.
username: ${3:admin} # not required. Username credentials to use for authentication.
destination_ip: ${4:None} # not required. The destination IP address to be queried.
api_key: ${5:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
protocol: ${6:None} # not required. The protocol used to be queried. Must be either I(tcp) or I(udp).
source_zone: ${7:None} # not required. Name of the source security zone to be queried.
source_ip: ${8:None} # not required. The source IP address to be queried.
application: ${9:None} # not required. Name of the application or application group to be queried.
tag_name: ${10:None} # not required. Name of the rule tag to be queried.
destination_zone: ${11:None} # not required. Name of the destination security zone to be queried.
source_port: ${12:None} # not required. The source port to be queried.
devicegroup: ${13:None} # not required. The Panorama device group in which to conduct the query.
destination_port: ${14:None} # not required. The destination port to be queried.
"""
'panos_restart':
'prefix': "panos_restart_snippet"
'description': "restart a device"
'body': """
panos_restart:
password: ${1:undefined} # required. password for authentication
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device
username: ${3:admin} # not required. username for authentication
"""
'panos_sag':
'prefix': "panos_sag_snippet"
'description': "Create a static address group."
'body': """
panos_sag:
static_match_filter: ${1:null} # required. Static filter user by the address group
sag_name: ${2:null} # required. name of the dynamic address group
operation: ${3:null} # required. The operation to perform Supported values are I(add)/I(list)/I(delete).
password: ${4:null} # required. password for authentication
ip_address: ${5:null} # required. IP address (or hostname) of PAN-OS device
username: ${6:admin} # not required. username for authentication
api_key: ${7:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
devicegroup: ${8:None} # not required. - The name of the Panorama device group. The group must exist on Panorama. If device group is not defined it is assumed that we are contacting a firewall.\n
description: ${9:null} # not required. The purpose / objective of the static Address Group
tags: ${10:null} # not required. Tags to be associated with the address group
commit: ${11:true} # not required. commit if changed
"""
'panos_security_policy':
'prefix': "panos_security_policy_snippet"
'description': "Create security rule policy on PanOS devices."
'body': """
panos_security_policy:
password: ${1:undefined} # required. Password credentials to use for auth unless I(api_key) is set.
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device being configured.
rule_name: ${3:undefined} # required. Name of the security rule.
wildfire_analysis: ${4:None} # not required. Name of the already defined wildfire_analysis profile.
username: ${5:admin} # not required. Username credentials to use for auth unless I(api_key) is set.
vulnerability: ${6:None} # not required. Name of the already defined vulnerability profile.
devicegroup: ${7:None} # not required. Device groups are used for the Panorama interaction with Firewall(s). The group must exists on Panorama. If device group is not define we assume that we are contacting Firewall.\n
data_filtering: ${8:None} # not required. Name of the already defined data_filtering profile.
spyware: ${9:None} # not required. Name of the already defined spyware profile.
hip_profiles: ${10:any} # not required. If you are using GlobalProtect with host information profile (HIP) enabled, you can also base the policy on information collected by GlobalProtect. For example, the user access level can be determined HIP that notifies the firewall about the user's local configuration.\n
file_blocking: ${11:None} # not required. Name of the already defined file_blocking profile.
tag: ${12:None} # not required. Administrative tags that can be added to the rule. Note, tags must be already defined.
antivirus: ${13:None} # not required. Name of the already defined antivirus profile.
log_start: ${14:false} # not required. Whether to log at session start.
log_end: ${15:true} # not required. Whether to log at session end.
url_filtering: ${16:None} # not required. Name of the already defined url_filtering profile.
description: ${17:None} # not required. Description for the security rule.
rule_type: ${18:universal} # not required. Type of security rule (version 6.1 of PanOS and above).
to_zone: ${19:any} # not required. List of destination zones.
service: ${20:application-default} # not required. List of services.
source: ${21:any} # not required. List of source addresses.
destination: ${22:any} # not required. List of destination addresses.
from_zone: ${23:any} # not required. List of source zones.
source_user: ${24:any} # not required. Use users to enforce policy for individual users or a group of users.
application: ${25:any} # not required. List of applications.
group_profile: ${26:None} # not required. Security profile group that is already defined in the system. This property supersedes antivirus, vulnerability, spyware, url_filtering, file_blocking, data_filtering, and wildfire_analysis properties.\n
action: ${27:allow} # not required. Action to apply once rules maches.
commit: ${28:true} # not required. Commit configuration if changed.
api_key: ${29:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
"""
'panos_security_rule':
'prefix': "panos_security_rule_snippet"
'description': "Create security rule policy on PAN-OS devices or Panorama management console."
'body': """
panos_security_rule:
password: ${1:undefined} # required. Password credentials to use for auth unless I(api_key) is set.
ip_address: ${2:undefined} # required. IP address (or hostname) of PAN-OS device being configured.
rule_name: ${3:undefined} # required. Name of the security rule.
wildfire_analysis: ${4:None} # not required. Name of the already defined wildfire_analysis profile.
username: ${5:admin} # not required. Username credentials to use for auth unless I(api_key) is set.
destination_ip: ${6:any} # not required. List of destination addresses.
source_zone: ${7:any} # not required. List of source zones.
devicegroup: ${8:None} # not required. - Device groups are used for the Panorama interaction with Firewall(s). The group must exists on Panorama. If device group is not define we assume that we are contacting Firewall.\n
data_filtering: ${9:None} # not required. Name of the already defined data_filtering profile.
spyware: ${10:None} # not required. Name of the already defined spyware profile.
hip_profiles: ${11:any} # not required. - If you are using GlobalProtect with host information profile (HIP) enabled, you can also base the policy on information collected by GlobalProtect. For example, the user access level can be determined HIP that notifies the firewall about the user's local configuration.\n
file_blocking: ${12:None} # not required. Name of the already defined file_blocking profile.
antivirus: ${13:None} # not required. Name of the already defined antivirus profile.
log_start: ${14:false} # not required. Whether to log at session start.
operation: ${15:add} # not required. The action to be taken. Supported values are I(add)/I(update)/I(find)/I(delete).
description: ${16:None} # not required. Description for the security rule.
rule_type: ${17:universal} # not required. Type of security rule (version 6.1 of PanOS and above).
log_end: ${18:true} # not required. Whether to log at session end.
service: ${19:application-default} # not required. List of services.
application: ${20:any} # not required. List of applications.
vulnerability: ${21:None} # not required. Name of the already defined vulnerability profile.
source_ip: ${22:any} # not required. List of source addresses.
source_user: ${23:any} # not required. Use users to enforce policy for individual users or a group of users.
url_filtering: ${24:None} # not required. Name of the already defined url_filtering profile.
tag_name: ${25:None} # not required. Administrative tags that can be added to the rule. Note, tags must be already defined.
destination_zone: ${26:any} # not required. List of destination zones.
group_profile: ${27:None} # not required. - Security profile group that is already defined in the system. This property supersedes antivirus, vulnerability, spyware, url_filtering, file_blocking, data_filtering, and wildfire_analysis properties.\n
action: ${28:allow} # not required. Action to apply once rules maches.
commit: ${29:true} # not required. Commit configuration if changed.
api_key: ${30:undefined} # not required. API key that can be used instead of I(username)/I(password) credentials.
"""
'parted':
'prefix': "parted_snippet"
'description': "Configure block device partitions"
'body': """
parted:
device: ${1:undefined} # required. The block device (disk) where to operate.
part_start: ${2:0%} # not required. Where the partition will start as offset from the beginning of the disk, that is, the \"distance\" from the start of the disk. The distance can be specified with all the units supported by parted (except compat) and it is case sensitive. E.g. C(10GiB), C(15%).
part_end: ${3:100%} # not required. Where the partition will end as offset from the beginning of the disk, that is, the \"distance\" from the start of the disk. The distance can be specified with all the units supported by parted (except compat) and it is case sensitive. E.g. C(10GiB), C(15%).
name: ${4:undefined} # not required. Sets the name for the partition number (GPT, Mac, MIPS and PC98 only).
align: ${5|none,cylinder,minimal,optimal|} # not required. choices: none;cylinder;minimal;optimal. Set alignment for newly created partitions.
number: ${6:undefined} # not required. The number of the partition to work with or the number of the partition that will be created. Required when performing any action on the disk, except fetching information.
label: ${7|aix,amiga,bsd,dvh,gpt,loop,mac,msdos,pc98,sun|} # not required. choices: aix;amiga;bsd;dvh;gpt;loop;mac;msdos;pc98;sun. Creates a new disk label.
state: ${8|present,absent,info|} # not required. choices: present;absent;info. If to create or delete a partition. If set to C(info) the module will only return the device information.
part_type: ${9|primary,extended,logical|} # not required. choices: primary;extended;logical. Is one of 'primary', 'extended' or 'logical' and may be specified only with 'msdos' or 'dvh' partition tables. A name must be specified for a 'gpt' partition table. Neither part-type nor name may be used with a 'sun' partition table.
flags: ${10:undefined} # not required. A list of the flags that has to be set on the partition.
unit: ${11|s,B,KB,KiB,MB,MiB,GB,GiB,TB,TiB,%,cyl,chs,compact|} # not required. choices: s;B;KB;KiB;MB;MiB;GB;GiB;TB;TiB;%;cyl;chs;compact. Selects the current default unit that Parted will use to display locations and capacities on the disk and to interpret those given by the user if they are not suffixed by an unit. When fetching information about a disk, it is always recommended to specify a unit.
"""
'patch':
'prefix': "patch_snippet"
'description': "Apply patch files using the GNU patch tool"
'body': """
patch:
src: ${1:undefined} # required. Path of the patch file as accepted by the GNU patch tool. If C(remote_src) is 'no', the patch source file is looked up from the module's I(files) directory.
strip: ${2:0} # not required. Number that indicates the smallest prefix containing leading slashes that will be stripped from each file name found in the patch file. For more information see the strip parameter of the GNU patch tool.
remote_src: ${3|no,yes|} # not required. choices: no;yes. If C(no), it will search for src at originating/master machine, if C(yes) it will go to the remote/target machine for the C(src).
dest: ${4:undefined} # not required. Path of the file on the remote machine to be patched.,The names of the files to be patched are usually taken from the patch file, but if there's just one file to be patched it can specified with this option.
binary: ${5|no,yes|} # not required. choices: no;yes. Setting to C(yes) will disable patch's heuristic for transforming CRLF line endings into LF. Line endings of src and dest must match. If set to C(no), C(patch) will replace CRLF in C(src) files on POSIX.
basedir: ${6:undefined} # not required. Path of a base directory in which the patch file will be applied. May be omitted when C(dest) option is specified, otherwise required.
backup: ${7|no,yes|} # not required. choices: no;yes. Passes C(--backup --version-control=numbered) to patch, producing numbered backup copies.
"""
'pause':
'prefix': "pause_snippet"
'description': "Pause playbook execution"
'body': """
pause:
seconds: ${1:null} # not required. A positive number of seconds to pause for.
minutes: ${2:null} # not required. A positive number of minutes to pause for.
prompt: ${3:null} # not required. Optional text to use for the prompt message.
echo: ${4|yes,no|} # not required. choices: yes;no. Contols whether or not keyboard input is shown when typing.,Has no effect if 'seconds' or 'minutes' is set.
"""
'pear':
'prefix': "pear_snippet"
'description': "Manage pear/pecl packages"
'body': """
pear:
name: ${1:undefined} # required. Name of the package to install, upgrade, or remove.
state: ${2|present,absent,latest|} # not required. choices: present;absent;latest. Desired state of the package.
executable: ${3:null} # not required. Path to the pear executable
"""
'ping':
'prefix': "ping_snippet"
'description': "Try to connect to host, verify a usable python and return C(pong) on success"
'body': """
ping:
data: ${1:pong} # not required. Data to return for the C(ping) return value.,If this parameter is set to C(crash), the module will cause an exception.
"""
'pingdom':
'prefix': "pingdom_snippet"
'description': "Pause/unpause Pingdom alerts"
'body': """
pingdom:
checkid: ${1||} # required. choices: . Pingdom ID of the check.
passwd: ${2||} # required. choices: . Pingdom user password.
state: ${3|running,paused|} # required. choices: running;paused. Define whether or not the check should be running or paused.
uid: ${4||} # required. choices: . Pingdom user ID.
key: ${5||} # required. choices: . Pingdom API key.
"""
'pip':
'prefix': "pip_snippet"
'description': "Manages Python library dependencies"
'body': """
pip:
virtualenv: ${1:undefined} # not required. An optional path to a I(virtualenv) directory to install into. It cannot be specified together with the 'executable' parameter (added in 2.1). If the virtualenv does not exist, it will be created before installing packages. The optional virtualenv_site_packages, virtualenv_command, and virtualenv_python options affect the creation of the virtualenv.
virtualenv_site_packages: ${2:no} # not required. Whether the virtual environment will inherit packages from the global site-packages directory. Note that if this setting is changed on an already existing virtual environment it will not have any effect, the environment must be deleted and newly created.
virtualenv_command: ${3:virtualenv} # not required. The command or a pathname to the command to create the virtual environment with. For example C(pyvenv), C(virtualenv), C(virtualenv2), C(~/bin/virtualenv), C(/usr/local/bin/virtualenv).
chdir: ${4:undefined} # not required. cd into this directory before running the command
requirements: ${5:undefined} # not required. The path to a pip requirements file, which should be local to the remote system. File can be specified as a relative path if using the chdir option.
name: ${6:undefined} # not required. The name of a Python library to install or the url of the remote package.,As of 2.2 you can supply a list of names.
virtualenv_python: ${7:undefined} # not required. The Python executable used for creating the virtual environment. For example C(python3.5), C(python2.7). When not specified, the Python version used to run the ansible module is used. This parameter should not be used when C(virtualenv_command) is using C(pyvenv) or the C(-m venv) module.
editable: ${8:no} # not required. Pass the editable flag.
umask: ${9:undefined} # not required. The system umask to apply before installing the pip package. This is useful, for example, when installing on systems that have a very restrictive umask by default (e.g., 0077) and you want to pip install packages which are to be used by all users. Note that this requires you to specify desired umask mode in octal, with a leading 0 (e.g., 0077).
executable: ${10:undefined} # not required. The explicit executable or a pathname to the executable to be used to run pip for a specific version of Python installed in the system. For example C(pip-3.3), if there are both Python 2.7 and 3.3 installations in the system and you want to run pip for the Python 3.3 installation. It cannot be specified together with the 'virtualenv' parameter (added in 2.1). By default, it will take the appropriate version for the python interpreter use by ansible, e.g. pip3 on python 3, and pip2 or pip on python 2.
extra_args: ${11:undefined} # not required. Extra arguments passed to pip.
state: ${12|absent,forcereinstall,latest,present|} # not required. choices: absent;forcereinstall;latest;present. The state of module,The 'forcereinstall' option is only available in Ansible 2.1 and above.
version: ${13:undefined} # not required. The version number to install of the Python library specified in the I(name) parameter.
"""
'pkg5':
'prefix': "pkg5_snippet"
'description': "Manages packages with the Solaris 11 Image Packaging System"
'body': """
pkg5:
name: ${1:undefined} # required. An FRMI of the package(s) to be installed/removed/updated.,Multiple packages may be specified, separated by C(,).
accept_licenses: ${2:no} # not required. Accept any licences.
state: ${3|absent,latest,present|} # not required. choices: absent;latest;present. Whether to install (I(present), I(latest)), or remove (I(absent)) a package.
"""
'pkg5_publisher':
'prefix': "pkg5_publisher_snippet"
'description': "Manages Solaris 11 Image Packaging System publishers"
'body': """
pkg5_publisher:
name: ${1:undefined} # required. The publisher's name.
origin: ${2:null} # not required. A path or URL to the repository.,Multiple values may be provided.
state: ${3|present,absent|} # not required. choices: present;absent. Whether to ensure that a publisher is present or absent.
mirror: ${4:null} # not required. A path or URL to the repository mirror.,Multiple values may be provided.
enabled: ${5|true,false|} # not required. choices: true;false. Is the repository enabled or disabled?
sticky: ${6|true,false|} # not required. choices: true;false. Packages installed from a sticky repository can only receive updates from that repository.
"""
'pkgin':
'prefix': "pkgin_snippet"
'description': "Package manager for SmartOS, NetBSD, et al."
'body': """
pkgin:
state: ${1|present,absent|} # not required. choices: present;absent. Intended state of the package
upgrade: ${2|yes,no|} # not required. choices: yes;no. Upgrade main packages to their newer versions
force: ${3|yes,no|} # not required. choices: yes;no. Force package reinstall
name: ${4:null} # not required. Name of package to install/remove;,multiple names may be given, separated by commas
full_upgrade: ${5|yes,no|} # not required. choices: yes;no. Upgrade all packages to their newer versions
update_cache: ${6|yes,no|} # not required. choices: yes;no. Update repository database. Can be run with other steps or on it's own.
clean: ${7|yes,no|} # not required. choices: yes;no. Clean packages cache
"""
'pkgng':
'prefix': "pkgng_snippet"
'description': "Package manager for FreeBSD >= 9.0"
'body': """
pkgng:
name: ${1:undefined} # required. Name or list of names of packages to install/remove.
chroot: ${2:undefined} # not required. Pkg will chroot in the specified environment.,Can not be used together with I(rootdir) or I(jail) options.
cached: ${3|yes,no|} # not required. choices: yes;no. Use local package base instead of fetching an updated one.
pkgsite: ${4:undefined} # not required. For pkgng versions before 1.1.4, specify packagesite to use for downloading packages. If not specified, use settings from C(/usr/local/etc/pkg.conf).,For newer pkgng versions, specify a the name of a repository configured in C(/usr/local/etc/pkg/repos).
state: ${5|present,absent|} # not required. choices: present;absent. State of the package.
rootdir: ${6:undefined} # not required. For pkgng versions 1.5 and later, pkg will install all packages within the specified root directory.,Can not be used together with I(chroot) or I(jail) options.
autoremove: ${7|yes,no|} # not required. choices: yes;no. Remove automatically installed packages which are no longer needed.
jail: ${8:undefined} # not required. Pkg will execute in the given jail name or id.,Can not be used together with I(chroot) or I(rootdir) options.
annotation: ${9:undefined} # not required. A comma-separated list of keyvalue-pairs of the form C(<+/-/:><key>[=<value>]). A C(+) denotes adding an annotation, a C(-) denotes removing an annotation, and C(:) denotes modifying an annotation. If setting or modifying annotations, a value must be provided.
"""
'pkgutil':
'prefix': "pkgutil_snippet"
'description': "Manage CSW-Packages on Solaris"
'body': """
pkgutil:
state: ${1|present,absent,latest|} # required. choices: present;absent;latest. Whether to install (C(present)), or remove (C(absent)) a package.,The upgrade (C(latest)) operation will update/install the package to the latest version available.,Note: The module has a limitation that (C(latest)) only works for one package, not lists of them.
name: ${2:undefined} # required. Package name, e.g. (C(CSWnrpe))
site: ${3:undefined} # not required. Specifies the repository path to install the package from.,Its global definition is done in C(/etc/opt/csw/pkgutil.conf).
update_catalog: ${4:false} # not required. If you want to refresh your catalog from the mirror, set this to (C(yes)).
"""
'pn_cluster':
'prefix': "pn_cluster_snippet"
'description': "CLI command to create/delete a cluster."
'body': """
pn_cluster:
pn_name: ${1:undefined} # required. Specify the name of the cluster.
state: ${2|present,absent|} # required. choices: present;absent. Specify action to perform. Use 'present' to create cluster and 'absent' to delete cluster.
pn_cluster_node1: ${3:undefined} # not required. Specify the name of the first switch in the cluster.,Required for 'cluster-create'.
pn_clipassword: ${4:undefined} # not required. Provide login password if user is not root.
pn_cliusername: ${5:undefined} # not required. Provide login username if user is not root.
pn_validate: ${6|validate,no-validate|} # not required. choices: validate;no-validate. Validate the inter-switch links and state of switches in the cluster.
pn_cliswitch: ${7:undefined} # not required. Target switch to run the cli on.
pn_cluster_node2: ${8:undefined} # not required. Specify the name of the second switch in the cluster.,Required for 'cluster-create'.
"""
'pn_ospf':
'prefix': "pn_ospf_snippet"
'description': "CLI command to add/remove ospf protocol to a vRouter."
'body': """
pn_ospf:
state: ${1|present,absent|} # required. choices: present;absent. Assert the state of the ospf. Use 'present' to add ospf and 'absent' to remove ospf.
pn_vrouter_name: ${2:undefined} # required. Specify the name of the vRouter.
pn_network_ip: ${3:undefined} # required. Specify the network IP (IPv4 or IPv6) address.
pn_clipassword: ${4:undefined} # not required. Provide login password if user is not root.
pn_ospf_area: ${5:undefined} # not required. Stub area number for the configuration. Required for vrouter-ospf-add.
pn_cliswitch: ${6:undefined} # not required. Target switch to run the CLI on.
pn_cliusername: ${7:undefined} # not required. Provide login username if user is not root.
"""
'pn_ospfarea':
'prefix': "pn_ospfarea_snippet"
'description': "CLI command to add/remove ospf area to/from a vrouter."
'body': """
pn_ospfarea:
pn_ospf_area: ${1:undefined} # required. Specify the OSPF area number.
pn_clipassword: ${2:undefined} # required. Login password.
pn_vrouter_name: ${3:undefined} # required. Specify the name of the vRouter.
pn_cliusername: ${4:undefined} # required. Login username.
state: ${5|present,absent,update|} # required. choices: present;absent;update. State the action to perform. Use 'present' to add ospf-area, 'absent' to remove ospf-area and 'update' to modify ospf-area.
pn_prefix_listin: ${6:undefined} # not required. OSPF prefix list for filtering incoming packets.
pn_prefix_listout: ${7:undefined} # not required. OSPF prefix list for filtering outgoing packets.
pn_stub_type: ${8|none,stub,stub-no-summary,nssa,nssa-no-summary|} # not required. choices: none;stub;stub-no-summary;nssa;nssa-no-summary. Specify the OSPF stub type.
pn_cliswitch: ${9:undefined} # not required. Target switch(es) to run the CLI on.
pn_quiet: ${10:true} # not required. Enable/disable system information.
"""
'pn_show':
'prefix': "pn_show_snippet"
'description': "Run show commands on nvOS device."
'body': """
pn_show:
pn_command: ${1:undefined} # required. The C(pn_command) takes a CLI show command as value.
pn_parameters: ${2:undefined} # not required. Display output using a specific parameter. Use 'all' to display possible output. List of comma separated parameters.
pn_options: ${3:undefined} # not required. Specify formatting options.
pn_clipassword: ${4:undefined} # not required. Provide login password if user is not root.
pn_cliswitch: ${5:undefined} # not required. Target switch(es) to run the cli on.
pn_cliusername: ${6:undefined} # not required. Provide login username if user is not root.
"""
'pn_trunk':
'prefix': "pn_trunk_snippet"
'description': "CLI command to create/delete/modify a trunk."
'body': """
pn_trunk:
pn_name: ${1:undefined} # required. Specify the name for the trunk configuration.
state: ${2|present,absent,update|} # required. choices: present;absent;update. State the action to perform. Use 'present' to create trunk, 'absent' to delete trunk and 'update' to modify trunk.
pn_unknown_mcast_level: ${3:undefined} # not required. Specify an unknown multicast level in percent. The default value is 100%.
pn_jumbo: ${4:undefined} # not required. Specify if the port can receive jumbo frames.
pn_lacp_fallback_timeout: ${5:undefined} # not required. Specify the LACP fallback timeout in seconds. The range is between 30 and 60 seconds with a default value of 50 seconds.
pn_unknown_ucast_level: ${6:undefined} # not required. Specify an unknown unicast level in percent. The default value is 100%.
pn_lacp_timeout: ${7|slow,fast|} # not required. choices: slow;fast. Specify the LACP time out as slow (30 seconds) or fast (4seconds). The default value is slow.
pn_loopback: ${8:undefined} # not required. Specify loopback if you want to use loopback.
pn_speed: ${9|disable,10m,100m,1g,2.5g,10g,40g|} # not required. choices: disable;10m;100m;1g;2.5g;10g;40g. Specify the port speed or disable the port.
pn_edge_switch: ${10:undefined} # not required. Specify if the switch is an edge switch.
pn_host: ${11:undefined} # not required. Host facing port control setting.
pn_port_macaddr: ${12:undefined} # not required. Specify the MAC address of the port.
pn_lacp_fallback: ${13|bundle,individual|} # not required. choices: bundle;individual. Specify the LACP fallback mode as bundles or individual.
pn_routing: ${14:undefined} # not required. Specify if the port participates in routing on the network.
pn_clipassword: ${15:undefined} # not required. Provide login password if user is not root.
pn_mirror_receive: ${16:undefined} # not required. Specify if the configuration receives mirrored traffic.
pn_egress_rate_limit: ${17:undefined} # not required. Specify an egress port data rate limit for the configuration.
pn_cliusername: ${18:undefined} # not required. Provide login username if user is not root.
pn_lacp_mode: ${19|off,passive,active|} # not required. choices: off;passive;active. Specify the LACP mode for the configuration.
pn_ports: ${20:undefined} # not required. Specify the port number(s) for the link(s) to aggregate into the trunk.,Required for trunk-create.
pn_lacp_priority: ${21:undefined} # not required. Specify the LACP priority. This is a number between 1 and 65535 with a default value of 32768.
pn_broadcast_level: ${22:undefined} # not required. Specify a broadcast level in percent. The default value is 100%.
pn_pause: ${23:undefined} # not required. Specify if pause frames are sent.
pn_cliswitch: ${24:undefined} # not required. Target switch(es) to run the cli on.
pn_loopvlans: ${25:undefined} # not required. Specify a list of looping vlans.
pn_description: ${26:undefined} # not required. Specify a description for the trunk configuration.
"""
'pn_vlag':
'prefix': "pn_vlag_snippet"
'description': "CLI command to create/delete/modify vlag."
'body': """
pn_vlag:
pn_name: ${1:undefined} # required. The C(pn_name) takes a valid name for vlag configuration.
state: ${2|present,absent,update|} # required. choices: present;absent;update. State the action to perform. Use 'present' to create vlag, 'absent' to delete vlag and 'update' to modify vlag.
pn_lacp_fallback: ${3|bundle,individual|} # not required. choices: bundle;individual. Specify the LACP fallback mode as bundles or individual.
pn_lacp_fallback_timeout: ${4:undefined} # not required. Specify the LACP fallback timeout in seconds. The range is between 30 and 60 seconds with a default value of 50 seconds.
pn_clipassword: ${5:undefined} # not required. Provide login password if user is not root.
pn_lacp_timeout: ${6|slow,fast|} # not required. choices: slow;fast. Specify the LACP timeout as slow(30 seconds) or fast(4 seconds).
pn_cliusername: ${7:undefined} # not required. Provide login username if user is not root.
pn_lacp_mode: ${8|off,passive,active|} # not required. choices: off;passive;active. Specify the LACP mode.
pn_failover_action: ${9|move,ignore|} # not required. choices: move;ignore. Specify the failover action as move or ignore.
pn_peer_port: ${10:undefined} # not required. Specify the peer VLAG port.,Required for vlag-create.
pn_peer_switch: ${11:undefined} # not required. Specify the fabric-name of the peer switch.
pn_port: ${12:undefined} # not required. Specify the local VLAG port.,Required for vlag-create.
pn_cliswitch: ${13:undefined} # not required. Target switch(es) to run this command on.
pn_mode: ${14|active-active,active-standby|} # not required. choices: active-active;active-standby. Specify the mode for the VLAG. Active-standby indicates one side is active and the other side is in standby mode. Active-active indicates that both sides of the vlag are up by default.
"""
'pn_vlan':
'prefix': "pn_vlan_snippet"
'description': "CLI command to create/delete a VLAN."
'body': """
pn_vlan:
pn_vlanid: ${1:undefined} # required. Specify a VLAN identifier for the VLAN. This is a value between 2 and 4092.
state: ${2|present,absent|} # required. choices: present;absent. State the action to perform. Use 'present' to create vlan and 'absent' to delete vlan.
pn_scope: ${3|fabric,local|} # not required. choices: fabric;local. Specify a scope for the VLAN.,Required for vlan-create.
pn_clipassword: ${4:undefined} # not required. Provide login password if user is not root.
pn_cliusername: ${5:undefined} # not required. Provide login username if user is not root.
pn_ports: ${6:undefined} # not required. Specifies the switch network data port number, list of ports, or range of ports. Port numbers must ne in the range of 1 to 64.
pn_untagged_ports: ${7:undefined} # not required. Specifies the ports that should have untagged packets mapped to the VLAN. Untagged packets are packets that do not contain IEEE 802.1Q VLAN tags.
pn_cliswitch: ${8:undefined} # not required. Target switch(es) to run the cli on.
pn_stats: ${9:undefined} # not required. Specify if you want to collect statistics for a VLAN. Statistic collection is enabled by default.
pn_description: ${10:undefined} # not required. Specify a description for the VLAN.
"""
'pn_vrouter':
'prefix': "pn_vrouter_snippet"
'description': "CLI command to create/delete/modify a vrouter."
'body': """
pn_vrouter:
pn_name: ${1:undefined} # required. Specify the name of the vRouter.
state: ${2|present,absent,update|} # required. choices: present;absent;update. State the action to perform. Use 'present' to create vrouter, 'absent' to delete vrouter and 'update' to modify vrouter.
pn_rip_redistribute: ${3|static,connected,ospf,bgp|} # not required. choices: static;connected;ospf;bgp. Specify how RIP routes are redistributed.
pn_bgp_options: ${4:undefined} # not required. Specify other BGP options as a whitespaces separated string within single quotes ''.
pn_router_id: ${5:undefined} # not required. Specify the vRouter IP address.
pn_ospf_options: ${6:undefined} # not required. Specify other OSPF options as a whitespaces separated string within single quotes ''.
pn_bgp_as: ${7:undefined} # not required. Specify the Autonomous System Number(ASN) if the vRouter runs Border Gateway Protocol(BGP).
pn_ospf_redistribute: ${8|static,connected,bgp,rip|} # not required. choices: static;connected;bgp;rip. Specify how OSPF routes are redistributed.
pn_clipassword: ${9:undefined} # not required. Provide login password if user is not root.
pn_bgp_redistribute: ${10|static,connected,rip,ospf|} # not required. choices: static;connected;rip;ospf. Specify how BGP routes are redistributed.
pn_router_type: ${11|hardware,software|} # not required. choices: hardware;software. Specify if the vRouter uses software or hardware.,Note that if you specify hardware as router type, you cannot assign IP addresses using DHCP. You must specify a static IP address.
pn_hw_vrrp_id: ${12:undefined} # not required. Specifies the VRRP ID for a hardware vrouter.
pn_vnet: ${13:undefined} # not required. Specify the name of the VNET.,Required for vrouter-create.
pn_cliusername: ${14:undefined} # not required. Provide login username if user is not root.
pn_service_state: ${15|enable,disable|} # not required. choices: enable;disable. Specify to enable or disable vRouter service.
pn_service_type: ${16|dedicated,shared|} # not required. choices: dedicated;shared. Specify if the vRouter is a dedicated or shared VNET service.
pn_cliswitch: ${17:undefined} # not required. Target switch(es) to run the CLI on.
pn_bgp_max_paths: ${18:undefined} # not required. Specify the maximum number of paths for BGP. This is a number between 1 and 255 or 0 to unset.
"""
'pn_vrouterbgp':
'prefix': "pn_vrouterbgp_snippet"
'description': "CLI command to add/remove/modify vrouter-bgp."
'body': """
pn_vrouterbgp:
pn_vrouter_name: ${1:undefined} # required. Specify a name for the vRouter service.
state: ${2|present,absent,update|} # required. choices: present;absent;update. State the action to perform. Use 'present' to add bgp, 'absent' to remove bgp and 'update' to modify bgp.
pn_max_prefix: ${3:undefined} # not required. Specify the maximum number of prefixes.
pn_route_mapout: ${4:undefined} # not required. Specify outbound route map for neighbor.
pn_neighbor: ${5:undefined} # not required. Specify a neighbor IP address to use for BGP.,Required for vrouter-bgp-add.
pn_override_capability: ${6:undefined} # not required. Specify if you want to override capability.
pn_route_mapin: ${7:undefined} # not required. Specify inbound route map for neighbor.
pn_soft_reconfig: ${8:undefined} # not required. Specify if you want a soft reconfiguration of inbound traffic.
pn_ebgp: ${9:undefined} # not required. Specify a value for external BGP to accept or attempt BGP connections to external peers, not directly connected, on the network. This is a value between 1 and 255.
pn_prefix_listin: ${10:undefined} # not required. Specify the prefix list to filter traffic inbound.
pn_bfd: ${11:undefined} # not required. Specify if you want BFD protocol support for fault detection.
pn_password: ${12:undefined} # not required. Specify a password, if desired.
pn_route_reflector: ${13:undefined} # not required. Specify if a route reflector client is used.
pn_keepalive: ${14:undefined} # not required. Specify BGP neighbor keepalive interval in seconds.
pn_max_prefix_warn: ${15:undefined} # not required. Specify if you want a warning message when the maximum number of prefixes is exceeded.
pn_multiprotocol: ${16|ipv4-unicast,ipv6-unicast|} # not required. choices: ipv4-unicast;ipv6-unicast. Specify a multi-protocol for BGP.
pn_clipassword: ${17:undefined} # not required. Provide login password if user is not root.
pn_default_originate: ${18:undefined} # not required. Specify if you want announce default routes to the neighbor or not.
pn_cliusername: ${19:undefined} # not required. Provide login username if user is not root.
pn_weight: ${20:undefined} # not required. Specify a default weight value between 0 and 65535 for the neighbor routes.
pn_prefix_listout: ${21:undefined} # not required. Specify the prefix list to filter traffic outbound.
pn_remote_as: ${22:undefined} # not required. Specify the remote Autonomous System(AS) number. This value is between 1 and 4294967295.,Required for vrouter-bgp-add.
pn_cliswitch: ${23:undefined} # not required. Target switch(es) to run the cli on.
pn_holdtime: ${24:undefined} # not required. Specify BGP neighbor holdtime in seconds.
pn_next_hop_self: ${25:undefined} # not required. Specify if the next-hop is the same router or not.
"""
'pn_vrouterif':
'prefix': "pn_vrouterif_snippet"
'description': "CLI command to add/remove/modify vrouter-interface."
'body': """
pn_vrouterif:
pn_vrouter_name: ${1:undefined} # required. Specify the name of the vRouter interface.
state: ${2|present,absent,update|} # required. choices: present;absent;update. State the action to perform. Use 'present' to add vrouter interface, 'absent' to remove vrouter interface and 'update' to modify vrouter interface.
pn_nic_enable: ${3:undefined} # not required. Specify if the NIC is enabled or not
pn_vrrp_adv_int: ${4:undefined} # not required. Specify a VRRP advertisement interval in milliseconds. The range is from 30 to 40950 with a default value of 1000.
pn_vrrp_priority: ${5:undefined} # not required. Specify the priority for the VRRP interface. This is a value between 1 (lowest) and 255 (highest).
pn_alias: ${6:undefined} # not required. Specify an alias for the interface.
pn_secondary_macs: ${7:undefined} # not required. Specify a secondary MAC address for the interface.
pn_interface_ip: ${8:undefined} # not required. Specify the IP address of the interface in x.x.x.x/n format.
pn_vlan: ${9:undefined} # not required. Specify the VLAN identifier. This is a value between 1 and 4092.
pn_vxlan: ${10:undefined} # not required. Specify the VXLAN identifier. This is a value between 1 and 16777215.
pn_exclusive: ${11:undefined} # not required. Specify if the interface is exclusive to the configuration. Exclusive means that other configurations cannot use the interface. Exclusive is specified when you configure the interface as span interface and allows higher throughput through the interface.
pn_nic_str: ${12:undefined} # not required. Specify the type of NIC. Used for vrouter-interface remove/modify.
pn_clipassword: ${13:undefined} # not required. Provide login password if user is not root.
pn_vrrp_id: ${14:undefined} # not required. Specify the ID for the VRRP interface. The IDs on both vRouters must be the same IS number.
pn_cliusername: ${15:undefined} # not required. Provide login username if user is not root.
pn_interface: ${16|mgmt,data,span|} # not required. choices: mgmt;data;span. Specify if the interface is management, data or span interface.
pn_l3port: ${17:undefined} # not required. Specify a Layer 3 port for the interface.
pn_cliswitch: ${18:undefined} # not required. Target switch to run the cli on.
pn_assignment: ${19|none,dhcp,dhcpv6,autov6|} # not required. choices: none;dhcp;dhcpv6;autov6. Specify the DHCP method for IP address assignment.
"""
'pn_vrouterlbif':
'prefix': "pn_vrouterlbif_snippet"
'description': "CLI command to add/remove vrouter-loopback-interface."
'body': """
pn_vrouterlbif:
pn_interface_ip: ${1:undefined} # required. Specify the IP address.
state: ${2|present,absent|} # required. choices: present;absent. State the action to perform. Use 'present' to add vrouter loopback interface and 'absent' to remove vrouter loopback interface.
pn_vrouter_name: ${3:undefined} # required. Specify the name of the vRouter.
pn_clipassword: ${4:undefined} # not required. Provide login password if user is not root.
pn_cliusername: ${5:undefined} # not required. Provide login username if user is not root.
pn_cliswitch: ${6:undefined} # not required. Target switch(es) to run the cli on.
pn_index: ${7:undefined} # not required. Specify the interface index from 1 to 255.
"""
'portage':
'prefix': "portage_snippet"
'description': "Package manager for Gentoo"
'body': """
portage:
nodeps: ${1|yes,no|} # not required. choices: yes;no. Only merge packages but not their dependencies (--nodeps)
onlydeps: ${2|yes,no|} # not required. choices: yes;no. Only merge packages' dependencies but not the packages (--onlydeps)
newuse: ${3|yes,no|} # not required. choices: yes;no. Include installed packages where USE flags have changed (--newuse)
oneshot: ${4|yes,no|} # not required. choices: yes;no. Do not add the packages to the world file (--oneshot)
update: ${5|yes,no|} # not required. choices: yes;no. Update packages to the best version available (--update)
deep: ${6|yes,no|} # not required. choices: yes;no. Consider the entire dependency tree of packages (--deep)
sync: ${7|web,yes,no|} # not required. choices: web;yes;no. Sync package repositories first,If yes, perform \"emerge --sync\",If web, perform \"emerge-webrsync\"
keepgoing: ${8|yes,no|} # not required. choices: yes;no. Continue as much as possible after an error.
depclean: ${9|yes,no|} # not required. choices: yes;no. Remove packages not needed by explicitly merged packages (--depclean),If no package is specified, clean up the world's dependencies,Otherwise, --depclean serves as a dependency aware version of --unmerge
jobs: ${10:None} # not required. Specifies the number of packages to build simultaneously.
noreplace: ${11|yes,no|} # not required. choices: yes;no. Do not re-emerge installed packages (--noreplace)
loadavg: ${12:None} # not required. Specifies that no new builds should be started if there are,other builds running and the load average is at least LOAD
verbose: ${13|yes,no|} # not required. choices: yes;no. Run emerge in verbose mode (--verbose)
getbinpkg: ${14|yes,no|} # not required. choices: yes;no. Prefer packages specified at PORTAGE_BINHOST in make.conf
package: ${15:null} # not required. Package atom or set, e.g. C(sys-apps/foo) or C(>foo-2.13) or C(@world)
quiet: ${16|yes,no|} # not required. choices: yes;no. Run emerge in quiet mode (--quiet)
state: ${17|present,installed,emerged,absent,removed,unmerged,latest|} # not required. choices: present;installed;emerged;absent;removed;unmerged;latest. State of the package atom
changed_use: ${18|yes,no|} # not required. choices: yes;no. Include installed packages where USE flags have changed, except when,flags that the user has not enabled are added or removed,(--changed-use)
usepkgonly: ${19|yes,no|} # not required. choices: yes;no. Merge only binaries (no compiling). This sets getbinpkg=yes.
"""
'portinstall':
'prefix': "portinstall_snippet"
'description': "Installing packages from FreeBSD's ports system"
'body': """
portinstall:
name: ${1:undefined} # required. name of package to install/remove
state: ${2|present,absent|} # not required. choices: present;absent. state of the package
use_packages: ${3|yes,no|} # not required. choices: yes;no. use packages instead of ports whenever available
"""
'postgresql_db':
'prefix': "postgresql_db_snippet"
'description': "Add or remove PostgreSQL databases from a remote host."
'body': """
postgresql_db:
name: ${1:null} # required. name of the database to add or remove
ssl_rootcert: ${2:null} # not required. Specifies the name of a file containing SSL certificate authority (CA) certificate(s).,If the file exists, the server's certificate will be verified to be signed by one of these authorities.
ssl_mode: ${3|disable,allow,prefer,require,verify-ca,verify-full|} # not required. choices: disable;allow;prefer;require;verify-ca;verify-full. Determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the server.,See https://www.postgresql.org/docs/current/static/libpq-ssl.html for more information on the modes.,Default of C(prefer) matches libpq default.
login_unix_socket: ${4:null} # not required. Path to a Unix domain socket for local connections
encoding: ${5:null} # not required. Encoding of the database
login_user: ${6:postgres} # not required. The username used to authenticate with
lc_collate: ${7:null} # not required. Collation order (LC_COLLATE) to use in the database. Must match collation order of template database unless C(template0) is used as template.
target_opts: ${8:undefined} # not required. Further arguments for pg_dump or pg_restore. Used when state is \"dump\" or \"restore\"
lc_ctype: ${9:null} # not required. Character classification (LC_CTYPE) to use in the database (e.g. lower, upper, ...) Must match LC_CTYPE of template database unless C(template0) is used as template.
port: ${10:5432} # not required. Database port to connect to.
owner: ${11:null} # not required. Name of the role to set as owner of the database
state: ${12|present,absent,dump,restore|} # not required. choices: present;absent;dump;restore. The database state. present implies that the database should be created if necessary.\nabsent implies that the database should be removed if present.\ndump requires a target definition to which the database will be backed up.\n(Added in 2.4) restore also requires a target definition from which the database will be restored.\n(Added in 2.4) The format of the backup will be detected based on the target name.\nSupported compression formats for dump and restore are: .bz2, .gz, and .xz\nSupported formats for dump and restore are: .sql and .tar\n
template: ${13:null} # not required. Template used to create the database
login_password: ${14:null} # not required. The password used to authenticate with
maintenance_db: ${15:postgres} # not required. The value specifies the initial database (which is also called as maintenance DB) that Ansible connects to.
login_host: ${16:null} # not required. Host running the database
target: ${17:undefined} # not required. File to back up or restore from. Used when state is \"dump\" or \"restore\"
"""
'postgresql_ext':
'prefix': "postgresql_ext_snippet"
'description': "Add or remove PostgreSQL extensions from a database."
'body': """
postgresql_ext:
name: ${1:null} # required. name of the extension to add or remove
db: ${2:null} # required. name of the database to add or remove the extension to/from
state: ${3|present,absent|} # not required. choices: present;absent. The database extension state
login_password: ${4:null} # not required. The password used to authenticate with
login_user: ${5:null} # not required. The username used to authenticate with
login_host: ${6:localhost} # not required. Host running the database
port: ${7:5432} # not required. Database port to connect to.
"""
'postgresql_lang':
'prefix': "postgresql_lang_snippet"
'description': "Adds, removes or changes procedural languages with a PostgreSQL database."
'body': """
postgresql_lang:
lang: ${1:null} # required. name of the procedural language to add, remove or change
force_trust: ${2|yes,no|} # not required. choices: yes;no. marks the language as trusted, even if it's marked as untrusted in pg_pltemplate.,use with care!
login_user: ${3:postgres} # not required. User used to authenticate with PostgreSQL
login_host: ${4:localhost} # not required. Host running PostgreSQL where you want to execute the actions.
db: ${5:null} # not required. name of database where the language will be added, removed or changed
cascade: ${6|yes,no|} # not required. choices: yes;no. when dropping a language, also delete object that depend on this language.,only used when C(state=absent).
state: ${7|present,absent|} # not required. choices: present;absent. The state of the language for the selected database
login_password: ${8:null} # not required. Password used to authenticate with PostgreSQL (must match C(login_user))
trust: ${9|yes,no|} # not required. choices: yes;no. make this language trusted for the selected db
fail_on_drop: ${10|yes,no|} # not required. choices: yes;no. if C(yes), fail when removing a language. Otherwise just log and continue,in some cases, it is not possible to remove a language (used by the db-system). When dependencies block the removal, consider using C(cascade).
port: ${11:5432} # not required. Database port to connect to.
"""
'postgresql_privs':
'prefix': "postgresql_privs_snippet"
'description': "Grant or revoke privileges on PostgreSQL database objects."
'body': """
postgresql_privs:
roles: ${1:undefined} # required. Comma separated list of role (user/group) names to set permissions for.,The special value C(PUBLIC) can be provided instead to set permissions for the implicitly defined PUBLIC group.,Alias: I(role)
database: ${2:undefined} # required. Name of database to connect to.,Alias: I(db)
objs: ${3:undefined} # not required. Comma separated list of database objects to set privileges on.,If I(type) is C(table) or C(sequence), the special value C(ALL_IN_SCHEMA) can be provided instead to specify all database objects of type I(type) in the schema specified via I(schema). (This also works with PostgreSQL < 9.0.),If I(type) is C(database), this parameter can be omitted, in which case privileges are set for the database specified via I(database).,If I(type) is I(function), colons (\":\") in object names will be replaced with commas (needed to specify function signatures, see examples),Alias: I(obj)
ssl_rootcert: ${4:null} # not required. Specifies the name of a file containing SSL certificate authority (CA) certificate(s). If the file exists, the server's certificate will be verified to be signed by one of these authorities.
ssl_mode: ${5|disable,allow,prefer,require,verify-ca,verify-full|} # not required. choices: disable;allow;prefer;require;verify-ca;verify-full. Determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the server.,See https://www.postgresql.org/docs/current/static/libpq-ssl.html for more information on the modes.,Default of C(prefer) matches libpq default.
privs: ${6:undefined} # not required. Comma separated list of privileges to grant/revoke.,Alias: I(priv)
login_user: ${7:postgres} # not required. The username used to authenticate with
login_host: ${8:null} # not required. Host running the database
login_unix_socket: ${9:null} # not required. Path to a Unix domain socket for local connections
state: ${10|present,absent|} # not required. choices: present;absent. If C(present), the specified privileges are granted, if C(absent) they are revoked.
unix_socket: ${11:null} # not required. Path to a Unix domain socket for local connections.,Alias: I(login_unix_socket)
host: ${12:null} # not required. Database host address. If unspecified, connect via Unix socket.,Alias: I(login_host)
login_password: ${13:null} # not required. The password used to authenticate with
login: ${14:postgres} # not required. The username to authenticate with.,Alias: I(login_user)
password: ${15:null} # not required. The password to authenticate with.,Alias: I(login_password))
type: ${16|table,sequence,function,database,schema,language,tablespace,group|} # not required. choices: table;sequence;function;database;schema;language;tablespace;group. Type of database object to set privileges on.
port: ${17:5432} # not required. Database port to connect to.
grant_option: ${18|yes,no|} # not required. choices: yes;no. Whether C(role) may grant/revoke the specified privileges/group memberships to others.,Set to C(no) to revoke GRANT OPTION, leave unspecified to make no changes.,I(grant_option) only has an effect if I(state) is C(present).,Alias: I(admin_option)
schema: ${19:undefined} # not required. Schema that contains the database objects specified via I(objs).,May only be provided if I(type) is C(table), C(sequence) or C(function). Defaults to C(public) in these cases.
"""
'postgresql_schema':
'prefix': "postgresql_schema_snippet"
'description': "Add or remove PostgreSQL schema from a remote host"
'body': """
postgresql_schema:
name: ${1:null} # required. Name of the schema to add or remove.
database: ${2:postgres} # not required. Name of the database to connect to.
login_user: ${3:null} # not required. The username used to authenticate with.
login_host: ${4:localhost} # not required. Host running the database.
login_unix_socket: ${5:null} # not required. Path to a Unix domain socket for local connections.
state: ${6|present,absent|} # not required. choices: present;absent. The schema state.
login_password: ${7:null} # not required. The password used to authenticate with.
owner: ${8:null} # not required. Name of the role to set as owner of the schema.
port: ${9:5432} # not required. Database port to connect to.
"""
'postgresql_user':
'prefix': "postgresql_user_snippet"
'description': "Adds or removes a users (roles) from a PostgreSQL database."
'body': """
postgresql_user:
name: ${1:null} # required. name of the user (role) to add or remove
ssl_rootcert: ${2:null} # not required. Specifies the name of a file containing SSL certificate authority (CA) certificate(s). If the file exists, the server's certificate will be verified to be signed by one of these authorities.
ssl_mode: ${3|disable,allow,prefer,require,verify-ca,verify-full|} # not required. choices: disable;allow;prefer;require;verify-ca;verify-full. Determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the server.,See https://www.postgresql.org/docs/current/static/libpq-ssl.html for more information on the modes.,Default of C(prefer) matches libpq default.
login_user: ${4:postgres} # not required. User (role) used to authenticate with PostgreSQL
login_host: ${5:localhost} # not required. Host running PostgreSQL.
expires: ${6:null} # not required. The date at which the user's password is to expire.,If set to C('infinity'), user's password never expire.,Note that this value should be a valid SQL date and time type.
db: ${7:null} # not required. name of database where permissions will be granted
conn_limit: ${8:null} # not required. Specifies the user connection limit.
login_unix_socket: ${9:null} # not required. Path to a Unix domain socket for local connections
login_password: ${10:null} # not required. Password used to authenticate with PostgreSQL
password: ${11:null} # not required. set the user's password, before 1.4 this was required.,When passing an encrypted password, the encrypted parameter must also be true, and it must be generated with the format C('str[\\\"md5\\\"] + md5[ password + username ]'), resulting in a total of 35 characters. An easy way to do this is: C(echo \\\"md5`echo -n \\\"verysecretpasswordJOE\\\" | md5`\\\"). Note that if the provided password string is already in MD5-hashed format, then it is used as-is, regardless of encrypted parameter.\n
port: ${12:5432} # not required. Database port to connect to.
fail_on_user: ${13|true,false|} # not required. choices: true;false. if C(yes), fail when user can't be removed. Otherwise just log and continue
priv: ${14:null} # not required. PostgreSQL privileges string in the format: C(table:priv1,priv2)
no_password_changes: ${15|true,false|} # not required. choices: true;false. if C(yes), don't inspect database for password changes. Effective when C(pg_authid) is not accessible (such as AWS RDS). Otherwise, make password changes as necessary.
state: ${16|present,absent|} # not required. choices: present;absent. The user (role) state
encrypted: ${17:false} # not required. whether the password is stored hashed in the database. boolean. Passwords can be passed already hashed or unhashed, and postgresql ensures the stored password is hashed when encrypted is set.
role_attr_flags: ${18|[NO]SUPERUSER,[NO]CREATEROLE,[NO]CREATEDB,[NO]INHERIT,[NO]LOGIN,[NO]REPLICATION,[NO]BYPASSRLS|} # not required. choices: [NO]SUPERUSER;[NO]CREATEROLE;[NO]CREATEDB;[NO]INHERIT;[NO]LOGIN;[NO]REPLICATION;[NO]BYPASSRLS. PostgreSQL role attributes string in the format: CREATEDB,CREATEROLE,SUPERUSER,Note that '[NO]CREATEUSER' is deprecated.
"""
'profitbricks':
'prefix': "profitbricks_snippet"
'description': "Create, destroy, start, stop, and reboot a ProfitBricks virtual machine."
'body': """
profitbricks:
image: ${1:undefined} # required. The system image ID for creating the virtual machine, e.g. a3eae284-a2fe-11e4-b187-5f1f641608c8.
name: ${2:undefined} # required. The name of the virtual machine.
lan: ${3:1} # not required. The ID of the LAN you wish to add the servers to.
image_password: ${4:undefined} # not required. Password set for the administrative user.
bus: ${5|IDE,VIRTIO|} # not required. choices: IDE;VIRTIO. The bus type for the volume.
ram: ${6:2048} # not required. The amount of memory to allocate to the virtual machine.
instance_ids: ${7:undefined} # not required. list of instance ids, currently only used when state='absent' to remove instances.
subscription_password: ${8:null} # not required. THe ProfitBricks password. Overrides the PB_PASSWORD environment variable.
wait_timeout: ${9:600} # not required. how long before wait gives up, in seconds
assign_public_ip: ${10:false} # not required. This will assign the machine to the public LAN. If no LAN exists with public Internet access it is created.
wait: ${11|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
count: ${12:1} # not required. The number of virtual machines to create.
datacenter: ${13:null} # not required. The datacenter to provision this virtual machine.
remove_boot_volume: ${14|yes,no|} # not required. choices: yes;no. remove the bootVolume of the virtual machine you're destroying.
ssh_keys: ${15:undefined} # not required. Public SSH keys allowing access to the virtual machine.
subscription_user: ${16:null} # not required. The ProfitBricks username. Overrides the PB_SUBSCRIPTION_ID environment variable.
cpu_family: ${17|AMD_OPTERON,INTEL_XEON|} # not required. choices: AMD_OPTERON;INTEL_XEON. The CPU family type to allocate to the virtual machine.
volume_size: ${18:10} # not required. The size in GB of the boot volume.
state: ${19|running,stopped,absent,present|} # not required. choices: running;stopped;absent;present. create or terminate instances
location: ${20|us/las,de/fra,de/fkb|} # not required. choices: us/las;de/fra;de/fkb. The datacenter location. Use only if you want to create the Datacenter or else this value is ignored.
auto_increment: ${21|yes,no|} # not required. choices: yes;no. Whether or not to increment a single number in the name for created virtual machines.
cores: ${22:2} # not required. The number of CPU cores to allocate to the virtual machine.
"""
'profitbricks_datacenter':
'prefix': "profitbricks_datacenter_snippet"
'description': "Create or destroy a ProfitBricks Virtual Datacenter."
'body': """
profitbricks_datacenter:
name: ${1:undefined} # required. The name of the virtual datacenter.
subscription_user: ${2:undefined} # not required. The ProfitBricks username. Overrides the PB_SUBSCRIPTION_ID environment variable.
subscription_password: ${3:undefined} # not required. THe ProfitBricks password. Overrides the PB_PASSWORD environment variable.
state: ${4|present,absent|} # not required. choices: present;absent. create or terminate datacenters
wait_timeout: ${5:600} # not required. how long before wait gives up, in seconds
location: ${6|us/las,de/fra,de/fkb|} # not required. choices: us/las;de/fra;de/fkb. The datacenter location.
wait: ${7|yes,no|} # not required. choices: yes;no. wait for the datacenter to be created before returning
description: ${8:undefined} # not required. The description of the virtual datacenter.
"""
'profitbricks_nic':
'prefix': "profitbricks_nic_snippet"
'description': "Create or Remove a NIC."
'body': """
profitbricks_nic:
datacenter: ${1:undefined} # required. The datacenter in which to operate.
lan: ${2:undefined} # required. The LAN to place the NIC on. You can pass a LAN that doesn't exist and it will be created. Required on create.
name: ${3:undefined} # required. The name or ID of the NIC. This is only required on deletes, but not on create.
server: ${4:undefined} # required. The server name or ID.
subscription_user: ${5:undefined} # not required. The ProfitBricks username. Overrides the PB_SUBSCRIPTION_ID environment variable.
subscription_password: ${6:undefined} # not required. THe ProfitBricks password. Overrides the PB_PASSWORD environment variable.
state: ${7|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
wait_timeout: ${8:600} # not required. how long before wait gives up, in seconds
wait: ${9|yes,no|} # not required. choices: yes;no. wait for the operation to complete before returning
"""
'profitbricks_volume':
'prefix': "profitbricks_volume_snippet"
'description': "Create or destroy a volume."
'body': """
profitbricks_volume:
image: ${1:undefined} # required. The system image ID for the volume, e.g. a3eae284-a2fe-11e4-b187-5f1f641608c8. This can also be a snapshot image ID.
datacenter: ${2:undefined} # required. The datacenter in which to create the volumes.
name: ${3:undefined} # required. The name of the volumes. You can enumerate the names using auto_increment.
image_password: ${4:undefined} # not required. Password set for the administrative user.
licence_type: ${5|LINUX,WINDOWS,UNKNOWN,OTHER|} # not required. choices: LINUX;WINDOWS;UNKNOWN;OTHER. The licence type for the volume. This is used when the image is non-standard.
bus: ${6|IDE,VIRTIO|} # not required. choices: IDE;VIRTIO. The bus type.
instance_ids: ${7:undefined} # not required. list of instance ids, currently only used when state='absent' to remove instances.
subscription_password: ${8:undefined} # not required. THe ProfitBricks password. Overrides the PB_PASSWORD environment variable.
wait_timeout: ${9:600} # not required. how long before wait gives up, in seconds
disk_type: ${10|HDD,SSD|} # not required. choices: HDD;SSD. The disk type of the volume.
wait: ${11|yes,no|} # not required. choices: yes;no. wait for the datacenter to be created before returning
count: ${12:1} # not required. The number of volumes you wish to create.
subscription_user: ${13:undefined} # not required. The ProfitBricks username. Overrides the PB_SUBSCRIPTION_ID environment variable.
state: ${14|present,absent|} # not required. choices: present;absent. create or terminate datacenters
auto_increment: ${15|yes,no|} # not required. choices: yes;no. Whether or not to increment a single number in the name for created virtual machines.
size: ${16:10} # not required. The size of the volume.
ssh_keys: ${17:undefined} # not required. Public SSH keys allowing access to the virtual machine.
"""
'profitbricks_volume_attachments':
'prefix': "profitbricks_volume_attachments_snippet"
'description': "Attach or detach a volume."
'body': """
profitbricks_volume_attachments:
datacenter: ${1:undefined} # required. The datacenter in which to operate.
server: ${2:undefined} # required. The name of the server you wish to detach or attach the volume.
volume: ${3:undefined} # required. The volume name or ID.
subscription_user: ${4:undefined} # not required. The ProfitBricks username. Overrides the PB_SUBSCRIPTION_ID environment variable.
state: ${5|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
wait_timeout: ${6:600} # not required. how long before wait gives up, in seconds
subscription_password: ${7:undefined} # not required. THe ProfitBricks password. Overrides the PB_PASSWORD environment variable.
wait: ${8|yes,no|} # not required. choices: yes;no. wait for the operation to complete before returning
"""
'proxmox':
'prefix': "proxmox_snippet"
'description': "management of instances in Proxmox VE cluster"
'body': """
proxmox:
api_host: ${1:undefined} # required. the host of the Proxmox VE cluster
api_user: ${2:undefined} # required. the user to authenticate with
node: ${3:null} # not required. Proxmox VE node, when new VM will be created,required only for C(state=present),for another states will be autodiscovered
force: ${4:false} # not required. forcing operations,can be used only with states C(present), C(stopped), C(restarted),with C(state=present) force option allow to overwrite existing container,with states C(stopped) , C(restarted) allow to force stop instance
cpuunits: ${5:1000} # not required. CPU weight for a VM
vmid: ${6:null} # not required. the instance id,if not set, the next available VM ID will be fetched from ProxmoxAPI.,if not set, will be fetched from PromoxAPI based on the hostname
api_password: ${7:null} # not required. the password to authenticate with,you can use PROXMOX_PASSWORD environment variable
cpus: ${8:1} # not required. numbers of allocated cpus for instance
ostemplate: ${9:null} # not required. the template for VM creating,required only for C(state=present)
unprivileged: ${10:false} # not required. Indicate if the container should be unprivileged
disk: ${11:3} # not required. hard disk size in GB for instance
ip_address: ${12:null} # not required. specifies the address the container will be assigned
pool: ${13:null} # not required. Proxmox VE resource pool
password: ${14:null} # not required. the instance root password,required only for C(state=present)
searchdomain: ${15:null} # not required. sets DNS search domain for a container
netif: ${16:null} # not required. specifies network interfaces for the container. As a hash/dictionary defining interfaces.
validate_certs: ${17:false} # not required. enable / disable https certificate verification
hostname: ${18:null} # not required. the instance hostname,required only for C(state=present),must be unique if vmid is not passed
storage: ${19:local} # not required. target storage
state: ${20|present,started,absent,stopped,restarted|} # not required. choices: present;started;absent;stopped;restarted. Indicate desired state of the instance
swap: ${21:0} # not required. swap memory size in MB for instance
timeout: ${22:30} # not required. timeout for operations
memory: ${23:512} # not required. memory size in MB for instance
mounts: ${24:null} # not required. specifies additional mounts (separate disks) for the container. As a hash/dictionary defining mount points
cores: ${25:1} # not required. Specify number of cores per socket.
nameserver: ${26:null} # not required. sets DNS server IP address for a container
pubkey: ${27:null} # not required. Public key to add to /root/.ssh/authorized_keys. This was added on Proxmox 4.2, it is ignored for earlier versions
onboot: ${28:false} # not required. specifies whether a VM will be started during system bootup
"""
'proxmox_kvm':
'prefix': "proxmox_kvm_snippet"
'description': "Management of Qemu(KVM) Virtual Machines in Proxmox VE cluster."
'body': """
proxmox_kvm:
api_host: ${1:undefined} # required. Specify the target host of the Proxmox VE cluster.
api_user: ${2:undefined} # required. Specify the user to authenticate with.
revert: ${3:null} # not required. Revert a pending change.
boot: ${4:cnd} # not required. Specify the boot order -> boot on floppy C(a), hard disk C(c), CD-ROM C(d), or network C(n).,You can combine to set order.
migrate_speed: ${5:null} # not required. Sets maximum speed (in MB/s) for migrations.,A value of 0 is no limit.
vga: ${6|std,cirrus,vmware,qxl,serial0,serial1,serial2,serial3,qxl2,qxl3,qxl4|} # not required. choices: std;cirrus;vmware;qxl;serial0;serial1;serial2;serial3;qxl2;qxl3;qxl4. Select VGA type. If you want to use high resolution modes (>= 1280x1024x16) then you should use option 'std' or 'vmware'.
keyboard: ${7:null} # not required. Sets the keyboard layout for VNC server.
watchdog: ${8:null} # not required. Creates a virtual hardware watchdog device.
sockets: ${9:1} # not required. Sets the number of CPU sockets. (1 - N).
digest: ${10:null} # not required. Specify if to prevent changes if current configuration file has different SHA1 digest.,This can be used to prevent concurrent modifications.
tablet: ${11|yes,no|} # not required. choices: yes;no. Enables/disables the USB tablet device.
bios: ${12|seabios,ovmf|} # not required. choices: seabios;ovmf. Specify the BIOS implementation.
hostpci: ${13:null} # not required. Specify a hash/dictionary of map host pci devices into guest. C(hostpci='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - C(hostpci[n]) where 0 ≤ n ≤ N.,Values allowed are - C(\"host=\"HOSTPCIID[;HOSTPCIID2...]\",pcie=\"1|0\",rombar=\"1|0\",x-vga=\"1|0\"\").,The C(host) parameter is Host PCI device pass through. HOSTPCIID syntax is C(bus:dev.func) (hexadecimal numbers).,C(pcie=boolean) I(default=0) Choose the PCI-express bus (needs the q35 machine model).,C(rombar=boolean) I(default=1) Specify whether or not the device's ROM will be visible in the guest's memory map.,C(x-vga=boolean) I(default=0) Enable vfio-vga device support.,/!\\ This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.
autostart: ${14|yes,no|} # not required. choices: yes;no. Specify, if the VM should be automatically restarted after crash (currently ignored in PVE API).
memory: ${15:512} # not required. Memory size in MB for instance.
migrate_downtime: ${16:null} # not required. Sets maximum tolerated downtime (in seconds) for migrations.
localtime: ${17|yes,no|} # not required. choices: yes;no. Sets the real time clock to local time.,This is enabled by default if ostype indicates a Microsoft OS.
virtio: ${18:null} # not required. A hash/dictionary of volume used as VIRTIO hard disk. C(virtio='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - C(virto[n]) where 0 ≤ n ≤ 15.,Values allowed are - C(\"storage:size,format=value\").,C(storage) is the storage identifier where to create the disk.,C(size) is the size of the disk in GB.,C(format) is the drive's backing file's data format. C(qcow2|raw|subvol).
format: ${19|cloop,cow,qcow,qcow2,qed,raw,vmdk|} # not required. choices: cloop;cow;qcow;qcow2;qed;raw;vmdk. Target drive's backing file's data format.,Used only with clone
snapname: ${20:null} # not required. The name of the snapshot. Used only with clone.
hotplug: ${21:null} # not required. Selectively enable hotplug features.,This is a comma separated list of hotplug features C('network', 'disk', 'cpu', 'memory' and 'usb').,Value 0 disables hotplug completely and value 1 is an alias for the default C('network,disk,usb').
name: ${22:null} # not required. Specifies the VM name. Only used on the configuration web interface.,Required only for C(state=present).
target: ${23:null} # not required. Target node. Only allowed if the original VM is on shared storage.,Used only with clone
vmid: ${24:null} # not required. Specifies the VM ID. Instead use I(name) parameter.,If vmid is not set, the next available VM ID will be fetched from ProxmoxAPI.
bootdisk: ${25:null} # not required. Enable booting from specified disk. C((ide|sata|scsi|virtio)\\d+)
vcpus: ${26:null} # not required. Sets number of hotplugged vcpus.
newid: ${27:null} # not required. VMID for the clone. Used only with clone.,If newid is not set, the next available VM ID will be fetched from ProxmoxAPI.
timeout: ${28:30} # not required. Timeout for operations.
skiplock: ${29:null} # not required. Ignore locks,Only root is allowed to use this option.
validate_certs: ${30|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
onboot: ${31|yes,no|} # not required. choices: yes;no. Specifies whether a VM will be started during system bootup.
delete: ${32:null} # not required. Specify a list of settings you want to delete.
force: ${33|yes,no|} # not required. choices: yes;no. Allow to force stop VM.,Can be used only with states C(stopped), C(restarted).
lock: ${34|migrate,backup,snapshot,rollback|} # not required. choices: migrate;backup;snapshot;rollback. Lock/unlock the VM.
startup: ${35:null} # not required. Startup and shutdown behavior. C([[order=]\\d+] [,up=\\d+] [,down=\\d+]).,Order is a non-negative number defining the general startup order.,Shutdown in done with reverse ordering.
agent: ${36|yes,no|} # not required. choices: yes;no. Specify if the QEMU GuestAgent should be enabled/disabled.
freeze: ${37|yes,no|} # not required. choices: yes;no. Specify if PVE should freeze CPU at startup (use 'c' monitor command to start execution).
serial: ${38:null} # not required. A hash/dictionary of serial device to create inside the VM. C('{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - serial[n](str; required) where 0 ≤ n ≤ 3.,Values allowed are - C((/dev/.+|socket)).,/!\\ If you pass through a host serial device, it is no longer possible to migrate such machines - use with special care.
startdate: ${39:null} # not required. Sets the initial date of the real time clock.,Valid format for date are C('now') or C('2016-09-25T16:01:21') or C('2016-09-25').
balloon: ${40:0} # not required. Specify the amount of RAM for the VM in MB.,Using zero disables the balloon driver.
cpuunits: ${41:1000} # not required. Specify CPU weight for a VM.,You can disable fair-scheduler configuration by setting this to 0
storage: ${42:null} # not required. Target storage for full clone.
reboot: ${43|yes,no|} # not required. choices: yes;no. Allow reboot. If set to yes, the VM exit on reboot.
shares: ${44:null} # not required. Rets amount of memory shares for auto-ballooning. (0 - 50000).,The larger the number is, the more memory this VM gets.,The number is relative to weights of all other running VMs.,Using 0 disables auto-ballooning, this means no limit.
machine: ${45:null} # not required. Specifies the Qemu machine type.,type => C((pc|pc(-i440fx)?-\\d+\\.\\d+(\\.pxe)?|q35|pc-q35-\\d+\\.\\d+(\\.pxe)?))
sata: ${46:null} # not required. A hash/dictionary of volume used as sata hard disk or CD-ROM. C(sata='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - C(sata[n]) where 0 ≤ n ≤ 5.,Values allowed are - C(\"storage:size,format=value\").,C(storage) is the storage identifier where to create the disk.,C(size) is the size of the disk in GB.,C(format) is the drive's backing file's data format. C(qcow2|raw|subvol).
state: ${47|present,started,absent,stopped,restarted,current|} # not required. choices: present;started;absent;stopped;restarted;current. Indicates desired state of the instance.,If C(current), the current state of the VM will be fecthed. You can access it with C(results.status)
template: ${48|yes,no|} # not required. choices: yes;no. Enables/disables the template.
net: ${49:null} # not required. A hash/dictionary of network interfaces for the VM. C(net='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - C(net[n]) where 0 ≤ n ≤ N.,Values allowed are - C(\"model=\"XX:XX:XX:XX:XX:XX\",brigde=\"value\",rate=\"value\",tag=\"value\",firewall=\"1|0\",trunks=\"vlanid\"\").,Model is one of C(e1000 e1000-82540em e1000-82544gc e1000-82545em i82551 i82557b i82559er ne2k_isa ne2k_pci pcnet rtl8139 virtio vmxnet3).,C(XX:XX:XX:XX:XX:XX) should be an unique MAC address. This is automatically generated if not specified.,The C(bridge) parameter can be used to automatically add the interface to a bridge device. The Proxmox VE standard bridge is called 'vmbr0'.,Option C(rate) is used to limit traffic bandwidth from and to this interface. It is specified as floating point number, unit is 'Megabytes per second'.,If you specify no bridge, we create a kvm 'user' (NATed) network device, which provides DHCP and DNS services.
acpi: ${50|yes,no|} # not required. choices: yes;no. Specify if ACPI should be enables/disabled.
node: ${51:null} # not required. Proxmox VE node, where the new VM will be created.,Only required for C(state=present).,For other states, it will be autodiscovered.
full: ${52|yes,no|} # not required. choices: yes;no. Create a full copy of all disk. This is always done when you clone a normal VM.,For VM templates, we try to create a linked clone by default.,Used only with clone
description: ${53:null} # not required. Specify the description for the VM. Only used on the configuration web interface.,This is saved as comment inside the configuration file.
scsihw: ${54|lsi,lsi53c810,virtio-scsi-pci,virtio-scsi-single,megasas,pvscsi|} # not required. choices: lsi;lsi53c810;virtio-scsi-pci;virtio-scsi-single;megasas;pvscsi. Specifies the SCSI controller model.
clone: ${55:null} # not required. Name of VM to be cloned. If C(vmid) is setted, C(clone) can take arbitrary value but required for intiating the clone.
args: ${56:-serial unix:/var/run/qemu-server/VMID.serial,server,nowait} # not required. Pass arbitrary arguments to kvm.,This option is for experts only!
api_password: ${57:null} # not required. Specify the password to authenticate with.,You can use C(PROXMOX_PASSWORD) environment variable.
tdf: ${58|yes,no|} # not required. choices: yes;no. Enables/disables time drift fix.
update: ${59|yes,no|} # not required. choices: yes;no. If C(yes), the VM will be update with new value.,Cause of the operations of the API and security reasons, I have disabled the update of the following parameters,C(net, virtio, ide, sata, scsi). Per example updating C(net) update the MAC address and C(virtio) create always new disk...
kvm: ${60|yes,no|} # not required. choices: yes;no. Enable/disable KVM hardware virtualization.
ostype: ${61|other,wxp,w2k,w2k3,w2k8,wvista,win7,win8,l24,l26,solaris|} # not required. choices: other;wxp;w2k;w2k3;w2k8;wvista;win7;win8;l24;l26;solaris. Specifies guest operating system. This is used to enable special optimization/features for specific operating systems.,The l26 is Linux 2.6/3.X Kernel.
protection: ${62|yes,no|} # not required. choices: yes;no. Enable/disable the protection flag of the VM. This will enable/disable the remove VM and remove disk operations.
numa: ${63:null} # not required. A hash/dictionaries of NUMA topology. C(numa='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - C(numa[n]) where 0 ≤ n ≤ N.,Values allowed are - C(\"cpu=\"<id[-id];...>\",hostnodes=\"<id[-id];...>\",memory=\"number\",policy=\"(bind|interleave|preferred)\"\").,C(cpus) CPUs accessing this NUMA node.,C(hostnodes) Host NUMA nodes to use.,C(memory) Amount of memory this NUMA node provides.,C(policy) NUMA allocation policy.
parallel: ${64:null} # not required. A hash/dictionary of map host parallel devices. C(parallel='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - (parallel[n]) where 0 ≤ n ≤ 2.,Values allowed are - C(\"/dev/parport\\d+|/dev/usb/lp\\d+\").
pool: ${65:null} # not required. Add the new VM to the specified pool.
cpulimit: ${66:null} # not required. Specify if CPU usage will be limited. Value 0 indicates no CPU limit.,If the computer has 2 CPUs, it has total of '2' CPU time
hugepages: ${67|any,2,1024|} # not required. choices: any;2;1024. Enable/disable hugepages memory.
smbios: ${68:null} # not required. Specifies SMBIOS type 1 fields.
cores: ${69:1} # not required. Specify number of cores per socket.
scsi: ${70:null} # not required. A hash/dictionary of volume used as SCSI hard disk or CD-ROM. C(scsi='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - C(sata[n]) where 0 ≤ n ≤ 13.,Values allowed are - C(\"storage:size,format=value\").,C(storage) is the storage identifier where to create the disk.,C(size) is the size of the disk in GB.,C(format) is the drive's backing file's data format. C(qcow2|raw|subvol).
ide: ${71:null} # not required. A hash/dictionary of volume used as IDE hard disk or CD-ROM. C(ide='{\"key\":\"value\", \"key\":\"value\"}').,Keys allowed are - C(ide[n]) where 0 ≤ n ≤ 3.,Values allowed are - C(\"storage:size,format=value\").,C(storage) is the storage identifier where to create the disk.,C(size) is the size of the disk in GB.,C(format) is the drive's backing file's data format. C(qcow2|raw|subvol).
cpu: ${72:kvm64} # not required. Specify emulated CPU type.
"""
'proxmox_template':
'prefix': "proxmox_template_snippet"
'description': "management of OS templates in Proxmox VE cluster"
'body': """
proxmox_template:
node: ${1:null} # required. Proxmox VE node, when you will operate with template
api_host: ${2:undefined} # required. the host of the Proxmox VE cluster
api_user: ${3:undefined} # required. the user to authenticate with
src: ${4:null} # not required. path to uploaded file,required only for C(state=present)
force: ${5:false} # not required. can be used only with C(state=present), exists template will be overwritten
api_password: ${6:null} # not required. the password to authenticate with,you can use PROXMOX_PASSWORD environment variable
storage: ${7:local} # not required. target storage
state: ${8|present,absent|} # not required. choices: present;absent. Indicate desired state of the template
content_type: ${9|vztmpl,iso|} # not required. choices: vztmpl;iso. content type,required only for C(state=present)
timeout: ${10:30} # not required. timeout for operations
validate_certs: ${11:false} # not required. enable / disable https certificate verification
template: ${12:null} # not required. the template name,required only for states C(absent), C(info)
"""
'proxysql_backend_servers':
'prefix': "proxysql_backend_servers_snippet"
'description': "Adds or removes mysql hosts from proxysql admin interface."
'body': """
proxysql_backend_servers:
hostname: ${1:undefined} # required. The ip address at which the mysqld instance can be contacted.
status: ${2|ONLINE,OFFLINE_SOFT,OFFLINE_HARD|} # not required. choices: ONLINE;OFFLINE_SOFT;OFFLINE_HARD. ONLINE - Backend server is fully operational. OFFLINE_SOFT - When a server is put into C(OFFLINE_SOFT) mode, connections are kept in use until the current transaction is completed. This allows to gracefully detach a backend. OFFLINE_HARD - When a server is put into C(OFFLINE_HARD) mode, the existing connections are dropped, while new incoming connections aren't accepted either.\nIf omitted the proxysql database default for I(status) is C(ONLINE).
comment: ${3:} # not required. Text field that can be used for any purposed defined by the user. Could be a description of what the host stores, a reminder of when the host was added or disabled, or a JSON processed by some checker script.
login_password: ${4:None} # not required. The password used to authenticate to ProxySQL admin interface.
config_file: ${5:} # not required. Specify a config file from which I(login_user) and I(login_password) are to be read.
compression: ${6:undefined} # not required. If the value of I(compression) is greater than 0, new connections to that server will use compression. If omitted the proxysql database default for I(compression) is 0.
weight: ${7:undefined} # not required. The bigger the weight of a server relative to other weights, the higher the probability of the server being chosen from the hostgroup. If omitted the proxysql database default for I(weight) is 1.
login_port: ${8:6032} # not required. The port used to connect to ProxySQL admin interface.
login_user: ${9:None} # not required. The username used to authenticate to ProxySQL admin interface.
login_host: ${10:127.0.0.1} # not required. The host used to connect to ProxySQL admin interface.
hostgroup_id: ${11:0} # not required. The hostgroup in which this mysqld instance is included. An instance can be part of one or more hostgroups.
state: ${12|present,absent|} # not required. choices: present;absent. When C(present) - adds the host, when C(absent) - removes the host.
load_to_runtime: ${13:true} # not required. Dynamically load config to runtime memory.
save_to_disk: ${14:true} # not required. Save config to sqlite db on disk to persist the configuration.
use_ssl: ${15:undefined} # not required. If I(use_ssl) is set to C(True), connections to this server will be made using SSL connections. If omitted the proxysql database default for I(use_ssl) is C(False).
max_connections: ${16:undefined} # not required. The maximum number of connections ProxySQL will open to this backend server. If omitted the proxysql database default for I(max_connections) is 1000.
port: ${17:3306} # not required. The port at which the mysqld instance can be contacted.
max_latency_ms: ${18:undefined} # not required. Ping time is monitored regularly. If a host has a ping time greater than I(max_latency_ms) it is excluded from the connection pool (although the server stays ONLINE). If omitted the proxysql database default for I(max_latency_ms) is 0.
max_replication_lag: ${19:undefined} # not required. If greater than 0, ProxySQL will reguarly monitor replication lag. If replication lag goes above I(max_replication_lag), proxysql will temporarily shun the server until replication catches up. If omitted the proxysql database default for I(max_replication_lag) is 0.
"""
'proxysql_global_variables':
'prefix': "proxysql_global_variables_snippet"
'description': "Gets or sets the proxysql global variables."
'body': """
proxysql_global_variables:
variable: ${1:undefined} # required. Defines which variable should be returned, or if I(value) is specified which variable should be updated.
login_port: ${2:6032} # not required. The port used to connect to ProxySQL admin interface.
config_file: ${3:} # not required. Specify a config file from which I(login_user) and I(login_password) are to be read.
login_user: ${4:None} # not required. The username used to authenticate to ProxySQL admin interface.
login_host: ${5:127.0.0.1} # not required. The host used to connect to ProxySQL admin interface.
login_password: ${6:None} # not required. The password used to authenticate to ProxySQL admin interface.
value: ${7:undefined} # not required. Defines a value the variable specified using I(variable) should be set to.
load_to_runtime: ${8:true} # not required. Dynamically load config to runtime memory.
save_to_disk: ${9:true} # not required. Save config to sqlite db on disk to persist the configuration.
"""
'proxysql_manage_config':
'prefix': "proxysql_manage_config_snippet"
'description': "Writes the proxysql configuration settings between layers."
'body': """
proxysql_manage_config:
direction: ${1|FROM,TO|} # required. choices: FROM;TO. FROM - denotes we're reading values FROM the supplied I(config_layer) and writing to the next layer. TO - denotes we're reading from the previous layer and writing TO the supplied I(config_layer).\"
config_settings: ${2|MYSQL USERS,MYSQL SERVERS,MYSQL QUERY RULES,MYSQL VARIABLES,ADMIN VARIABLES,SCHEDULER|} # required. choices: MYSQL USERS;MYSQL SERVERS;MYSQL QUERY RULES;MYSQL VARIABLES;ADMIN VARIABLES;SCHEDULER. The I(config_settings) specifies which configuration we're writing.
config_layer: ${3|MEMORY,DISK,RUNTIME,CONFIG|} # required. choices: MEMORY;DISK;RUNTIME;CONFIG. RUNTIME - represents the in-memory data structures of ProxySQL used by the threads that are handling the requests. MEMORY - (sometimes also referred as main) represents the in-memory SQLite3 database. DISK - represents the on-disk SQLite3 database. CONFIG - is the classical config file. You can only LOAD FROM the config file.
action: ${4|LOAD,SAVE|} # required. choices: LOAD;SAVE. The supplied I(action) combines with the supplied I(direction) to provide the semantics of how we want to move the I(config_settings) between the I(config_layers).
login_port: ${5:6032} # not required. The port used to connect to ProxySQL admin interface.
config_file: ${6:} # not required. Specify a config file from which I(login_user) and I(login_password) are to be read.
login_user: ${7:None} # not required. The username used to authenticate to ProxySQL admin interface.
login_host: ${8:127.0.0.1} # not required. The host used to connect to ProxySQL admin interface.
login_password: ${9:None} # not required. The password used to authenticate to ProxySQL admin interface.
"""
'proxysql_mysql_users':
'prefix': "proxysql_mysql_users_snippet"
'description': "Adds or removes mysql users from proxysql admin interface."
'body': """
proxysql_mysql_users:
username: ${1:undefined} # required. Name of the user connecting to the mysqld or ProxySQL instance.
default_hostgroup: ${2:undefined} # not required. If there is no matching rule for the queries sent by this user, the traffic it generates is sent to the specified hostgroup. If omitted the proxysql database default for I(use_ssl) is 0.
frontend: ${3:true} # not required. If I(frontend) is set to C(True), this (username, password) pair is used for authenticating to the mysqld servers against any hostgroup.
default_schema: ${4:undefined} # not required. The schema to which the connection should change to by default.
transaction_persistent: ${5:undefined} # not required. If this is set for the user with which the MySQL client is connecting to ProxySQL (thus a \"frontend\" user), transactions started within a hostgroup will remain within that hostgroup regardless of any other rules. If omitted the proxysql database default for I(transaction_persistent) is C(False).
login_port: ${6:6032} # not required. The port used to connect to ProxySQL admin interface.
login_user: ${7:None} # not required. The username used to authenticate to ProxySQL admin interface.
login_host: ${8:127.0.0.1} # not required. The host used to connect to ProxySQL admin interface.
login_password: ${9:None} # not required. The password used to authenticate to ProxySQL admin interface.
config_file: ${10:} # not required. Specify a config file from which I(login_user) and I(login_password) are to be read.
backend: ${11:true} # not required. If I(backend) is set to C(True), this (username, password) pair is used for authenticating to the ProxySQL instance.
state: ${12|present,absent|} # not required. choices: present;absent. When C(present) - adds the user, when C(absent) - removes the user.
fast_forward: ${13:undefined} # not required. If I(fast_forward) is set to C(True), I(fast_forward) will bypass the query processing layer (rewriting, caching) and pass through the query directly as is to the backend server. If omitted the proxysql database default for I(fast_forward) is C(False).
load_to_runtime: ${14:true} # not required. Dynamically load config to runtime memory.
save_to_disk: ${15:true} # not required. Save config to sqlite db on disk to persist the configuration.
active: ${16:undefined} # not required. A user with I(active) set to C(False) will be tracked in the database, but will be never loaded in the in-memory data structures. If omitted the proxysql database default for I(active) is C(True).
use_ssl: ${17:undefined} # not required. If I(use_ssl) is set to C(True), connections by this user will be made using SSL connections. If omitted the proxysql database default for I(use_ssl) is C(False).
password: ${18:undefined} # not required. Password of the user connecting to the mysqld or ProxySQL instance.
max_connections: ${19:undefined} # not required. The maximum number of connections ProxySQL will open to the backend for this user. If omitted the proxysql database default for I(max_connections) is 10000.
"""
'proxysql_query_rules':
'prefix': "proxysql_query_rules_snippet"
'description': "Modifies query rules using the proxysql admin interface."
'body': """
proxysql_query_rules:
comment: ${1:undefined} # not required. Free form text field, usable for a descriptive comment of the query rule.
username: ${2:undefined} # not required. Filtering criteria matching username. If I(username) is non-NULL, a query will match only if the connection is made with the correct username.
config_file: ${3:} # not required. Specify a config file from which I(login_user) and I(login_password) are to be read.
flagOUT: ${4:undefined} # not required. Used in combination with I(flagIN) and apply to create chains of rules. When set, I(flagOUT) signifies the I(flagIN) to be used in the next chain of rules.
login_port: ${5:6032} # not required. The port used to connect to ProxySQL admin interface.
login_user: ${6:None} # not required. The username used to authenticate to ProxySQL admin interface.
login_host: ${7:127.0.0.1} # not required. The host used to connect to ProxySQL admin interface.
login_password: ${8:None} # not required. The password used to authenticate to ProxySQL admin interface.
match_pattern: ${9:undefined} # not required. Regular expression that matches the query text. The dialect of regular expressions used is that of re2 - https://github.com/google/re2
destination_hostgroup: ${10:undefined} # not required. Route matched queries to this hostgroup. This happens unless there is a started transaction and the logged in user has I(transaction_persistent) set to C(True) (see M(proxysql_mysql_users)).
proxy_port: ${11:undefined} # not required. Match incoming traffic on a specific local port.
active: ${12:undefined} # not required. A rule with I(active) set to C(False) will be tracked in the database, but will be never loaded in the in-memory data structures.
load_to_runtime: ${13:true} # not required. Dynamically load config to runtime memory.
save_to_disk: ${14:true} # not required. Save config to sqlite db on disk to persist the configuration.
mirror_flagOUT: ${15:undefined} # not required. Enables query mirroring. If set I(mirror_flagOUT) can be used to evaluates the mirrored query against the specified chain of rules.
apply: ${16:undefined} # not required. Used in combination with I(flagIN) and I(flagOUT) to create chains of rules. Setting apply to True signifies the last rule to be applied.
schemaname: ${17:undefined} # not required. Filtering criteria matching schemaname. If I(schemaname) is non-NULL, a query will match only if the connection uses schemaname as its default schema.
replace_pattern: ${18:undefined} # not required. This is the pattern with which to replace the matched pattern. Note that this is optional, and when omitted, the query processor will only cache, route, or set other parameters without rewriting.
cache_ttl: ${19:undefined} # not required. The number of milliseconds for which to cache the result of the query. Note in ProxySQL 1.1 I(cache_ttl) was in seconds.
digest: ${20:undefined} # not required. Match queries with a specific digest, as returned by stats_mysql_query_digest.digest.
retries: ${21:undefined} # not required. The maximum number of times a query needs to be re-executed in case of detected failure during the execution of the query. If retries is not specified, the global variable mysql-query_retries_on_failure applies.
match_digest: ${22:undefined} # not required. Regular expression that matches the query digest. The dialect of regular expressions used is that of re2 - https://github.com/google/re2
mirror_hostgroup: ${23:undefined} # not required. Enables query mirroring. If set I(mirror_hostgroup) can be used to mirror queries to the same or different hostgroup.
log: ${24:undefined} # not required. Query will be logged.
negate_match_pattern: ${25:undefined} # not required. If I(negate_match_pattern) is set to C(True), only queries not matching the query text will be considered as a match. This acts as a NOT operator in front of the regular expression matching against match_pattern.
flagIN: ${26:undefined} # not required. Used in combination with I(flagOUT) and I(apply) to create chains of rules.
client_addr: ${27:undefined} # not required. Match traffic from a specific source.
error_msg: ${28:undefined} # not required. Query will be blocked, and the specified error_msg will be returned to the client.
delay: ${29:undefined} # not required. Number of milliseconds to delay the execution of the query. This is essentially a throttling mechanism and QoS, and allows a way to give priority to queries over others. This value is added to the mysql-default_query_delay global variable that applies to all queries.
state: ${30|present,absent|} # not required. choices: present;absent. When C(present) - adds the rule, when C(absent) - removes the rule.
proxy_addr: ${31:undefined} # not required. Match incoming traffic on a specific local IP.
timeout: ${32:undefined} # not required. The maximum timeout in milliseconds with which the matched or rewritten query should be executed. If a query run for longer than the specific threshold, the query is automatically killed. If timeout is not specified, the global variable mysql-default_query_timeout applies.
force_delete: ${33:false} # not required. By default we avoid deleting more than one schedule in a single batch, however if you need this behaviour and you're not concerned about the schedules deleted, you can set I(force_delete) to C(True).
rule_id: ${34:undefined} # not required. The unique id of the rule. Rules are processed in rule_id order.
"""
'proxysql_replication_hostgroups':
'prefix': "proxysql_replication_hostgroups_snippet"
'description': "Manages replication hostgroups using the proxysql admin interface."
'body': """
proxysql_replication_hostgroups:
reader_hostgroup: ${1:undefined} # required. Id of the reader hostgroup.
writer_hostgroup: ${2:undefined} # required. Id of the writer hostgroup.
comment: ${3:undefined} # not required. Text field that can be used for any purposed defined by the user.
login_port: ${4:6032} # not required. The port used to connect to ProxySQL admin interface.
config_file: ${5:} # not required. Specify a config file from which I(login_user) and I(login_password) are to be read.
login_user: ${6:None} # not required. The username used to authenticate to ProxySQL admin interface.
login_host: ${7:127.0.0.1} # not required. The host used to connect to ProxySQL admin interface.
login_password: ${8:None} # not required. The password used to authenticate to ProxySQL admin interface.
state: ${9|present,absent|} # not required. choices: present;absent. When C(present) - adds the replication hostgroup, when C(absent) - removes the replication hostgroup.
load_to_runtime: ${10:true} # not required. Dynamically load config to runtime memory.
save_to_disk: ${11:true} # not required. Save config to sqlite db on disk to persist the configuration.
"""
'proxysql_scheduler':
'prefix': "proxysql_scheduler_snippet"
'description': "Adds or removes schedules from proxysql admin interface."
'body': """
proxysql_scheduler:
filename: ${1:undefined} # required. Full path of the executable to be executed.
comment: ${2:undefined} # not required. Text field that can be used for any purposed defined by the user.
login_port: ${3:6032} # not required. The port used to connect to ProxySQL admin interface.
login_password: ${4:None} # not required. The password used to authenticate to ProxySQL admin interface.
config_file: ${5:} # not required. Specify a config file from which I(login_user) and I(login_password) are to be read.
login_user: ${6:None} # not required. The username used to authenticate to ProxySQL admin interface.
arg1: ${7:undefined} # not required. Argument that can be passed to the job.
arg2: ${8:undefined} # not required. Argument that can be passed to the job.
arg3: ${9:undefined} # not required. Argument that can be passed to the job.
arg4: ${10:undefined} # not required. Argument that can be passed to the job.
arg5: ${11:undefined} # not required. Argument that can be passed to the job.
state: ${12|present,absent|} # not required. choices: present;absent. When C(present) - adds the schedule, when C(absent) - removes the schedule.
interval_ms: ${13:10000} # not required. How often (in millisecond) the job will be started. The minimum value for I(interval_ms) is 100 milliseconds.
load_to_runtime: ${14:true} # not required. Dynamically load config to runtime memory.
force_delete: ${15:false} # not required. By default we avoid deleting more than one schedule in a single batch, however if you need this behaviour and you're not concerned about the schedules deleted, you can set I(force_delete) to C(True).
active: ${16:true} # not required. A schedule with I(active) set to C(False) will be tracked in the database, but will be never loaded in the in-memory data structures.
save_to_disk: ${17:true} # not required. Save config to sqlite db on disk to persist the configuration.
login_host: ${18:127.0.0.1} # not required. The host used to connect to ProxySQL admin interface.
"""
'pubnub_blocks':
'prefix': "pubnub_blocks_snippet"
'description': "PubNub blocks management module."
'body': """
pubnub_blocks:
name: ${1:undefined} # required. Name of managed block which will be later visible on admin.pubnub.com.
keyset: ${2:undefined} # required. Name of application's keys set which is bound to managed blocks.
application: ${3:undefined} # required. Name of target PubNub application for which blocks configuration on specific C(keyset) will be done.
account: ${4:undefined} # not required. Name of PubNub account for from which C(application) will be used to manage blocks.,User's account will be used if value not set or empty.
changes: ${5:[object Object]} # not required. List of fields which should be changed by block itself (doesn't affect any event handlers).,Possible options for change is: C(name).
cache: ${6:[object Object]} # not required. In case if single play use blocks management module few times it is preferred to enabled 'caching' by making previous module to share gathered artifacts and pass them to this parameter.\n
state: ${7|started,stopped,present,absent|} # not required. choices: started;stopped;present;absent. Intended block state after event handlers creation / update process will be completed.
password: ${8:undefined} # not required. Password which match to account to which specified C(email) belong.,Not required if C(cache) contains result of previous module call (in same play).
validate_certs: ${9:true} # not required. This key allow to try skip certificates check when performing REST API calls. Sometimes host may have issues with certificates on it and this will cause problems to call PubNub REST API.,If check should be ignored C(False) should be passed to this parameter.
email: ${10:undefined} # not required. Email from account for which new session should be started.,Not required if C(cache) contains result of previous module call (in same play).
event_handlers: ${11:} # not required. List of event handlers which should be updated for specified block C(name).,Each entry for new event handler should contain: C(name), C(src), C(channels), C(event). C(name) used as event handler name which can be used later to make changes to it.,C(src) is full path to file with event handler code.,C(channels) is name of channel from which event handler is waiting for events.,C(event) is type of event which is able to trigger event handler: I(js-before-publish), I(js-after-publish), I(js-after-presence).,Each entry for existing handlers should contain C(name) (so target handler can be identified). Rest parameters (C(src), C(channels) and C(event)) can be added if changes required for them.,It is possible to rename event handler by adding C(changes) key to event handler payload and pass dictionary, which will contain single key C(name), where new name should be passed.,To remove particular event handler it is possible to set C(state) for it to C(absent) and it will be removed.
description: ${12:New block} # not required. Short block description which will be later visible on admin.pubnub.com. Used only if block doesn't exists and won't change description for existing block.
"""
'pulp_repo':
'prefix': "pulp_repo_snippet"
'description': "Add or remove Pulp repos from a remote host."
'body': """
pulp_repo:
relative_url: ${1:null} # required. Relative URL for the local repository.
name: ${2:undefined} # required. Name of the repo to add or remove. This correlates to repo-id in Pulp.
feed: ${3:null} # not required. Upstream feed URL to receive updates from.
repo_type: ${4:rpm} # not required. Repo plugin type to use (i.e. C(rpm), C(docker)).
pulp_host: ${5:http://127.0.0.1} # not required. URL of the pulp server to connect to.
force: ${6:false} # not required. If C(yes) do not get a cached copy.
force_basic_auth: ${7|yes,no|} # not required. choices: yes;no. httplib2, the library used by the M(uri) module only sends authentication information when a webservice responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail. This option forces the sending of the Basic authentication header upon initial request.
importer_ssl_client_cert: ${8:null} # not required. Certificate used as the client certificate when synchronizing the repository. This is used to communicate authentication information to the feed source. The value to this option must be the full path to the certificate. The specified file may be the certificate itself or a single file containing both the certificate and private key. This can be the file content or the path to the file.
proxy_port: ${9:null} # not required. Proxy port setting for the pulp repository importer.
serve_http: ${10:false} # not required. Make the repo available over HTTP.
http_agent: ${11:ansible-httpget} # not required. Header to identify as, generally appears in web server logs.
wait_for_completion: ${12|yes,no|} # not required. choices: yes;no. Wait for asynchronous tasks to complete before returning.
add_export_distributor: ${13:false} # not required. Whether or not to add the export distributor to new C(rpm) repositories.
use_proxy: ${14:true} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
url_password: ${15:undefined} # not required. The password for use in HTTP basic authentication to the pulp API. If the I(url_username) parameter is not specified, the I(url_password) parameter will not be used.
importer_ssl_client_key: ${16:null} # not required. Private key to the certificate specified in I(importer_ssl_client_cert), assuming it is not included in the certificate file itself. This can be the file content or the path to the file.
publish_distributor: ${17:undefined} # not required. Distributor to use when state is C(publish). The default is to publish all distributors.
proxy_host: ${18:null} # not required. Proxy url setting for the pulp repository importer. This is in the format scheme://host.
url: ${19:undefined} # not required. HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
state: ${20|present,absent,sync,publish|} # not required. choices: present;absent;sync;publish. The repo state. A state of C(sync) will queue a sync of the repo. This is asynchronous but not delayed like a scheduled sync. A state of C(publish) will use the repository's distributor to publish the content.
serve_https: ${21:true} # not required. Make the repo available over HTTPS.
importer_ssl_ca_cert: ${22:null} # not required. CA certificate string used to validate the feed source SSL certificate. This can be the file content or the path to the file.
url_username: ${23:undefined} # not required. The username for use in HTTP basic authentication to the pulp API.
client_key: ${24:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If C(client_cert) contains both the certificate and key, this option is not required.
validate_certs: ${25|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
client_cert: ${26:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, C(client_key) is not required.
"""
'puppet':
'prefix': "puppet_snippet"
'description': "Runs puppet"
'body': """
puppet:
logdest: ${1|stdout,syslog|} # not required. choices: stdout;syslog. Where the puppet logs should go, if puppet apply is being used.
execute: ${2:undefined} # not required. Execute a specific piece of Puppet code.,It has no effect with a puppetmaster.
facter_basename: ${3:ansible} # not required. Basename of the facter output file.
tags: ${4:undefined} # not required. A comma-separated list of puppet tags to be used.
puppetmaster: ${5:None} # not required. The hostname of the puppetmaster to contact.
certname: ${6:undefined} # not required. The name to use when handling certificates.
manifest: ${7:undefined} # not required. Path to the manifest file to run puppet apply on.
environment: ${8:undefined} # not required. Puppet environment to be used.
timeout: ${9:30m} # not required. How long to wait for I(puppet) to finish.
facts: ${10:undefined} # not required. A dict of values to pass in as persistent external facter facts.
modulepath: ${11:undefined} # not required. Path to an alternate location for puppet modules.
"""
'purefa_hg':
'prefix': "purefa_hg_snippet"
'description': "Manage hostgroups on Pure Storage FlashArrays"
'body': """
purefa_hg:
hostgroup: ${1:undefined} # required. The name of the hostgroup.
api_token: ${2:undefined} # required. FlashArray API token for admin privilaged user.
fa_url: ${3:undefined} # required. FlashArray management IPv4 address or Hostname.
host: ${4:undefined} # not required. List of existing hosts to add to hostgroup.
volume: ${5:undefined} # not required. List of existing volumes to add to hostgroup.
state: ${6|absent,present|} # not required. choices: absent;present. Define whether the hostgroup should exist or not.
"""
'purefa_host':
'prefix': "purefa_host_snippet"
'description': "Manage hosts on Pure Storage FlashArrays"
'body': """
purefa_host:
api_token: ${1:undefined} # required. FlashArray API token for admin privilaged user.
fa_url: ${2:undefined} # required. FlashArray management IPv4 address or Hostname.
host: ${3:undefined} # required. The name of the host.
volume: ${4:undefined} # not required. Volume name to map to the host.
state: ${5|absent,present|} # not required. choices: absent;present. Define whether the host should exist or not.,When removing host all connected volumes will be disconnected.
iqn: ${6:undefined} # not required. List of IQNs of the host if protocol is iscsi.
protocol: ${7|fc,iscsi|} # not required. choices: fc;iscsi. Defines the host connection protocol for volumes.
wwns: ${8:undefined} # not required. List of wwns of the host if protocol is fc.
"""
'purefa_pg':
'prefix': "purefa_pg_snippet"
'description': "Manage protection groups on Pure Storage FlashArrays"
'body': """
purefa_pg:
api_token: ${1:undefined} # required. FlashArray API token for admin privilaged user.
pgroup: ${2:undefined} # required. The name of the protection group.
fa_url: ${3:undefined} # required. FlashArray management IPv4 address or Hostname.
volume: ${4:undefined} # not required. List of existing volumes to add to protection group.
host: ${5:undefined} # not required. List of existing hosts to add to protection group.
enabled: ${6:yes} # not required. Define whether to enabled snapshots for the protection group.
state: ${7|absent,present|} # not required. choices: absent;present. Define whether the protection group should exist or not.
hostgroup: ${8:undefined} # not required. List of existing hostgroups to add to protection group.
eradicate: ${9:no} # not required. Define whether to eradicate the protection group on delete and leave in trash.
"""
'purefa_snap':
'prefix': "purefa_snap_snippet"
'description': "Manage volume snapshots on Pure Storage FlashArrays"
'body': """
purefa_snap:
api_token: ${1:undefined} # required. FlashArray API token for admin privilaged user.
fa_url: ${2:undefined} # required. FlashArray management IPv4 address or Hostname.
name: ${3:undefined} # required. The name of the source volume.
state: ${4|absent,copy,present|} # not required. choices: absent;copy;present. Define whether the volume snapshot should exist or not.
suffix: ${5:undefined} # not required. Suffix of snapshot name.
target: ${6:undefined} # not required. Name of target volume if creating from snapshot.
eradicate: ${7:no} # not required. Define whether to eradicate the snapshot on delete or leave in trash.
overwrite: ${8:no} # not required. Define whether to overwrite existing volume when creating from snapshot.
"""
'purefa_volume':
'prefix': "purefa_volume_snippet"
'description': "Manage volumes on Pure Storage FlashArrays"
'body': """
purefa_volume:
name: ${1:undefined} # required. The name of the volume.
api_token: ${2:undefined} # required. FlashArray API token for admin privilaged user.
fa_url: ${3:undefined} # required. FlashArray management IPv4 address or Hostname.
size: ${4:undefined} # not required. Volume size in M, G, T or P units.
state: ${5|absent,present|} # not required. choices: absent;present. Define whether the volume should exist or not.
eradicate: ${6:no} # not required. Define whether to eradicate the volume on delete or leave in trash.
overwrite: ${7:no} # not required. Define whether to overwrite a target volume if it already exisits.
target: ${8:undefined} # not required. The name of the target volume, if copying.
"""
'pushbullet':
'prefix': "pushbullet_snippet"
'description': "Sends notifications to Pushbullet"
'body': """
pushbullet:
title: ${1:undefined} # required. Title of the notification.
api_key: ${2:undefined} # required. Push bullet API token
body: ${3:undefined} # not required. Body of the notification, e.g. Details of the fault you're alerting.
device: ${4:null} # not required. The device NAME you wish to send a push notification, as seen on the Pushbullet main page.
push_type: ${5|note,link|} # not required. choices: note;link. Thing you wish to push.
channel: ${6:null} # not required. The channel TAG you wish to broadcast a push notification, as seen on the \"My Channels\" > \"Edit your channel\" at Pushbullet page.
"""
'pushover':
'prefix': "pushover_snippet"
'description': "Send notifications via U(https://pushover.net)"
'body': """
pushover:
msg: ${1:undefined} # required. What message you wish to send.
user_key: ${2:undefined} # required. Pushover issued authentication key for your user.
app_token: ${3:undefined} # required. Pushover issued token identifying your pushover app.
pri: ${4:undefined} # not required. Message priority (see U(https://pushover.net) for details.)
"""
'rabbitmq_binding':
'prefix': "rabbitmq_binding_snippet"
'description': "This module manages rabbitMQ bindings"
'body': """
rabbitmq_binding:
name: ${1:undefined} # required. source exchange to create binding on
destination: ${2:undefined} # required. destination exchange or queue for the binding
destination_type: ${3|queue,exchange|} # required. choices: queue;exchange. Either queue or exchange
login_port: ${4:15672} # not required. rabbitMQ management api port
login_user: ${5:guest} # not required. rabbitMQ user for connection
login_host: ${6:localhost} # not required. rabbitMQ host for connection
routing_key: ${7:#} # not required. routing key for the binding,default is
vhost: ${8:/} # not required. rabbitMQ virtual host,default vhost is /
state: ${9|present,absent|} # not required. choices: present;absent. Whether the exchange should be present or absent,Only present implemented atm
arguments: ${10:[object Object]} # not required. extra arguments for exchange. If defined this argument is a key/value dictionary
login_password: ${11:false} # not required. rabbitMQ password for connection
"""
'rabbitmq_exchange':
'prefix': "rabbitmq_exchange_snippet"
'description': "This module manages rabbitMQ exchanges"
'body': """
rabbitmq_exchange:
name: ${1:undefined} # required. Name of the exchange to create
login_port: ${2:15672} # not required. rabbitMQ management api port
login_user: ${3:guest} # not required. rabbitMQ user for connection
login_host: ${4:localhost} # not required. rabbitMQ host for connection
durable: ${5|yes,no|} # not required. choices: yes;no. whether exchange is durable or not
exchange_type: ${6|fanout,direct,headers,topic|} # not required. choices: fanout;direct;headers;topic. type for the exchange
vhost: ${7:/} # not required. rabbitMQ virtual host
state: ${8|present,absent|} # not required. choices: present;absent. Whether the exchange should be present or absent,Only present implemented atm
internal: ${9|yes,no|} # not required. choices: yes;no. exchange is available only for other exchanges
arguments: ${10:[object Object]} # not required. extra arguments for exchange. If defined this argument is a key/value dictionary
login_password: ${11:false} # not required. rabbitMQ password for connection
auto_delete: ${12|yes,no|} # not required. choices: yes;no. if the exchange should delete itself after all queues/exchanges unbound from it
"""
'rabbitmq_parameter':
'prefix': "rabbitmq_parameter_snippet"
'description': "Adds or removes parameters to RabbitMQ"
'body': """
rabbitmq_parameter:
name: ${1:null} # required. Name of the parameter being set
component: ${2:null} # required. Name of the component of which the parameter is being set
node: ${3:rabbit} # not required. erlang node name of the rabbit we wish to configure
vhost: ${4:/} # not required. vhost to apply access privileges.
state: ${5|present,absent|} # not required. choices: present;absent. Specify if user is to be added or removed
value: ${6:null} # not required. Value of the parameter, as a JSON term
"""
'rabbitmq_plugin':
'prefix': "rabbitmq_plugin_snippet"
'description': "Manage RabbitMQ plugins"
'body': """
rabbitmq_plugin:
names: ${1:undefined} # required. Comma-separated list of plugin names.
state: ${2|enabled,disabled|} # not required. choices: enabled;disabled. Specify if plugins are to be enabled or disabled.
new_only: ${3:no} # not required. Only enable missing plugins.,Does not disable plugins that are not in the names list.
prefix: ${4:undefined} # not required. Specify a custom install prefix to a Rabbit.
"""
'rabbitmq_policy':
'prefix': "rabbitmq_policy_snippet"
'description': "Manage the state of policies in RabbitMQ."
'body': """
rabbitmq_policy:
name: ${1:null} # required. The name of the policy to manage.
tags: ${2:null} # required. A dict or string describing the policy.
pattern: ${3:null} # required. A regex of queues to apply the policy to.
node: ${4:rabbit} # not required. Erlang node name of the rabbit we wish to configure.
priority: ${5:0} # not required. The priority of the policy.
vhost: ${6:/} # not required. The name of the vhost to apply to.
state: ${7|present,absent|} # not required. choices: present;absent. The state of the policy.
apply_to: ${8|all,exchanges,queues|} # not required. choices: all;exchanges;queues. What the policy applies to. Requires RabbitMQ 3.2.0 or later.
"""
'rabbitmq_queue':
'prefix': "rabbitmq_queue_snippet"
'description': "This module manages rabbitMQ queues"
'body': """
rabbitmq_queue:
name: ${1:undefined} # required. Name of the queue to create
dead_letter_exchange: ${2:None} # not required. Optional name of an exchange to which messages will be republished if they,are rejected or expire
max_priority: ${3:None} # not required. Maximum number of priority levels for the queue to support.,If not set, the queue will not support message priorities.,Larger numbers indicate higher priority.
login_user: ${4:guest} # not required. rabbitMQ user for connection
login_host: ${5:localhost} # not required. rabbitMQ host for connection
vhost: ${6:/} # not required. rabbitMQ virtual host
login_password: ${7:false} # not required. rabbitMQ password for connection
auto_expires: ${8:forever} # not required. How long a queue can be unused before it is automatically deleted (milliseconds)
login_port: ${9:15672} # not required. rabbitMQ management api port
durable: ${10|yes,no|} # not required. choices: yes;no. whether queue is durable or not
state: ${11|present,absent|} # not required. choices: present;absent. Whether the queue should be present or absent,Only present implemented atm
max_length: ${12:no limit} # not required. How many messages can the queue contain before it starts rejecting
arguments: ${13:[object Object]} # not required. extra arguments for queue. If defined this argument is a key/value dictionary
message_ttl: ${14:forever} # not required. How long a message can live in queue before it is discarded (milliseconds)
dead_letter_routing_key: ${15:None} # not required. Optional replacement routing key to use when a message is dead-lettered.,Original routing key will be used if unset
auto_delete: ${16|yes,no|} # not required. choices: yes;no. if the queue should delete itself after all queues/queues unbound from it
"""
'rabbitmq_user':
'prefix': "rabbitmq_user_snippet"
'description': "Adds or removes users to RabbitMQ"
'body': """
rabbitmq_user:
user: ${1:null} # required. Name of user to add
node: ${2:rabbit} # not required. erlang node name of the rabbit we wish to configure
force: ${3|yes,no|} # not required. choices: yes;no. Deletes and recreates the user.
tags: ${4:null} # not required. User tags specified as comma delimited
read_priv: ${5:^$} # not required. Regular expression to restrict configure actions on a resource for the specified vhost.,By default all actions are restricted.,This option will be ignored when permissions option is used.
write_priv: ${6:^$} # not required. Regular expression to restrict configure actions on a resource for the specified vhost.,By default all actions are restricted.,This option will be ignored when permissions option is used.
state: ${7|present,absent|} # not required. choices: present;absent. Specify if user is to be added or removed
configure_priv: ${8:^$} # not required. Regular expression to restrict configure actions on a resource for the specified vhost.,By default all actions are restricted.,This option will be ignored when permissions option is used.
vhost: ${9:/} # not required. vhost to apply access privileges.,This option will be ignored when permissions option is used.
password: ${10:null} # not required. Password of user to add.,To change the password of an existing user, you must also specify C(force=yes).
permissions: ${11:} # not required. a list of dicts, each dict contains vhost, configure_priv, write_priv, and read_priv, and represents a permission rule for that vhost.,This option should be preferable when you care about all permissions of the user.,You should use vhost, configure_priv, write_priv, and read_priv options instead if you care about permissions for just some vhosts.
"""
'rabbitmq_vhost':
'prefix': "rabbitmq_vhost_snippet"
'description': "Manage the state of a virtual host in RabbitMQ"
'body': """
rabbitmq_vhost:
name: ${1:null} # required. The name of the vhost to manage
node: ${2:rabbit} # not required. erlang node name of the rabbit we wish to configure
tracing: ${3|yes,no|} # not required. choices: yes;no. Enable/disable tracing for a vhost
state: ${4|present,absent|} # not required. choices: present;absent. The state of vhost
"""
'raw':
'prefix': "raw_snippet"
'description': "Executes a low-down and dirty SSH command"
'body': """
raw:
free_form: ${1:undefined} # required. the raw module takes a free form command to run. There is no parameter actually named 'free form'; see the examples!
executable: ${2:undefined} # not required. change the shell used to execute the command. Should be an absolute path to the executable.,when using privilege escalation (C(become)), a default shell will be assigned if one is not provided as privilege escalation requires a shell.
"""
'rax':
'prefix': "rax_snippet"
'description': "create / delete an instance in Rackspace Public Cloud"
'body': """
rax:
files: ${1:null} # not required. Files to insert into the instance. remotefilename:localcontent
boot_volume_terminate: ${2:false} # not required. Whether the I(boot_volume) or newly created volume from I(image) will be terminated when the server is terminated
tenant_name: ${3:undefined} # not required. The tenant name used for authentication.
auto_increment: ${4|yes,no|} # not required. choices: yes;no. Whether or not to increment a single number with the name of the created servers. Only applicable when used with the I(group) attribute or meta key.
image: ${5:null} # not required. image to use for the instance. Can be an C(id), C(human_id) or C(name). With I(boot_from_volume), a Cloud Block Storage volume will be created with this image
user_data: ${6:undefined} # not required. Data to be uploaded to the servers config drive. This option implies I(config_drive). Can be a file path or a string
boot_volume: ${7:undefined} # not required. Cloud Block Storage ID or Name to use as the boot volume of the instance
count_offset: ${8:1} # not required. number count to start at
verify_ssl: ${9:undefined} # not required. Whether or not to require SSL validation of API endpoints.
meta: ${10:null} # not required. A hash of metadata to associate with the instance
instance_ids: ${11:undefined} # not required. list of instance ids, currently only used when state='absent' to remove instances
tenant_id: ${12:undefined} # not required. The tenant ID used for authentication.
credentials: ${13:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
region: ${14:DFW} # not required. Region to create an instance in.
flavor: ${15:null} # not required. flavor to use for the instance
networks: ${16:public,private} # not required. The network to attach to the instances. If specified, you must include ALL networks including the public and private interfaces. Can be C(id) or C(label).
wait: ${17|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
boot_from_volume: ${18|yes,no|} # not required. choices: yes;no. Whether or not to boot the instance from a Cloud Block Storage volume. If C(yes) and I(image) is specified a new volume will be created at boot time. I(boot_volume_size) is required with I(image) to create a new volume at boot time.
api_key: ${19:undefined} # not required. Rackspace API key, overrides I(credentials).
group: ${20:undefined} # not required. host group to assign to server, is also used for idempotent operations to ensure a specific number of instances
name: ${21:null} # not required. Name to give the instance
identity_type: ${22:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
extra_client_args: ${23:undefined} # not required. A hash of key/value pairs to be used when creating the cloudservers client. This is considered an advanced option, use it wisely and with caution.
exact_count: ${24|yes,no|} # not required. choices: yes;no. Explicitly ensure an exact count of instances, used with state=active/present. If specified as C(yes) and I(count) is less than the servers matched, servers will be deleted to match the count. If the number of matched servers is fewer than specified in I(count) additional servers will be added.
disk_config: ${25|auto,manual|} # not required. choices: auto;manual. Disk partitioning strategy
auth_endpoint: ${26:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
count: ${27:1} # not required. number of instances to launch
username: ${28:undefined} # not required. Rackspace username, overrides I(credentials).
state: ${29|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
wait_timeout: ${30:300} # not required. how long before wait gives up, in seconds
env: ${31:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
key_name: ${32:null} # not required. key pair to use on the instance
boot_volume_size: ${33:100} # not required. Size of the volume to create in Gigabytes. This is only required with I(image) and I(boot_from_volume).
extra_create_args: ${34:undefined} # not required. A hash of key/value pairs to be used when creating a new server. This is considered an advanced option, use it wisely and with caution.
config_drive: ${35|yes,no|} # not required. choices: yes;no. Attach read-only configuration drive to server as label config-2
"""
'rax_cbs':
'prefix': "rax_cbs_snippet"
'description': "Manipulate Rackspace Cloud Block Storage Volumes"
'body': """
rax_cbs:
size: ${1:100} # required. Size of the volume to create in Gigabytes
volume_type: ${2|SATA,SSD|} # required. choices: SATA;SSD. Type of the volume being created
state: ${3|present,absent|} # required. choices: present;absent. Indicate desired state of the resource
name: ${4:null} # required. Name to give the volume being created
username: ${5:undefined} # not required. Rackspace username, overrides I(credentials).
api_key: ${6:undefined} # not required. Rackspace API key, overrides I(credentials).
tenant_name: ${7:undefined} # not required. The tenant name used for authentication.
description: ${8:null} # not required. Description to give the volume being created
identity_type: ${9:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${10:undefined} # not required. The tenant ID used for authentication.
image: ${11:null} # not required. image to use for bootable volumes. Can be an C(id), C(human_id) or C(name). This option requires C(pyrax>=1.9.3)
auth_endpoint: ${12:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
verify_ssl: ${13:undefined} # not required. Whether or not to require SSL validation of API endpoints.
meta: ${14:null} # not required. A hash of metadata to associate with the volume
env: ${15:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
snapshot_id: ${16:null} # not required. The id of the snapshot to create the volume from
credentials: ${17:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
wait: ${18|yes,no|} # not required. choices: yes;no. wait for the volume to be in state 'available' before returning
region: ${19:DFW} # not required. Region to create an instance in.
wait_timeout: ${20:300} # not required. how long before wait gives up, in seconds
"""
'rax_cbs_attachments':
'prefix': "rax_cbs_attachments_snippet"
'description': "Manipulate Rackspace Cloud Block Storage Volume Attachments"
'body': """
rax_cbs_attachments:
volume: ${1:null} # required. Name or id of the volume to attach/detach
server: ${2:null} # required. Name or id of the server to attach/detach
state: ${3|present,absent|} # required. choices: present;absent. Indicate desired state of the resource
username: ${4:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${5:undefined} # not required. The tenant name used for authentication.
verify_ssl: ${6:undefined} # not required. Whether or not to require SSL validation of API endpoints.
wait_timeout: ${7:300} # not required. how long before wait gives up, in seconds
device: ${8:null} # not required. The device path to attach the volume to, e.g. /dev/xvde.,Before 2.4 this was a required field. Now it can be left to null to auto assign the device name.
credentials: ${9:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
wait: ${10|yes,no|} # not required. choices: yes;no. wait for the volume to be in 'in-use'/'available' state before returning
identity_type: ${11:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${12:undefined} # not required. The tenant ID used for authentication.
region: ${13:DFW} # not required. Region to create an instance in.
auth_endpoint: ${14:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
env: ${15:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
api_key: ${16:undefined} # not required. Rackspace API key, overrides I(credentials).
"""
'rax_cdb':
'prefix': "rax_cdb_snippet"
'description': "create/delete or resize a Rackspace Cloud Databases instance"
'body': """
rax_cdb:
cdb_type: ${1:MySQL} # not required. type of instance (i.e. MySQL, MariaDB, Percona)
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
name: ${3:null} # not required. Name of the databases server instance
identity_type: ${4:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${5:undefined} # not required. The tenant ID used for authentication.
region: ${6:DFW} # not required. Region to create an instance in.
auth_endpoint: ${7:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
verify_ssl: ${8:undefined} # not required. Whether or not to require SSL validation of API endpoints.
cdb_version: ${9|5.1,5.6,10|} # not required. choices: 5.1;5.6;10. version of database (MySQL supports 5.1 and 5.6, MariaDB supports 10, Percona supports 5.6)
volume: ${10:2} # not required. Volume size of the database 1-150GB
state: ${11|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
wait_timeout: ${12:300} # not required. how long before wait gives up, in seconds
env: ${13:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${14:undefined} # not required. The tenant name used for authentication.
credentials: ${15:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
flavor: ${16:1} # not required. flavor to use for the instance 1 to 6 (i.e. 512MB to 16GB)
api_key: ${17:undefined} # not required. Rackspace API key, overrides I(credentials).
wait: ${18|yes,no|} # not required. choices: yes;no. wait for the instance to be in state 'running' before returning
"""
'rax_cdb_database':
'prefix': "rax_cdb_database_snippet"
'description': "create / delete a database in the Cloud Databases"
'body': """
rax_cdb_database:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${2:undefined} # not required. The tenant name used for authentication.
name: ${3:null} # not required. Name to give to the database
identity_type: ${4:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
cdb_id: ${5:null} # not required. The databases server UUID
region: ${6:DFW} # not required. Region to create an instance in.
verify_ssl: ${7:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${8|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
collate: ${9:utf8_general_ci} # not required. Set of rules for comparing characters in a character set
env: ${10:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_id: ${11:undefined} # not required. The tenant ID used for authentication.
credentials: ${12:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${13:undefined} # not required. Rackspace API key, overrides I(credentials).
character_set: ${14:utf8} # not required. Set of symbols and encodings
auth_endpoint: ${15:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_cdb_user':
'prefix': "rax_cdb_user_snippet"
'description': "create / delete a Rackspace Cloud Database"
'body': """
rax_cdb_user:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${2:undefined} # not required. The tenant name used for authentication.
db_username: ${3:null} # not required. Name of the database user
db_password: ${4:null} # not required. Database user password
verify_ssl: ${5:undefined} # not required. Whether or not to require SSL validation of API endpoints.
credentials: ${6:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
auth_endpoint: ${7:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
identity_type: ${8:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
cdb_id: ${9:null} # not required. The databases server UUID
region: ${10:DFW} # not required. Region to create an instance in.
host: ${11:%} # not required. Specifies the host from which a user is allowed to connect to the database. Possible values are a string containing an IPv4 address or \"%\" to allow connecting from any host
state: ${12|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
tenant_id: ${13:undefined} # not required. The tenant ID used for authentication.
env: ${14:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
databases: ${15:} # not required. Name of the databases that the user can access
api_key: ${16:undefined} # not required. Rackspace API key, overrides I(credentials).
"""
'rax_clb':
'prefix': "rax_clb_snippet"
'description': "create / delete a load balancer in Rackspace Public Cloud"
'body': """
rax_clb:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
protocol: ${2|DNS_TCP,DNS_UDP,FTP,HTTP,HTTPS,IMAPS,IMAPv4,LDAP,LDAPS,MYSQL,POP3,POP3S,SMTP,TCP,TCP_CLIENT_FIRST,UDP,UDP_STREAM,SFTP|} # not required. choices: DNS_TCP;DNS_UDP;FTP;HTTP;HTTPS;IMAPS;IMAPv4;LDAP;LDAPS;MYSQL;POP3;POP3S;SMTP;TCP;TCP_CLIENT_FIRST;UDP;UDP_STREAM;SFTP. Protocol for the balancer being created
name: ${3:null} # not required. Name to give the load balancer
algorithm: ${4|RANDOM,LEAST_CONNECTIONS,ROUND_ROBIN,WEIGHTED_LEAST_CONNECTIONS,WEIGHTED_ROUND_ROBIN|} # not required. choices: RANDOM;LEAST_CONNECTIONS;ROUND_ROBIN;WEIGHTED_LEAST_CONNECTIONS;WEIGHTED_ROUND_ROBIN. algorithm for the balancer being created
env: ${5:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
identity_type: ${6:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${7:undefined} # not required. The tenant ID used for authentication.
region: ${8:DFW} # not required. Region to create an instance in.
auth_endpoint: ${9:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
verify_ssl: ${10:undefined} # not required. Whether or not to require SSL validation of API endpoints.
vip_id: ${11:undefined} # not required. Virtual IP ID to use when creating the load balancer for purposes of sharing an IP with another load balancer of another protocol
state: ${12|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
wait_timeout: ${13:300} # not required. how long before wait gives up, in seconds
meta: ${14:null} # not required. A hash of metadata to associate with the instance
timeout: ${15:30} # not required. timeout for communication between the balancer and the node
tenant_name: ${16:undefined} # not required. The tenant name used for authentication.
credentials: ${17:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${18:undefined} # not required. Rackspace API key, overrides I(credentials).
type: ${19|PUBLIC,SERVICENET|} # not required. choices: PUBLIC;SERVICENET. type of interface for the balancer being created
port: ${20:80} # not required. Port for the balancer being created
wait: ${21|yes,no|} # not required. choices: yes;no. wait for the balancer to be in state 'running' before returning
"""
'rax_clb_nodes':
'prefix': "rax_clb_nodes_snippet"
'description': "add, modify and remove nodes from a Rackspace Cloud Load Balancer"
'body': """
rax_clb_nodes:
load_balancer_id: ${1:undefined} # required. Load balancer id
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${3:undefined} # not required. The tenant name used for authentication.
weight: ${4:undefined} # not required. Weight of node
identity_type: ${5:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${6:undefined} # not required. The tenant ID used for authentication.
region: ${7:DFW} # not required. Region to create an instance in.
auth_endpoint: ${8:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
verify_ssl: ${9:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${10|present,absent|} # not required. choices: present;absent. Indicate desired state of the node
wait_timeout: ${11:30} # not required. How long to wait before giving up and returning an error
condition: ${12|enabled,disabled,draining|} # not required. choices: enabled;disabled;draining. Condition for the node, which determines its role within the load balancer
env: ${13:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
address: ${14:undefined} # not required. IP address or domain name of the node
credentials: ${15:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${16:undefined} # not required. Rackspace API key, overrides I(credentials).
type: ${17|primary,secondary|} # not required. choices: primary;secondary. Type of node
port: ${18:undefined} # not required. Port number of the load balanced service on the node
node_id: ${19:undefined} # not required. Node id
wait: ${20|yes,no|} # not required. choices: yes;no. Wait for the load balancer to become active before returning
"""
'rax_clb_ssl':
'prefix': "rax_clb_ssl_snippet"
'description': "Manage SSL termination for a Rackspace Cloud Load Balancer."
'body': """
rax_clb_ssl:
loadbalancer: ${1:undefined} # required. Name or ID of the load balancer on which to manage SSL termination.
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
private_key: ${3:undefined} # not required. The private SSL key as a string in PEM format.
tenant_name: ${4:undefined} # not required. The tenant name used for authentication.
certificate: ${5:undefined} # not required. The public SSL certificates as a string in PEM format.
tenant_id: ${6:undefined} # not required. The tenant ID used for authentication.
identity_type: ${7:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
enabled: ${8:true} # not required. If set to \"false\", temporarily disable SSL termination without discarding,existing credentials.
region: ${9:DFW} # not required. Region to create an instance in.
https_redirect: ${10:undefined} # not required. If \"true\", the load balancer will redirect HTTP traffic to HTTPS.,Requires \"secure_traffic_only\" to be true. Incurs an implicit wait if SSL,termination is also applied or removed.
verify_ssl: ${11:undefined} # not required. Whether or not to require SSL validation of API endpoints.
auth_endpoint: ${12:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
state: ${13|present,absent|} # not required. choices: present;absent. If set to \"present\", SSL termination will be added to this load balancer.,If \"absent\", SSL termination will be removed instead.
wait_timeout: ${14:300} # not required. How long before \"wait\" gives up, in seconds.
intermediate_certificate: ${15:undefined} # not required. One or more intermediate certificate authorities as a string in PEM,format, concatenated into a single string.
secure_traffic_only: ${16:false} # not required. If \"true\", the load balancer will *only* accept secure traffic.
env: ${17:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
credentials: ${18:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
secure_port: ${19:443} # not required. The port to listen for secure traffic.
api_key: ${20:undefined} # not required. Rackspace API key, overrides I(credentials).
wait: ${21:false} # not required. Wait for the balancer to be in state \"running\" before turning.
"""
'rax_dns':
'prefix': "rax_dns_snippet"
'description': "Manage domains on Rackspace Cloud DNS"
'body': """
rax_dns:
comment: ${1:undefined} # not required. Brief description of the domain. Maximum length of 160 characters
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${3:undefined} # not required. The tenant name used for authentication.
name: ${4:undefined} # not required. Domain name to create
identity_type: ${5:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${6:undefined} # not required. The tenant ID used for authentication.
region: ${7:DFW} # not required. Region to create an instance in.
verify_ssl: ${8:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${9|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
env: ${10:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
ttl: ${11:3600} # not required. Time to live of domain in seconds
credentials: ${12:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${13:undefined} # not required. Rackspace API key, overrides I(credentials).
email: ${14:undefined} # not required. Email address of the domain administrator
auth_endpoint: ${15:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_dns_record':
'prefix': "rax_dns_record_snippet"
'description': "Manage DNS records on Rackspace Cloud DNS"
'body': """
rax_dns_record:
name: ${1:undefined} # required. FQDN record name to create
data: ${2:undefined} # required. IP address for A/AAAA record, FQDN for CNAME/MX/NS, or text data for SRV/TXT
type: ${3|A,AAAA,CNAME,MX,NS,SRV,TXT,PTR|} # required. choices: A;AAAA;CNAME;MX;NS;SRV;TXT;PTR. DNS record type
comment: ${4:undefined} # not required. Brief description of the domain. Maximum length of 160 characters
username: ${5:undefined} # not required. Rackspace username, overrides I(credentials).
domain: ${6:undefined} # not required. Domain name to create the record in. This is an invalid option when type=PTR
tenant_name: ${7:undefined} # not required. The tenant name used for authentication.
identity_type: ${8:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
region: ${9:DFW} # not required. Region to create an instance in.
verify_ssl: ${10:undefined} # not required. Whether or not to require SSL validation of API endpoints.
server: ${11:undefined} # not required. Server ID to create a PTR record for. Only used with type=PTR
priority: ${12:undefined} # not required. Required for MX and SRV records, but forbidden for other record types. If specified, must be an integer from 0 to 65535.
state: ${13|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
tenant_id: ${14:undefined} # not required. The tenant ID used for authentication.
loadbalancer: ${15:undefined} # not required. Load Balancer ID to create a PTR record for. Only used with type=PTR
env: ${16:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
ttl: ${17:3600} # not required. Time to live of record in seconds
credentials: ${18:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${19:undefined} # not required. Rackspace API key, overrides I(credentials).
overwrite: ${20:true} # not required. Add new records if data doesn't match, instead of updating existing record with matching name. If there are already multiple records with matching name and overwrite=true, this module will fail.
auth_endpoint: ${21:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_facts':
'prefix': "rax_facts_snippet"
'description': "Gather facts for Rackspace Cloud Servers"
'body': """
rax_facts:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${2:undefined} # not required. The tenant name used for authentication.
name: ${3:null} # not required. Server name to retrieve facts for
identity_type: ${4:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${5:undefined} # not required. The tenant ID used for authentication.
region: ${6:DFW} # not required. Region to create an instance in.
verify_ssl: ${7:undefined} # not required. Whether or not to require SSL validation of API endpoints.
env: ${8:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
address: ${9:undefined} # not required. Server IP address to retrieve facts for, will match any IP assigned to the server
credentials: ${10:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${11:undefined} # not required. Rackspace API key, overrides I(credentials).
id: ${12:undefined} # not required. Server ID to retrieve facts for
auth_endpoint: ${13:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_files':
'prefix': "rax_files_snippet"
'description': "Manipulate Rackspace Cloud Files Containers"
'body': """
rax_files:
container: ${1:undefined} # required. The container to use for container or metadata operations.
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
web_index: ${3:undefined} # not required. Sets an object to be presented as the HTTP index page when accessed by the CDN URL
identity_type: ${4:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${5:undefined} # not required. The tenant ID used for authentication.
region: ${6:DFW} # not required. Region to create an instance in
verify_ssl: ${7:undefined} # not required. Whether or not to require SSL validation of API endpoints.
private: ${8:undefined} # not required. Used to set a container as private, removing it from the CDN. B(Warning!) Private containers, if previously made public, can have live objects available until the TTL on cached objects expires
state: ${9|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
clear_meta: ${10|yes,no|} # not required. choices: yes;no. Optionally clear existing metadata when applying metadata to existing containers. Selecting this option is only appropriate when setting type=meta
meta: ${11:undefined} # not required. A hash of items to set as metadata values on a container
env: ${12:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
ttl: ${13:undefined} # not required. In seconds, set a container-wide TTL for all objects cached on CDN edge nodes. Setting a TTL is only appropriate for containers that are public
web_error: ${14:undefined} # not required. Sets an object to be presented as the HTTP error page when accessed by the CDN URL
credentials: ${15:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
tenant_name: ${16:undefined} # not required. The tenant name used for authentication.
api_key: ${17:undefined} # not required. Rackspace API key, overrides I(credentials).
type: ${18|file,meta|} # not required. choices: file;meta. Type of object to do work on, i.e. metadata object or a container object
public: ${19:undefined} # not required. Used to set a container as public, available via the Cloud Files CDN
auth_endpoint: ${20:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_files_objects':
'prefix': "rax_files_objects_snippet"
'description': "Upload, download, and delete objects in Rackspace Cloud Files"
'body': """
rax_files_objects:
container: ${1:null} # required. The container to use for file object operations.
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
src: ${3:null} # not required. Source from which to upload files. Used to specify a remote object as a source for an operation, i.e. a file name, \"file1\", or a comma-separated list of remote objects, \"file1,file2,file17\". src and dest are mutually exclusive on remote-only object operations
dest: ${4:undefined} # not required. The destination of a \"get\" operation; i.e. a local directory, \"/home/user/myfolder\". Used to specify the destination of an operation on a remote object; i.e. a file name, \"file1\", or a comma-separated list of remote objects, \"file1,file2,file17\"
tenant_id: ${5:undefined} # not required. The tenant ID used for authentication.
region: ${6:DFW} # not required. Region to create an instance in.
expires: ${7:null} # not required. Used to set an expiration on a file or folder uploaded to Cloud Files. Requires an integer, specifying expiration in seconds
verify_ssl: ${8:undefined} # not required. Whether or not to require SSL validation of API endpoints.
identity_type: ${9:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
state: ${10|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
clear_meta: ${11|yes,no|} # not required. choices: yes;no. Optionally clear existing metadata when applying metadata to existing objects. Selecting this option is only appropriate when setting type=meta
meta: ${12:null} # not required. A hash of items to set as metadata values on an uploaded file or folder
env: ${13:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${14:undefined} # not required. The tenant name used for authentication.
credentials: ${15:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${16:undefined} # not required. Rackspace API key, overrides I(credentials).
type: ${17|file,meta|} # not required. choices: file;meta. Type of object to do work on,Metadata object or a file object
method: ${18|get,put,delete|} # not required. choices: get;put;delete. The method of operation to be performed. For example, put to upload files to Cloud Files, get to download files from Cloud Files or delete to delete remote objects in Cloud Files
structure: ${19|true,no|} # not required. choices: true;no. Used to specify whether to maintain nested directory structure when downloading objects from Cloud Files. Setting to false downloads the contents of a container to a single, flat directory
auth_endpoint: ${20:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_identity':
'prefix': "rax_identity_snippet"
'description': "Load Rackspace Cloud Identity"
'body': """
rax_identity:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
identity_type: ${2:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${3:undefined} # not required. The tenant ID used for authentication.
region: ${4:DFW} # not required. Region to create an instance in.
verify_ssl: ${5:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${6|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
env: ${7:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${8:undefined} # not required. The tenant name used for authentication.
credentials: ${9:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${10:undefined} # not required. Rackspace API key, overrides I(credentials).
auth_endpoint: ${11:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_keypair':
'prefix': "rax_keypair_snippet"
'description': "Create a keypair for use with Rackspace Cloud Servers"
'body': """
rax_keypair:
name: ${1:undefined} # required. Name of keypair
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
public_key: ${3:null} # not required. Public Key string to upload. Can be a file path or string
identity_type: ${4:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${5:undefined} # not required. The tenant ID used for authentication.
region: ${6:DFW} # not required. Region to create an instance in.
verify_ssl: ${7:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${8|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
env: ${9:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${10:undefined} # not required. The tenant name used for authentication.
credentials: ${11:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${12:undefined} # not required. Rackspace API key, overrides I(credentials).
auth_endpoint: ${13:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_meta':
'prefix': "rax_meta_snippet"
'description': "Manipulate metadata for Rackspace Cloud Servers"
'body': """
rax_meta:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${2:undefined} # not required. The tenant name used for authentication.
name: ${3:null} # not required. Server name to modify metadata for
identity_type: ${4:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${5:undefined} # not required. The tenant ID used for authentication.
region: ${6:DFW} # not required. Region to create an instance in.
verify_ssl: ${7:undefined} # not required. Whether or not to require SSL validation of API endpoints.
meta: ${8:null} # not required. A hash of metadata to associate with the instance
env: ${9:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
address: ${10:undefined} # not required. Server IP address to modify metadata for, will match any IP assigned to the server
credentials: ${11:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${12:undefined} # not required. Rackspace API key, overrides I(credentials).
id: ${13:undefined} # not required. Server ID to modify metadata for
auth_endpoint: ${14:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_mon_alarm':
'prefix': "rax_mon_alarm_snippet"
'description': "Create or delete a Rackspace Cloud Monitoring alarm."
'body': """
rax_mon_alarm:
entity_id: ${1:undefined} # required. ID of the entity this alarm is attached to. May be acquired by registering the value of a rax_mon_entity task.
notification_plan_id: ${2:undefined} # required. ID of the notification plan to trigger if this alarm fires. May be acquired by registering the value of a rax_mon_notification_plan task.
check_id: ${3:undefined} # required. ID of the check that should be alerted on. May be acquired by registering the value of a rax_mon_check task.
label: ${4:undefined} # required. Friendly name for this alarm, used to achieve idempotence. Must be a String between 1 and 255 characters long.
username: ${5:undefined} # not required. Rackspace username, overrides I(credentials).
tenant_name: ${6:undefined} # not required. The tenant name used for authentication.
tenant_id: ${7:undefined} # not required. The tenant ID used for authentication.
region: ${8:DFW} # not required. Region to create an instance in.
auth_endpoint: ${9:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
verify_ssl: ${10:undefined} # not required. Whether or not to require SSL validation of API endpoints.
disabled: ${11|yes,no|} # not required. choices: yes;no. If yes, create this alarm, but leave it in an inactive state. Defaults to no.
identity_type: ${12:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
state: ${13|present,absent|} # not required. choices: present;absent. Ensure that the alarm with this C(label) exists or does not exist.
env: ${14:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
criteria: ${15:undefined} # not required. Alarm DSL that describes alerting conditions and their output states. Must be between 1 and 16384 characters long. See http://docs.rackspace.com/cm/api/v1.0/cm-devguide/content/alerts-language.html for a reference on the alerting language.
credentials: ${16:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${17:undefined} # not required. Rackspace API key, overrides I(credentials).
metadata: ${18:undefined} # not required. Arbitrary key/value pairs to accompany the alarm. Must be a hash of String keys and values between 1 and 255 characters long.
"""
'rax_mon_check':
'prefix': "rax_mon_check_snippet"
'description': "Create or delete a Rackspace Cloud Monitoring check for an existing entity."
'body': """
rax_mon_check:
entity_id: ${1:undefined} # required. ID of the rax_mon_entity to target with this check.
check_type: ${2|remote.dns,remote.ftp-banner,remote.http,remote.imap-banner,remote.mssql-banner,remote.mysql-banner,remote.ping,remote.pop3-banner,remote.postgresql-banner,remote.smtp-banner,remote.smtp,remote.ssh,remote.tcp,remote.telnet-banner,agent.filesystem,agent.memory,agent.load_average,agent.cpu,agent.disk,agent.network,agent.plugin|} # required. choices: remote.dns;remote.ftp-banner;remote.http;remote.imap-banner;remote.mssql-banner;remote.mysql-banner;remote.ping;remote.pop3-banner;remote.postgresql-banner;remote.smtp-banner;remote.smtp;remote.ssh;remote.tcp;remote.telnet-banner;agent.filesystem;agent.memory;agent.load_average;agent.cpu;agent.disk;agent.network;agent.plugin. The type of check to create. C(remote.) checks may be created on any rax_mon_entity. C(agent.) checks may only be created on rax_mon_entities that have a non-null C(agent_id).
label: ${3:undefined} # required. Defines a label for this check, between 1 and 64 characters long.
tenant_name: ${4:undefined} # not required. The tenant name used for authentication.
period: ${5:undefined} # not required. The number of seconds between each time the check is performed. Must be greater than the minimum period set on your account.
disabled: ${6|yes,no|} # not required. choices: yes;no. If \"yes\", ensure the check is created, but don't actually use it yet.
verify_ssl: ${7:undefined} # not required. Whether or not to require SSL validation of API endpoints.
auth_endpoint: ${8:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
state: ${9|present,absent|} # not required. choices: present;absent. Ensure that a check with this C(label) exists or does not exist.
details: ${10:undefined} # not required. Additional details specific to the check type. Must be a hash of strings between 1 and 255 characters long, or an array or object containing 0 to 256 items.
env: ${11:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
api_key: ${12:undefined} # not required. Rackspace API key, overrides I(credentials).
metadata: ${13:undefined} # not required. Hash of arbitrary key-value pairs to accompany this check if it fires. Keys and values must be strings between 1 and 255 characters long.
username: ${14:undefined} # not required. Rackspace username, overrides I(credentials).
target_hostname: ${15:undefined} # not required. One of `target_hostname` and `target_alias` is required for remote.* checks, but prohibited for agent.* checks. The hostname this check should target. Must be a valid IPv4, IPv6, or FQDN.
credentials: ${16:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
target_alias: ${17:undefined} # not required. One of `target_alias` and `target_hostname` is required for remote.* checks, but prohibited for agent.* checks. Use the corresponding key in the entity's `ip_addresses` hash to resolve an IP address to target.
identity_type: ${18:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${19:undefined} # not required. The tenant ID used for authentication.
region: ${20:DFW} # not required. Region to create an instance in.
timeout: ${21:undefined} # not required. The number of seconds this check will wait when attempting to collect results. Must be less than the period.
monitoring_zones_poll: ${22:undefined} # not required. Comma-separated list of the names of the monitoring zones the check should run from. Available monitoring zones include mzdfw, mzhkg, mziad, mzlon, mzord and mzsyd. Required for remote.* checks; prohibited for agent.* checks.
"""
'rax_mon_entity':
'prefix': "rax_mon_entity_snippet"
'description': "Create or delete a Rackspace Cloud Monitoring entity"
'body': """
rax_mon_entity:
label: ${1:undefined} # required. Defines a name for this entity. Must be a non-empty string between 1 and 255 characters long.
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
identity_type: ${3:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${4:undefined} # not required. The tenant ID used for authentication.
region: ${5:DFW} # not required. Region to create an instance in.
auth_endpoint: ${6:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
verify_ssl: ${7:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${8|present,absent|} # not required. choices: present;absent. Ensure that an entity with this C(name) exists or does not exist.
agent_id: ${9:undefined} # not required. Rackspace monitoring agent on the target device to which this entity is bound. Necessary to collect C(agent.) rax_mon_checks against this entity.
env: ${10:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${11:undefined} # not required. The tenant name used for authentication.
credentials: ${12:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${13:undefined} # not required. Rackspace API key, overrides I(credentials).
named_ip_addresses: ${14:undefined} # not required. Hash of IP addresses that may be referenced by name by rax_mon_checks added to this entity. Must be a dictionary of with keys that are names between 1 and 64 characters long, and values that are valid IPv4 or IPv6 addresses.
metadata: ${15:undefined} # not required. Hash of arbitrary C(name), C(value) pairs that are passed to associated rax_mon_alarms. Names and values must all be between 1 and 255 characters long.
"""
'rax_mon_notification':
'prefix': "rax_mon_notification_snippet"
'description': "Create or delete a Rackspace Cloud Monitoring notification."
'body': """
rax_mon_notification:
label: ${1:undefined} # required. Defines a friendly name for this notification. String between 1 and 255 characters long.
details: ${2:undefined} # required. Dictionary of key-value pairs used to initialize the notification. Required keys and meanings vary with notification type. See http://docs.rackspace.com/cm/api/v1.0/cm-devguide/content/ service-notification-types-crud.html for details.
notification_type: ${3|webhook,email,pagerduty|} # required. choices: webhook;email;pagerduty. A supported notification type.
username: ${4:undefined} # not required. Rackspace username, overrides I(credentials).
credentials: ${5:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
identity_type: ${6:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${7:undefined} # not required. The tenant ID used for authentication.
region: ${8:DFW} # not required. Region to create an instance in.
verify_ssl: ${9:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${10|present,absent|} # not required. choices: present;absent. Ensure that the notification with this C(label) exists or does not exist.
env: ${11:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${12:undefined} # not required. The tenant name used for authentication.
api_key: ${13:undefined} # not required. Rackspace API key, overrides I(credentials).
auth_endpoint: ${14:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_mon_notification_plan':
'prefix': "rax_mon_notification_plan_snippet"
'description': "Create or delete a Rackspace Cloud Monitoring notification plan."
'body': """
rax_mon_notification_plan:
label: ${1:undefined} # required. Defines a friendly name for this notification plan. String between 1 and 255 characters long.
username: ${2:undefined} # not required. Rackspace username, overrides I(credentials).
warning_state: ${3:undefined} # not required. Notification list to use when the alarm state is WARNING. Must be an array of valid rax_mon_notification ids.
identity_type: ${4:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${5:undefined} # not required. The tenant ID used for authentication.
region: ${6:DFW} # not required. Region to create an instance in.
critical_state: ${7:undefined} # not required. Notification list to use when the alarm state is CRITICAL. Must be an array of valid rax_mon_notification ids.
verify_ssl: ${8:undefined} # not required. Whether or not to require SSL validation of API endpoints.
ok_state: ${9:undefined} # not required. Notification list to use when the alarm state is OK. Must be an array of valid rax_mon_notification ids.
state: ${10|present,absent|} # not required. choices: present;absent. Ensure that the notification plan with this C(label) exists or does not exist.
env: ${11:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${12:undefined} # not required. The tenant name used for authentication.
credentials: ${13:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${14:undefined} # not required. Rackspace API key, overrides I(credentials).
auth_endpoint: ${15:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_network':
'prefix': "rax_network_snippet"
'description': "create / delete an isolated network in Rackspace Public Cloud"
'body': """
rax_network:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
identity_type: ${2:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${3:undefined} # not required. The tenant ID used for authentication.
region: ${4:DFW} # not required. Region to create an instance in.
verify_ssl: ${5:undefined} # not required. Whether or not to require SSL validation of API endpoints.
label: ${6:null} # not required. Label (name) to give the network
state: ${7|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
env: ${8:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${9:undefined} # not required. The tenant name used for authentication.
credentials: ${10:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
cidr: ${11:null} # not required. cidr of the network being created
api_key: ${12:undefined} # not required. Rackspace API key, overrides I(credentials).
auth_endpoint: ${13:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_queue':
'prefix': "rax_queue_snippet"
'description': "create / delete a queue in Rackspace Public Cloud"
'body': """
rax_queue:
username: ${1:undefined} # not required. Rackspace username, overrides I(credentials).
name: ${2:null} # not required. Name to give the queue
identity_type: ${3:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${4:undefined} # not required. The tenant ID used for authentication.
region: ${5:DFW} # not required. Region to create an instance in.
verify_ssl: ${6:undefined} # not required. Whether or not to require SSL validation of API endpoints.
state: ${7|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
env: ${8:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${9:undefined} # not required. The tenant name used for authentication.
credentials: ${10:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${11:undefined} # not required. Rackspace API key, overrides I(credentials).
auth_endpoint: ${12:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rax_scaling_group':
'prefix': "rax_scaling_group_snippet"
'description': "Manipulate Rackspace Cloud Autoscale Groups"
'body': """
rax_scaling_group:
image: ${1:undefined} # required. image to use for the instance. Can be an C(id), C(human_id) or C(name)
min_entities: ${2:undefined} # required. The minimum number of entities that are allowed in the scaling group. Must be an integer between 0 and 1000.
flavor: ${3:undefined} # required. flavor to use for the instance
max_entities: ${4:undefined} # required. The maximum number of entities that are allowed in the scaling group. Must be an integer between 0 and 1000.
name: ${5:undefined} # required. Name to give the scaling group
server_name: ${6:undefined} # required. The base name for servers created by Autoscale
files: ${7:null} # not required. Files to insert into the instance. Hash of C(remotepath: localpath)
username: ${8:undefined} # not required. Rackspace username, overrides I(credentials).
key_name: ${9:null} # not required. key pair to use on the instance
user_data: ${10:undefined} # not required. Data to be uploaded to the servers config drive. This option implies I(config_drive). Can be a file path or a string
verify_ssl: ${11:undefined} # not required. Whether or not to require SSL validation of API endpoints.
cooldown: ${12:undefined} # not required. The period of time, in seconds, that must pass before any scaling can occur after the previous scaling. Must be an integer between 0 and 86400 (24 hrs).
credentials: ${13:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
networks: ${14:public,private} # not required. The network to attach to the instances. If specified, you must include ALL networks including the public and private interfaces. Can be C(id) or C(label).
wait: ${15|yes,no|} # not required. choices: yes;no. wait for the scaling group to finish provisioning the minimum amount of servers
loadbalancers: ${16:undefined} # not required. List of load balancer C(id) and C(port) hashes
tenant_id: ${17:undefined} # not required. The tenant ID used for authentication.
wait_timeout: ${18:300} # not required. how long before wait gives up, in seconds
disk_config: ${19|auto,manual|} # not required. choices: auto;manual. Disk partitioning strategy
auth_endpoint: ${20:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
identity_type: ${21:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
state: ${22|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
meta: ${23:null} # not required. A hash of metadata to associate with the instance
env: ${24:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
tenant_name: ${25:undefined} # not required. The tenant name used for authentication.
api_key: ${26:undefined} # not required. Rackspace API key, overrides I(credentials).
region: ${27:DFW} # not required. Region to create an instance in.
config_drive: ${28|yes,no|} # not required. choices: yes;no. Attach read-only configuration drive to server as label config-2
"""
'rax_scaling_policy':
'prefix': "rax_scaling_policy_snippet"
'description': "Manipulate Rackspace Cloud Autoscale Scaling Policy"
'body': """
rax_scaling_policy:
name: ${1:undefined} # required. Name to give the policy
scaling_group: ${2:undefined} # required. Name of the scaling group that this policy will be added to
policy_type: ${3|webhook,schedule|} # required. choices: webhook;schedule. The type of policy that will be executed for the current release.
username: ${4:undefined} # not required. Rackspace username, overrides I(credentials).
is_percent: ${5:false} # not required. Whether the value in I(change) is a percent value
env: ${6:undefined} # not required. Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
identity_type: ${7:rackspace} # not required. Authentication mechanism to use, such as rackspace or keystone.
tenant_id: ${8:undefined} # not required. The tenant ID used for authentication.
region: ${9:DFW} # not required. Region to create an instance in.
verify_ssl: ${10:undefined} # not required. Whether or not to require SSL validation of API endpoints.
cron: ${11:undefined} # not required. The time when the policy will be executed, as a cron entry. For example, if this is parameter is set to C(1 0 * * *)
desired_capacity: ${12:undefined} # not required. The desired server capacity of the scaling the group; that is, how many servers should be in the scaling group.
state: ${13|present,absent|} # not required. choices: present;absent. Indicate desired state of the resource
cooldown: ${14:undefined} # not required. The period of time, in seconds, that must pass before any scaling can occur after the previous scaling. Must be an integer between 0 and 86400 (24 hrs).
at: ${15:undefined} # not required. The UTC time when this policy will be executed. The time must be formatted according to C(yyyy-MM-dd'T'HH:mm:ss.SSS) such as C(2013-05-19T08:07:08Z)
tenant_name: ${16:undefined} # not required. The tenant name used for authentication.
credentials: ${17:null} # not required. File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided.
api_key: ${18:undefined} # not required. Rackspace API key, overrides I(credentials).
change: ${19:undefined} # not required. The change, either as a number of servers or as a percentage, to make in the scaling group. If this is a percentage, you must set I(is_percent) to C(true) also.
auth_endpoint: ${20:https://identity.api.rackspacecloud.com/v2.0/} # not required. The URI of the authentication service.
"""
'rds':
'prefix': "rds_snippet"
'description': "create, delete, or modify an Amazon rds instance"
'body': """
rds:
command: ${1|create,replicate,delete,facts,modify,promote,snapshot,reboot,restore|} # required. choices: create;replicate;delete;facts;modify;promote;snapshot;reboot;restore. Specifies the action to take. The 'reboot' option is available starting at version 2.0
region: ${2:undefined} # required. The AWS region to use. If not specified then the value of the EC2_REGION environment variable, if any, is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
db_engine: ${4|mariadb,MySQL,oracle-se1,oracle-se2,oracle-se,oracle-ee,sqlserver-ee,sqlserver-se,sqlserver-ex,sqlserver-web,postgres,aurora|} # not required. choices: mariadb;MySQL;oracle-se1;oracle-se2;oracle-se;oracle-ee;sqlserver-ee;sqlserver-se;sqlserver-ex;sqlserver-web;postgres;aurora. The type of database. Used only when command=create.,mariadb was added in version 2.2
iops: ${5:null} # not required. Specifies the number of IOPS for the instance. Used only when command=create or command=modify. Must be an integer greater than 1000.
backup_window: ${6:null} # not required. Backup window in format of hh24:mi-hh24:mi. If not specified then a random backup window is assigned. Used only when command=create or command=modify.
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
backup_retention: ${8:null} # not required. Number of days backups are retained. Set to 0 to disable backups. Default is 1 day. Valid range: 0-35. Used only when command=create or command=modify.\n
port: ${9:3306 for mysql, 1521 for Oracle, 1433 for SQL Server, 5432 for PostgreSQL.} # not required. Port number that the DB instance uses for connections. Used only when command=create or command=replicate.,Prior to 2.0 it always defaults to null and the API would use 3306, it had to be set to other DB default values when not using MySql. Starting at 2.0 it automatically defaults to what is expected for each C(db_engine).
security_groups: ${10:null} # not required. Comma separated list of one or more security groups. Used only when command=create or command=modify.
size: ${11:null} # not required. Size in gigabytes of the initial storage for the DB instance. Used only when command=create or command=modify.
aws_secret_key: ${12:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used.
subnet: ${13:null} # not required. VPC subnet group. If specified then a VPC instance is created. Used only when command=create.
vpc_security_groups: ${14:null} # not required. Comma separated list of one or more vpc security group ids. Also requires `subnet` to be specified. Used only when command=create or command=modify.
upgrade: ${15|yes,no|} # not required. choices: yes;no. Indicates that minor version upgrades should be applied automatically. Used only when command=create or command=replicate.
zone: ${16:null} # not required. availability zone in which to launch the instance. Used only when command=create, command=replicate or command=restore.
instance_type: ${17:null} # not required. The instance type of the database. Must be specified when command=create. Optional when command=replicate, command=modify or command=restore. If not specified then the replica inherits the same instance type as the source instance.
source_instance: ${18:null} # not required. Name of the database to replicate. Used only when command=replicate.
parameter_group: ${19:null} # not required. Name of the DB parameter group to associate with this instance. If omitted then the RDS default DBParameterGroup will be used. Used only when command=create or command=modify.
multi_zone: ${20|yes,no|} # not required. choices: yes;no. Specifies if this is a Multi-availability-zone deployment. Can not be used in conjunction with zone parameter. Used only when command=create or command=modify.
new_instance_name: ${21:null} # not required. Name to rename an instance to. Used only when command=modify.
username: ${22:null} # not required. Master database username. Used only when command=create.
tags: ${23:null} # not required. tags dict to apply to a resource. Used with command=create, command=replicate, command=restore. Requires boto >= 2.26.0
db_name: ${24:null} # not required. Name of a database to create within the instance. If not specified then no database is created. Used only when command=create.
license_model: ${25|license-included,bring-your-own-license,general-public-license,postgresql-license|} # not required. choices: license-included;bring-your-own-license;general-public-license;postgresql-license. The license model for this DB instance. Used only when command=create or command=restore.
password: ${26:null} # not required. Password for the master database username. Used only when command=create or command=modify.
apply_immediately: ${27|yes,no|} # not required. choices: yes;no. Used only when command=modify. If enabled, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
wait: ${28|yes,no|} # not required. choices: yes;no. When command=create, replicate, modify or restore then wait for the database to enter the 'available' state. When command=delete wait for the database to be terminated.
aws_access_key: ${29:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY environment variable is used.
security_token: ${30:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
character_set_name: ${31:null} # not required. Associate the DB instance with a specified character set. Used with command=create.
validate_certs: ${32:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
option_group: ${33:null} # not required. The name of the option group to use. If not specified then the default option group is used. Used only when command=create.
engine_version: ${34:null} # not required. Version number of the database engine to use. Used only when command=create. If not specified then the current Amazon RDS default engine version is used
instance_name: ${35:null} # not required. Database instance identifier. Required except when using command=facts or command=delete on just a snapshot
force_failover: ${36|yes,no|} # not required. choices: yes;no. Used only when command=reboot. If enabled, the reboot is done using a MultiAZ failover.
wait_timeout: ${37:300} # not required. how long before wait gives up, in seconds
snapshot: ${38:null} # not required. Name of snapshot to take. When command=delete, if no snapshot name is provided then no snapshot is taken. If used with command=delete with no instance_name, the snapshot is deleted. Used with command=facts, command=delete or command=snapshot.
publicly_accessible: ${39:null} # not required. explicitly set whether the resource should be publicly accessible or not. Used with command=create, command=replicate. Requires boto >= 2.26.0
maint_window: ${40:null} # not required. Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15) If not specified then a random maintenance window is assigned. Used only when command=create or command=modify.\n
"""
'rds_param_group':
'prefix': "rds_param_group_snippet"
'description': "manage RDS parameter groups"
'body': """
rds_param_group:
name: ${1:undefined} # required. Database parameter group identifier.
state: ${2|present,absent|} # required. choices: present;absent. Specifies whether the group should be present or absent.
engine: ${3|aurora5.6,mariadb10.0,mariadb10.1,mysql5.1,mysql5.5,mysql5.6,mysql5.7,oracle-ee-11.2,oracle-ee-12.1,oracle-se-11.2,oracle-se-12.1,oracle-se1-11.2,oracle-se1-12.1,postgres9.3,postgres9.4,postgres9.5,postgres9.6,sqlserver-ee-10.5,sqlserver-ee-11.0,sqlserver-ex-10.5,sqlserver-ex-11.0,sqlserver-ex-12.0,sqlserver-se-10.5,sqlserver-se-11.0,sqlserver-se-12.0,sqlserver-web-10.5,sqlserver-web-11.0,sqlserver-web-12.0|} # not required. choices: aurora5.6;mariadb10.0;mariadb10.1;mysql5.1;mysql5.5;mysql5.6;mysql5.7;oracle-ee-11.2;oracle-ee-12.1;oracle-se-11.2;oracle-se-12.1;oracle-se1-11.2;oracle-se1-12.1;postgres9.3;postgres9.4;postgres9.5;postgres9.6;sqlserver-ee-10.5;sqlserver-ee-11.0;sqlserver-ex-10.5;sqlserver-ex-11.0;sqlserver-ex-12.0;sqlserver-se-10.5;sqlserver-se-11.0;sqlserver-se-12.0;sqlserver-web-10.5;sqlserver-web-11.0;sqlserver-web-12.0. The type of database for this group. Required for state=present.
aws_secret_key: ${4:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${7:undefined} # not required. Dictionary of tags to attach to the parameter group
purge_tags: ${8:undefined} # not required. Whether or not to remove tags that do not appear in the I(tags) list. Defaults to false.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
immediate: ${10:undefined} # not required. Whether to apply the changes immediately, or after the next reboot of any associated instances.
params: ${11:undefined} # not required. Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3), or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
profile: ${13:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
description: ${15:undefined} # not required. Database parameter group description. Only set when a new group is added.
"""
'rds_subnet_group':
'prefix': "rds_subnet_group_snippet"
'description': "manage RDS database subnet groups"
'body': """
rds_subnet_group:
name: ${1:null} # required. Database subnet group identifier.
state: ${2|present,absent|} # required. choices: present;absent. Specifies whether the subnet should be present or absent.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
subnets: ${4:null} # not required. List of subnet IDs that make up the database subnet group.
aws_access_key: ${5:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
profile: ${8:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
description: ${11:null} # not required. Database subnet group description. Only set when a new group is added.
"""
'redhat_subscription':
'prefix': "redhat_subscription_snippet"
'description': "Manage registration and subscriptions to RHSM using the C(subscription-manager) command"
'body': """
redhat_subscription:
username: ${1:null} # not required. access.redhat.com or Sat6 username
server_hostname: ${2:undefined} # not required. Specify an alternative Red Hat Subscription Management or Sat6 server
pool_ids: ${3:} # not required. Specify subscription pool IDs to consume. Prefer over I(pool) when possible as it is much faster.\nA pool ID may be specified as a C(string) - just the pool ID (ex. C(0123456789abcdef0123456789abcdef)),\nor as a C(dict) with the pool ID as the key, and a quantity as the value (ex.\nC(0123456789abcdef0123456789abcdef: 2). If the quantity is provided, it is used to consume multiple\nentitlements from a pool (the pool must support this). Mutually exclusive with I(pool).\n
consumer_id: ${4:null} # not required. References an existing consumer ID to resume using a previous registration\nfor this system. If the system's identity certificate is lost or corrupted,\nthis option allows it to resume using its previous identity and subscriptions.\nThe default is to not specify a consumer ID so a new ID is created.\n
auto_attach: ${5:false} # not required. Upon successful registration, auto-consume available subscriptions,Added in favor of depracated autosubscribe in 2.5.
server_insecure: ${6:undefined} # not required. Enable or disable https server certificate verification when connecting to C(server_hostname)
activationkey: ${7:null} # not required. supply an activation key for use with registration
server_proxy_password: ${8:undefined} # not required. Specify a password for HTTP proxy with basic authentication
consumer_name: ${9:null} # not required. Name of the system to register, defaults to the hostname
rhsm_baseurl: ${10:undefined} # not required. Specify CDN baseurl
pool: ${11:^$} # not required. Specify a subscription pool name to consume. Regular expressions accepted. Use I(pool_ids) instead if\npossible, as it is much faster. Mutually exclusive with I(pool_ids).\n
server_proxy_port: ${12:undefined} # not required. Specify a HTTP proxy port
password: ${13:null} # not required. access.redhat.com or Sat6 password
consumer_type: ${14:null} # not required. The type of unit to register, defaults to system
org_id: ${15:null} # not required. Organization ID to use in conjunction with activationkey
environment: ${16:null} # not required. Register with a specific environment in the destination org. Used with Red Hat Satellite 6.x or Katello
force_register: ${17:false} # not required. Register the system even if it is already registered
state: ${18|present,absent|} # not required. choices: present;absent. whether to register and subscribe (C(present)), or unregister (C(absent)) a system
server_proxy_user: ${19:undefined} # not required. Specify a user for HTTP proxy with basic authentication
server_proxy_hostname: ${20:undefined} # not required. Specify a HTTP proxy hostname
"""
'redis':
'prefix': "redis_snippet"
'description': "Various redis commands, slave and flush"
'body': """
redis:
command: ${1|config,flush,slave|} # required. choices: config;flush;slave. The selected redis command,C(config) (new in 1.6), ensures a configuration setting on an instance.,C(flush) flushes all the instance or a specified db.,C(slave) sets a redis instance in slave or master mode.
login_port: ${2:6379} # not required. The port to connect to
name: ${3:undefined} # not required. A redis config key.
flush_mode: ${4|all,db|} # not required. choices: all;db. Type of flush (all the dbs in a redis instance or a specific one) [flush command]
master_host: ${5:null} # not required. The host of the master instance [slave command]
login_host: ${6:localhost} # not required. The host running the database
master_port: ${7:undefined} # not required. The port of the master instance [slave command]
db: ${8:undefined} # not required. The database to flush (used in db mode) [flush command]
value: ${9:undefined} # not required. A redis config value.
login_password: ${10:undefined} # not required. The password used to authenticate with (usually not used)
slave_mode: ${11|master,slave|} # not required. choices: master;slave. the mode of the redis instance [slave command]
"""
'redshift':
'prefix': "redshift_snippet"
'description': "create, delete, or modify an Amazon Redshift instance"
'body': """
redshift:
command: ${1|create,facts,delete,modify|} # required. choices: create;facts;delete;modify. Specifies the action to take.
identifier: ${2:undefined} # required. Redshift cluster identifier.
cluster_parameter_group_name: ${3:null} # not required. name of the cluster parameter group
username: ${4:undefined} # not required. Master database username. Used only when command=create.
new_cluster_identifier: ${5:null} # not required. Only used when command=modify.
number_of_nodes: ${6:null} # not required. Number of nodes. Only used when cluster_type=multi-node.
availability_zone: ${7:undefined} # not required. availability zone in which to launch cluster
encrypted: ${8:false} # not required. if the cluster is encrypted or not
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
node_type: ${10|ds1.xlarge,ds1.8xlarge,ds2.xlarge,ds2.8xlarge,dc1.large,dc1.8xlarge,dc2.large,dc2.8xlarge,dw1.xlarge,dw1.8xlarge,dw2.large,dw2.8xlarge|} # not required. choices: ds1.xlarge;ds1.8xlarge;ds2.xlarge;ds2.8xlarge;dc1.large;dc1.8xlarge;dc2.large;dc2.8xlarge;dw1.xlarge;dw1.8xlarge;dw2.large;dw2.8xlarge. The node type of the cluster. Must be specified when command=create.
db_name: ${11:null} # not required. Name of the database.
publicly_accessible: ${12:false} # not required. if the cluster is accessible publicly or not
skip_final_cluster_snapshot: ${13:false} # not required. skip a final snapshot before deleting the cluster. Used only when command=delete.
password: ${14:undefined} # not required. Master database password. Used only when command=create.
port: ${15:null} # not required. which port the cluster is listining
wait: ${16|yes,no|} # not required. choices: yes;no. When command=create, modify or restore then wait for the database to enter the 'available' state. When command=delete wait for the database to be terminated.
aws_secret_key: ${17:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${18:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${19:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
allow_version_upgrade: ${20:true} # not required. flag to determinate if upgrade of version is possible
cluster_type: ${21|multi-node,single-node|} # not required. choices: multi-node;single-node. The type of cluster.
region: ${22:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
elastic_ip: ${23:null} # not required. if the cluster has an elastic IP or not
cluster_subnet_group_name: ${24:undefined} # not required. which subnet to place the cluster
profile: ${25:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
validate_certs: ${26:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
wait_timeout: ${27:300} # not required. how long before wait gives up, in seconds
cluster_security_groups: ${28:null} # not required. in which security group the cluster belongs
automated_snapshot_retention_period: ${29:null} # not required. period when the snapshot take place
cluster_version: ${30|1.0|} # not required. choices: 1.0. which version the cluster should have
final_cluster_snapshot_identifier: ${31:null} # not required. identifier of the final snapshot to be created before deleting the cluster. If this parameter is provided, final_cluster_snapshot_identifier must be false. Used only when command=delete.
preferred_maintenance_window: ${32:null} # not required. maintenance window
vpc_security_group_ids: ${33:null} # not required. VPC security group
"""
'redshift_facts':
'prefix': "redshift_facts_snippet"
'description': "Gather facts about Redshift cluster(s)"
'body': """
redshift_facts:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
cluster_identifier: ${5:undefined} # not required. The prefix of cluster identifier of the Redshift cluster you are searching for.,This is a regular expression match with implicit '^'. Append '$' for a complete match.
tags: ${6:undefined} # not required. A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the security group(s) you are searching for.
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'redshift_subnet_group':
'prefix': "redshift_subnet_group_snippet"
'description': "manage Redshift cluster subnet groups"
'body': """
redshift_subnet_group:
group_name: ${1:undefined} # required. Cluster subnet group name.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${7:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
state: ${8|present,absent|} # not required. choices: present;absent. Specifies whether the subnet should be present or absent.
group_subnets: ${9:null} # not required. List of subnet IDs that make up the cluster subnet group.
group_description: ${10:null} # not required. Database subnet group description.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'replace':
'prefix': "replace_snippet"
'description': "Replace all instances of a particular string in a file using a back-referenced regular expression."
'body': """
replace:
path: ${1:undefined} # required. The file to modify.,Before 2.3 this option was only usable as I(dest), I(destfile) and I(name).
regexp: ${2:undefined} # required. The regular expression to look for in the contents of the file. Uses Python regular expressions; see U(http://docs.python.org/2/library/re.html). Uses MULTILINE mode, which means C(^) and C($) match the beginning and end of the file, as well as the beginning and end respectively of I(each line) of the file.,Does not use DOTALL, which means the C(.) special character matches any character I(except newlines). A common mistake is to assume that a negated character set like C([^#]) will also not match newlines. In order to exclude newlines, they must be added to the set like C([^#\\n]).,Note that, as of ansible 2, short form tasks should have any escape sequences backslash-escaped in order to prevent them being parsed as string literal escapes. See the examples.
seuser: ${3:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
group: ${4:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
encoding: ${5:utf-8} # not required. The character encoding for reading and writing the file.
unsafe_writes: ${6:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
selevel: ${7:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
after: ${8:undefined} # not required. If specified, the line after the replace/remove will start. Can be used in combination with C(before). Uses Python regular expressions; see U(http://docs.python.org/2/library/re.html).
setype: ${9:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
replace: ${10:undefined} # not required. The string to replace regexp matches. May contain backreferences that will get expanded with the regexp capture groups if the regexp matches. If not set, matches are removed entirely.
serole: ${11:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
mode: ${12:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
owner: ${13:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
validate: ${14:None} # not required. The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
attributes: ${15:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
backup: ${16:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
others: ${17:undefined} # not required. All arguments accepted by the M(file) module also work here.
before: ${18:undefined} # not required. If specified, the line before the replace/remove will occur. Can be used in combination with C(after). Uses Python regular expressions; see U(http://docs.python.org/2/library/re.html).
"""
'rhevm':
'prefix': "rhevm_snippet"
'description': "RHEV/oVirt automation"
'body': """
rhevm:
vmhost: ${1:undefined} # not required. The host you wish your VM to run on.
vmmem: ${2:1} # not required. The amount of memory you want your VM to use (in GB).
cd_drive: ${3:null} # not required. The CD you wish to have mounted on the VM when I(state = 'CD').
image: ${4:null} # not required. The template to use for the VM.
cpu_share: ${5:0} # not required. This parameter is used to configure the cpu share.
insecure_api: ${6:false} # not required. A boolean switch to make a secure or insecure connection to the server.
cluster: ${7:undefined} # not required. The rhev/ovirt cluster in which you want you VM to start.
user: ${8:admin@internal} # not required. The user to authenticate with.
port: ${9:443} # not required. The port on which the API is reacheable.
vm_ha: ${10:true} # not required. To make your VM High Available.
disks: ${11:undefined} # not required. This option uses complex arguments and is a list of disks with the options name, size and domain.
datacenter: ${12:Default} # not required. The rhev/ovirt datacenter in which you want you VM to start.
name: ${13:undefined} # not required. The name of the VM.
ifaces: ${14:undefined} # not required. This option uses complex arguments and is a list of interfaces with the options name and vlan.
server: ${15:127.0.0.1} # not required. The name/ip of your RHEV-m/oVirt instance.
state: ${16|ping,present,absent,up,down,restarted,cd,info|} # not required. choices: ping;present;absent;up;down;restarted;cd;info. This serves to create/remove/update or powermanage your VM.
osver: ${17:rhel_6x64} # not required. The operationsystem option in RHEV/oVirt.
mempol: ${18:1} # not required. The minimum amount of memory you wish to reserve for this system.
timeout: ${19:null} # not required. The timeout you wish to define for power actions.,When I(state = 'up'),When I(state = 'down'),When I(state = 'restarted')
del_prot: ${20:true} # not required. This option sets the delete protection checkbox.
boot_order: ${21:network,hd} # not required. This option uses complex arguments and is a list of items that specify the bootorder.
type: ${22|server,desktop,host|} # not required. choices: server;desktop;host. To define if the VM is a server or desktop.
vmcpu: ${23:2} # not required. The number of CPUs you want in your VM.
"""
'rhn_channel':
'prefix': "rhn_channel_snippet"
'description': "Adds or removes Red Hat software channels"
'body': """
rhn_channel:
sysname: ${1:undefined} # required. Name of the system as it is known in RHN/Satellite.
name: ${2:undefined} # required. Name of the software channel.
url: ${3:undefined} # required. The full URL to the RHN/Satellite API.
password: ${4:undefined} # required. RHN/Satellite password.
user: ${5:undefined} # required. RHN/Satellite login.
state: ${6:present} # not required. Whether the channel should be present or not, taking action if the state is different from what is stated.
"""
'rhn_register':
'prefix': "rhn_register_snippet"
'description': "Manage Red Hat Network registration using the C(rhnreg_ks) command"
'body': """
rhn_register:
username: ${1:null} # not required. Red Hat Network username
systemorgid: ${2:None} # not required. supply an organizational id for use with registration
enable_eus: ${3:false} # not required. If true, extended update support will be requested.
server_url: ${4:Current value of I(serverURL) from C(/etc/sysconfig/rhn/up2date) is the default} # not required. Specify an alternative Red Hat Network server URL
channels: ${5:} # not required. Optionally specify a list of comma-separated channels to subscribe to upon successful registration.
state: ${6|present,absent|} # not required. choices: present;absent. whether to register (C(present)), or unregister (C(absent)) a system
sslcacert: ${7:None} # not required. supply a custom ssl CA certificate file for use with registration
activationkey: ${8:null} # not required. supply an activation key for use with registration
profilename: ${9:null} # not required. supply an profilename for use with registration
password: ${10:null} # not required. Red Hat Network password
nopackages: ${11:false} # not required. If true, the registered node will not upload its installed packages information to Satellite server
"""
'rhsm_repository':
'prefix': "rhsm_repository_snippet"
'description': "Manage RHSM repositories using the subscription-manager command"
'body': """
rhsm_repository:
state: ${1|present,enabled,absent,disabled|} # required. choices: present;enabled;absent;disabled. If state is equal to present or disabled, indicates the desired repository state.
name: ${2:undefined} # required. The ID of repositories to enable.,To operate on several repositories this can accept a comma separated list or a YAML list.
"""
'riak':
'prefix': "riak_snippet"
'description': "This module handles some common Riak operations"
'body': """
riak:
target_node: ${1:riak@127.0.0.1} # not required. The target node for certain operations (join, ping)
config_dir: ${2:/etc/riak} # not required. The path to the riak configuration directory
wait_for_service: ${3|kv|} # not required. choices: kv. Waits for a riak service to come online before continuing.
http_conn: ${4:127.0.0.1:8098} # not required. The ip address and port that is listening for Riak HTTP queries
wait_for_ring: ${5:null} # not required. Number of seconds to wait for all nodes to agree on the ring.
wait_for_handoffs: ${6:null} # not required. Number of seconds to wait for handoffs to complete.
command: ${7|ping,kv_test,join,plan,commit|} # not required. choices: ping;kv_test;join;plan;commit. The command you would like to perform against the cluster.
validate_certs: ${8|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'rocketchat':
'prefix': "rocketchat_snippet"
'description': "Send notifications to Rocket Chat"
'body': """
rocketchat:
domain: ${1:undefined} # required. The domain for your environment without protocol. (i.e. C(example.com) or C(chat.example.com))
token: ${2:undefined} # required. Rocket Chat Incoming Webhook integration token. This provides authentication to Rocket Chat's Incoming webhook for posting messages.
username: ${3:Ansible} # not required. This is the sender of the message.
protocol: ${4|http,https|} # not required. choices: http;https. Specify the protocol used to send notification messages before the webhook url. (i.e. http or https)
attachments: ${5:None} # not required. Define a list of attachments.
color: ${6|normal,good,warning,danger|} # not required. choices: normal;good;warning;danger. Allow text to use default colors - use the default of 'normal' to not send a custom color bar at the start of the message
icon_url: ${7:https://www.ansible.com/favicon.ico} # not required. URL for the message sender's icon.
icon_emoji: ${8:None} # not required. Emoji for the message sender. The representation for the available emojis can be got from Rocket Chat. (for example :thumbsup:) (if I(icon_emoji) is set, I(icon_url) will not be used)
link_names: ${9|1,0|} # not required. choices: 1;0. Automatically create links for channels and usernames in I(msg).
msg: ${10:None} # not required. Message to be sent.
validate_certs: ${11|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
channel: ${12:None} # not required. Channel to send the message to. If absent, the message goes to the channel selected for the I(token) specified during the creation of webhook.
"""
'rollbar_deployment':
'prefix': "rollbar_deployment_snippet"
'description': "Notify Rollbar about app deployments"
'body': """
rollbar_deployment:
environment: ${1:undefined} # required. Name of the environment being deployed, e.g. 'production'.
token: ${2:undefined} # required. Your project access token.
revision: ${3:undefined} # required. Revision number/sha being deployed.
comment: ${4:undefined} # not required. Deploy comment (e.g. what is being deployed).
rollbar_user: ${5:undefined} # not required. Rollbar username of the user who deployed.
url: ${6:https://api.rollbar.com/api/1/deploy/} # not required. Optional URL to submit the notification to.
user: ${7:undefined} # not required. User who deployed.
validate_certs: ${8|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'route53':
'prefix': "route53_snippet"
'description': "add or delete entries in Amazons Route53 DNS service"
'body': """
route53:
zone: ${1:undefined} # required. The DNS zone to modify
record: ${2:undefined} # required. The full DNS record to create or delete
state: ${3|present,absent,get,create,delete|} # required. choices: present;absent;get;create;delete. Specifies the state of the resource record. As of Ansible 2.4, the I(command) option has been changed to I(state) as default and the choices 'present' and 'absent' have been added, but I(command) still works as well.
type: ${4|A,CNAME,MX,AAAA,TXT,PTR,SRV,SPF,CAA,NS,SOA|} # required. choices: A;CNAME;MX;AAAA;TXT;PTR;SRV;SPF;CAA;NS;SOA. The type of DNS record to create
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
health_check: ${7:null} # not required. Health check to associate with this record
weight: ${8:null} # not required. Weighted resource record sets only. Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.
ec2_url: ${9:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
hosted_zone_id: ${10:null} # not required. The Hosted Zone ID of the DNS zone to modify
wait_timeout: ${11:300} # not required. How long to wait for the changes to be replicated, in seconds.
ttl: ${12:3600 (one hour)} # not required. The TTL to give the new record
overwrite: ${13:null} # not required. Whether an existing record should be overwritten on create if values do not match
wait: ${14:false} # not required. Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
aws_secret_key: ${15:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${16:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
alias_hosted_zone_id: ${17:null} # not required. The hosted zone identifier.
validate_certs: ${18:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${19:null} # not required. Latency-based resource record sets only Among resource record sets that have the same combination of DNS name and type, a value that determines which region this should be associated with for the latency-based routing
retry_interval: ${20:500} # not required. In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
value: ${21:null} # not required. The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.,When deleting a record all values for the record must be specified or Route53 will not delete it.
alias: ${22|True,False|} # not required. choices: True;False. Indicates if this is an alias record.
private_zone: ${23:false} # not required. If set to true, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
alias_evaluate_target_health: ${24:false} # not required. Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
vpc_id: ${25:null} # not required. When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC.,This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
identifier: ${26:null} # not required. Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
failover: ${27:null} # not required. Failover resource record sets only. Whether this is the primary or secondary resource record set. Allowed values are PRIMARY and SECONDARY
"""
'route53_facts':
'prefix': "route53_facts_snippet"
'description': "Retrieves route53 details using AWS methods"
'body': """
route53_facts:
query: ${1|change,checker_ip_range,health_check,hosted_zone,record_sets,reusable_delegation_set|} # required. choices: change;checker_ip_range;health_check;hosted_zone;record_sets;reusable_delegation_set. specifies the query action to take
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
start_record_name: ${5:undefined} # not required. The first name in the lexicographic ordering of domain names that you want the list_command: record_sets to start listing from
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
resource_id: ${7:undefined} # not required. The ID/s of the specified resource/s
hosted_zone_method: ${8|details,list,list_by_name,count,tags|} # not required. choices: details;list;list_by_name;count;tags. This is used in conjunction with query: hosted_zone. It allows for listing details, counts or tags of various hosted zone details.
dns_name: ${9:undefined} # not required. The first name in the lexicographic ordering of domain names that you want the list_command to start listing from
health_check_method: ${10|list,details,status,failure_reason,count,tags|} # not required. choices: list;details;status;failure_reason;count;tags. This is used in conjunction with query: health_check. It allows for listing details, counts or tags of various health check details.
delegation_set_id: ${11:undefined} # not required. The DNS Zone delegation set ID
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
max_items: ${13:undefined} # not required. Maximum number of items to return for various get/list requests
hosted_zone_id: ${14:undefined} # not required. The Hosted Zone ID of the DNS zone
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
health_check_id: ${16:undefined} # not required. The ID of the health check
change_id: ${17:undefined} # not required. The ID of the change batch request. The value that you specify here is the value that ChangeResourceRecordSets returned in the Id element when you submitted the request.
next_marker: ${18:undefined} # not required. Some requests such as list_command: hosted_zones will return a maximum number of entries - EG 100 or the number specified by max_items. If the number of entries exceeds this maximum another request can be sent using the NextMarker entry from the first response to get the next page of results
type: ${19|A,CNAME,MX,AAAA,TXT,PTR,SRV,SPF,CAA,NS|} # not required. choices: A;CNAME;MX;AAAA;TXT;PTR;SRV;SPF;CAA;NS. The type of DNS record
region: ${20:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
"""
'route53_health_check':
'prefix': "route53_health_check_snippet"
'description': "add or delete health-checks in Amazons Route53 DNS service"
'body': """
route53_health_check:
request_interval: ${1|10,30|} # required. choices: 10;30. The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.
type: ${2|HTTP,HTTPS,HTTP_STR_MATCH,HTTPS_STR_MATCH,TCP|} # required. choices: HTTP;HTTPS;HTTP_STR_MATCH;HTTPS_STR_MATCH;TCP. The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
state: ${3|present,absent|} # required. choices: present;absent. Specifies the action to take.
failure_threshold: ${4|1,2,3,4,5,6,7,8,9,10|} # required. choices: 1;2;3;4;5;6;7;8;9;10. The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa.
aws_secret_key: ${5:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${6:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${9:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
fqdn: ${11:undefined} # not required. Domain name of the endpoint to check. Either this or `ip_address` has to be provided. When both are given the `fqdn` is used in the `Host:` header of the HTTP request.
port: ${12:null} # not required. The port on the endpoint on which you want Amazon Route 53 to perform health checks. Required for TCP checks.
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
resource_path: ${14:null} # not required. The path that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example the file /docs/route53-health-check.html.,Required for all checks except TCP.,The path must begin with a /,Maximum 255 characters.
ip_address: ${15:null} # not required. IP address of the end-point to check. Either this or `fqdn` has to be provided.
string_match: ${16:null} # not required. If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the first 5120 bytes of the response body, Amazon Route 53 considers the resource healthy.
"""
'route53_zone':
'prefix': "route53_zone_snippet"
'description': "add or delete Route53 zones"
'body': """
route53_zone:
zone: ${1:undefined} # required. The DNS zone record (eg: foo.com.)
comment: ${2:} # not required. Comment associated with the zone
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
vpc_region: ${4:null} # not required. The VPC Region the zone should be a part of (if this is going to be a private zone)
hosted_zone_id: ${5:null} # not required. The unique zone identifier you want to delete or \"all\" if there are many zones with the same domain name. Required if there are multiple zones identified with the above options
ec2_url: ${6:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${7:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${8:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
state: ${11|present,absent|} # not required. choices: present;absent. whether or not the zone should exist or not
vpc_id: ${12:null} # not required. The VPC ID the zone should be a part of (if this is going to be a private zone)
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'rpm_key':
'prefix': "rpm_key_snippet"
'description': "Adds or removes a gpg key from the rpm db"
'body': """
rpm_key:
key: ${1:undefined} # required. Key that will be modified. Can be a url, a file, or a keyid if the key already exists in the database.
state: ${2|absent,present|} # not required. choices: absent;present. If the key will be imported or removed from the rpm db.
validate_certs: ${3:yes} # not required. If C(no) and the C(key) is a url starting with https, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'rundeck_acl_policy':
'prefix': "rundeck_acl_policy_snippet"
'description': "Manage Rundeck ACL policies."
'body': """
rundeck_acl_policy:
name: ${1:undefined} # required. Sets the project name.
url: ${2:undefined} # required. Sets the rundeck instance URL.
token: ${3:undefined} # required. Sets the token to authenticate against Rundeck API.
project: ${4:undefined} # not required. Sets the project which receive the ACL policy.,If unset, it's a system ACL policy.
policy: ${5:undefined} # not required. Sets the ACL policy content.,ACL policy content is a YAML object as described in http://rundeck.org/docs/man5/aclpolicy.html.,It can be a YAML string or a pure Ansible inventory YAML object.
state: ${6|present,absent|} # not required. choices: present;absent. Create or remove Rundeck project.
api_version: ${7:14} # not required. Sets the API version used by module.,API version must be at least 14.
"""
'rundeck_project':
'prefix': "rundeck_project_snippet"
'description': "Manage Rundeck projects."
'body': """
rundeck_project:
url: ${1:undefined} # required. Sets the rundeck instance URL.
token: ${2:undefined} # required. Sets the token to authenticate against Rundeck API.
name: ${3:undefined} # required. Sets the project name.
state: ${4|present,absent|} # not required. choices: present;absent. Create or remove Rundeck project.
api_version: ${5:14} # not required. Sets the API version used by module.,API version must be at least 14.
"""
'runit':
'prefix': "runit_snippet"
'description': "Manage runit services"
'body': """
runit:
name: ${1:undefined} # required. Name of the service to manage.
state: ${2|killed,once,reloaded,restarted,started,stopped|} # not required. choices: killed;once;reloaded;restarted;started;stopped. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service (sv restart) and C(killed) will always bounce the service (sv force-stop). C(reloaded) will send a HUP (sv reload). C(once) will run a normally downed sv once (sv once), not really an idempotent operation.
enabled: ${3:undefined} # not required. Wheater the service is enabled or not, if disabled it also implies stopped.
service_dir: ${4:/var/service} # not required. directory runsv watches for services
service_src: ${5:/etc/sv} # not required. directory where services are defined, the source of symlinks to service_dir.
"""
's3_bucket':
'prefix': "s3_bucket_snippet"
'description': "Manage S3 buckets in AWS, Ceph, Walrus and FakeS3"
'body': """
s3_bucket:
name: ${1:null} # required. Name of the s3 bucket
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
force: ${5|yes,no|} # not required. choices: yes;no. When trying to delete a bucket, delete all keys in the bucket first (an s3 bucket must be empty for a successful deletion)
security_token: ${6:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
tags: ${7:null} # not required. tags dict to apply to bucket
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
ceph: ${9:undefined} # not required. Enable API compatibility with Ceph. It takes into account the S3 API subset working with Ceph in order to provide the same module behaviour where possible.
state: ${10|present,absent|} # not required. choices: present;absent. Create or remove the s3 bucket
ec2_url: ${11:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
policy: ${12:null} # not required. The JSON policy as a string.
s3_url: ${13:null} # not required. S3 URL endpoint for usage with Ceph, Eucalypus, fakes3, etc. Otherwise assumes AWS
validate_certs: ${14:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
requester_pays: ${15|yes,no|} # not required. choices: yes;no. With Requester Pays buckets, the requester instead of the bucket owner pays the cost of the request and the data download from the bucket.
versioning: ${16|yes,no|} # not required. choices: yes;no. Whether versioning is enabled or disabled (note that once versioning is enabled, it can only be suspended)
"""
's3_lifecycle':
'prefix': "s3_lifecycle_snippet"
'description': "Manage s3 bucket lifecycle rules in AWS"
'body': """
s3_lifecycle:
name: ${1:undefined} # required. Name of the s3 bucket
status: ${2|enabled,disabled|} # not required. choices: enabled;disabled. If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied.
aws_secret_key: ${3:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
transition_days: ${4:null} # not required. Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
expiration_date: ${6:null} # not required. Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified.\n
region: ${7:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
prefix: ${8:null} # not required. Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket.
state: ${9|present,absent|} # not required. choices: present;absent. Create or remove the lifecycle rule
storage_class: ${10|glacier,standard_ia|} # not required. choices: glacier;standard_ia. The storage class to transition to. Currently there are two supported values - 'glacier' or 'standard_ia'.,The 'standard_ia' class is only being available from Ansible version 2.2.
profile: ${11:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
expiration_days: ${13:null} # not required. Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
aws_access_key: ${14:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
rule_id: ${16:null} # not required. Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided.
transition_date: ${17:null} # not required. Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required.\"\n
"""
's3_logging':
'prefix': "s3_logging_snippet"
'description': "Manage logging facility of an s3 bucket in AWS"
'body': """
s3_logging:
name: ${1:undefined} # required. Name of the s3 bucket.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${4:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${5:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${6:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
target_prefix: ${7:} # not required. The prefix that should be prepended to the generated log files written to the target_bucket.
target_bucket: ${8:null} # not required. The bucket to log to. Required when state=present.
state: ${9|present,absent|} # not required. choices: present;absent. Enable or disable logging.
ec2_url: ${10:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${11:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
's3_sync':
'prefix': "s3_sync_snippet"
'description': "Efficiently upload multiple files to S3"
'body': """
s3_sync:
file_root: ${1:undefined} # required. File/directory path for synchronization. This is a local path.,This root path is scrubbed from the key name, so subdirectories will remain as keys.
bucket: ${2:undefined} # required. Bucket name.
mode: ${3|push|} # required. choices: push. sync direction.
aws_secret_key: ${4:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${6:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
file_change_strategy: ${7|force,checksum,date_size|} # not required. choices: force;checksum;date_size. Difference determination method to allow changes-only syncing. Unlike rsync, files are not patched- they are fully skipped or fully uploaded.,date_size will upload if file sizes don't match or if local file modified date is newer than s3's version,checksum will compare etag values based on s3's implementation of chunked md5s.,force will always upload all files.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
permission: ${9|,private,public-read,public-read-write,authenticated-read,aws-exec-read,bucket-owner-read,bucket-owner-full-control|} # not required. choices: ;private;public-read;public-read-write;authenticated-read;aws-exec-read;bucket-owner-read;bucket-owner-full-control. Canned ACL to apply to synced files.,Changing this ACL only changes newly synced files, it does not trigger a full reupload.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
mime_map: ${11:undefined} # not required. Dict entry from extension to MIME type. This will override any default/sniffed MIME type. For example C({\".txt\": \"application/text\", \".yml\": \"application/text\"})\n
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
exclude: ${13:.*} # not required. Shell pattern-style file matching.,Used after include to remove files (for instance, skip \"*.txt\"),For multiple patterns, comma-separate them.
include: ${14:*} # not required. Shell pattern-style file matching.,Used before exclude to determine eligible files (for instance, only \"*.gif\"),For multiple patterns, comma-separate them.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
cache_control: ${16:undefined} # not required. This is a string.,Cache-Control header set on uploaded objects.,Directives are separated by commmas.
key_prefix: ${17:undefined} # not required. In addition to file path, prepend s3 path with this prefix. Module will add slash at end of prefix if necessary.
delete: ${18:false} # not required. Remove remote files that exist in bucket but are not present in the file root.
"""
's3_website':
'prefix': "s3_website_snippet"
'description': "Configure an s3 bucket as a website"
'body': """
s3_website:
name: ${1:null} # required. Name of the s3 bucket
redirect_all_requests: ${2:null} # not required. Describes the redirect behavior for every request to this s3 bucket website endpoint
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
suffix: ${4:index.html} # not required. Suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html). The suffix must not include a slash character.\n
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
region: ${9:null} # not required. AWS region to create the bucket in. If not set then the value of the AWS_REGION and EC2_REGION environment variables are checked, followed by the aws_region and ec2_region settings in the Boto config file. If none of those are set the region defaults to the S3 Location: US Standard.\n
error_key: ${10:null} # not required. The object key name to use when a 4XX class error occurs. To remove an error key, set to None.
state: ${11|present,absent|} # not required. choices: present;absent. Add or remove s3 website configuration
validate_certs: ${12:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
"""
'script':
'prefix': "script_snippet"
'description': "Runs a local script on a remote node after transferring it"
'body': """
script:
free_form: ${1:null} # required. Path to the local script file followed by optional arguments. There is no parameter actually named 'free form'; see the examples!
creates: ${2:null} # not required. a filename, when it already exists, this step will B(not) be run.
decrypt: ${3:Yes} # not required. This option controls the autodecryption of source files using vault.
chdir: ${4:null} # not required. cd into this directory on the remote node before running the script
removes: ${5:null} # not required. a filename, when it does not exist, this step will B(not) be run.
"""
'seboolean':
'prefix': "seboolean_snippet"
'description': "Toggles SELinux booleans"
'body': """
seboolean:
state: ${1:undefined} # required. Desired boolean value
name: ${2:undefined} # required. Name of the boolean to configure.
persistent: ${3:no} # not required. Set to C(yes) if the boolean setting should survive a reboot.
"""
'sefcontext':
'prefix': "sefcontext_snippet"
'description': "Manages SELinux file context mapping definitions"
'body': """
sefcontext:
setype: ${1:undefined} # required. SELinux type for the specified target.
target: ${2:undefined} # required. Target path (expression).
reload: ${3:yes} # not required. Reload SELinux policy after commit.
ftype: ${4:a} # not required. File type.
selevel: ${5:undefined} # not required. SELinux range for the specified target.
seuser: ${6:undefined} # not required. SELinux user for the specified target.
state: ${7|absent,present|} # not required. choices: absent;present. Desired boolean value.
"""
'selinux':
'prefix': "selinux_snippet"
'description': "Change policy and state of SELinux"
'body': """
selinux:
state: ${1|enforcing,permissive,disabled|} # required. choices: enforcing;permissive;disabled. The SELinux mode
policy: ${2:null} # not required. name of the SELinux policy to use (example: C(targeted)) will be required if state is not C(disabled)
conf: ${3:/etc/selinux/config} # not required. path to the SELinux configuration file, if non-standard
"""
'selinux_permissive':
'prefix': "selinux_permissive_snippet"
'description': "Change permissive domain in SELinux policy"
'body': """
selinux_permissive:
domain: ${1:undefined} # required. the domain that will be added or removed from the list of permissive domains
permissive: ${2|True,False|} # required. choices: True;False. indicate if the domain should or should not be set as permissive
no_reload: ${3|True,False|} # not required. choices: True;False. automatically reload the policy after a change,default is set to 'false' as that's what most people would want after changing one domain,Note that this doesn't work on older version of the library (example EL 6), the module will silently ignore it in this case
store: ${4:null} # not required. name of the SELinux policy store to use
"""
'sendgrid':
'prefix': "sendgrid_snippet"
'description': "Sends an email with the SendGrid API"
'body': """
sendgrid:
from_address: ${1:undefined} # required. the address in the \"from\" field for the email
subject: ${2:undefined} # required. the desired subject for the email
to_addresses: ${3:undefined} # required. a list with one or more recipient email addresses
username: ${4:null} # not required. username for logging into the SendGrid account.,Since 2.2 it is only required if api_key is not supplied.
from_name: ${5:null} # not required. the name you want to appear in the from field, i.e 'John Doe"
cc: ${6:null} # not required. a list of email addresses to cc
bcc: ${7:null} # not required. a list of email addresses to bcc
headers: ${8:null} # not required. a dict to pass on as headers
html_body: ${9:false} # not required. whether the body is html content that should be rendered
api_key: ${10:null} # not required. sendgrid API key to use instead of username/password
password: ${11:null} # not required. password that corresponds to the username,Since 2.2 it is only required if api_key is not supplied.
attachments: ${12:null} # not required. a list of relative or explicit paths of files you want to attach (7MB limit as per SendGrid docs)
"""
'sensu_check':
'prefix': "sensu_check_snippet"
'description': "Manage Sensu checks"
'body': """
sensu_check:
name: ${1:undefined} # required. The name of the check,This is the key that is used to determine whether a check exists
command: ${2:undefined} # required. Path to the sensu check to run (not required when I(state=absent))
interval: ${3:null} # not required. Check interval in seconds
handle: ${4|yes,no|} # not required. choices: yes;no. Whether the check should be handled or not
subscribers: ${5:} # not required. List of subscribers/channels this check should run for,See sensu_subscribers to subscribe a machine to a channel
metric: ${6|yes,no|} # not required. choices: yes;no. Whether the check is a metric
subdue_begin: ${7:null} # not required. When to disable handling of check failures
dependencies: ${8:} # not required. Other checks this check depends on, if dependencies fail,,handling of this check will be disabled
occurrences: ${9:1} # not required. Number of event occurrences before the handler should take action
low_flap_threshold: ${10:null} # not required. The low threshold for flap detection
ttl: ${11:null} # not required. Time to live in seconds until the check is considered stale
aggregate: ${12|yes,no|} # not required. choices: yes;no. Classifies the check as an aggregate check,,making it available via the aggregate API
path: ${13:/etc/sensu/conf.d/checks.json} # not required. Path to the json file of the check to be added/removed.,Will be created if it does not exist (unless I(state=absent)).,The parent folders need to exist when I(state=present), otherwise an error will be thrown
standalone: ${14|yes,no|} # not required. choices: yes;no. Whether the check should be scheduled by the sensu client or server,This option obviates the need for specifying the I(subscribers) option
backup: ${15|yes,no|} # not required. choices: yes;no. Create a backup file (if yes), including the timestamp information so,you can get the original file back if you somehow clobbered it incorrectly.
handlers: ${16:} # not required. List of handlers to notify when the check fails
publish: ${17|yes,no|} # not required. choices: yes;no. Whether the check should be scheduled at all.,You can still issue it via the sensu api
custom: ${18:[object Object]} # not required. A hash/dictionary of custom parameters for mixing to the configuration.,You can't rewrite others module parameters using this
source: ${19:null} # not required. The check source, used to create a JIT Sensu client for an external resource (e.g. a network switch).
state: ${20|present,absent|} # not required. choices: present;absent. Whether the check should be present or not
high_flap_threshold: ${21:null} # not required. The high threshold for flap detection
timeout: ${22:10} # not required. Timeout for the check
subdue_end: ${23:null} # not required. When to enable handling of check failures
refresh: ${24:null} # not required. Number of seconds handlers should wait before taking second action
"""
'sensu_client':
'prefix': "sensu_client_snippet"
'description': "Manages Sensu client configuration"
'body': """
sensu_client:
subscriptions: ${1:null} # required. An array of client subscriptions, a list of roles and/or responsibilities assigned to the system (e.g. webserver).,These subscriptions determine which monitoring checks are executed by the client, as check requests are sent to subscriptions.,The subscriptions array items must be strings.
address: ${2:Non-loopback IPv4 address as determined by Ruby Socket.ip_address_list (provided by Sensu)} # not required. An address to help identify and reach the client. This is only informational, usually an IP address or hostname.
chef: ${3:null} # not required. The chef definition scope, used to configure the Sensu Enterprise Chef integration (Sensu Enterprise users only).
redact: ${4:null} # not required. Client definition attributes to redact (values) when logging and sending client keepalives.
socket: ${5:null} # not required. The socket definition scope, used to configure the Sensu client socket.
puppet: ${6:null} # not required. The puppet definition scope, used to configure the Sensu Enterprise Puppet integration (Sensu Enterprise users only).
ec2: ${7:null} # not required. The ec2 definition scope, used to configure the Sensu Enterprise AWS EC2 integration (Sensu Enterprise users only).
safe_mode: ${8|true,false|} # not required. choices: true;false. If safe mode is enabled for the client. Safe mode requires local check definitions in order to accept a check request and execute the check.
registration: ${9:null} # not required. The registration definition scope, used to configure Sensu registration event handlers.
deregistration: ${10:null} # not required. The deregistration definition scope, used to configure automated Sensu client de-registration.
keepalive: ${11:null} # not required. The keepalive definition scope, used to configure Sensu client keepalives behavior (e.g. keepalive thresholds, etc).
deregister: ${12|true,false|} # not required. choices: true;false. If a deregistration event should be created upon Sensu client process stop.
name: ${13:System hostname as determined by Ruby Socket.gethostname (provided by Sensu)} # not required. A unique name for the client. The name cannot contain special characters or spaces.
state: ${14|present,absent|} # not required. choices: present;absent. Whether the client should be present or not
keepalives: ${15|true,false|} # not required. choices: true;false. If Sensu should monitor keepalives for this client.
servicenow: ${16:null} # not required. The servicenow definition scope, used to configure the Sensu Enterprise ServiceNow integration (Sensu Enterprise users only).
"""
'sensu_handler':
'prefix': "sensu_handler_snippet"
'description': "Manages Sensu handler configuration"
'body': """
sensu_handler:
name: ${1:null} # required. A unique name for the handler. The name cannot contain special characters or spaces.
handlers: ${2:null} # required. An array of Sensu event handlers (names) to use for events using the handler set.,Each array item must be a string.,NOTE: the handlers attribute is only required for handler sets (i.e. handlers configured with \"type\": \"set\").
type: ${3|pipe,tcp,udp,transport,set|} # required. choices: pipe;tcp;udp;transport;set. The handler type
filter: ${4:null} # not required. The Sensu event filter (name) to use when filtering events for the handler.
filters: ${5:null} # not required. An array of Sensu event filters (names) to use when filtering events for the handler.,Each array item must be a string.
severities: ${6|warning,critical,unknown|} # not required. choices: warning;critical;unknown. An array of check result severities the handler will handle.,NOTE: event resolution bypasses this filtering.
pipe: ${7:null} # not required. The pipe definition scope, used to configure the Sensu transport pipe.,NOTE: the pipe attribute is only required for Transport handlers (i.e. handlers configured with \"type\": \"transport\").
mutator: ${8:null} # not required. The Sensu event mutator (name) to use to mutate event data for the handler.
state: ${9|present,absent|} # not required. choices: present;absent. Whether the handler should be present or not
command: ${10:null} # not required. The handler command to be executed.,The event data is passed to the process via STDIN.,NOTE: the command attribute is only required for Pipe handlers (i.e. handlers configured with \"type\": \"pipe\").
timeout: ${11:10} # not required. The handler execution duration timeout in seconds (hard stop).,Only used by pipe and tcp handler types.
handle_flapping: ${12:false} # not required. If events in the flapping state should be handled.
handle_silenced: ${13:false} # not required. If events matching one or more silence entries should be handled.
socket: ${14:null} # not required. The socket definition scope, used to configure the TCP/UDP handler socket.,NOTE: the socket attribute is only required for TCP/UDP handlers (i.e. handlers configured with \"type\": \"tcp\" or \"type\": \"udp\").
"""
'sensu_silence':
'prefix': "sensu_silence_snippet"
'description': "Manage Sensu silence entries"
'body': """
sensu_silence:
state: ${1|present,absent|} # required. choices: present;absent. Specifies to create or clear (delete) a silence entry via the Sensu API
subscription: ${2:} # required. Specifies the subscription which the silence entry applies to.,To create a silence entry for a client append C(client:) to client name. Example - C(client:server1.example.dev)
expire_on_resolve: ${3:undefined} # not required. If specified as true, the silence entry will be automatically cleared once the condition it is silencing is resolved.
url: ${4:http://127.0.01:4567} # not required. Specifies the URL of the Sensu monitoring host server.
creator: ${5:undefined} # not required. Specifies the entity responsible for this entry.
reason: ${6:undefined} # not required. If specified, this free-form string is used to provide context or rationale for the reason this silence entry was created.
expire: ${7:undefined} # not required. If specified, the silence entry will be automatically cleared after this number of seconds.
check: ${8:undefined} # not required. Specifies the check which the silence entry applies to.
"""
'sensu_subscription':
'prefix': "sensu_subscription_snippet"
'description': "Manage Sensu subscriptions"
'body': """
sensu_subscription:
name: ${1:undefined} # required. The name of the channel
path: ${2:/etc/sensu/conf.d/subscriptions.json} # not required. Path to the subscriptions json file
state: ${3|present,absent|} # not required. choices: present;absent. Whether the machine should subscribe or unsubscribe from the channel
backup: ${4|yes,no|} # not required. choices: yes;no. Create a backup file (if yes), including the timestamp information so you,can get the original file back if you somehow clobbered it incorrectly.
"""
'seport':
'prefix': "seport_snippet"
'description': "Manages SELinux network port type definitions"
'body': """
seport:
setype: ${1:undefined} # required. SELinux type for the specified port.
proto: ${2|tcp,udp|} # required. choices: tcp;udp. Protocol for the specified port.
state: ${3|absent,present|} # required. choices: absent;present. Desired boolean value.
ports: ${4:undefined} # required. Ports or port ranges, separated by a comma.
reload: ${5:yes} # not required. Reload SELinux policy after commit.
"""
'serverless':
'prefix': "serverless_snippet"
'description': "Manages a Serverless Framework project"
'body': """
serverless:
service_path: ${1:undefined} # required. The path to the root of the Serverless Service to be operated on.
functions: ${2:} # not required. A list of specific functions to deploy. If this is not provided, all functions in the service will be deployed.
deploy: ${3:true} # not required. Whether or not to deploy artifacts after building them. When this option is `false` all the functions will be built, but no stack update will be run to send them out. This is mostly useful for generating artifacts to be stored/deployed elsewhere.
serverless_bin_path: ${4:undefined} # not required. The path of a serverless framework binary relative to the 'service_path' eg. node_module/.bin/serverless
region: ${5:us-east-1} # not required. AWS region to deploy the service to
stage: ${6:undefined} # not required. The name of the serverless framework project stage to deploy to. This uses the serverless framework default \"dev\".
state: ${7|present,absent|} # not required. choices: present;absent. Goal state of given stage/project
"""
'service':
'prefix': "service_snippet"
'description': "Manage services"
'body': """
service:
name: ${1:undefined} # required. Name of the service.
use: ${2:auto} # not required. The service module actually uses system specific modules, normally through auto detection, this setting can force a specific module.,Normally it uses the value of the 'ansible_service_mgr' fact and falls back to the old 'service' module when none matching is found.
pattern: ${3:undefined} # not required. If the service does not respond to the status command, name a substring to look for as would be found in the output of the I(ps) command as a stand-in for a status result. If the string is found, the service will be assumed to be running.
enabled: ${4:undefined} # not required. Whether the service should start on boot. B(At least one of state and enabled are required.)
state: ${5|reloaded,restarted,running,started,stopped|} # not required. choices: reloaded;restarted;running;started;stopped. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service. C(reloaded) will always reload. B(At least one of state and enabled are required.) Note that reloaded will start the service if it is not already started, even if your chosen init system wouldn't normally.
sleep: ${6:undefined} # not required. If the service is being C(restarted) then sleep this many seconds between the stop and start command. This helps to workaround badly behaving init scripts that exit immediately after signaling a process to stop.
arguments: ${7:undefined} # not required. Additional arguments provided on the command line
runlevel: ${8:default} # not required. For OpenRC init scripts (ex: Gentoo) only. The runlevel that this service belongs to.
"""
'service_facts':
'prefix': "service_facts_snippet"
'description': "Return service state information as fact data"
'body': """
service_facts:
"""
'set_fact':
'prefix': "set_fact_snippet"
'description': "Set host facts from a task"
'body': """
set_fact:
key_value: ${1:null} # required. The C(set_fact) module takes key=value pairs as variables to set in the playbook scope. Or alternatively, accepts complex arguments using the C(args:) statement.
cacheable: ${2:false} # not required. This boolean indicates if the facts set will also be added to the fact cache, if fact caching is enabled.
"""
'set_stats':
'prefix': "set_stats_snippet"
'description': "Set stats for the current ansible run"
'body': """
set_stats:
data: ${1:undefined} # required. A dictionary of which each key represents a stat (or variable) you want to keep track of
aggregate: ${2:true} # not required. boolean that indicates if the provided value is aggregated to the existing stat C(yes) or will replace it C(no)
per_host: ${3:false} # not required. boolean that indicates if the stats is per host or for all hosts in the run.
"""
'setup':
'prefix': "setup_snippet"
'description': "Gathers facts about remote hosts"
'body': """
setup:
filter: ${1:*} # not required. if supplied, only return facts that match this shell-style (fnmatch) wildcard.
gather_subset: ${2:all} # not required. if supplied, restrict the additional facts collected to the given subset. Possible values: all, min, hardware, network, virtual, ohai, and facter Can specify a list of values to specify a larger subset. Values can also be used with an initial C(!) to specify that that specific subset should not be collected. For instance: !hardware, !network, !virtual, !ohai, !facter. If !all is specified then only the min subset is collected. To avoid collecting even the min subset, specify !all and !min subsets. To collect only specific facts, use !all, !min, and specify the particular fact subsets. Use the filter parameter if you do not want to display some collected facts.
fact_path: ${3:/etc/ansible/facts.d} # not required. path used for local ansible facts (*.fact) - files in this dir will be run (if executable) and their results be added to ansible_local facts if a file is not executable it is read. Check notes for Windows options. (from 2.1 on) File/results format can be json or ini-format
gather_timeout: ${4:10} # not required. Set the default timeout in seconds for individual fact gathering
"""
'sf_account_manager':
'prefix': "sf_account_manager_snippet"
'description': "Manage SolidFire accounts"
'body': """
sf_account_manager:
password: ${1:undefined} # required. Password for the specified user.
name: ${2:undefined} # required. Unique username for this account. (May be 1 to 64 characters in length).
hostname: ${3:undefined} # required. The hostname or IP address of the SolidFire cluster.
username: ${4:undefined} # required. Please ensure that the user has the adequate permissions. For more information, please read the official documentation U(https://goo.gl/ddJa4Q).
state: ${5|present,absent|} # required. choices: present;absent. Whether the specified account should exist or not.
new_name: ${6:None} # not required. New name for the user account.
status: ${7:undefined} # not required. Status of the account.
initiator_secret: ${8:undefined} # not required. CHAP secret to use for the initiator. Should be 12-16 characters long and impenetrable.,The CHAP initiator secrets must be unique and cannot be the same as the target CHAP secret.,If not specified, a random secret is created.
attributes: ${9:undefined} # not required. List of Name/Value pairs in JSON object format.
target_secret: ${10:undefined} # not required. CHAP secret to use for the target (mutual CHAP authentication).,Should be 12-16 characters long and impenetrable.,The CHAP target secrets must be unique and cannot be the same as the initiator CHAP secret.,If not specified, a random secret is created.
account_id: ${11:None} # not required. The ID of the account to manage or update.
"""
'sf_check_connections':
'prefix': "sf_check_connections_snippet"
'description': "Check connectivity to MVIP and SVIP."
'body': """
sf_check_connections:
username: ${1:undefined} # required. Please ensure that the user has the adequate permissions. For more information, please read the official documentation U(https://goo.gl/ddJa4Q).
hostname: ${2:undefined} # required. The hostname or IP address of the SolidFire cluster.
password: ${3:undefined} # required. Password for the specified user.
skip: ${4|svip,mvip|} # not required. choices: svip;mvip. Skip checking connection to SVIP or MVIP.
svip: ${5:None} # not required. Optionally, use to test connection of a different SVIP.,This is not needed to test the connection to the target cluster.
mvip: ${6:None} # not required. Optionally, use to test connection of a different MVIP.,This is not needed to test the connection to the target cluster.
"""
'sf_snapshot_schedule_manager':
'prefix': "sf_snapshot_schedule_manager_snippet"
'description': "Manage SolidFire snapshot schedules"
'body': """
sf_snapshot_schedule_manager:
username: ${1:undefined} # required. Please ensure that the user has the adequate permissions. For more information, please read the official documentation U(https://goo.gl/ddJa4Q).
name: ${2:undefined} # required. Name for the snapshot schedule.
hostname: ${3:undefined} # required. The hostname or IP address of the SolidFire cluster.
state: ${4|present,absent|} # required. choices: present;absent. Whether the specified schedule should exist or not.
password: ${5:undefined} # required. Password for the specified user.
time_interval_days: ${6:1} # not required. Time interval in days.
time_interval_minutes: ${7:0} # not required. Time interval in minutes.
time_interval_hours: ${8:0} # not required. Time interval in hours.
paused: ${9:undefined} # not required. Pause / Resume a schedule.
schedule_id: ${10:undefined} # not required. The schedule ID for the schedule that you want to update or delete.
snapshot_name: ${11:undefined} # not required. Name for the created snapshots.
volumes: ${12:undefined} # not required. Volume IDs that you want to set the snapshot schedule for.,At least 1 volume ID is required for creating a new schedule.,required when C(state=present)
starting_date: ${13:undefined} # not required. Starting date for the schedule.,Required when C(state=present).,Please use two '-' in the above format, or you may see an error- TypeError, is not JSON serializable description.,Format: C(2016--12--01T00:00:00Z)
recurring: ${14:undefined} # not required. Should the schedule recur?
retention: ${15:undefined} # not required. Retention period for the snapshot.,Format is 'HH:mm:ss'.
"""
'sf_volume_access_group_manager':
'prefix': "sf_volume_access_group_manager_snippet"
'description': "Manage SolidFire Volume Access Groups"
'body': """
sf_volume_access_group_manager:
username: ${1:undefined} # required. Please ensure that the user has the adequate permissions. For more information, please read the official documentation U(https://goo.gl/ddJa4Q).
password: ${2:undefined} # required. Password for the specified user.
name: ${3:undefined} # required. Name of the volume access group. It is not required to be unique, but recommended.
hostname: ${4:undefined} # required. The hostname or IP address of the SolidFire cluster.
state: ${5|present,absent|} # required. choices: present;absent. Whether the specified volume access group should exist or not.
virtual_network_id: ${6:None} # not required. The ID of the SolidFire Virtual Network ID to associate the volume access group with.
volumes: ${7:None} # not required. List of volumes to initially include in the volume access group. If unspecified, the access group will start without any volumes.
initiators: ${8:None} # not required. List of initiators to include in the volume access group. If unspecified, the access group will start out without configured initiators.
attributes: ${9:None} # not required. List of Name/Value pairs in JSON object format.
virtual_network_tags: ${10:None} # not required. The ID of the VLAN Virtual Network Tag to associate the volume access group with.
volume_access_group_id: ${11:None} # not required. The ID of the volume access group to modify or delete.
"""
'sf_volume_manager':
'prefix': "sf_volume_manager_snippet"
'description': "Manage SolidFire volumes"
'body': """
sf_volume_manager:
username: ${1:undefined} # required. Please ensure that the user has the adequate permissions. For more information, please read the official documentation U(https://goo.gl/ddJa4Q).
name: ${2:undefined} # required. The name of the volume to manage.
hostname: ${3:undefined} # required. The hostname or IP address of the SolidFire cluster.
account_id: ${4:undefined} # required. Account ID for the owner of this volume.
state: ${5|present,absent|} # required. choices: present;absent. Whether the specified volume should exist or not.
password: ${6:undefined} # required. Password for the specified user.
qos: ${7:None} # not required. Initial quality of service settings for this volume. Configure as dict in playbooks.
size_unit: ${8|bytes,b,kb,mb,gb,tb,pb,eb,zb,yb|} # not required. choices: bytes;b;kb;mb;gb;tb;pb;eb;zb;yb. The unit used to interpret the size parameter.
access: ${9|readOnly,readWrite,locked,replicationTarget|} # not required. choices: readOnly;readWrite;locked;replicationTarget. Access allowed for the volume.,readOnly: Only read operations are allowed.,readWrite: Reads and writes are allowed.,locked: No reads or writes are allowed.,replicationTarget: Identify a volume as the target volume for a paired set of volumes. If the volume is not paired, the access status is locked.,If unspecified, the access settings of the clone will be the same as the source.
volume_id: ${10:None} # not required. The ID of the volume to manage or update.,In order to create multiple volumes with the same name, but different volume_ids, please declare the I(volume_id) parameter with an arbitrary value. However, the specified volume_id will not be assigned to the newly created volume (since it's an auto-generated property).
512emulation: ${11:undefined} # not required. Should the volume provide 512-byte sector emulation?,Required when C(state=present)
attributes: ${12:None} # not required. A YAML dictionary of attributes that you would like to apply on this volume.
size: ${13:undefined} # not required. The size of the volume in (size_unit).,Required when C(state = present).
"""
'shell':
'prefix': "shell_snippet"
'description': "Execute commands in nodes."
'body': """
shell:
free_form: ${1:null} # required. The shell module takes a free form command to run, as a string. There's not an actual option named \"free form\". See the examples!
warn: ${2:true} # not required. if command warnings are on in ansible.cfg, do not warn about this particular line if set to no/false.
creates: ${3:null} # not required. a filename, when it already exists, this step will B(not) be run.
executable: ${4:null} # not required. change the shell used to execute the command. Should be an absolute path to the executable.
chdir: ${5:null} # not required. cd into this directory before running the command
stdin: ${6:null} # not required. Set the stdin of the command directly to the specified value.
removes: ${7:null} # not required. a filename, when it does not exist, this step will B(not) be run.
"""
'sl_vm':
'prefix': "sl_vm_snippet"
'description': "create or cancel a virtual instance in SoftLayer"
'body': """
sl_vm:
disks: ${1:25} # required. List of disk sizes to be assigned to new virtual instance.
cpus: ${2:undefined} # required. Count of cpus to be assigned to new virtual instance.
memory: ${3:undefined} # required. Amount of memory to be assigned to new virtual instance.
domain: ${4:undefined} # not required. Domain name to be provided to a virtual instance.
tags: ${5:undefined} # not required. Tag or list of tags to be provided to a virtual instance.
instance_id: ${6:undefined} # not required. Instance Id of the virtual instance to perform action option.
dedicated: ${7:no} # not required. Flag to determine if the instance should be deployed in dedicated space.
private: ${8:no} # not required. Flag to determine if the instance should be private only.
image_id: ${9:undefined} # not required. Image Template to be used for new virtual instance.
nic_speed: ${10:10} # not required. NIC Speed to be assigned to new virtual instance.
private_vlan: ${11:undefined} # not required. VLAN by its Id to be assigned to the private NIC.
datacenter: ${12:undefined} # not required. Datacenter for the virtual instance to be deployed.
public_vlan: ${13:undefined} # not required. VLAN by its Id to be assigned to the public NIC.
wait: ${14:yes} # not required. Flag used to wait for active status before returning.
hourly: ${15:yes} # not required. Flag to determine if the instance should be hourly billed.
ssh_keys: ${16:undefined} # not required. List of ssh keys by their Id to be assigned to a virtual instance.
hostname: ${17:undefined} # not required. Hostname to be provided to a virtual instance.
os_code: ${18:undefined} # not required. OS Code to be used for new virtual instance.
wait_time: ${19:600} # not required. Time in seconds before wait returns.
local_disk: ${20:yes} # not required. Flag to determine if local disk should be used for the new instance.
state: ${21|absent,present|} # not required. choices: absent;present. Create, or cancel a virtual instance.,Specify C(present) for create, C(absent) to cancel.
post_uri: ${22:undefined} # not required. URL of a post provisioning script to be loaded and executed on virtual instance.
"""
'slack':
'prefix': "slack_snippet"
'description': "Send Slack notifications"
'body': """
slack:
token: ${1:undefined} # required. Slack integration token. This authenticates you to the slack service. Prior to 1.8, a token looked like C(3Ffe373sfhRE6y42Fg3rvf4GlK). In 1.8 and above, ansible adapts to the new slack API where tokens look like C(G922VJP24/D921DW937/3Ffe373sfhRE6y42Fg3rvf4GlK). If tokens are in the new format then slack will ignore any value of domain. If the token is in the old format the domain is required. Ansible has no control of when slack will get rid of the old API. When slack does that the old format will stop working. ** Please keep in mind the tokens are not the API tokens but are the webhook tokens. In slack these are found in the webhook URL which are obtained under the apps and integrations. The incoming webhooks can be added in that area. In some cases this may be locked by your Slack admin and you must request access. It is there that the incoming webhooks can be added. The key is on the end of the URL given to you in that section.
username: ${2:Ansible} # not required. This is the sender of the message.
domain: ${3:None} # not required. Slack (sub)domain for your environment without protocol. (i.e. C(example.slack.com)) In 1.8 and beyond, this is deprecated and may be ignored. See token documentation for information.
attachments: ${4:None} # not required. Define a list of attachments. This list mirrors the Slack JSON API.,For more information, see also in the (U(https://api.slack.com/docs/attachments)).
color: ${5|normal,good,warning,danger|} # not required. choices: normal;good;warning;danger. Allow text to use default colors - use the default of 'normal' to not send a custom color bar at the start of the message
icon_url: ${6:undefined} # not required. Url for the message sender's icon (default C(https://www.ansible.com/favicon.ico))
parse: ${7|full,none|} # not required. choices: full;none. Setting for the message parser at Slack
icon_emoji: ${8:None} # not required. Emoji for the message sender. See Slack documentation for options. (if I(icon_emoji) is set, I(icon_url) will not be used)
link_names: ${9|1,0|} # not required. choices: 1;0. Automatically create links for channels and usernames in I(msg).
msg: ${10:None} # not required. Message to send. Note that the module does not handle escaping characters. Plain-text angle brackets and ampersands should be converted to HTML entities (e.g. & to &) before sending. See Slack's documentation (U(https://api.slack.com/docs/message-formatting)) for more.
validate_certs: ${11|yes,no|} # not required. choices: yes;no. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
channel: ${12:None} # not required. Channel to send the message to. If absent, the message goes to the channel selected for the I(token).
"""
'slackpkg':
'prefix': "slackpkg_snippet"
'description': "Package manager for Slackware >= 12.2"
'body': """
slackpkg:
name: ${1:undefined} # required. name of package to install/remove
state: ${2|present,absent,latest|} # not required. choices: present;absent;latest. state of the package, you can use \"installed\" as an alias for C(present) and removed as one for C(absent).
update_cache: ${3|true,false|} # not required. choices: true;false. update the package database first
"""
'slurp':
'prefix': "slurp_snippet"
'description': "Slurps a file from remote nodes"
'body': """
slurp:
src: ${1:undefined} # required. The file on the remote system to fetch. This I(must) be a file, not a directory.
"""
'smartos_image_facts':
'prefix': "smartos_image_facts_snippet"
'description': "Get SmartOS image details."
'body': """
smartos_image_facts:
filters: ${1:None} # not required. Criteria for selecting image. Can be any value from image manifest and 'published_date', 'published', 'source', 'clones', and 'size'. More informaton can be found at U(https://smartos.org/man/1m/imgadm) under 'imgadm list'.
"""
'snmp_facts':
'prefix': "snmp_facts_snippet"
'description': "Retrieve facts for a device using SNMP."
'body': """
snmp_facts:
host: ${1:undefined} # required. Set to target snmp server (normally {{inventory_hostname}})
version: ${2|v2,v2c,v3|} # required. choices: v2;v2c;v3. SNMP Version to use, v2/v2c or v3
username: ${3:undefined} # not required. Username for SNMPv3, required if version is v3
level: ${4|authPriv,authNoPriv|} # not required. choices: authPriv;authNoPriv. Authentication level, required if version is v3
privacy: ${5|des,aes|} # not required. choices: des;aes. Encryption algorithm, required if level is authPriv
community: ${6:undefined} # not required. The SNMP community string, required if version is v2/v2c
authkey: ${7:undefined} # not required. Authentication key, required if version is v3
integrity: ${8|md5,sha|} # not required. choices: md5;sha. Hashing algorithm, required if version is v3
privkey: ${9:undefined} # not required. Encryption key, required if version is authPriv
"""
'snow_record':
'prefix': "snow_record_snippet"
'description': "Create/Delete/Update records in ServiceNow"
'body': """
snow_record:
username: ${1:undefined} # required. User to connect to ServiceNow as
password: ${2:undefined} # required. Password for username
instance: ${3:undefined} # required. The service now instance name
state: ${4|present,absent|} # required. choices: present;absent. If C(present) is supplied with a C(number) argument, the module will attempt to update the record with the supplied data. If no such record exists, a new one will be created. C(absent) will delete a record.
number: ${5:undefined} # not required. Record number to update. Required for C(state:absent)
attachment: ${6:undefined} # not required. Attach a file to the record
table: ${7:incident} # not required. Table to query for records
lookup_field: ${8:number} # not required. Changes the field that C(number) uses to find records
data: ${9:undefined} # not required. key, value pairs of data to load into the record. See Examples. Required for C(state:present)
"""
'sns':
'prefix': "sns_snippet"
'description': "Send Amazon Simple Notification Service (SNS) messages"
'body': """
sns:
topic: ${1:undefined} # required. The topic you want to publish to.
msg: ${2:undefined} # required. Default message to send.
message_structure: ${3|json,string|} # required. choices: json;string. The payload format to use for the message.,This must be 'json' to support non-default messages (`http`, `https`, `email`, `sms`, `sqs`). It must be 'string' to support message_attributes.
aws_secret_key: ${4:None} # not required. AWS secret key. If not set then the value of the AWS_SECRET_KEY environment variable is used.
profile: ${5:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${6:None} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY environment variable is used.
http: ${7:undefined} # not required. Message to send to HTTP-only subscription
security_token: ${8:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
sqs: ${9:undefined} # not required. Message to send to SQS-only subscription
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the EC2_REGION environment variable, if any, is used.
sms: ${11:undefined} # not required. Message to send to SMS-only subscription
https: ${12:undefined} # not required. Message to send to HTTPS-only subscription
ec2_url: ${13:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
message_attributes: ${14:None} # not required. Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.,This is in AWS's distinct Name/Type/Value format; see example below.
validate_certs: ${15:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
email: ${16:undefined} # not required. Message to send to email-only subscription
subject: ${17:undefined} # not required. Subject line for email delivery.
"""
'sns_topic':
'prefix': "sns_topic_snippet"
'description': "Manages AWS SNS topics and subscriptions"
'body': """
sns_topic:
name: ${1:undefined} # required. The name or ARN of the SNS topic to converge
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
subscriptions: ${3:} # not required. List of subscriptions to apply to the topic. Note that AWS requires subscriptions to be confirmed, so you will need to confirm any new subscriptions.
ec2_url: ${4:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
purge_subscriptions: ${5:true} # not required. Whether to purge any subscriptions not listed here. NOTE: AWS does not allow you to purge any PendingConfirmation subscriptions, so if any exist and would be purged, they are silently skipped. This means that somebody could come back later and confirm the subscription. Sorry. Blame Amazon.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
display_name: ${8:None} # not required. Display name of the topic
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
delivery_policy: ${10:None} # not required. Delivery policy to apply to the SNS topic
state: ${11|absent,present|} # not required. choices: absent;present. Whether to create or destroy an SNS topic
policy: ${12:None} # not required. Policy to apply to the SNS topic
validate_certs: ${13:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${14:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
"""
'solaris_zone':
'prefix': "solaris_zone_snippet"
'description': "Manage Solaris zones"
'body': """
solaris_zone:
name: ${1:undefined} # required. Zone name.
state: ${2|absent,attached,configured,detached,installed,present,running,started,stopped|} # required. choices: absent;attached;configured;detached;installed;present;running;started;stopped. C(present), configure and install the zone.,C(installed), synonym for C(present).,C(running), if the zone already exists, boot it, otherwise, configure and install the zone first, then boot it.,C(started), synonym for C(running).,C(stopped), shutdown a zone.,C(absent), destroy the zone.,C(configured), configure the ready so that it's to be attached.,C(attached), attach a zone, but do not boot it.,C(detached), shutdown and detach a zone
install_options: ${3:empty string} # not required. Extra options to the zoneadm(1M) install command. To automate Solaris 11 zone creation, use this to specify the profile XML file, e.g. install_options=\"-c sc_profile.xml\"
sparse: ${4:no} # not required. Whether to create a sparse (C(true)) or whole root (C(false)) zone.
create_options: ${5:empty string} # not required. Extra options to the zonecfg(1M) create command.
root_password: ${6:undefined} # not required. The password hash for the root account. If not specified, the zone's root account will not have a password.
timeout: ${7:600} # not required. Timeout, in seconds, for zone to boot.
path: ${8:undefined} # not required. The path where the zone will be created. This is required when the zone is created, but not used otherwise.
config: ${9:empty string} # not required. The zonecfg configuration commands for this zone. See zonecfg(1M) for the valid options and syntax. Typically this is a list of options separated by semi-colons or new lines, e.g. \"set auto-boot=true;add net;set physical=bge0;set address=10.1.1.1;end\"
attach_options: ${10:empty string} # not required. Extra options to the zoneadm attach command. For example, this can be used to specify whether a minimum or full update of packages is required and if any packages need to be deleted. For valid values, see zoneadm(1M)
"""
'sorcery':
'prefix': "sorcery_snippet"
'description': "Package manager for Source Mage GNU/Linux"
'body': """
sorcery:
depends: ${1:null} # not required. Comma-separated list of _optional_ dependencies to build a spell (or make sure it is built) with; use +/- in front of dependency to turn it on/off ('+' is optional though),this option is ignored if C(name) parameter is equal to '*' or contains more than one spell,providers must be supplied in the form recognized by Sorcery, e.g. 'openssl(SSL)"
update_cache: ${2|yes,no|} # not required. choices: yes;no. Whether or not to update grimoire collection before casting spells
name: ${3:null} # not required. Name of the spell,multiple names can be given, separated by commas,special value '*' in conjunction with states C(latest) or C(rebuild) will update or rebuild the whole system respectively
state: ${4|present,latest,absent,cast,dispelled,rebuild|} # not required. choices: present;latest;absent;cast;dispelled;rebuild. Whether to cast, dispel or rebuild a package,state C(cast) is an equivalent of C(present), not C(latest),state C(latest) always triggers C(update_cache=yes),state C(rebuild) implies cast of all specified spells, not only those existed before
update: ${5|yes,no|} # not required. choices: yes;no. Whether or not to update sorcery scripts at the very first stage
cache_valid_time: ${6:null} # not required. Time in seconds to invalidate grimoire collection on update,especially useful for SCM and rsync grimoires,makes sense only in pair with C(update_cache)
"""
'spotinst_aws_elastigroup':
'prefix': "spotinst_aws_elastigroup_snippet"
'description': "Create, update or delete Spotinst AWS Elastigroups"
'body': """
spotinst_aws_elastigroup:
unit: ${1|instance,weight|} # required. choices: instance;weight. (String) The capacity unit to launch instances by.
availability_zones: ${2:undefined} # required. (List of Objects) a list of hash/dictionaries of Availability Zones that are configured in the elastigroup; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are name (String), subnet_id (String), placement_group_name (String),
monitoring: ${3:undefined} # required. (Boolean) Describes whether instance Enhanced Monitoring is enabled
name: ${4:undefined} # required. (String) Unique name for elastigroup to be created, updated or deleted
key_pair: ${5:undefined} # required. (String) Specify a Key Pair to attach to the instances
on_demand_instance_type: ${6:undefined} # required. (String) On-demand instance type that will be provisioned
product: ${7|Linux/UNIX,SUSE Linux,Windows,Linux/UNIX (Amazon VPC),SUSE Linux (Amazon VPC),Windows|} # required. choices: Linux/UNIX;SUSE Linux;Windows;Linux/UNIX (Amazon VPC);SUSE Linux (Amazon VPC);Windows. (String) Operation system type._
min_size: ${8:undefined} # required. (Integer) The lower limit number of instances that you can scale down to
image_id: ${9:undefined} # required. (String) The image Id used to launch the instance.; In case of conflict between Instance type and image type, an error will be returned
security_group_ids: ${10:undefined} # required. (List of Strings) One or more security group IDs. ; In case of update it will override the existing Security Group with the new given array
max_size: ${11:undefined} # required. (Integer) The upper limit number of instances that you can scale up to
availability_vs_cost: ${12|availabilityOriented,costOriented,balanced|} # required. choices: availabilityOriented;costOriented;balanced. (String) The strategy orientation.
target: ${13:undefined} # required. (Integer) The number of instances to launch
spot_instance_types: ${14:undefined} # required. (List of Strings) Spot instance type that will be provisioned.
ebs_volume_pool: ${15:undefined} # not required. (List of Objects) a list of hash/dictionaries of EBS devices to reattach to the elastigroup when available; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are - volume_ids (List of Strings), device_name (String)
opsworks: ${16:undefined} # not required. (Object) The elastigroup OpsWorks integration configration.; Expects the following key - layer_id (String)
ebs_optimized: ${17:undefined} # not required. (Boolean) Enable EBS optimization for supported instances which are not enabled by default.; Note - additional charges will be applied.
roll_config: ${18:undefined} # not required. (Object) Roll configuration.; If you would like the group to roll after updating, please use this feature. Accepts the following keys - batch_size_percentage(Integer, Required), grace_period - (Integer, Required), health_check_type(String, Optional)
shutdown_script: ${19:undefined} # not required. (String) The Base64-encoded shutdown script that executes prior to instance termination. Encode before setting.
elastic_ips: ${20:undefined} # not required. (List of Strings) List of ElasticIps Allocation Ids to associate to the group instances
account_id: ${21:undefined} # not required. (String) Optional parameter that allows to set an account-id inside the module configuration By default this is retrieved from the credentials path
chef: ${22:undefined} # not required. (Object) The Chef integration configuration.; Expects the following keys - chef_server (String), organization (String), user (String), pem_key (String), chef_version (String)
iam_role_name: ${23:undefined} # not required. (String) The instance profile iamRole name,Only use iam_role_arn, or iam_role_name
spin_up_time: ${24:undefined} # not required. (Integer) spin up time, in seconds, for the instance
id: ${25:undefined} # not required. (String) The group id if it already exists and you want to update, or delete it. This will not work unless the uniqueness_by field is set to id. When this is set, and the uniqueness_by field is set, the group will either be updated or deleted, but not created.
risk: ${26:undefined} # not required. (Integer) required if on demand is not set. The percentage of Spot instances to launch (0 - 100).
kubernetes: ${27:undefined} # not required. (Object) The Kubernetes integration configuration. Expects the following keys - api_server (String), token (String)
right_scale: ${28:undefined} # not required. (Object) The Rightscale integration configuration.; Expects the following keys - account_id (String), refresh_token (String)
health_check_grace_period: ${29:300} # not required. (Integer) The amount of time, in seconds, after the instance has launched to start and check its health.
draining_timeout: ${30:undefined} # not required. (Integer) Time for instance to be drained from incoming requests and deregistered from ELB before termination.
target_group_arns: ${31:undefined} # not required. (List of Strings) List of target group arns instances should be registered to
iam_role_arn: ${32:undefined} # not required. (String) The instance profile iamRole arn,Only use iam_role_arn, or iam_role_name
signals: ${33:undefined} # not required. (List of Objects) a list of hash/dictionaries of signals to configure in the elastigroup; keys allowed are - name (String, required), timeout (Integer)
state: ${34|present,absent|} # not required. choices: present;absent. (String) create or delete the elastigroup
health_check_type: ${35|ELB,HCS,TARGET_GROUP,MLB,EC2|} # not required. choices: ELB;HCS;TARGET_GROUP;MLB;EC2. (String) The service to use for the health check.
down_scaling_policies: ${36:undefined} # not required. (List of Objects) a list of hash/dictionaries of scaling policies to configure in the elastigroup; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are - policy_name (String, required), namespace (String, required), metric_name (String, required), dimensions ((List of Objects), Keys allowed are name (String, required) and value (String)), statistic (String, required), evaluation_periods (String, required), period (String, required), threshold (String, required), cooldown (String, required), unit (String, required), operator (String, required), action_type (String, required), adjustment (String), max_target_capacity (String), target (String), maximum (String), minimum (String)
health_check_unhealthy_duration_before_replacement: ${37:undefined} # not required. (Integer) Minimal mount of time instance should be unhealthy for us to consider it unhealthy.
rancher: ${38:undefined} # not required. (Object) The Rancher integration configuration.; Expects the following keys - access_key (String), secret_key (String), master_host (String)
on_demand_count: ${39:undefined} # not required. (Integer) Required if risk is not set,Number of on demand instances to launch. All other instances will be spot instances.; Either set this parameter or the risk parameter
fallback_to_od: ${40:undefined} # not required. (Boolean) In case of no spots available, Elastigroup will launch an On-demand instance instead
ignore_changes: ${41|image_id,target|} # not required. choices: image_id;target. (List of Strings) list of fields on which changes should be ignored when updating
scheduled_tasks: ${42:undefined} # not required. (List of Objects) a list of hash/dictionaries of scheduled tasks to configure in the elastigroup; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are - adjustment (Integer), scale_target_capacity (Integer), scale_min_capacity (Integer), scale_max_capacity (Integer), adjustment_percentage (Integer), batch_size_percentage (Integer), cron_expression (String), frequency (String), grace_period (Integer), task_type (String, required), is_enabled (Boolean)
target_tracking_policies: ${43:undefined} # not required. (List of Objects) a list of hash/dictionaries of target tracking policies to configure in the elastigroup; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are - policy_name (String, required), namespace (String, required), source (String, required), metric_name (String, required), statistic (String, required), unit (String, required), cooldown (String, required), target (String, required)
tags: ${44:undefined} # not required. (List of tagKey:tagValue paris) a list of tags to configure in the elastigroup. Please specify list of keys and values (key colon value);
mesosphere: ${45:undefined} # not required. (Object) The Mesosphere integration configuration. Expects the following key - api_server (String)
wait_timeout: ${46:undefined} # not required. (Integer) How long the module should wait for instances before failing the action.; Only works if wait_for_instances is True.
ecs: ${47:undefined} # not required. (Object) The ECS integration configuration.; Expects the following key - cluster_name (String)
terminate_at_end_of_billing_hour: ${48:undefined} # not required. (Boolean) terminate at the end of billing hour
load_balancers: ${49:undefined} # not required. (List of Strings) List of classic ELB names
block_device_mappings: ${50:undefined} # not required. (List of Objects) a list of hash/dictionaries of Block Device Mappings for elastigroup instances; You can specify virtual devices and EBS volumes.; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are device_name (List of Strings), virtual_name (String), no_device (String), ebs (Object, expects the following keys- delete_on_termination(Boolean), encrypted(Boolean), iops (Integer), snapshot_id(Integer), volume_type(String), volume_size(Integer))
uniqueness_by: ${51|id,name|} # not required. choices: id;name. (String) If your group names are not unique, you may use this feature to update or delete a specific group. Whenever this property is set, you must set a group_id in order to update or delete a group, otherwise a group will be created.
credentials_path: ${52:undefined} # not required. (String) Optional parameter that allows to set a non-default credentials path. Default is ~/.spotinst/credentials
up_scaling_policies: ${53:undefined} # not required. (List of Objects) a list of hash/dictionaries of scaling policies to configure in the elastigroup; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are - policy_name (String, required), namespace (String, required), metric_name (String, required), dimensions (List of Objects, Keys allowed are name (String, required) and value (String)), statistic (String, required) evaluation_periods (String, required), period (String, required), threshold (String, required), cooldown (String, required), unit (String, required), operator (String, required), action_type (String, required), adjustment (String), min_target_capacity (String), target (String), maximum (String), minimum (String)
network_interfaces: ${54:undefined} # not required. (List of Objects) a list of hash/dictionaries of network interfaces to add to the elastigroup; '[{\"key\":\"value\", \"key\":\"value\"}]'; keys allowed are - description (String), device_index (Integer), secondary_private_ip_address_count (Integer), associate_public_ip_address (Boolean), delete_on_termination (Boolean), groups (List of Strings), network_interface_id (String), private_ip_address (String), subnet_id (String), associate_ipv6_address (Boolean), private_ip_addresses (List of Objects, Keys are privateIpAddress (String, required) and primary (Boolean))
lifetime_period: ${55:undefined} # not required. (String) lifetime period
tenancy: ${56|default,dedicated|} # not required. choices: default;dedicated. (String) dedicated vs shared tenancy
user_data: ${57:undefined} # not required. (String) Base64-encoded MIME user data. Encode before setting the value.
persistence: ${58:undefined} # not required. (Object) The Stateful elastigroup configration.; Accepts the following keys - should_persist_root_device (Boolean), should_persist_block_devices (Boolean), should_persist_private_ip (Boolean)
utilize_reserved_instances: ${59:undefined} # not required. (Boolean) In case of any available Reserved Instances, Elastigroup will utilize your reservations before purchasing Spot instances.
wait_for_instances: ${60:undefined} # not required. (Boolean) Whether or not the elastigroup creation / update actions should wait for the instances to spin
"""
'sqs_queue':
'prefix': "sqs_queue_snippet"
'description': "Creates or deletes AWS SQS queues."
'body': """
sqs_queue:
name: ${1:undefined} # required. Name of the queue.
aws_secret_key: ${2:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
message_retention_period: ${4:null} # not required. The message retention period in seconds.
delivery_delay: ${5:null} # not required. The delivery delay in seconds.
default_visibility_timeout: ${6:null} # not required. The default visibility timeout in seconds.
validate_certs: ${7:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${8:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
aws_access_key: ${9:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
state: ${10|present,absent|} # not required. choices: present;absent. Create or delete the queue
maximum_message_size: ${11:null} # not required. The maximum message size in bytes.
ec2_url: ${12:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
policy: ${13:null} # not required. The json dict policy to attach to queue
security_token: ${14:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
redrive_policy: ${15:null} # not required. json dict with the redrive_policy (see example)
receive_message_wait_time: ${16:null} # not required. The receive message wait time in seconds.
"""
'sros_command':
'prefix': "sros_command_snippet"
'description': "Run commands on remote devices running Nokia SR OS"
'body': """
sros_command:
commands: ${1:undefined} # required. List of commands to send to the remote SR OS device over the configured provider. The resulting output from the command is returned. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired.
retries: ${2:10} # not required. Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditions.
interval: ${3:1} # not required. Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. A dict object containing connection details.
wait_for: ${5:null} # not required. List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'sros_config':
'prefix': "sros_config_snippet"
'description': "Manage Nokia SR OS device configuration"
'body': """
sros_config:
src: ${1:null} # not required. Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with I(lines), I(parents).
force: ${2|true,false|} # not required. choices: true;false. The force argument instructs the module to not consider the current devices running-config. When set to true, this will cause the module to push the contents of I(src) into the device without first checking if already configured.,Note this argument should be considered deprecated. To achieve the equivalent, set the C(match=none) which is idempotent. This argument will be removed in a future release.
backup: ${3|yes,no|} # not required. choices: yes;no. This argument will cause the module to create a full backup of the current C(running-config) from the remote device before any changes are made. The backup file is written to the C(backup) folder in the playbook root directory. If the directory does not exist, it is created.
after: ${4:null} # not required. The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with I(before) this allows the playbook designer to append a set of commands to be executed after the command set.
lines: ${5:null} # not required. The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser. The I(lines) argument only supports current context lines. See EXAMPLES
replace: ${6|line,block|} # not required. choices: line;block. Instructs the module on the way to perform the configuration on the device. If the replace argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the replace argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct.
parents: ${7:null} # not required. The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands.
defaults: ${8|yes,no|} # not required. choices: yes;no. This argument specifies whether or not to collect all defaults when getting the remote device running config. When enabled, the module will get the current config by issuing the command C(show running-config all).
provider: ${9:null} # not required. A dict object containing connection details.
save: ${10|yes,no|} # not required. choices: yes;no. The C(save) argument instructs the module to save the running- config to the startup-config at the conclusion of the module running. If check mode is specified, this argument is ignored.
config: ${11:null} # not required. The C(config) argument allows the playbook designer to supply the base configuration to be used to validate configuration changes necessary. If this argument is provided, the module will not download the running-config from the remote node.
match: ${12|line,strict,exact,none|} # not required. choices: line;strict;exact;none. Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to I(line), commands are matched line by line. If match is set to I(strict), command lines are matched with respect to position. If match is set to I(exact), command lines must be an equal match. Finally, if match is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device.
before: ${13:null} # not required. The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system.
"""
'sros_rollback':
'prefix': "sros_rollback_snippet"
'description': "Configure Nokia SR OS rollback"
'body': """
sros_rollback:
remote_max_checkpoints: ${1:null} # not required. The I(remote_max_checkpoints) argument configures the maximum number of rollback files that can be transferred and saved to a remote location. Valid values for this argument are in the range of 1 to 50
local_max_checkpoints: ${2:null} # not required. The I(local_max_checkpoints) argument configures the maximum number of rollback files that can be saved on the devices local compact flash. Valid values for this argument are in the range of 1 to 50
rollback_location: ${3:null} # not required. The I(rollback_location) specifies the location and filename of the rollback checkpoint files. This argument supports any valid local or remote URL as specified in SR OS
state: ${4|present,absent|} # not required. choices: present;absent. The I(state) argument specifies the state of the configuration entries in the devices active configuration. When the state value is set to C(true) the configuration is present in the devices active configuration. When the state value is set to C(false) the configuration values are removed from the devices active configuration.
rescue_location: ${5:null} # not required. The I(rescue_location) specifies the location of the rescue file. This argument supports any valid local or remote URL as specified in SR OS
provider: ${6:null} # not required. A dict object containing connection details.
"""
'stackdriver':
'prefix': "stackdriver_snippet"
'description': "Send code deploy and annotation events to stackdriver"
'body': """
stackdriver:
key: ${1:null} # required. API key.
repository: ${2:null} # not required. The repository (or project) deployed
level: ${3|INFO,WARN,ERROR|} # not required. choices: INFO;WARN;ERROR. one of INFO/WARN/ERROR, defaults to INFO if not supplied. May affect display.
annotated_by: ${4:Ansible} # not required. The person or robot who the annotation should be attributed to.
deployed_to: ${5:null} # not required. The environment code was deployed to. (ie: development, staging, production)
deployed_by: ${6:Ansible} # not required. The person or robot responsible for deploying the code
instance_id: ${7:null} # not required. id of an EC2 instance that this event should be attached to, which will limit the contexts where this event is shown
msg: ${8:null} # not required. The contents of the annotation message, in plain text. Limited to 256 characters. Required for annotation.
event_epoch: ${9:null} # not required. Unix timestamp of where the event should appear in the timeline, defaults to now. Be careful with this.
revision_id: ${10:null} # not required. The revision of the code that was deployed. Required for deploy events
event: ${11|annotation,deploy|} # not required. choices: annotation;deploy. The type of event to send, either annotation or deploy
"""
'stacki_host':
'prefix': "stacki_host_snippet"
'description': "Add or remove host to stacki front-end"
'body': """
stacki_host:
name: ${1:undefined} # required. Name of the host to be added to Stacki.
stacki_user: ${2:undefined} # required. Username for authenticating with Stacki API, but if not specified, the environment variable C(stacki_user) is used instead.
stacki_endpoint: ${3:undefined} # required. URL for the Stacki API Endpoint.
stacki_password: ${4:undefined} # required. Password for authenticating with Stacki API, but if not specified, the environment variable C(stacki_password) is used instead.
prim_intf_ip: ${5:undefined} # not required. IP Address for the primary network interface.
prim_intf: ${6:undefined} # not required. Name of the primary network interface.
force_install: ${7:undefined} # not required. Set value to True to force node into install state if it already exists in stacki.
prim_intf_mac: ${8:undefined} # not required. MAC Address for the primary PXE boot network interface.
"""
'stat':
'prefix': "stat_snippet"
'description': "Retrieve file or file system status"
'body': """
stat:
path: ${1:undefined} # required. The full path of the file/object to get the facts of.
get_checksum: ${2:yes} # not required. Whether to return a checksum of the file (default sha1).
follow: ${3:no} # not required. Whether to follow symlinks.
checksum_algorithm: ${4|md5,sha1,sha224,sha256,sha384,sha512|} # not required. choices: md5;sha1;sha224;sha256;sha384;sha512. Algorithm to determine checksum of file. Will throw an error if the host is unable to use specified algorithm.,The remote host has to support the hashing method specified, C(md5) can be unavailable if the host is FIPS-140 compliant.
get_mime: ${5:yes} # not required. Use file magic and return data about the nature of the file. this uses the 'file' utility found on most Linux/Unix systems.,This will add both `mime_type` and 'charset' fields to the return, if possible.,In 2.3 this option changed from 'mime' to 'get_mime' and the default changed to 'Yes'.
get_md5: ${6:no} # not required. Whether to return the md5 sum of the file.,Will return None if not a regular file or if we're unable to use md5 (Common for FIPS-140 compliant systems).,The default of this option changed from C(yes) to C(no) in Ansible 2.5 and will be removed altogether in Ansible 2.9.,Use C(get_checksum=true) with C(checksum_algorithm=md5) to return an md5 hash under the C(checksum) return value.
get_attributes: ${7:yes} # not required. Get file attributes using lsattr tool if present.
"""
'statusio_maintenance':
'prefix': "statusio_maintenance_snippet"
'description': "Create maintenance windows for your status.io dashboard"
'body': """
statusio_maintenance:
api_id: ${1:undefined} # required. Your unique API ID from status.io
statuspage: ${2:undefined} # required. Your unique StatusPage ID from status.io
api_key: ${3:undefined} # required. Your unique API Key from status.io
maintenance_notify_72_hr: ${4:false} # not required. Notify subscribers 72 hours before maintenance start time
maintenance_notify_now: ${5:false} # not required. Notify subscribers now
start_time: ${6:None} # not required. Time maintenance is expected to start (Hour:Minutes) (UTC),End Time is worked out from start_time + minutes
automation: ${7:false} # not required. Automatically start and end the maintenance window
maintenance_notify_24_hr: ${8:false} # not required. Notify subscribers 24 hours before maintenance start time
all_infrastructure_affected: ${9:false} # not required. If it affects all components and containers
maintenance_id: ${10:None} # not required. The maintenance id number when deleting a maintenance window
desc: ${11:Created by Ansible} # not required. Message describing the maintenance window
maintenance_notify_1_hr: ${12:false} # not required. Notify subscribers 1 hour before maintenance start time
title: ${13:A new maintenance window} # not required. A descriptive title for the maintenance window
url: ${14:https://api.status.io} # not required. Status.io API URL. A private apiary can be used instead.
state: ${15|present,absent|} # not required. choices: present;absent. Desired state of the package.
components: ${16:None} # not required. The given name of your component (server name)
minutes: ${17:10} # not required. The length of time in UTC that the maintenance will run (starting from playbook runtime)
start_date: ${18:None} # not required. Date maintenance is expected to start (Month/Day/Year) (UTC),End Date is worked out from start_date + minutes
containers: ${19:None} # not required. The given name of your container (data center)
"""
'sts_assume_role':
'prefix': "sts_assume_role_snippet"
'description': "Assume a role using AWS Security Token Service and obtain temporary credentials"
'body': """
sts_assume_role:
role_arn: ${1:undefined} # required. The Amazon Resource Name (ARN) of the role that the caller is assuming (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs)
role_session_name: ${2:undefined} # required. Name of the role's session - will be used by CloudTrail
profile: ${3:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
mfa_serial_number: ${4:null} # not required. The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
ec2_url: ${5:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
aws_secret_key: ${6:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aws_access_key: ${7:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
duration_seconds: ${8:null} # not required. The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds.
security_token: ${9:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
validate_certs: ${10:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${11:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
mfa_token: ${12:null} # not required. The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
policy: ${13:null} # not required. Supplemental policy to use in addition to assumed role's policies.
external_id: ${14:null} # not required. A unique identifier that is used by third parties to assume a role in their customers' accounts.
"""
'sts_session_token':
'prefix': "sts_session_token_snippet"
'description': "Obtain a session token from the AWS Security Token Service"
'body': """
sts_session_token:
aws_secret_key: ${1:null} # not required. AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
profile: ${2:null} # not required. Uses a boto profile. Only works with boto >= 2.24.0.
aws_access_key: ${3:null} # not required. AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
security_token: ${4:null} # not required. AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
duration_seconds: ${5:null} # not required. The duration, in seconds, of the session token. See http://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters for acceptable and default values.
mfa_serial_number: ${6:null} # not required. The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
mfa_token: ${7:null} # not required. The value provided by the MFA device, if the trust policy of the user requires MFA.
ec2_url: ${8:null} # not required. Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
validate_certs: ${9:yes} # not required. When set to \"no\", SSL certificates will not be validated for boto versions >= 2.6.0.
region: ${10:undefined} # not required. The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
"""
'subversion':
'prefix': "subversion_snippet"
'description': "Deploys a subversion repository"
'body': """
subversion:
dest: ${1:undefined} # required. Absolute path where the repository should be deployed.
repo: ${2:undefined} # required. The subversion URL to the repository.
username: ${3:undefined} # not required. C(--username) parameter passed to svn.
executable: ${4:undefined} # not required. Path to svn executable to use. If not supplied, the normal mechanism for resolving binary paths will be used.
force: ${5:no} # not required. If C(yes), modified files will be discarded. If C(no), module will fail if it encounters modified files. Prior to 1.9 the default was C(yes).
update: ${6:yes} # not required. If C(no), do not retrieve new revisions from the origin repository.
switch: ${7:yes} # not required. If C(no), do not call svn switch before update.
export: ${8:no} # not required. If C(yes), do export instead of checkout/update.
password: ${9:undefined} # not required. C(--password) parameter passed to svn.
checkout: ${10:yes} # not required. If C(no), do not check out the repository if it does not exist locally.
revision: ${11:HEAD} # not required. Specific revision to checkout.
"""
'supervisorctl':
'prefix': "supervisorctl_snippet"
'description': "Manage the state of a program or group of programs running via supervisord"
'body': """
supervisorctl:
state: ${1|present,started,stopped,restarted,absent|} # required. choices: present;started;stopped;restarted;absent. The desired state of program/group.
name: ${2:null} # required. The name of the supervisord program or group to manage.,The name will be taken as group name when it ends with a colon I(:),Group support is only available in Ansible version 1.6 or later.
username: ${3:null} # not required. username to use for authentication
supervisorctl_path: ${4:null} # not required. path to supervisorctl executable
password: ${5:null} # not required. password to use for authentication
config: ${6:null} # not required. The supervisor configuration file path
server_url: ${7:null} # not required. URL on which supervisord server is listening
"""
'svc':
'prefix': "svc_snippet"
'description': "Manage daemontools services"
'body': """
svc:
name: ${1:undefined} # required. Name of the service to manage.
service_dir: ${2:/service} # not required. directory svscan watches for services
downed: ${3:no} # not required. Should a 'down' file exist or not, if it exists it disables auto startup. defaults to no. Downed does not imply stopped.
enabled: ${4:undefined} # not required. Wheater the service is enabled or not, if disabled it also implies stopped. Make note that a service can be enabled and downed (no auto restart).
state: ${5|killed,once,reloaded,restarted,started,stopped|} # not required. choices: killed;once;reloaded;restarted;started;stopped. C(Started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the svc (svc -t) and C(killed) will always bounce the svc (svc -k). C(reloaded) will send a sigusr1 (svc -1). C(once) will run a normally downed svc once (svc -o), not really an idempotent operation.
service_src: ${6:undefined} # not required. directory where services are defined, the source of symlinks to service_dir.
"""
'svr4pkg':
'prefix': "svr4pkg_snippet"
'description': "Manage Solaris SVR4 packages"
'body': """
svr4pkg:
state: ${1|present,absent|} # required. choices: present;absent. Whether to install (C(present)), or remove (C(absent)) a package.,If the package is to be installed, then I(src) is required.,The SVR4 package system doesn't provide an upgrade operation. You need to uninstall the old, then install the new package.
name: ${2:undefined} # required. Package name, e.g. C(SUNWcsr)
category: ${3|true,false|} # not required. choices: true;false. Install/Remove category instead of a single package.
src: ${4:undefined} # not required. Specifies the location to install the package from. Required when C(state=present).,Can be any path acceptable to the C(pkgadd) command's C(-d) option. e.g.: C(somefile.pkg), C(/dir/with/pkgs), C(http:/server/mypkgs.pkg).,If using a file or directory, they must already be accessible by the host. See the M(copy) module for a way to get them there.
zone: ${5|current,all|} # not required. choices: current;all. Whether to install the package only in the current zone, or install it into all zones.,The installation into all zones works only if you are working with the global zone.
response_file: ${6:undefined} # not required. Specifies the location of a response file to be used if package expects input on install. (added in Ansible 1.4)
proxy: ${7:undefined} # not required. HTTP[s] proxy to be used if C(src) is a URL.
"""
'swdepot':
'prefix': "swdepot_snippet"
'description': "Manage packages with swdepot package manager (HP-UX)"
'body': """
swdepot:
state: ${1|present,latest,absent|} # required. choices: present;latest;absent. whether to install (C(present), C(latest)), or remove (C(absent)) a package.
name: ${2||} # required. choices: . package name.
depot: ${3||} # not required. choices: . The source repository from which install or upgrade a package.
"""
'swupd':
'prefix': "swupd_snippet"
'description': "Manages updates and bundles in ClearLinux systems."
'body': """
swupd:
contenturl: ${1:null} # not required. URL pointing to the contents of available bundles. If not specified, the contents are retrieved from clearlinux.org.
name: ${2:null} # not required. Name of the (I)bundle to install or remove.
format: ${3:null} # not required. The format suffix for version file downloads. For example [1,2,3,staging,etc]. If not specified, the default format is used.
url: ${4:null} # not required. Overrides both I(contenturl) and I(versionurl).
verify: ${5:null} # not required. Verify content for OS version.
update: ${6:false} # not required. Updates the OS to the latest version.
manifest: ${7:null} # not required. The manifest contains information about the bundles at certaion version of the OS. Specify a Manifest version to verify against that version or leave unspecified to verify against the current version.
state: ${8|present,absent|} # not required. choices: present;absent. Indicates the desired (I)bundle state. C(present) ensures the bundle is installed while C(absent) ensures the (I)bundle is not installed.
versionurl: ${9:null} # not required. URL for version string download.
"""
'synchronize':
'prefix': "synchronize_snippet"
'description': "A wrapper around rsync to make common tasks in your playbooks quick and easy."
'body': """
synchronize:
src: ${1:undefined} # required. Path on the source host that will be synchronized to the destination; The path can be absolute or relative.
dest: ${2:undefined} # required. Path on the destination host that will be synchronized from the source; The path can be absolute or relative.
dirs: ${3:no} # not required. Transfer directories without recursing
private_key: ${4:undefined} # not required. Specify the private key to use for SSH-based rsync connections (e.g. C(~/.ssh/id_rsa))
partial: ${5:no} # not required. Tells rsync to keep the partial file which should make a subsequent transfer of the rest of the file much faster.
links: ${6:the value of the archive option} # not required. Copy symlinks as symlinks.
copy_links: ${7:no} # not required. Copy symlinks as the item that they point to (the referent) is copied, rather than the symlink.
perms: ${8:the value of the archive option} # not required. Preserve permissions.
compress: ${9:yes} # not required. Compress file data during the transfer. In most cases, leave this enabled unless it causes problems.
rsync_timeout: ${10:0} # not required. Specify a --timeout for the rsync command in seconds.
rsync_opts: ${11:null} # not required. Specify additional rsync options by passing in an array.
owner: ${12:the value of the archive option} # not required. Preserve owner (super user only)
existing_only: ${13:no} # not required. Skip creating new files on receiver.
set_remote_user: ${14:true} # not required. put user@ for the remote paths. If you have a custom ssh config to define the remote user for a host that does not match the inventory user, you should set this parameter to \"no\".
times: ${15:the value of the archive option} # not required. Preserve modification times
rsync_path: ${16:undefined} # not required. Specify the rsync command to run on the remote host. See C(--rsync-path) on the rsync man page.
dest_port: ${17:Value of ansible_ssh_port for this host, remote_port config setting, or the value from ssh client configuration if none of those are set} # not required. Port number for ssh on the destination host. Prior to ansible 2.0, the ansible_ssh_port inventory var took precedence over this value.
group: ${18:the value of the archive option} # not required. Preserve group
link_dest: ${19:null} # not required. add a destination to hard link against during the rsync.
recursive: ${20:the value of the archive option} # not required. Recurse into directories.
archive: ${21:yes} # not required. Mirrors the rsync archive flag, enables recursive, links, perms, times, owner, group flags and -D.
mode: ${22|pull,push|} # not required. choices: pull;push. Specify the direction of the synchronization. In push mode the localhost or delegate is the source; In pull mode the remote host in context is the source.
checksum: ${23:no} # not required. Skip based on checksum, rather than mod-time & size; Note that that \"archive\" option is still enabled by default - the \"checksum\" option will not disable it.
verify_host: ${24:no} # not required. Verify destination host key.
use_ssh_args: ${25:no} # not required. Use the ssh_args specified in ansible.cfg
delete: ${26:no} # not required. Delete files in C(dest) that don't exist (after transfer, not before) in the C(src) path. This option requires C(recursive=yes).
"""
'sysctl':
'prefix': "sysctl_snippet"
'description': "Manage entries in sysctl.conf."
'body': """
sysctl:
name: ${1:null} # required. The dot-separated path (aka I(key)) specifying the sysctl variable.
reload: ${2|yes,no|} # not required. choices: yes;no. If C(yes), performs a I(/sbin/sysctl -p) if the C(sysctl_file) is updated. If C(no), does not reload I(sysctl) even if the C(sysctl_file) is updated.
state: ${3|present,absent|} # not required. choices: present;absent. Whether the entry should be present or absent in the sysctl file.
sysctl_set: ${4|yes,no|} # not required. choices: yes;no. Verify token value with the sysctl command and set with -w if necessary
ignoreerrors: ${5|yes,no|} # not required. choices: yes;no. Use this option to ignore errors about unknown keys.
sysctl_file: ${6:/etc/sysctl.conf} # not required. Specifies the absolute path to C(sysctl.conf), if not C(/etc/sysctl.conf).
value: ${7:null} # not required. Desired value of the sysctl key.
"""
'syslogger':
'prefix': "syslogger_snippet"
'description': "Log messages in the syslog"
'body': """
syslogger:
msg: ${1:undefined} # required. This is the message to place in syslog
priority: ${2|emerg,alert,crit,err,warning,notice,info,debug|} # not required. choices: emerg;alert;crit;err;warning;notice;info;debug. Set the log priority
facility: ${3|kern,user,mail,daemon,auth,lpr,news,uucp,cron,syslog,local0,local1,local2,local3,local4,local5,local6,local7|} # not required. choices: kern;user;mail;daemon;auth;lpr;news;uucp;cron;syslog;local0;local1;local2;local3;local4;local5;local6;local7. Set the log facility
log_pid: ${4:no} # not required. Log the pid in brackets
"""
'systemd':
'prefix': "systemd_snippet"
'description': "Manage services"
'body': """
systemd:
masked: ${1:undefined} # not required. Whether the unit should be masked or not, a masked unit is impossible to start.
state: ${2|reloaded,restarted,started,stopped|} # not required. choices: reloaded;restarted;started;stopped. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service. C(reloaded) will always reload.
no_block: ${3:no} # not required. Do not synchronously wait for the requested operation to finish. Enqueued job will continue without Ansible blocking on its completion.
name: ${4:undefined} # not required. Name of the service. When using in a chroot environment you always need to specify the full name i.e. (crond.service).
enabled: ${5:undefined} # not required. Whether the service should start on boot. B(At least one of state and enabled are required.)
daemon_reload: ${6:no} # not required. run daemon-reload before doing any other operations, to make sure systemd has read any changes.
user: ${7:no} # not required. run systemctl talking to the service manager of the calling user, rather than the service manager of the system.
"""
'taiga_issue':
'prefix': "taiga_issue_snippet"
'description': "Creates/deletes an issue in a Taiga Project Management Platform"
'body': """
taiga_issue:
project: ${1:undefined} # required. Name of the project containing the issue. Must exist previously.
issue_type: ${2:undefined} # required. The issue type. Must exist previously.
subject: ${3:undefined} # required. The issue subject.
status: ${4:New} # not required. The issue status. Must exist previously.
severity: ${5:Normal} # not required. The issue severity. Must exist previously.
tags: ${6:} # not required. A lists of tags to be assigned to the issue.
priority: ${7:Normal} # not required. The issue priority. Must exist previously.
taiga_host: ${8:https://api.taiga.io} # not required. The hostname of the Taiga instance.
state: ${9|present,absent|} # not required. choices: present;absent. Whether the issue should be present or not.
attachment: ${10:None} # not required. Path to a file to be attached to the issue.
attachment_description: ${11:} # not required. A string describing the file to be attached to the issue.
description: ${12:} # not required. The issue description.
"""
'telegram':
'prefix': "telegram_snippet"
'description': "module for sending notifications via telegram"
'body': """
telegram:
msg: ${1:undefined} # required. What message you wish to send.
token: ${2:undefined} # required. Token identifying your telegram bot.
chat_id: ${3:undefined} # required. Telegram group or user chat_id
msg_format: ${4|plain,markdown,html|} # not required. choices: plain;markdown;html. Message format. Formatting options `markdown` and `html` described in Telegram API docs (https://core.telegram.org/bots/api#formatting-options). If option `plain` set, message will not be formatted.
"""
'telnet':
'prefix': "telnet_snippet"
'description': "Executes a low-down and dirty telnet command"
'body': """
telnet:
command: ${1:undefined} # required. List of commands to be executed in the telnet session.
pause: ${2:1} # not required. Seconds to pause between each command issued
host: ${3:remote_addr} # not required. The host/target on which to execute the command
prompts: ${4:$} # not required. List of prompts expected before sending next command
user: ${5:remote_user} # not required. The user for login
timeout: ${6:120} # not required. timeout for remote operations
login_prompt: ${7:login: } # not required. Login or username prompt to expect
password: ${8:undefined} # not required. The password for login
port: ${9:23} # not required. Remote port to use
password_prompt: ${10:Password: } # not required. Login or username prompt to expect
"""
'tempfile':
'prefix': "tempfile_snippet"
'description': "Creates temporary files and directories."
'body': """
tempfile:
path: ${1:undefined} # not required. Location where temporary file or directory should be created. If path is not specified default system temporary directory will be used.
state: ${2|directory,file|} # not required. choices: directory;file. Whether to create file or directory.
prefix: ${3:ansible.} # not required. Prefix of file/directory name created by module.
suffix: ${4:} # not required. Suffix of file/directory name created by module.
"""
'template':
'prefix': "template_snippet"
'description': "Templates a file out to a remote server"
'body': """
template:
src: ${1:undefined} # required. Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path.
dest: ${2:undefined} # required. Location to render the template to on the remote machine.
unsafe_writes: ${3:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
force: ${4:yes} # not required. the default is C(yes), which will replace the remote file when contents are different than the source. If C(no), the file will only be transferred if the destination does not exist.
trim_blocks: ${5:no} # not required. If this is set to True the first newline after a block is removed (block, not variable tag!).
selevel: ${6:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
block_end_string: ${7:%}} # not required. The string marking the end of a block.
setype: ${8:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
variable_start_string: ${9:{{} # not required. The string marking the beginning of a print statement.
group: ${10:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
newline_sequence: ${11|\\n,\\r,\\r\\n|} # not required. choices: \\n;\\r;\\r\\n. Specify the newline sequence to use for templating files.
serole: ${12:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
block_start_string: ${13:{%} # not required. The string marking the beginning of a block.
variable_end_string: ${14:}}} # not required. The string marking the end of a print statement.
attributes: ${15:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
owner: ${16:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
follow: ${17:no} # not required. This flag indicates that filesystem links in the destination, if they exist, should be followed.,Previous to Ansible 2.4, this was hardcoded as C(yes).
mode: ${18:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
backup: ${19:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
validate: ${20:None} # not required. The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
seuser: ${21:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
"""
'terraform':
'prefix': "terraform_snippet"
'description': "Manages a Terraform deployment (and plans)"
'body': """
terraform:
project_path: ${1:undefined} # required. The path to the root of the Terraform directory with the vars.tf/main.tf/etc to use.
variables_file: ${2:undefined} # not required. The path to a variables file for Terraform to fill into the TF configurations.
lock_timeout: ${3:undefined} # not required. How long to maintain the lock on the statefile, if you use a service that accepts locks (such as S3+DynamoDB).
lock: ${4:undefined} # not required. Enable statefile locking, if you use a service that accepts locks (such as S3+DynamoDB) to store your statefile.
variables: ${5:undefined} # not required. A group of key-values to override template variables or those in variables files.
state: ${6|planned,present,absent|} # not required. choices: planned;present;absent. Goal state of given stage/project
plan_file: ${7:undefined} # not required. The path to an existing Terraform plan file to apply. If this is not specified, Ansible will build a new TF plan and execute it.
state_file: ${8:undefined} # not required. The path to an existing Terraform state file to use when building plan. If this is not specified, the default `terraform.tfstate` will be used.,This option is ignored when plan is specified.
force_init: ${9:false} # not required. To avoid duplicating infra, if a state file can't be found this will force a `terraform init`. Generally, this should be turned off unless you intend to provision an entirely new Terraform deployment.
binary_path: ${10:undefined} # not required. The path of a terraform binary to use, relative to the 'service_path' unless you supply an absolute path.
targets: ${11:undefined} # not required. A list of specific resources to target in this plan/application. The resources selected here will also auto-include any dependencies.
"""
'timezone':
'prefix': "timezone_snippet"
'description': "Configure timezone setting"
'body': """
timezone:
hwclock: ${1:undefined} # not required. Whether the hardware clock is in UTC or in local timezone. Default is to keep current setting. Note that this option is recommended not to change and may fail to configure, especially on virtual environments such as AWS. B(At least one of name and hwclock are required.) I(Only used on Linux.)
name: ${2:undefined} # not required. Name of the timezone for the system clock. Default is to keep current setting. B(At least one of name and hwclock are required.)
"""
'tower_credential':
'prefix': "tower_credential_snippet"
'description': "create, update, or destroy Ansible Tower credential."
'body': """
tower_credential:
kind: ${1|ssh,vault,net,scm,aws,vmware,satellite6,cloudforms,gce,azure_rm,openstack,rhv,insights,tower|} # required. choices: ssh;vault;net;scm;aws;vmware;satellite6;cloudforms;gce;azure_rm;openstack;rhv;insights;tower. Type of credential being added.
name: ${2:undefined} # required. The name to use for the credential.
authorize: ${3:false} # not required. Should use authroize for net type.
username: ${4:null} # not required. Username for this credential. access_key for AWS.
domain: ${5:null} # not required. Domain for openstack type.
description: ${6:undefined} # not required. The description to use for the credential.
tower_host: ${7:null} # not required. URL to your Tower instance.
vault_password: ${8:undefined} # not required. Valut password. Use ASK for prompting.
team: ${9:null} # not required. Team that should own this credential.
tower_config_file: ${10:null} # not required. Path to the Tower config file. See notes.
host: ${11:null} # not required. Host for this credential.
user: ${12:null} # not required. User that should own this credential.
become_password: ${13:null} # not required. Become password. Use ASK for prompting.
tower_password: ${14:null} # not required. Password for your Tower instance.
tower_username: ${15:null} # not required. Username for your Tower instance.
become_username: ${16:null} # not required. Become username. Use ASK for prompting.
password: ${17:null} # not required. Password for this credential. Use ASK for prompting. secret_key for AWS. api_key for RAX.
tenant: ${18:null} # not required. Tenant ID for azure_rm type.
subscription: ${19:null} # not required. Subscription ID for azure_rm type.
become_method: ${20|None,sudo,su,pbrun,pfexec,pmrun|} # not required. choices: None;sudo;su;pbrun;pfexec;pmrun. Become method to Use for privledge escalation.
tower_verify_ssl: ${21:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
secret: ${22:null} # not required. Secret token for azure_rm type.
project: ${23:null} # not required. Project that should for this credential.
state: ${24|present,absent|} # not required. choices: present;absent. Desired state of the resource.
client: ${25:null} # not required. Client or application ID for azure_rm type.
ssh_key_data: ${26:null} # not required. Path to SSH private key.
ssh_key_unlock: ${27:undefined} # not required. Unlock password for ssh_key. Use ASK for prompting.
organization: ${28:null} # not required. Organization that should own the credential.
authorize_password: ${29:null} # not required. Password for net credentials that require authroize.
"""
'tower_group':
'prefix': "tower_group_snippet"
'description': "create, update, or destroy Ansible Tower group."
'body': """
tower_group:
inventory: ${1:undefined} # required. Inventory the group should be made a member of.
name: ${2:undefined} # required. The name to use for the group.
credential: ${3:null} # not required. Credential to use for the group.
source_vars: ${4:null} # not required. Override variables from source with variables from this field.
source_script: ${5:null} # not required. Inventory script to be used when group type is \"custom\".
update_on_launch: ${6:false} # not required. Refresh inventory data from its source each time a job is run.
overwrite_vars: ${7:null} # not required. Override vars in child groups and hosts with those from external source.
source_regions: ${8:null} # not required. Regions for cloud provider.
tower_config_file: ${9:null} # not required. Path to the Tower config file. See notes.
variables: ${10:null} # not required. Variables to use for the group, use '@' for a file.
description: ${11:null} # not required. The description to use for the group.
instance_filters: ${12:null} # not required. Comma-separated list of filter expressions for matching hosts.
tower_password: ${13:null} # not required. Password for your Tower instance.
source: ${14|manual,file,ec2,rax,vmware,gce,azure,azure_rm,openstack,satellite6,cloudforms,custom|} # not required. choices: manual;file;ec2;rax;vmware;gce;azure;azure_rm;openstack;satellite6;cloudforms;custom. The source to use for this group.
state: ${15|present,absent|} # not required. choices: present;absent. Desired state of the resource.
group_by: ${16:null} # not required. Limit groups automatically created from inventory source.
tower_verify_ssl: ${17:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
tower_username: ${18:null} # not required. Username for your Tower instance.
tower_host: ${19:null} # not required. URL to your Tower instance.
overwrite: ${20:false} # not required. Delete child roups and hosts not found in source.
"""
'tower_host':
'prefix': "tower_host_snippet"
'description': "create, update, or destroy Ansible Tower host."
'body': """
tower_host:
name: ${1:undefined} # required. The name to use for the host.
inventory: ${2:undefined} # required. Inventory the host should be made a member of.
description: ${3:null} # not required. The description to use for the host.
variables: ${4:undefined} # not required. Variables to use for the host. Use '@' for a file.
tower_username: ${5:null} # not required. Username for your Tower instance.
tower_password: ${6:null} # not required. Password for your Tower instance.
tower_config_file: ${7:null} # not required. Path to the Tower config file. See notes.
tower_verify_ssl: ${8:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
enabled: ${9:true} # not required. If the host should be enabled.
state: ${10|present,absent|} # not required. choices: present;absent. Desired state of the resource.
tower_host: ${11:null} # not required. URL to your Tower instance.
"""
'tower_inventory':
'prefix': "tower_inventory_snippet"
'description': "create, update, or destroy Ansible Tower inventory."
'body': """
tower_inventory:
organization: ${1:undefined} # required. Organization the inventory belongs to.
name: ${2:undefined} # required. The name to use for the inventory.
description: ${3:null} # not required. The description to use for the inventory.
variables: ${4:null} # not required. Inventory variables. Use '@' to get from file.
tower_password: ${5:null} # not required. Password for your Tower instance.
tower_config_file: ${6:null} # not required. Path to the Tower config file. See notes.
state: ${7|present,absent|} # not required. choices: present;absent. Desired state of the resource.
tower_verify_ssl: ${8:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
tower_username: ${9:null} # not required. Username for your Tower instance.
tower_host: ${10:null} # not required. URL to your Tower instance.
"""
'tower_job_cancel':
'prefix': "tower_job_cancel_snippet"
'description': "Cancel an Ansible Tower Job."
'body': """
tower_job_cancel:
job_id: ${1:undefined} # required. ID of the job to cancel
tower_host: ${2:null} # not required. URL to your Tower instance.
fail_if_not_running: ${3:false} # not required. Fail loudly if the job_id does not reference a running job.
tower_config_file: ${4:null} # not required. Path to the Tower config file. See notes.
tower_password: ${5:null} # not required. Password for your Tower instance.
tower_username: ${6:null} # not required. Username for your Tower instance.
tower_verify_ssl: ${7:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'tower_job_launch':
'prefix': "tower_job_launch_snippet"
'description': "Launch an Ansible Job."
'body': """
tower_job_launch:
job_template: ${1:undefined} # required. Name of the job_template to use.
credential: ${2:null} # not required. Credential to use for job, only used if prompt for credential is set.
use_job_endpoint: ${3:false} # not required. Disable launching jobs from job template.
tags: ${4:null} # not required. Specific tags to use for from playbook.
extra_vars: ${5:null} # not required. Extra_vars to use for the job_template. Prepend '@' if a file.
job_explanation: ${6:null} # not required. Job explanation field.
tower_password: ${7:null} # not required. Password for your Tower instance.
job_type: ${8|run,check,scan|} # not required. choices: run;check;scan. Job_type to use for the job, only used if prompt for job_type is set.
tower_config_file: ${9:null} # not required. Path to the Tower config file. See notes.
limit: ${10:null} # not required. Limit to use for the job_template.
inventory: ${11:null} # not required. Inventory to use for the job, only used if prompt for inventory is set.
tower_verify_ssl: ${12:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
tower_username: ${13:null} # not required. Username for your Tower instance.
tower_host: ${14:null} # not required. URL to your Tower instance.
"""
'tower_job_list':
'prefix': "tower_job_list_snippet"
'description': "List Ansible Tower jobs."
'body': """
tower_job_list:
status: ${1|pending,waiting,running,error,failed,canceled,successful|} # not required. choices: pending;waiting;running;error;failed;canceled;successful. Only list jobs with this status.
tower_host: ${2:null} # not required. URL to your Tower instance.
tower_password: ${3:null} # not required. Password for your Tower instance.
tower_username: ${4:null} # not required. Username for your Tower instance.
all_pages: ${5:false} # not required. Fetch all the pages and return a single result.
tower_verify_ssl: ${6:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
tower_config_file: ${7:null} # not required. Path to the Tower config file. See notes.
query: ${8:null} # not required. Query used to further filter the list of jobs. {\"foo\":\"bar\"} will be passed at ?foo=bar
page: ${9:null} # not required. Page number of the results to fetch.
"""
'tower_job_template':
'prefix': "tower_job_template_snippet"
'description': "create, update, or destroy Ansible Tower job_template."
'body': """
tower_job_template:
job_type: ${1|run,check,scan|} # required. choices: run;check;scan. The job_type to use for the job_template.
playbook: ${2:undefined} # required. Playbook to use for the job_template.
name: ${3:undefined} # required. Name to use for the job_template.
project: ${4:undefined} # required. Project to use for the job_template.
network_credential: ${5:null} # not required. The network_credential to use for the job_template.
description: ${6:null} # not required. Description to use for the job_template.
tower_config_file: ${7:null} # not required. Path to the Tower config file. See notes.
tower_host: ${8:null} # not required. URL to your Tower instance.
tower_password: ${9:null} # not required. Password for your Tower instance.
ask_job_type: ${10:false} # not required. Prompt user for job type on launch.
tower_username: ${11:null} # not required. Username for your Tower instance.
skip_tags: ${12:null} # not required. The skip_tags to use for the job_template.
ask_inventory: ${13:false} # not required. Propmt user for inventory on launch.
host_config_key: ${14:null} # not required. Allow provisioning callbacks using this host config key.
ask_tags: ${15:false} # not required. Prompt user for job tags on launch.
machine_credential: ${16:null} # not required. Machine_credential to use for the job_template.
tower_verify_ssl: ${17:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
ask_credential: ${18:false} # not required. Prompt user for credential on launch.
job_tags: ${19:null} # not required. The job_tags to use for the job_template.
verbosity: ${20|verbose,debug|} # not required. choices: verbose;debug. Control the output level Ansible produces as the playbook runs.
state: ${21|present,absent|} # not required. choices: present;absent. Desired state of the resource.
ask_extra_vars: ${22:false} # not required. Prompt user for extra_vars on launch.
extra_vars_path: ${23:null} # not required. Path to the extra_vars yaml file.
inventory: ${24:null} # not required. Inventory to use for the job_template.
limit: ${25:null} # not required. A host pattern to further constrain the list of hosts managed or affected by the playbook
forks: ${26:null} # not required. The number of parallel or simultaneous processes to use while executing the playbook.
cloud_credential: ${27:null} # not required. Cloud_credential to use for the job_template.
become_enabled: ${28:false} # not required. Should become_enabled.
"""
'tower_job_wait':
'prefix': "tower_job_wait_snippet"
'description': "Wait for Ansible Tower job to finish."
'body': """
tower_job_wait:
job_id: ${1:undefined} # required. ID of the job to monitor.
min_interval: ${2:1} # not required. Minimum interval in seconds, to request an update from Tower.
tower_host: ${3:null} # not required. URL to your Tower instance.
tower_config_file: ${4:null} # not required. Path to the Tower config file. See notes.
max_interval: ${5:30} # not required. Maximum interval in seconds, to request an update from Tower.
timeout: ${6:null} # not required. Maximum time in seconds to wait for a job to finish.
tower_password: ${7:null} # not required. Password for your Tower instance.
tower_username: ${8:null} # not required. Username for your Tower instance.
tower_verify_ssl: ${9:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'tower_label':
'prefix': "tower_label_snippet"
'description': "create, update, or destroy Ansible Tower label."
'body': """
tower_label:
name: ${1:null} # required. Name to use for the label.
organization: ${2:null} # required. Organization the label should be applied to.
tower_host: ${3:null} # not required. URL to your Tower instance.
tower_config_file: ${4:null} # not required. Path to the Tower config file. See notes.
state: ${5|present,absent|} # not required. choices: present;absent. Desired state of the resource.
tower_password: ${6:null} # not required. Password for your Tower instance.
tower_username: ${7:null} # not required. Username for your Tower instance.
tower_verify_ssl: ${8:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'tower_organization':
'prefix': "tower_organization_snippet"
'description': "create, update, or destroy Ansible Tower organizations"
'body': """
tower_organization:
name: ${1:undefined} # required. Name to use for the organization.
tower_host: ${2:null} # not required. URL to your Tower instance.
tower_config_file: ${3:null} # not required. Path to the Tower config file. See notes.
state: ${4|present,absent|} # not required. choices: present;absent. Desired state of the resource.
tower_password: ${5:null} # not required. Password for your Tower instance.
tower_username: ${6:null} # not required. Username for your Tower instance.
tower_verify_ssl: ${7:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
description: ${8:null} # not required. The description to use for the organization.
"""
'tower_project':
'prefix': "tower_project_snippet"
'description': "create, update, or destroy Ansible Tower projects"
'body': """
tower_project:
name: ${1:null} # required. Name to use for the project.
scm_branch: ${2:null} # not required. The branch to use for the scm resource.
tower_password: ${3:null} # not required. Password for your Tower instance.
tower_host: ${4:null} # not required. URL to your Tower instance.
scm_credential: ${5:null} # not required. Name of the credential to use with this scm resource.
scm_clean: ${6:false} # not required. Remove local modifications before updating.
scm_url: ${7:null} # not required. URL of scm resource.
scm_delete_on_update: ${8:false} # not required. Remove the repository completely before updating.
tower_config_file: ${9:null} # not required. Path to the Tower config file. See notes.
state: ${10|present,absent|} # not required. choices: present;absent. Desired state of the resource.
local_path: ${11:null} # not required. The server playbook directory for manual projects.
scm_type: ${12|manual,git,hg,svn|} # not required. choices: manual;git;hg;svn. Type of scm resource.
scm_update_on_launch: ${13:false} # not required. Before an update to the local repository before launching a job with this project.
tower_username: ${14:null} # not required. Username for your Tower instance.
organization: ${15:null} # not required. Primary key of organization for project.
tower_verify_ssl: ${16:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
description: ${17:null} # not required. Description to use for the project.
"""
'tower_role':
'prefix': "tower_role_snippet"
'description': "create, update, or destroy Ansible Tower role."
'body': """
tower_role:
role: ${1|admin,read,member,execute,adhoc,update,use,auditor|} # required. choices: admin;read;member;execute;adhoc;update;use;auditor. The role type to grant/revoke.
credential: ${2:null} # not required. Credential the role acts on.
job_template: ${3:null} # not required. The job_template the role acts on.
tower_host: ${4:null} # not required. URL to your Tower instance.
tower_password: ${5:null} # not required. Password for your Tower instance.
project: ${6:null} # not required. Project the role acts on.
tower_config_file: ${7:null} # not required. Path to the Tower config file. See notes.
state: ${8|present,absent|} # not required. choices: present;absent. Desired state of the resource.
inventory: ${9:null} # not required. Inventory the role acts on.
team: ${10:null} # not required. Team that receives the permissions specified by the role.
tower_username: ${11:null} # not required. Username for your Tower instance.
organization: ${12:null} # not required. Organiation the role acts on.
target_team: ${13:null} # not required. Team that the role acts on.
tower_verify_ssl: ${14:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
user: ${15:null} # not required. User that receives the permissions specified by the role.
"""
'tower_team':
'prefix': "tower_team_snippet"
'description': "create, update, or destroy Ansible Tower team."
'body': """
tower_team:
name: ${1:null} # required. Name to use for the team.
organization: ${2:null} # required. Organization the team should be made a member of.
tower_host: ${3:null} # not required. URL to your Tower instance.
tower_config_file: ${4:null} # not required. Path to the Tower config file. See notes.
state: ${5|present,absent|} # not required. choices: present;absent. Desired state of the resource.
tower_password: ${6:null} # not required. Password for your Tower instance.
tower_username: ${7:null} # not required. Username for your Tower instance.
tower_verify_ssl: ${8:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'tower_user':
'prefix': "tower_user_snippet"
'description': "create, update, or destroy Ansible Tower user."
'body': """
tower_user:
username: ${1:undefined} # required. The username of the user.
email: ${2:undefined} # required. Email address of the user.
superuser: ${3:false} # not required. User is a system wide administator.
first_name: ${4:null} # not required. First name of the user.
last_name: ${5:null} # not required. Last name of the user.
tower_host: ${6:null} # not required. URL to your Tower instance.
tower_password: ${7:null} # not required. Password for your Tower instance.
tower_config_file: ${8:null} # not required. Path to the Tower config file. See notes.
state: ${9|present,absent|} # not required. choices: present;absent. Desired state of the resource.
auditor: ${10:false} # not required. User is a system wide auditor.
tower_verify_ssl: ${11:true} # not required. Dis/allow insecure connections to Tower. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
tower_username: ${12:null} # not required. Username for your Tower instance.
password: ${13:null} # not required. Password of the user.
"""
'twilio':
'prefix': "twilio_snippet"
'description': "Sends a text message to a mobile phone through Twilio."
'body': """
twilio:
from_number: ${1:undefined} # required. the Twilio number to send the text message from, format +15551112222
msg: ${2:undefined} # required. the body of the text message
auth_token: ${3:undefined} # required. user's Twilio authentication token
to_number: ${4:undefined} # required. one or more phone numbers to send the text message to, format +15551112222
account_sid: ${5:undefined} # required. user's Twilio account token found on the account page
media_url: ${6:undefined} # not required. a URL with a picture, video or sound clip to send with an MMS (multimedia message) instead of a plain SMS
"""
'typetalk':
'prefix': "typetalk_snippet"
'description': "Send a message to typetalk"
'body': """
typetalk:
topic: ${1:undefined} # required. topic id to post message
client_secret: ${2:undefined} # required. OAuth2 client secret
client_id: ${3:undefined} # required. OAuth2 client ID
msg: ${4:undefined} # required. message body
"""
'ucs_ip_pool':
'prefix': "ucs_ip_pool_snippet"
'description': "Configures IP address pools on Cisco UCS Manager"
'body': """
ucs_ip_pool:
password: ${1:undefined} # required. Password for Cisco UCS Manager authentication.
name: ${2:undefined} # required. The name of the IP address pool.,This name can be between 1 and 32 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the IP address pool is created.
hostname: ${3:undefined} # required. IP address or hostname of Cisco UCS Manager.
ipv6_primary_dns: ${4:::} # not required. The primary DNS server that this block of IPv6 addresses should access.
username: ${5:admin} # not required. Username for Cisco UCS Manager authentication.
default_gw: ${6:0.0.0.0} # not required. The default gateway associated with the IPv4 addresses in the block.
org_dn: ${7:org-root} # not required. Org dn (distinguished name)
subnet_mask: ${8:255.255.255.0} # not required. The subnet mask associated with the IPv4 addresses in the block.
proxy: ${9:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
ipv6_first_addr: ${10:undefined} # not required. The first IPv6 address in the IPv6 addresses block.,This is the From field in the UCS Manager Add IPv6 Blocks menu.
use_ssl: ${11:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
ipv6_secondary_dns: ${12:::} # not required. The secondary DNS server that this block of IPv6 addresses should access.
secondary_dns: ${13:0.0.0.0} # not required. The secondary DNS server that this block of IPv4 addresses should access.
descrption: ${14:undefined} # not required. The user-defined description of the IP address pool.,Enter up to 256 characters.,You can use any characters or spaces except the following:,` (accent mark), (backslash), ^ (carat), \" (double quote), = (equal sign), > (greater than), < (less than), or ' (single quote).
use_proxy: ${15:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
last_addr: ${16:undefined} # not required. The last IPv4 address in the IPv4 addresses block.,This is the To field in the UCS Manager Add IPv4 Blocks menu.
primary_dns: ${17:0.0.0.0} # not required. The primary DNS server that this block of IPv4 addresses should access.
state: ${18|present,absent|} # not required. choices: present;absent. If C(present), will verify IP pool is present and will create if needed.,If C(absent), will verify IP pool is absent and will delete if needed.
first_addr: ${19:undefined} # not required. The first IPv4 address in the IPv4 addresses block.,This is the From field in the UCS Manager Add IPv4 Blocks menu.
order: ${20|default,sequential|} # not required. choices: default;sequential. The Assignment Order field.,This can be one of the following:,default - Cisco UCS Manager selects a random identity from the pool.,sequential - Cisco UCS Manager selects the lowest available identity from the pool.
port: ${21:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
ipv6_last_addr: ${22:undefined} # not required. The last IPv6 address in the IPv6 addresses block.,This is the To field in the UCS Manager Add IPv6 Blocks menu.
ipv6_prefix: ${23:64} # not required. The network address prefix associated with the IPv6 addresses in the block.
ipv6_default_gw: ${24:::} # not required. The default gateway associated with the IPv6 addresses in the block.
"""
'ucs_lan_connectivity':
'prefix': "ucs_lan_connectivity_snippet"
'description': "Configures LAN Connectivity Policies on Cisco UCS Manager"
'body': """
ucs_lan_connectivity:
hostname: ${1:undefined} # required. IP address or hostname of Cisco UCS Manager.
password: ${2:undefined} # required. Password for Cisco UCS Manager authentication.
name: ${3:undefined} # required. The name of the LAN Connectivity Policy.,This name can be between 1 and 16 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the policy is created.
username: ${4:admin} # not required. Username for Cisco UCS Manager authentication.
use_proxy: ${5:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
description: ${6:undefined} # not required. A description of the LAN Connectivity Policy.,Cisco recommends including information about where and when to use the policy.,Enter up to 256 characters.,You can use any characters or spaces except the following:,` (accent mark), (backslash), ^ (carat), \" (double quote), = (equal sign), > (greater than), < (less than), or ' (single quote).
org_dn: ${7:org-root} # not required. Org dn (distinguished name)
vnic_list: ${8:undefined} # not required. List of vNICs used by the LAN Connectivity Policy.,vNICs used by the LAN Connectivity Policy must be created from a vNIC template.,Each list element has the following suboptions:,= name, The name of the vNIC (required).,= vnic_template, The name of the vNIC template (required).,- adapter_policy, The name of the Ethernet adapter policy., A user defined policy can be used, or one of the system defined policies.,- order, String specifying the vNIC assignment order (e.g., '1', '2')., [Default: unspecified]
state: ${9|present,absent|} # not required. choices: present;absent. If C(present), will verify LAN Connectivity Policies are present and will create if needed.,If C(absent), will verify LAN Connectivity Policies are absent and will delete if needed.
proxy: ${10:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
use_ssl: ${11:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${12:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
"""
'ucs_mac_pool':
'prefix': "ucs_mac_pool_snippet"
'description': "Configures MAC address pools on Cisco UCS Manager"
'body': """
ucs_mac_pool:
password: ${1:undefined} # required. Password for Cisco UCS Manager authentication.
name: ${2:undefined} # required. The name of the MAC pool.,This name can be between 1 and 32 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the MAC pool is created.
hostname: ${3:undefined} # required. IP address or hostname of Cisco UCS Manager.
username: ${4:admin} # not required. Username for Cisco UCS Manager authentication.
proxy: ${5:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
use_ssl: ${6:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
descrption: ${7:undefined} # not required. A description of the MAC pool.,Enter up to 256 characters.,You can use any characters or spaces except the following:,` (accent mark), (backslash), ^ (carat), \" (double quote), = (equal sign), > (greater than), < (less than), or ' (single quote).
use_proxy: ${8:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
last_addr: ${9:undefined} # not required. The last MAC address in the block of addresses.,This is the To field in the UCS Manager Add MAC Blocks menu.
org_dn: ${10:org-root} # not required. The distinguished name (dn) of the organization where the resource is assigned.
first_addr: ${11:undefined} # not required. The first MAC address in the block of addresses.,This is the From field in the UCS Manager MAC Blocks menu.
port: ${12:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
state: ${13|present,absent|} # not required. choices: present;absent. If C(present), will verify MAC pool is present and will create if needed.,If C(absent), will verify MAC pool is absent and will delete if needed.
order: ${14|default,sequential|} # not required. choices: default;sequential. The Assignment Order field.,This can be one of the following:,default - Cisco UCS Manager selects a random identity from the pool.,sequential - Cisco UCS Manager selects the lowest available identity from the pool.
"""
'ucs_san_connectivity':
'prefix': "ucs_san_connectivity_snippet"
'description': "Configures SAN Connectivity Policies on Cisco UCS Manager"
'body': """
ucs_san_connectivity:
password: ${1:undefined} # required. Password for Cisco UCS Manager authentication.
name: ${2:undefined} # required. The name of the SAN Connectivity Policy.,This name can be between 1 and 16 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the policy is created.
hostname: ${3:undefined} # required. IP address or hostname of Cisco UCS Manager.
username: ${4:admin} # not required. Username for Cisco UCS Manager authentication.
vhba_list: ${5:undefined} # not required. List of vHBAs used by the SAN Connectivity Policy.,vHBAs used by the SAN Connectivity Policy must be created from a vHBA template.,Each list element has the following suboptions:,= name, The name of the virtual HBA (required).,= vhba_template, The name of the virtual HBA template (required).,- adapter_policy, The name of the Fibre Channel adapter policy., A user defined policy can be used, or one of the system defined policies (default, Linux, Solaris, VMware, Windows, WindowsBoot), [Default: default],- order, String specifying the vHBA assignment order (e.g., '1', '2')., [Default: unspecified]
description: ${6:undefined} # not required. A description of the policy.,Cisco recommends including information about where and when to use the policy.,Enter up to 256 characters.,You can use any characters or spaces except the following:,` (accent mark), (backslash), ^ (carat), \" (double quote), = (equal sign), > (greater than), < (less than), or ' (single quote).
proxy: ${7:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
use_ssl: ${8:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${9:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
use_proxy: ${10:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
org_dn: ${11:org-root} # not required. Org dn (distinguished name)
state: ${12|present,absent|} # not required. choices: present;absent. If C(present), will verify SAN Connectivity Policies are present and will create if needed.,If C(absent), will verify SAN Connectivity Policies are absent and will delete if needed.
wwnn_pool: ${13:default} # not required. Name of the WWNN pool to use for WWNN assignment.
"""
'ucs_vhba_template':
'prefix': "ucs_vhba_template_snippet"
'description': "Configures vHBA templates on Cisco UCS Manager"
'body': """
ucs_vhba_template:
hostname: ${1:undefined} # required. IP address or hostname of Cisco UCS Manager.
name: ${2:undefined} # required. The name of the virtual HBA template.,This name can be between 1 and 16 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the template is created.
password: ${3:undefined} # required. Password for Cisco UCS Manager authentication.
username: ${4:admin} # not required. Username for Cisco UCS Manager authentication.
use_proxy: ${5:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
redundancy_type: ${6|none,primary,secondary|} # not required. choices: none;primary;secondary. The Redundancy Type used for template pairing from the Primary or Secondary redundancy template.,primary — Creates configurations that can be shared with the Secondary template.,Any other shared changes on the Primary template are automatically synchronized to the Secondary template.,secondary — All shared configurations are inherited from the Primary template.,none - Legacy vHBA template behavior. Select this option if you do not want to use redundancy.
fabric: ${7|A,B|} # not required. choices: A;B. The Fabric ID field.,The name of the fabric interconnect that vHBAs created with this template are associated with.
stats_policy: ${8:default} # not required. The statistics collection policy that is associated with vHBAs created from this template.
org_dn: ${9:org-root} # not required. Org dn (distinguished name)
template_type: ${10|initial-template,updating-template|} # not required. choices: initial-template;updating-template. The Template Type field.,This can be one of the following:,initial-template — vHBAs created from this template are not updated if the template changes.,updating-template - vHBAs created from this template are updated if the template changes.
max_data: ${11:2048} # not required. The Max Data Field Size field.,The maximum size of the Fibre Channel frame payload bytes that the vHBA supports.,Enter an string between '256' and '2112'.
state: ${12|present,absent|} # not required. choices: present;absent. If C(present), will verify vHBA templates are present and will create if needed.,If C(absent), will verify vHBA templates are absent and will delete if needed.
wwpn_pool: ${13:default} # not required. The WWPN pool that a vHBA created from this template uses to derive its WWPN address.
proxy: ${14:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
pin_group: ${15:undefined} # not required. The SAN pin group that is associated with vHBAs created from this template.
use_ssl: ${16:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
qos_policy: ${17:undefined} # not required. The QoS policy that is associated with vHBAs created from this template.
vsan: ${18:default} # not required. The VSAN to associate with vHBAs created from this template.
port: ${19:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
description: ${20:undefined} # not required. A user-defined description of the template.,Enter up to 256 characters.,You can use any characters or spaces except the following:,` (accent mark), (backslash), ^ (carat), \" (double quote), = (equal sign), > (greater than), < (less than), or ' (single quote).
"""
'ucs_vlans':
'prefix': "ucs_vlans_snippet"
'description': "Configures VLANs on Cisco UCS Manager"
'body': """
ucs_vlans:
password: ${1:undefined} # required. Password for Cisco UCS Manager authentication.
id: ${2:undefined} # required. The unique string identifier assigned to the VLAN.,A VLAN ID can be between '1' and '3967', or between '4048' and '4093'.,You cannot create VLANs with IDs from 4030 to 4047. This range of VLAN IDs is reserved.,The VLAN IDs you specify must also be supported on the switch that you are using.,VLANs in the LAN cloud and FCoE VLANs in the SAN cloud must have different IDs.,Optional if state is absent.
hostname: ${3:undefined} # required. IP address or hostname of Cisco UCS Manager.
name: ${4:undefined} # required. The name assigned to the VLAN.,The VLAN name is case sensitive.,This name can be between 1 and 32 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the VLAN is created.
username: ${5:admin} # not required. Username for Cisco UCS Manager authentication.
sharing: ${6|none,primary,isolated,community|} # not required. choices: none;primary;isolated;community. The Sharing Type field.,Whether this VLAN is subdivided into private or secondary VLANs. This can be one of the following:,none - This VLAN does not have any secondary or private VLANs. This is a regular VLAN.,primary - This VLAN can have one or more secondary VLANs, as shown in the Secondary VLANs area. This VLAN is a primary VLAN in the private VLAN domain.,isolated - This is a private VLAN associated with a primary VLAN. This VLAN is an Isolated VLAN.,community - This VLAN can communicate with other ports on the same community VLAN as well as the promiscuous port. This VLAN is a Community VLAN.
proxy: ${7:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
use_ssl: ${8:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
fabric: ${9|common,A,B|} # not required. choices: common;A;B. The fabric configuration of the VLAN. This can be one of the following:,common - The VLAN applies to both fabrics and uses the same configuration parameters in both cases.,A — The VLAN only applies to fabric A.,B — The VLAN only applies to fabric B.,For upstream disjoint L2 networks, Cisco recommends that you choose common to create VLANs that apply to both fabrics.
use_proxy: ${10:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
multicast_policy: ${11:} # not required. The multicast policy associated with this VLAN.,This option is only valid if the Sharing Type field is set to None or Primary.
port: ${12:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
state: ${13|present,absent|} # not required. choices: present;absent. If C(present), will verify VLANs are present and will create if needed.,If C(absent), will verify VLANs are absent and will delete if needed.
native: ${14|no,yes|} # not required. choices: no;yes. Designates the VLAN as a native VLAN.
"""
'ucs_vnic_template':
'prefix': "ucs_vnic_template_snippet"
'description': "Configures vNIC templates on Cisco UCS Manager"
'body': """
ucs_vnic_template:
password: ${1:undefined} # required. Password for Cisco UCS Manager authentication.
name: ${2:undefined} # required. The name of the vNIC template.,This name can be between 1 and 16 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the template is created.
hostname: ${3:undefined} # required. IP address or hostname of Cisco UCS Manager.
username: ${4:admin} # not required. Username for Cisco UCS Manager authentication.
redundancy_type: ${5|none,primary,secondary|} # not required. choices: none;primary;secondary. The Redundancy Type used for vNIC redundancy pairs during fabric failover.,This can be one of the following:,primary — Creates configurations that can be shared with the Secondary template.,secondary — All shared configurations are inherited from the Primary template.,none - Legacy vNIC template behavior. Select this option if you do not want to use redundancy.
cdn_name: ${6:undefined} # not required. CDN Name used when cdn_source is set to user-defined.
stats_policy: ${7:default} # not required. The statistics collection policy that vNICs created from this vNIC template should use.
network_control_policy: ${8:undefined} # not required. The network control policy that vNICs created from this vNIC template should use.
proxy: ${9:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
use_ssl: ${10:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
cdn_source: ${11|vnic-name,user-defined|} # not required. choices: vnic-name;user-defined. CDN Source field.,This can be one of the following options:,vnic-name - Uses the vNIC template name of the vNIC instance as the CDN name. This is the default option.,user-defined - Uses a user-defined CDN name for the vNIC template. If this option is chosen, cdn_name must also be provided.
port: ${12:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
description: ${13:undefined} # not required. A user-defined description of the vNIC template.,Enter up to 256 characters.,You can use any characters or spaces except the following:,` (accent mark), (backslash), ^ (carat), \" (double quote), = (equal sign), > (greater than), < (less than), or ' (single quote).
use_proxy: ${14:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
fabric: ${15|A,B,A-B,B-A|} # not required. choices: A;B;A-B;B-A. The Fabric ID field specifying the fabric interconnect associated with vNICs created from this template.,If you want fabric failover enabled on vNICs created from this template, use of of the following:\",A-B to use Fabric A by default with failover enabled.,B-A to use Fabric B by default with failover enabled.,Do not enable vNIC fabric failover under the following circumstances:,- If the Cisco UCS domain is running in Ethernet switch mode. vNIC fabric failover is not supported in that mode.,- If you plan to associate one or more vNICs created from this template to a server with an adapter that does not support fabric failover.
vlans_list: ${16:undefined} # not required. List of VLANs used by the vNIC template.,Each list element has the following suboptions:,= name, The name of the VLAN (required).,- native, Designates the VLAN as a native VLAN. Only one VLAN in the list can be a native VLAN., [choices: 'no', 'yes'], [Default: 'no']
org_dn: ${17:org-root} # not required. Org dn (distinguished name)
mtu: ${18:1500} # not required. The MTU field.,The maximum transmission unit, or packet size, that vNICs created from this vNIC template should use.,Enter a string between '1500' and '9000'.,If the vNIC template has an associated QoS policy, the MTU specified here must be equal to or less than the MTU specified in the QoS system class.
template_type: ${19|initial-template,updating-template|} # not required. choices: initial-template;updating-template. The Template Type field.,This can be one of the following:,initial-template — vNICs created from this template are not updated if the template changes.,updating-template - vNICs created from this template are updated if the template changes.
state: ${20|present,absent|} # not required. choices: present;absent. If C(present), will verify vNIC templates are present and will create if needed.,If C(absent), will verify vNIC templates are absent and will delete if needed.
mac_pool: ${21:undefined} # not required. The MAC address pool that vNICs created from this vNIC template should use.
target: ${22:adapter} # not required. The possible target for vNICs created from this template.,The target determines whether or not Cisco UCS Manager automatically creates a VM-FEX port profile with the appropriate settings for the vNIC template.,This can be one of the following:,adapter — The vNICs apply to all adapters. No VM-FEX port profile is created if you choose this option.,vm - The vNICs apply to all virtual machines. A VM-FEX port profile is created if you choose this option.
pin_group: ${23:undefined} # not required. The LAN pin group that vNICs created from this vNIC template should use.
qos_policy: ${24:undefined} # not required. The quality of service (QoS) policy that vNICs created from this vNIC template should use.
peer_redundancy_template: ${25:undefined} # not required. The Peer Redundancy Template.,The name of the vNIC template sharing a configuration with this template.,If the redundancy_type is primary, the name of the secondary template should be provided.,If the redundancy_type is secondary, the name of the primary template should be provided.,Secondary templates can only configure non-shared properties (name, description, and mac_pool).
"""
'ucs_vsans':
'prefix': "ucs_vsans_snippet"
'description': "Configures VSANs on Cisco UCS Manager"
'body': """
ucs_vsans:
password: ${1:undefined} # required. Password for Cisco UCS Manager authentication.
vlan_id: ${2:undefined} # required. The unique string identifier assigned to the VLAN used for Fibre Channel connections.,Note that Cisco UCS Manager uses VLAN '4048'. See the UCS Manager configuration guide if you want to assign '4048' to a VLAN.,Optional if state is absent.
vsan_id: ${3:undefined} # required. The unique identifier assigned to the VSAN.,The ID can be a string between '1' and '4078', or between '4080' and '4093'. '4079' is a reserved VSAN ID.,In addition, if you plan to use FC end-host mode, the range between '3840' to '4079' is also a reserved VSAN ID range.,Optional if state is absent.
hostname: ${4:undefined} # required. IP address or hostname of Cisco UCS Manager.
name: ${5:undefined} # required. The name assigned to the VSAN.,This name can be between 1 and 32 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the VSAN is created.
username: ${6:admin} # not required. Username for Cisco UCS Manager authentication.
fc_zoning: ${7|disabled,enabled|} # not required. choices: disabled;enabled. Fibre Channel zoning configuration for the Cisco UCS domain.,Fibre Channel zoning can be set to one of the following values:,disabled — The upstream switch handles Fibre Channel zoning, or Fibre Channel zoning is not implemented for the Cisco UCS domain.,enabled — Cisco UCS Manager configures and controls Fibre Channel zoning for the Cisco UCS domain.,If you enable Fibre Channel zoning, do not configure the upstream switch with any VSANs that are being used for Fibre Channel zoning.
proxy: ${8:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
use_ssl: ${9:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
port: ${10:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
fabric: ${11|common,A,B|} # not required. choices: common;A;B. The fabric configuration of the VSAN. This can be one of the following:,common - The VSAN maps to the same VSAN ID in all available fabrics.,A - The VSAN maps to the a VSAN ID that exists only in fabric A.,B - The VSAN maps to the a VSAN ID that exists only in fabric B.
use_proxy: ${12:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
state: ${13|present,absent|} # not required. choices: present;absent. If C(present), will verify VSANs are present and will create if needed.,If C(absent), will verify VSANs are absent and will delete if needed.
"""
'ucs_wwn_pool':
'prefix': "ucs_wwn_pool_snippet"
'description': "Configures WWNN or WWPN pools on Cisco UCS Manager"
'body': """
ucs_wwn_pool:
hostname: ${1:undefined} # required. IP address or hostname of Cisco UCS Manager.
purpose: ${2|node,port|} # required. choices: node;port. Specify whether this is a node (WWNN) or port (WWPN) pool.,Optional if state is absent.
password: ${3:undefined} # required. Password for Cisco UCS Manager authentication.
name: ${4:undefined} # required. The name of the World Wide Node Name (WWNN) or World Wide Port Name (WWPN) pool.,This name can be between 1 and 32 alphanumeric characters.,You cannot use spaces or any special characters other than - (hyphen), \"_\" (underscore), : (colon), and . (period).,You cannot change this name after the WWNN or WWPN pool is created.
username: ${5:admin} # not required. Username for Cisco UCS Manager authentication.
use_proxy: ${6:true} # not required. If C(no), will not use the proxy as defined by system environment variable.
description: ${7:undefined} # not required. A description of the WWNN or WWPN pool.,Enter up to 256 characters.,You can use any characters or spaces except the following:,` (accent mark), (backslash), ^ (carat), \" (double quote), = (equal sign), > (greater than), < (less than), or ' (single quote).
last_addr: ${8:undefined} # not required. The last initiator in the Worlde Wide Name (WWN) block.,This is the To field in the UCS Manager Add WWN Blocks menu.,For WWxN pools, the pool size must be a multiple of ports-per-node + 1.,For example, if there are 7 ports per node, the pool size must be a multiple of 8.,If there are 63 ports per node, the pool size must be a multiple of 64.
org_dn: ${9:org-root} # not required. Org dn (distinguished name)
first_addr: ${10:undefined} # not required. The first initiator in the World Wide Name (WWN) block.,This is the From field in the UCS Manager Add WWN Blocks menu.
port: ${11:undefined} # not required. Port number to be used during connection (by default uses 443 for https and 80 for http connection).
state: ${12|present,absent|} # not required. choices: present;absent. If C(present), will verify WWNNs/WWPNs are present and will create if needed.,If C(absent), will verify WWNNs/WWPNs are absent and will delete if needed.
use_ssl: ${13:true} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection.
proxy: ${14:undefined} # not required. If use_proxy is no, specfies proxy to be used for connection. e.g. 'http://proxy.xy.z:8080"
order: ${15|default,sequential|} # not required. choices: default;sequential. The Assignment Order field.,This can be one of the following:,default - Cisco UCS Manager selects a random identity from the pool.,sequential - Cisco UCS Manager selects the lowest available identity from the pool.
"""
'udm_dns_record':
'prefix': "udm_dns_record_snippet"
'description': "Manage dns entries on a univention corporate server"
'body': """
udm_dns_record:
type: ${1|host_record,alias,ptr_record,srv_record,txt_record|} # required. choices: host_record;alias;ptr_record;srv_record;txt_record. Define the record type. C(host_record) is a A or AAAA record, C(alias) is a CNAME, C(ptr_record) is a PTR record, C(srv_record) is a SRV record and C(txt_record) is a TXT record.
name: ${2:undefined} # required. Name of the record, this is also the DNS record. E.g. www for www.example.com.
zone: ${3:undefined} # required. Corresponding DNS zone for this record, e.g. example.com.
state: ${4|present,absent|} # not required. choices: present;absent. Whether the dns record is present or not.
data: ${5:} # not required. Additional data for this record, e.g. ['a': "192.0.2.1']. Required if C(state=present).
"""
'udm_dns_zone':
'prefix': "udm_dns_zone_snippet"
'description': "Manage dns zones on a univention corporate server"
'body': """
udm_dns_zone:
zone: ${1:undefined} # required. DNS zone name, e.g. C(example.com).
type: ${2|forward_zone,reverse_zone|} # required. choices: forward_zone;reverse_zone. Define if the zone is a forward or reverse DNS zone.
retry: ${3:1800} # not required. Interval that should elapse before a failed refresh should be retried.
interfaces: ${4:undefined} # not required. List of interface IP addresses, on which the server should response this zone. Required if C(state=present).
refresh: ${5:3600} # not required. Interval before the zone should be refreshed.
state: ${6|present,absent|} # not required. choices: present;absent. Whether the dns zone is present or not.
contact: ${7:} # not required. Contact person in the SOA record.
expire: ${8:604800} # not required. Specifies the upper limit on the time interval that can elapse before the zone is no longer authoritative.
ttl: ${9:600} # not required. Minimum TTL field that should be exported with any RR from this zone.
nameserver: ${10:undefined} # not required. List of appropriate name servers. Required if C(state=present).
mx: ${11:} # not required. List of MX servers. (Must declared as A or AAAA records).
"""
'udm_group':
'prefix': "udm_group_snippet"
'description': "Manage of the posix group"
'body': """
udm_group:
name: ${1:undefined} # required. Name of the posix group.
state: ${2|present,absent|} # not required. choices: present;absent. Whether the group is present or not.
position: ${3:undefined} # not required. define the whole ldap position of the group, e.g. C(cn=g123m-1A,cn=classes,cn=schueler,cn=groups,ou=schule,dc=example,dc=com).
ou: ${4:undefined} # not required. LDAP OU, e.g. school for LDAP OU C(ou=school,dc=example,dc=com).
subpath: ${5:undefined} # not required. Subpath inside the OU, e.g. C(cn=classes,cn=students,cn=groups).
description: ${6:undefined} # not required. Group description.
"""
'udm_share':
'prefix': "udm_share_snippet"
'description': "Manage samba shares on a univention corporate server"
'body': """
udm_share:
name: ${1:undefined} # required. Name
ou: ${2:undefined} # required. Organisational unit, inside the LDAP Base DN.
samba_name: ${3:None} # not required. Windows name. Required if C(state=present).
samba_hide_files: ${4:None} # not required. Hide files.
samba_blocking_locks: ${5|0,1|} # not required. choices: 0;1. Blocking locks.
samba_directory_mode: ${6:0755} # not required. Directory mode.
samba_dos_filemode: ${7|0,1|} # not required. choices: 0;1. Users with write access may modify permissions.
samba_postexec: ${8:None} # not required. Postexec script.
owner: ${9:0} # not required. Directory owner of the share's root directory.
samba_fake_oplocks: ${10|0,1|} # not required. choices: 0;1. Fake oplocks.
samba_strict_locking: ${11:Auto} # not required. Strict locking.
samba_public: ${12|0,1|} # not required. choices: 0;1. Allow anonymous read-only access with a guest user.
samba_force_directory_security_mode: ${13|0,1|} # not required. choices: 0;1. Force directory security mode.
group: ${14:0} # not required. Directory owner group of the share's root directory.
samba_writeable: ${15|0,1|} # not required. choices: 0;1. Samba write access.
samba_nt_acl_support: ${16|0,1|} # not required. choices: 0;1. NT ACL support.
samba_write_list: ${17:None} # not required. Restrict write access to these users/groups.
samba_preexec: ${18:None} # not required. Preexec script.
samba_browseable: ${19|0,1|} # not required. choices: 0;1. Show in Windows network environment.
samba_inherit_acls: ${20|0,1|} # not required. choices: 0;1. Inherit ACLs.
samba_msdfs_root: ${21|0,1|} # not required. choices: 0;1. MSDFS root.
state: ${22|present,absent|} # not required. choices: present;absent. Whether the share is present or not.
samba_valid_users: ${23:None} # not required. Valid users or groups.
samba_force_create_mode: ${24|0,1|} # not required. choices: 0;1. Force file mode.
root_squash: ${25|0,1|} # not required. choices: 0;1. Modify user ID for root user (root squashing).
samba_directory_security_mode: ${26:0777} # not required. Directory security mode.
samba_force_group: ${27:None} # not required. Force group.
samba_vfs_objects: ${28:None} # not required. VFS objects.
samba_force_directory_mode: ${29|0,1|} # not required. choices: 0;1. Force directory mode.
writeable: ${30|0,1|} # not required. choices: 0;1. NFS write access.
samba_locking: ${31|0,1|} # not required. choices: 0;1. Locking.
samba_security_mode: ${32:0777} # not required. Security mode.
samba_inherit_owner: ${33|0,1|} # not required. choices: 0;1. Create files/directories with the owner of the parent directory.
samba_csc_policy: ${34:manual} # not required. Client-side caching policy.
sync: ${35:sync} # not required. NFS synchronisation.
nfs_hosts: ${36:} # not required. Only allow access for this host, IP address or network.
path: ${37:None} # not required. Directory on the providing server, e.g. C(/home). Required if C(state=present).
nfs_custom_settings: ${38:} # not required. Option name in exports file.
samba_force_user: ${39:None} # not required. Force user.
samba_invalid_users: ${40:None} # not required. Invalid users or groups.
samba_create_mode: ${41:0744} # not required. File mode.
samba_force_security_mode: ${42|0,1|} # not required. choices: 0;1. Force security mode.
samba_level_2_oplocks: ${43|0,1|} # not required. choices: 0;1. Level 2 oplocks.
samba_custom_settings: ${44:} # not required. Option name in smb.conf and its value.
samba_hide_unreadable: ${45|0,1|} # not required. choices: 0;1. Hide unreadable files/directories.
host: ${46:None} # not required. Host FQDN (server which provides the share), e.g. C({{ ansible_fqdn }}). Required if C(state=present).
samba_block_size: ${47:None} # not required. Blocking size.
samba_oplocks: ${48|0,1|} # not required. choices: 0;1. Oplocks.
samba_hosts_allow: ${49:} # not required. Allowed host/network.
samba_inherit_permissions: ${50|0,1|} # not required. choices: 0;1. Create files/directories with permissions of the parent directory.
subtree_checking: ${51|0,1|} # not required. choices: 0;1. Subtree checking.
directorymode: ${52:00755} # not required. Permissions for the share's root directory.
samba_hosts_deny: ${53:} # not required. Denied host/network.
"""
'udm_user':
'prefix': "udm_user_snippet"
'description': "Manage posix users on a univention corporate server"
'body': """
udm_user:
username: ${1:undefined} # required. User name
update_password: ${2:always} # not required. C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users.
samba_user_workstations: ${3:} # not required. Allow the authentication only on this Microsoft Windows host.
homedrive: ${4:None} # not required. Windows home drive, e.g. C(\"H:\").
room_number: ${5:None} # not required. Room number of users business address.
primary_group: ${6:cn=Domain Users,cn=groups,$LDAP_BASE_DN} # not required. Primary group. This must be the group LDAP DN.
postcode: ${7:None} # not required. Postal code of users business address.
scriptpath: ${8:None} # not required. Windows logon script.
home_share: ${9:None} # not required. Home NFS share. Must be a LDAP DN, e.g. C(cn=home,cn=shares,ou=school,dc=example,dc=com).
override_pw_history: ${10:false} # not required. Override password history
city: ${11:None} # not required. City of users business address.
display_name: ${12:None} # not required. Display name (not gecos)
pager_telephonenumber: ${13:} # not required. List of pager telephone numbers.
employee_number: ${14:None} # not required. Employee number
serviceprovider: ${15:} # not required. Enable user for the following service providers.
organisation: ${16:None} # not required. Organisation
subpath: ${17:cn=users} # not required. LDAP subpath inside the organizational unit, e.g. C(cn=teachers,cn=users) for LDAP container C(cn=teachers,cn=users,dc=example,dc=com).
state: ${18|present,absent|} # not required. choices: present;absent. Whether the user is present or not.
home_share_path: ${19:None} # not required. Path to home NFS share, inside the homeShare.
userexpiry: ${20:Today + 1 year} # not required. Account expiry date, e.g. C(1999-12-31).
unixhome: ${21:/home/$USERNAME} # not required. Unix home directory
mail_home_server: ${22:None} # not required. FQDN of mail server
email: ${23:} # not required. A list of e-mail addresses.
sambahome: ${24:None} # not required. Windows home path, e.g. C('\\\\$FQDN\\$USERNAME').
home_telephone_number: ${25:} # not required. List of private telephone numbers.
shell: ${26:/bin/bash} # not required. Login shell
description: ${27:None} # not required. Description (not gecos)
firstname: ${28:undefined} # not required. First name. Required if C(state=present).
lastname: ${29:undefined} # not required. Last name. Required if C(state=present).
mail_alternative_address: ${30:} # not required. List of alternative e-mail addresses.
phone: ${31:} # not required. List of telephone numbers.
birthday: ${32:None} # not required. Birthday
groups: ${33:} # not required. POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: C((&(objectClass=posixGroup)(cn=$GROUP))).
profilepath: ${34:None} # not required. Windows profile directory
employee_type: ${35:None} # not required. Employee type
password: ${36:None} # not required. Password. Required if C(state=present).
pwd_change_next_login: ${37|0,1|} # not required. choices: 0;1. Change password on next login.
mail_primary_address: ${38:None} # not required. Primary e-mail address
country: ${39:None} # not required. Country of users business address.
title: ${40:None} # not required. Title, e.g. C(Prof.).
override_pw_length: ${41:false} # not required. Override password check
street: ${42:None} # not required. Street of users business address.
gecos: ${43:None} # not required. GECOS
mobile_telephone_number: ${44:} # not required. Mobile phone number
position: ${45:} # not required. Define the whole position of users object inside the LDAP tree, e.g. C(cn=employee,cn=users,ou=school,dc=example,dc=com).
ou: ${46:} # not required. Organizational Unit inside the LDAP Base DN, e.g. C(school) for LDAP OU C(ou=school,dc=example,dc=com).
department_number: ${47:None} # not required. Department number of users business address.
samba_privileges: ${48:} # not required. Samba privilege, like allow printer administration, do domain join.
secretary: ${49:} # not required. A list of superiors as LDAP DNs.
"""
'ufw':
'prefix': "ufw_snippet"
'description': "Manage firewall with UFW"
'body': """
ufw:
comment: ${1:undefined} # not required. Add a comment to the rule. Requires UFW version >=0.35.
direction: ${2|in,incoming,out,outgoing,routed|} # not required. choices: in;incoming;out;outgoing;routed. Select direction for a rule or default policy command.
from_port: ${3:undefined} # not required. Source port.
to_ip: ${4:any} # not required. Destination IP address.
to_port: ${5:undefined} # not required. Destination port.
from_ip: ${6:any} # not required. Source IP address.
interface: ${7:undefined} # not required. Specify interface for rule.
name: ${8:undefined} # not required. Use profile located in C(/etc/ufw/applications.d).
insert: ${9:undefined} # not required. Insert the corresponding rule as rule number NUM
logging: ${10|true,false,low,medium,high,full|} # not required. choices: true;false;low;medium;high;full. Toggles logging. Logged packets use the LOG_KERN syslog facility.
log: ${11:undefined} # not required. Log new connections matched to this rule
proto: ${12|any,tcp,udp,ipv6,esp,ah|} # not required. choices: any;tcp;udp;ipv6;esp;ah. TCP/IP protocol.
route: ${13:undefined} # not required. Apply the rule to routed/forwarded packets.
rule: ${14|allow,deny,limit,reject|} # not required. choices: allow;deny;limit;reject. Add firewall rule
state: ${15|disabled,enabled,reloaded,reset|} # not required. choices: disabled;enabled;reloaded;reset. C(enabled) reloads firewall and enables firewall on boot.,C(disabled) unloads firewall and disables firewall on boot.,C(reloaded) reloads firewall.,C(reset) disables and resets firewall to installation defaults.
policy: ${16|allow,deny,reject|} # not required. choices: allow;deny;reject. Change the default policy for incoming or outgoing traffic.
delete: ${17:undefined} # not required. Delete rule.
"""
'unarchive':
'prefix': "unarchive_snippet"
'description': "Unpacks an archive after (optionally) copying it from the local machine."
'body': """
unarchive:
src: ${1:undefined} # required. If C(remote_src=no) (default), local path to archive file to copy to the target server; can be absolute or relative. If C(remote_src=yes), path on the target server to existing archive file to unpack.,If C(remote_src=yes) and C(src) contains C(://), the remote machine will download the file from the URL first. (version_added 2.0). This is only for simple cases, for full download support use the M(get_url) module.
dest: ${2:undefined} # required. Remote absolute path where the archive should be unpacked.
seuser: ${3:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
group: ${4:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
remote_src: ${5:no} # not required. Set to C(yes) to indicate the archived file is already on the remote system and not local to the Ansible controller.,This option is mutually exclusive with C(copy).
selevel: ${6:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
list_files: ${7:no} # not required. If set to True, return the list of files that are contained in the tarball.
keep_newer: ${8:no} # not required. Do not replace existing files that are newer than files from the archive.
decrypt: ${9:Yes} # not required. This option controls the autodecryption of source files using vault.
setype: ${10:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
creates: ${11:undefined} # not required. If the specified absolute path (file or directory) already exists, this step will B(not) be run.
unsafe_writes: ${12:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
serole: ${13:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
mode: ${14:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
exclude: ${15:undefined} # not required. List the directory and file entries that you would like to exclude from the unarchive action.
owner: ${16:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
extra_opts: ${17:} # not required. Specify additional options by passing in an array.
copy: ${18:yes} # not required. If true, the file is copied from local 'master' to the target machine, otherwise, the plugin will look for src archive at the target machine.,This option has been deprecated in favor of C(remote_src).,This option is mutually exclusive with C(remote_src).
validate_certs: ${19:yes} # not required. This only applies if using a https URL as the source of the file.,This should only set to C(no) used on personally controlled sites using self-signed certificate.,Prior to 2.2 the code worked as if this was set to C(yes).
attributes: ${20:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
"""
'uptimerobot':
'prefix': "uptimerobot_snippet"
'description': "Pause and start Uptime Robot monitoring"
'body': """
uptimerobot:
monitorid: ${1||} # required. choices: . ID of the monitor to check.
state: ${2|started,paused|} # required. choices: started;paused. Define whether or not the monitor should be running or paused.
apikey: ${3||} # required. choices: . Uptime Robot API key.
"""
'uri':
'prefix': "uri_snippet"
'description': "Interacts with webservices"
'body': """
uri:
url: ${1:undefined} # required. HTTP or HTTPS URL in the form (http|https)://host.domain[:port]/path
body: ${2:undefined} # not required. The body of the http request/response to the web service. If C(body_format) is set to 'json' it will take an already formatted JSON string or convert a data structure into JSON.
dest: ${3:undefined} # not required. path of where to download the file to (if desired). If I(dest) is a directory, the basename of the file on the remote server will be used.
follow_redirects: ${4|all,safe,none|} # not required. choices: all;safe;none. Whether or not the URI module should follow redirects. C(all) will follow all redirects. C(safe) will follow only \"safe\" redirects, where \"safe\" means that the client is only doing a GET or HEAD on the URI to which it is being redirected. C(none) will not follow any redirects. Note that C(yes) and C(no) choices are accepted for backwards compatibility, where C(yes) is the equivalent of C(all) and C(no) is the equivalent of C(safe). C(yes) and C(no) are deprecated and will be removed in some future version of Ansible.
force_basic_auth: ${5:no} # not required. The library used by the uri module only sends authentication information when a webservice responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail. This option forces the sending of the Basic authentication header upon initial request.
removes: ${6:undefined} # not required. a filename, when it does not exist, this step will not be run.
user: ${7:undefined} # not required. username for the module to use for Digest, Basic or WSSE authentication.
others: ${8:undefined} # not required. all arguments accepted by the M(file) module also work here
body_format: ${9|raw,json|} # not required. choices: raw;json. The serialization format of the body. When set to json, encodes the body argument, if needed, and automatically sets the Content-Type header accordingly. As of C(2.3) it is possible to override the `Content-Type` header, when set to json via the I(headers) option.
password: ${10:undefined} # not required. password for the module to use for Digest, Basic or WSSE authentication.
HEADER_: ${11:undefined} # not required. Any parameter starting with \"HEADER_\" is a sent with your request as a header. For example, HEADER_Content-Type=\"application/json\" would send the header \"Content-Type\" along with your request with a value of \"application/json\". This option is deprecated as of C(2.1) and will be removed in Ansible-2.9. Use I(headers) instead.
client_key: ${12:undefined} # not required. PEM formatted file that contains your private key to be used for SSL client authentication. If I(client_cert) contains both the certificate and key, this option is not required.
method: ${13|GET,POST,PUT,HEAD,DELETE,OPTIONS,PATCH,TRACE,CONNECT,REFRESH|} # not required. choices: GET;POST;PUT;HEAD;DELETE;OPTIONS;PATCH;TRACE;CONNECT;REFRESH. The HTTP method of the request or response. It MUST be uppercase.
creates: ${14:undefined} # not required. a filename, when it already exists, this step will not be run.
headers: ${15:undefined} # not required. Add custom HTTP headers to a request in the format of a YAML hash. As of C(2.3) supplying C(Content-Type) here will override the header generated by supplying C(json) for I(body_format).
timeout: ${16:30} # not required. The socket level timeout in seconds
status_code: ${17:200} # not required. A valid, numeric, HTTP status code that signifies success of the request. Can also be comma separated list of status codes.
return_content: ${18:no} # not required. Whether or not to return the body of the response as a \"content\" key in the dictionary result. If the reported Content-type is \"application/json\", then the JSON is additionally loaded into a key called C(json) in the dictionary results.
validate_certs: ${19:yes} # not required. If C(no), SSL certificates will not be validated. This should only set to C(no) used on personally controlled sites using self-signed certificates. Prior to 1.9.2 the code defaulted to C(no).
client_cert: ${20:undefined} # not required. PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, I(client_key) is not required
"""
'urpmi':
'prefix': "urpmi_snippet"
'description': "Urpmi manager"
'body': """
urpmi:
pkg: ${1:undefined} # required. Name of package to install, upgrade or remove.
no-recommends: ${2:yes} # not required. Corresponds to the C(--no-recommends) option for I(urpmi).
force: ${3:yes} # not required. Assume \"yes\" is the answer to any question urpmi has to ask. Corresponds to the C(--force) option for I(urpmi).
update_cache: ${4:no} # not required. Update the package database first C(urpmi.update -a).
root: ${5:/} # not required. Specifies an alternative install root, relative to which all packages will be installed. Corresponds to the C(--root) option for I(urpmi).
state: ${6|absent,present|} # not required. choices: absent;present. Indicates the desired package state.
"""
'user':
'prefix': "user_snippet"
'description': "Manage user accounts"
'body': """
user:
name: ${1:undefined} # required. Name of the user to create, remove or modify.
comment: ${2:undefined} # not required. Optionally sets the description (aka I(GECOS)) of user account.
ssh_key_bits: ${3:default set by ssh-keygen} # not required. Optionally specify number of bits in SSH key to create.
update_password: ${4|always,on_create|} # not required. choices: always;on_create. C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users.
non_unique: ${5:no} # not required. Optionally when used with the -u option, this option allows to change the user ID to a non-unique value.
force: ${6:no} # not required. When used with C(state=absent), behavior is as with C(userdel --force).
ssh_key_type: ${7:rsa} # not required. Optionally specify the type of SSH key to generate. Available SSH key types will depend on implementation present on target host.
expires: ${8:undefined} # not required. An expiry time for the user in epoch, it will be ignored on platforms that do not support this. Currently supported on Linux, FreeBSD, and DragonFlyBSD.
create_home: ${9:yes} # not required. Unless set to C(no), a home directory will be made for the user when the account is created or if the home directory does not exist.,Changed from C(createhome) to C(create_home) in version 2.5.
ssh_key_passphrase: ${10:undefined} # not required. Set a passphrase for the SSH key. If no passphrase is provided, the SSH key will default to having no passphrase.
groups: ${11:undefined} # not required. Puts the user in list of groups. When set to the empty string ('groups='), the user is removed from all groups except the primary group.,Before version 2.3, the only input format allowed was a 'comma separated string', now it should be able to accept YAML lists also.
home: ${12:undefined} # not required. Optionally set the user's home directory.
move_home: ${13:no} # not required. If set to C(yes) when used with C(home=), attempt to move the user's home directory to the specified directory if it isn't there already.
password: ${14:undefined} # not required. Optionally set the user's password to this crypted value.,On Darwin/OS X systems, this value has to be cleartext. Beware of security issues.,See U(http://docs.ansible.com/ansible/faq.html#how-do-i-generate-crypted-passwords-for-the-user-module) for details on various ways to generate these password values.
skeleton: ${15:undefined} # not required. Optionally set a home skeleton directory. Requires create_home option!
generate_ssh_key: ${16:no} # not required. Whether to generate a SSH key for the user in question. This will B(not) overwrite an existing SSH key.
append: ${17:no} # not required. If C(yes), will only add groups, not set them to just the list in I(groups).
uid: ${18:undefined} # not required. Optionally sets the I(UID) of the user.
ssh_key_comment: ${19:ansible-generated on $HOSTNAME} # not required. Optionally define the comment for the SSH key.
group: ${20:undefined} # not required. Optionally sets the user's primary group (takes a group name).
seuser: ${21:undefined} # not required. Optionally sets the seuser type (user_u) on selinux enabled systems.
system: ${22:no} # not required. When creating an account, setting this to C(yes) makes the user a system account. This setting cannot be changed on existing users.
remove: ${23:no} # not required. When used with C(state=absent), behavior is as with C(userdel --remove).
state: ${24|absent,present|} # not required. choices: absent;present. Whether the account should exist or not, taking action if the state is different from what is stated.
ssh_key_file: ${25:.ssh/id_rsa} # not required. Optionally specify the SSH key filename. If this is a relative filename then it will be relative to the user's home directory.
login_class: ${26:undefined} # not required. Optionally sets the user's login class for FreeBSD, DragonFlyBSD, OpenBSD and NetBSD systems.
shell: ${27:undefined} # not required. Optionally set the user's shell.,On Mac OS X, before version 2.5, the default shell for non-system users was /usr/bin/false. Since 2.5, the default shell for non-system users on Mac OS X is /bin/bash.
local: ${28:no} # not required. Forces the use of \"local\" command alternatives on platforms that implement it. This is useful in environments that use centralized authentification when you want to manipulate the local users. I.E. it uses `luseradd` instead of `useradd`.,This requires that these commands exist on the targeted host, otherwise it will be a fatal error.
"""
'vca_fw':
'prefix': "vca_fw_snippet"
'description': "add remove firewall rules in a gateway in a vca"
'body': """
vca_fw:
fw_rules: ${1:false} # required. A list of firewall rules to be added to the gateway, Please see examples on valid entries
username: ${2:None} # not required. The vca username or email address, if not set the environment variable C(VCA_USER) is checked for the username.
gateway_name: ${3:gateway} # not required. The name of the gateway of the vdc where the rule should be added.
state: ${4|present,absent|} # not required. choices: present;absent. If the object should be added or removed.
instance_id: ${5:None} # not required. The instance id in a vchs environment to be used for creating the vapp.
host: ${6:None} # not required. The authentication host to be used when service type is vcd.
service_type: ${7|vca,vchs,vcd|} # not required. choices: vca;vchs;vcd. The type of service we are authenticating against.
org: ${8:None} # not required. The org to login to for creating vapp. This option is required when the C(service_type) is I(vdc).
password: ${9:None} # not required. The vca password, if not set the environment variable C(VCA_PASS) is checked for the password.
vdc_name: ${10:None} # not required. The name of the vdc where the gateway is located.
api_version: ${11:5.7} # not required. The api version to be used with the vca.
verify_certs: ${12:true} # not required. If the certificates of the authentication is to be verified.
"""
'vca_nat':
'prefix': "vca_nat_snippet"
'description': "add remove nat rules in a gateway in a vca"
'body': """
vca_nat:
nat_rules: ${1:false} # required. A list of rules to be added to the gateway, Please see examples on valid entries
username: ${2:None} # not required. The vca username or email address, if not set the environment variable C(VCA_USER) is checked for the username.
gateway_name: ${3:gateway} # not required. The name of the gateway of the vdc where the rule should be added.
purge_rules: ${4:false} # not required. If set to true, it will delete all rules in the gateway that are not given as parameter to this module.
state: ${5|present,absent|} # not required. choices: present;absent. If the object should be added or removed.
instance_id: ${6:None} # not required. The instance id in a vchs environment to be used for creating the vapp.
host: ${7:None} # not required. The authentication host to be used when service type is vcd.
org: ${8:None} # not required. The org to login to for creating vapp. This option is required when the C(service_type) is I(vdc).
service_type: ${9|vca,vchs,vcd|} # not required. choices: vca;vchs;vcd. The type of service we are authenticating against.
password: ${10:None} # not required. The vca password, if not set the environment variable C(VCA_PASS) is checked for the password.
vdc_name: ${11:None} # not required. The name of the vdc where the gateway is located.
api_version: ${12:5.7} # not required. The api version to be used with the vca.
verify_certs: ${13:true} # not required. If the certificates of the authentication is to be verified.
"""
'vca_vapp':
'prefix': "vca_vapp_snippet"
'description': "Manages vCloud Air vApp instances."
'body': """
vca_vapp:
vapp_name: ${1:undefined} # required. The name of the vCloud Air vApp instance
vm_name: ${2:None} # not required. The name of the virtual machine instance in the vApp to manage.
username: ${3:None} # not required. The vCloud Air username to use during authentication
vm_memory: ${4:None} # not required. The amount of memory in MB to allocate to VMs in the vApp. If the I(vm_name) argument is provided, then this becomes a per VM setting otherise it is applied to all VMs in the vApp.
gateway_name: ${5:gateway} # not required. The name of the gateway of the vdc where the rule should be added.
template_name: ${6:None} # not required. The name of the vApp template to use to create the vApp instance. If the I(state) is not `absent` then the I(template_name) value must be provided. The I(template_name) must be previously uploaded to the catalog specified by I(catalog_name)
network_mode: ${7|pool,dhcp,static|} # not required. choices: pool;dhcp;static. Configures the mode of the network connection.
org: ${8:None} # not required. The org to login to for creating vapp, mostly set when the service_type is vdc.
operation: ${9|noop,poweron,poweroff,suspend,shutdown,reboot,reset|} # not required. choices: noop;poweron;poweroff;suspend;shutdown;reboot;reset. Specifies an operation to be performed on the vApp.
password: ${10:None} # not required. The vCloud Air password to use during authentication
vm_cpus: ${11:None} # not required. The number of vCPUs to configure for the VM in the vApp. If the I(vm_name) argument is provided, then this becomes a per VM setting otherwise it is applied to all VMs in the vApp.
vdc_name: ${12:None} # not required. The name of the virtual data center (VDC) where the vm should be created or contains the vAPP.
network_name: ${13:None} # not required. The name of the network that should be attached to the virtual machine in the vApp. The virtual network specified must already be created in the vCloud Air VDC. If the I(state) is not 'absent' then the I(network_name) argument must be provided.
host: ${14:None} # not required. The authentication host to be used when service type is vcd.
instance_id: ${15:None} # not required. The instance id in a vchs environment to be used for creating the vapp
state: ${16|present,absent,deployed,undeployed|} # not required. choices: present;absent;deployed;undeployed. Configures the state of the vApp.
service_type: ${17|vca,vchs,vcd|} # not required. choices: vca;vchs;vcd. The type of service we are authenticating against
api_version: ${18:5.7} # not required. The api version to be used with the vca
verify_certs: ${19:true} # not required. If the certificates of the authentication is to be verified.
"""
'vcenter_folder':
'prefix': "vcenter_folder_snippet"
'description': "Manage folders on given datacenter"
'body': """
vcenter_folder:
datacenter: ${1:undefined} # required. Name of the datacenter.
folder_name: ${2:undefined} # required. Name of folder to be managed.,This is case sensitive parameter.,Folder name should be under 80 characters. This is a VMware restriction.
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
folder_type: ${4|datastore,host,network,vm|} # not required. choices: datastore;host;network;vm. This is type of folder.,If set to C(vm), then 'VM and Template Folder' is created under datacenter.,If set to C(host), then 'Host and Cluster Folder' is created under datacenter.,If set to C(datastore), then 'Storage Folder' is created under datacenter.,If set to C(network), then 'Network Folder' is created under datacenter.,This parameter is required, if C(state) is set to C(present) and parent_folder is absent.,This option is ignored, if C(parent_folder) is set.
hostname: ${5:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
state: ${6|present,absent|} # not required. choices: present;absent. State of folder.,If set to C(present) without parent folder parameter, then folder with C(folder_type) is created.,If set to C(present) with parent folder parameter, then folder in created under parent folder. C(folder_type) is ignored.,If set to C(absent), then folder is unregistered and destroyed.
parent_folder: ${7:undefined} # not required. Name of the parent folder under which new folder needs to be created.,This is case sensitive parameter.,Please specify unique folder name as there is no way to detect duplicate names.,If user wants to create a folder under '/DC0/vm/vm_folder', this value will be 'vm_folder'.
password: ${8:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${9:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${10:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vcenter_license':
'prefix': "vcenter_license_snippet"
'description': "Manage VMware vCenter license keys"
'body': """
vcenter_license:
license: ${1:undefined} # required. The license key to manage in vSphere vCenter.
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
labels: ${4:[object Object]} # not required. The optional labels of the license key to manage in vSphere vCenter.,This is dictionary with key/value pair.
state: ${5|absent,present|} # not required. choices: absent;present. Whether to add (C(present)) or remove (C(absent)) the license key.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vdirect_commit':
'prefix': "vdirect_commit_snippet"
'description': "Commits pending configuration changes on Radware devices"
'body': """
vdirect_commit:
vdirect_user: ${1:None} # required. vDirect server username, may be set as C(VDIRECT_USER) environment variable.
vdirect_ip: ${2:undefined} # required. Primary vDirect server IP address, may be set as C(VDIRECT_IP) environment variable.
devices: ${3:undefined} # required. List of Radware Alteon device names for commit operations.
vdirect_password: ${4:None} # required. vDirect server password, may be set as C(VDIRECT_PASSWORD) environment variable.
vdirect_wait: ${5:yes} # not required. Wait for async operation to complete, may be set as C(VDIRECT_WAIT) environment variable.
vdirect_https_port: ${6:2189} # not required. vDirect server HTTPS port number, may be set as C(VDIRECT_HTTPS_PORT) environment variable.
vdirect_validate_certs: ${7:yes} # not required. If C(no), SSL certificates will not be validated,,may be set as C(VDIRECT_VALIDATE_CERTS) or C(VDIRECT_VERIFY) environment variable.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
vdirect_timeout: ${8:60} # not required. Amount of time to wait for async operation completion [seconds],,may be set as C(VDIRECT_TIMEOUT) environment variable.
vdirect_http_port: ${9:2188} # not required. vDirect server HTTP port number, may be set as C(VDIRECT_HTTP_PORT) environment variable.
sync: ${10:yes} # not required. If C(no), sync action will not be performed. Relevant for ADC devices only.
apply: ${11:yes} # not required. If C(no), apply action will not be performed. Relevant for ADC devices only.
vdirect_secondary_ip: ${12:None} # not required. Secondary vDirect server IP address, may be set as C(VDIRECT_SECONDARY_IP) environment variable.
save: ${13:yes} # not required. If C(no), save action will not be performed. Relevant for ADC devices only.
vdirect_use_ssl: ${14:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection,,may be set as C(VDIRECT_HTTPS) or C(VDIRECT_USE_SSL) environment variable.
"""
'vdirect_file':
'prefix': "vdirect_file_snippet"
'description': "Uploads a new or updates an existing runnable file into Radware vDirect server"
'body': """
vdirect_file:
vdirect_user: ${1:None} # required. vDirect server username, may be set as VDIRECT_USER environment variable.
file_name: ${2:undefined} # required. vDirect runnable file name to be uploaded.,May be velocity configuration template (.vm) or workflow template zip file (.zip).
vdirect_ip: ${3:undefined} # required. Primary vDirect server IP address, may be set as VDIRECT_IP environment variable.
vdirect_password: ${4:None} # required. vDirect server password, may be set as VDIRECT_PASSWORD environment variable.
vdirect_wait: ${5:yes} # not required. Wait for async operation to complete, may be set as VDIRECT_WAIT environment variable.
vdirect_https_port: ${6:2189} # not required. vDirect server HTTPS port number, may be set as VDIRECT_HTTPS_PORT environment variable.
vdirect_validate_certs: ${7:yes} # not required. If C(no), SSL certificates will not be validated,,may be set as VDIRECT_VALIDATE_CERTS or VDIRECT_VERIFY environment variable.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
vdirect_timeout: ${8:60} # not required. Amount of time to wait for async operation completion [seconds],,may be set as VDIRECT_TIMEOUT environment variable.
vdirect_http_port: ${9:2188} # not required. vDirect server HTTP port number, may be set as VDIRECT_HTTP_PORT environment variable.
vdirect_secondary_ip: ${10:None} # not required. Secondary vDirect server IP address, may be set as VDIRECT_SECONDARY_IP environment variable.
vdirect_use_ssl: ${11:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection,,may be set as VDIRECT_HTTPS or VDIRECT_USE_SSL environment variable.
"""
'vdirect_runnable':
'prefix': "vdirect_runnable_snippet"
'description': "Runs templates and workflow actions in Radware vDirect server"
'body': """
vdirect_runnable:
vdirect_user: ${1:None} # required. vDirect server username, may be set as C(VDIRECT_USER) environment variable.
runnable_name: ${2:undefined} # required. vDirect runnable name to run.,May be configuration template name, workflow template name or workflow instance name.
vdirect_ip: ${3:undefined} # required. Primary vDirect server IP address, may be set as C(VDIRECT_IP) environment variable.
runnable_type: ${4:undefined} # required. vDirect runnable type.,May be ConfigurationTemplate, WorkflowTemplate or a Workflow.
vdirect_password: ${5:None} # required. vDirect server password, may be set as C(VDIRECT_PASSWORD) environment variable.
vdirect_wait: ${6:yes} # not required. Wait for async operation to complete, may be set as C(VDIRECT_WAIT) environment variable.
parameters: ${7:undefined} # not required. Action parameters dictionary. In case of ConfigurationTemplate runnable type,,the device connection details should always be passed as a parameter.
vdirect_https_port: ${8:2189} # not required. vDirect server HTTPS port number, may be set as C(VDIRECT_HTTPS_PORT) environment variable.
vdirect_validate_certs: ${9:yes} # not required. If C(no), SSL certificates will not be validated,,may be set as C(VDIRECT_VALIDATE_CERTS) or C(VDIRECT_VERIFY) environment variable.,This should only set to C(no) used on personally controlled sites using self-signed certificates.
vdirect_timeout: ${10:60} # not required. Amount of time to wait for async operation completion [seconds],,may be set as C(VDIRECT_TIMEOUT) environment variable.
vdirect_http_port: ${11:2188} # not required. vDirect server HTTP port number, may be set as C(VDIRECT_HTTP_PORT) environment variable.
action_name: ${12:undefined} # not required. Workflow action name to run.,Required if I(runnable_type=Workflow).
vdirect_secondary_ip: ${13:None} # not required. Secondary vDirect server IP address, may be set as C(VDIRECT_SECONDARY_IP) environment variable.
vdirect_use_ssl: ${14:yes} # not required. If C(no), an HTTP connection will be used instead of the default HTTPS connection,,may be set as C(VDIRECT_HTTPS) or C(VDIRECT_USE_SSL) environment variable.
"""
'vdo':
'prefix': "vdo_snippet"
'description': "Module to control VDO"
'body': """
vdo:
name: ${1:undefined} # required. The name of the VDO volume.
state: ${2|present,absent|} # required. choices: present;absent. Whether this VDO volume should be \"present\" or \"absent\". If a \"present\" VDO volume does not exist, it will be created. If a \"present\" VDO volume already exists, it will be modified, by updating the configuration, which will take effect when the VDO volume is restarted. Not all parameters of an existing VDO volume can be modified; the \"statusparamkeys\" list contains the parameters that can be modified after creation. If an \"absent\" VDO volume does not exist, it will not be removed.
readcachesize: ${3:undefined} # not required. Specifies the extra VDO device read cache size in megabytes. This is in addition to a system-defined minimum. Using a value with a suffix of K, M, G, or T is optional. The default value is 0. 1.125 MB of memory per bio thread will be used per 1 MB of read cache specified (for example, a VDO volume configured with 4 bio threads will have a read cache memory usage overhead of 4.5 MB per 1 MB of read cache specified). Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
ackthreads: ${4:undefined} # not required. Specifies the number of threads to use for acknowledging completion of requested VDO I/O operations. Valid values are integer values from 1 to 100 (lower numbers are preferable due to overhead). The default is 1. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
biothreads: ${5:undefined} # not required. Specifies the number of threads to use for submitting I/O operations to the storage device. Valid values are integer values from 1 to 100 (lower numbers are preferable due to overhead). The default is 4. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
activated: ${6|yes,no|} # not required. choices: yes;no. The \"activate\" status for a VDO volume. If this is set to \"no\", the VDO volume cannot be started, and it will not start on system startup. However, on initial creation, a VDO volume with \"activated\" set to \"off\" will be running, until stopped. This is the default behavior of the \"vdo create\" command; it provides the user an opportunity to write a base amount of metadata (filesystem, LVM headers, etc.) to the VDO volume prior to stopping the volume, and leaving it deactivated until ready to use.
running: ${7|yes,no|} # not required. choices: yes;no. Whether this VDO volume is running. A VDO volume must be activated in order to be started.
emulate512: ${8:undefined} # not required. Enables 512-byte emulation mode, allowing drivers or filesystems to access the VDO volume at 512-byte granularity, instead of the default 4096-byte granularity. Default is 'disabled'; only recommended when a driver or filesystem requires 512-byte sector level access to a device. This option is only available when creating a new volume, and cannot be changed for an existing volume.
indexmem: ${9:undefined} # not required. Specifies the amount of index memory in gigabytes. The default is 0.25. The special decimal values 0.25, 0.5, and 0.75 can be used, as can any positive integer. This option is only available when creating a new volume, and cannot be changed for an existing volume.
device: ${10:undefined} # not required. The full path of the device to use for VDO storage. This is required if \"state\" is \"present\".
logicalthreads: ${11:undefined} # not required. Specifies the number of threads across which to subdivide parts of the VDO processing based on logical block addresses. Valid values are integer values from 1 to 100 (lower numbers are preferable due to overhead). The default is 1. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
blockmapcachesize: ${12:undefined} # not required. The amount of memory allocated for caching block map pages, in megabytes (or may be issued with an LVM-style suffix of K, M, G, or T). The default (and minimum) value is 128M. The value specifies the size of the cache; there is a 15% memory usage overhead. Each 1.25G of block map covers 1T of logical blocks, therefore a small amount of block map cache memory can cache a significantly large amount of block map data. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
writepolicy: ${13|auto,sync,async|} # not required. choices: auto;sync;async. Specifies the write policy of the VDO volume. The 'sync' mode acknowledges writes only after data is on stable storage. The 'async' mode acknowledges writes when data has been cached for writing to stable storage. The default (and highly recommended) 'auto' mode checks the storage device to determine whether it supports flushes. Devices that support flushes will result in a VDO volume in 'async' mode, while devices that do not support flushes will run in sync mode. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
compression: ${14|enabled,disabled|} # not required. choices: enabled;disabled. Configures whether compression is enabled. The default for a created volume is 'enabled'. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
deduplication: ${15|enabled,disabled|} # not required. choices: enabled;disabled. Configures whether deduplication is enabled. The default for a created volume is 'enabled'. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
physicalthreads: ${16:undefined} # not required. Specifies the number of threads across which to subdivide parts of the VDO processing based on physical block addresses. Valid values are integer values from 1 to 16 (lower numbers are preferable due to overhead). The physical space used by the VDO volume must be larger than (slabsize * physicalthreads). The default is 1. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
readcache: ${17|enabled,disabled|} # not required. choices: enabled;disabled. Enables or disables the read cache. The default is 'disabled'. Choosing 'enabled' enables a read cache which may improve performance for workloads of high deduplication, read workloads with a high level of compression, or on hard disk storage. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
logicalsize: ${18:undefined} # not required. The logical size of the VDO volume (in megabytes, or LVM suffix format). If not specified for a new volume, this defaults to the same size as the underlying storage device, which is specified in the 'device' parameter. Existing volumes will maintain their size if the logicalsize parameter is not specified, or is smaller than or identical to the current size. If the specified size is larger than the current size, a growlogical operation will be performed.
growphysical: ${19:false} # not required. Specifies whether to attempt to execute a growphysical operation, if there is enough unused space on the device. A growphysical operation will be executed if there is at least 64 GB of free space, relative to the previous physical size of the affected VDO volume.
indexmode: ${20:undefined} # not required. Specifies the index mode of the Albireo index. The default is 'dense', which has a deduplication window of 1 GB of index memory per 1 TB of incoming data, requiring 10 GB of index data on persistent storage. The 'sparse' mode has a deduplication window of 1 GB of index memory per 10 TB of incoming data, but requires 100 GB of index data on persistent storage. This option is only available when creating a new volume, and cannot be changed for an existing volume.
slabsize: ${21:undefined} # not required. The size of the increment by which the physical size of a VDO volume is grown, in megabytes (or may be issued with an LVM-style suffix of K, M, G, or T). Must be a power of two between 128M and 32G. The default is 2G, which supports volumes having a physical size up to 16T. The maximum, 32G, supports a physical size of up to 256T. This option is only available when creating a new volume, and cannot be changed for an existing volume.
cputhreads: ${22:undefined} # not required. Specifies the number of threads to use for CPU-intensive work such as hashing or compression. Valid values are integer values from 1 to 100 (lower numbers are preferable due to overhead). The default is 2. Existing volumes will maintain their previously configured setting unless a different value is specified in the playbook.
"""
'vertica_configuration':
'prefix': "vertica_configuration_snippet"
'description': "Updates Vertica configuration parameters."
'body': """
vertica_configuration:
name: ${1:undefined} # required. Name of the parameter to update.
value: ${2:undefined} # required. Value of the parameter to be set.
cluster: ${3:localhost} # not required. Name of the Vertica cluster.
login_password: ${4:null} # not required. The password used to authenticate with.
login_user: ${5:dbadmin} # not required. The username used to authenticate with.
db: ${6:null} # not required. Name of the Vertica database.
port: ${7:5433} # not required. Vertica cluster port to connect to.
"""
'vertica_facts':
'prefix': "vertica_facts_snippet"
'description': "Gathers Vertica database facts."
'body': """
vertica_facts:
login_user: ${1:dbadmin} # not required. The username used to authenticate with.
cluster: ${2:localhost} # not required. Name of the cluster running the schema.
db: ${3:null} # not required. Name of the database running the schema.
port: ${4:5433} # not required. Database port to connect to.
login_password: ${5:null} # not required. The password used to authenticate with.
"""
'vertica_role':
'prefix': "vertica_role_snippet"
'description': "Adds or removes Vertica database roles and assigns roles to them."
'body': """
vertica_role:
name: ${1:undefined} # required. Name of the role to add or remove.
assigned_roles: ${2:null} # not required. Comma separated list of roles to assign to the role.
login_user: ${3:dbadmin} # not required. The username used to authenticate with.
db: ${4:null} # not required. Name of the Vertica database.
cluster: ${5:localhost} # not required. Name of the Vertica cluster.
state: ${6|present,absent|} # not required. choices: present;absent. Whether to create C(present), drop C(absent) or lock C(locked) a role.
login_password: ${7:null} # not required. The password used to authenticate with.
port: ${8:5433} # not required. Vertica cluster port to connect to.
"""
'vertica_schema':
'prefix': "vertica_schema_snippet"
'description': "Adds or removes Vertica database schema and roles."
'body': """
vertica_schema:
name: ${1:undefined} # required. Name of the schema to add or remove.
create_roles: ${2:null} # not required. Comma separated list of roles to create and grant usage and create access to the schema.
login_user: ${3:dbadmin} # not required. The username used to authenticate with.
db: ${4:null} # not required. Name of the Vertica database.
usage_roles: ${5:null} # not required. Comma separated list of roles to create and grant usage access to the schema.
cluster: ${6:localhost} # not required. Name of the Vertica cluster.
state: ${7|present,absent|} # not required. choices: present;absent. Whether to create C(present), or drop C(absent) a schema.
login_password: ${8:null} # not required. The password used to authenticate with.
owner: ${9:null} # not required. Name of the user to set as owner of the schema.
port: ${10:5433} # not required. Vertica cluster port to connect to.
"""
'vertica_user':
'prefix': "vertica_user_snippet"
'description': "Adds or removes Vertica database users and assigns roles."
'body': """
vertica_user:
name: ${1:undefined} # required. Name of the user to add or remove.
profile: ${2:null} # not required. Sets the user's profile.
resource_pool: ${3:null} # not required. Sets the user's resource pool.
roles: ${4:null} # not required. Comma separated list of roles to assign to the user.
login_user: ${5:dbadmin} # not required. The username used to authenticate with.
ldap: ${6:null} # not required. Set to true if users are authenticated via LDAP.,The user will be created with password expired and set to I($ldap$).
db: ${7:null} # not required. Name of the Vertica database.
cluster: ${8:localhost} # not required. Name of the Vertica cluster.
state: ${9|present,absent,locked|} # not required. choices: present;absent;locked. Whether to create C(present), drop C(absent) or lock C(locked) a user.
login_password: ${10:null} # not required. The password used to authenticate with.
password: ${11:null} # not required. The user's password encrypted by the MD5 algorithm.,The password must be generated with the format C(\"md5\" + md5[password + username]), resulting in a total of 35 characters. An easy way to do this is by querying the Vertica database with select 'md5'||md5('<user_password><user_name>').
expired: ${12:null} # not required. Sets the user's password expiration.
port: ${13:5433} # not required. Vertica cluster port to connect to.
"""
'virt':
'prefix': "virt_snippet"
'description': "Manages virtual machines supported by libvirt"
'body': """
virt:
name: ${1:undefined} # required. name of the guest VM being managed. Note that VM must be previously defined with xml.
xml: ${2:undefined} # not required. XML document used with the define command.
state: ${3|destroyed,paused,running,shutdown|} # not required. choices: destroyed;paused;running;shutdown. Note that there may be some lag for state requests like C(shutdown) since these refer only to VM states. After starting a guest, it may not be immediately accessible.
command: ${4|create,define,destroy,freemem,get_xml,info,list_vms,nodeinfo,pause,shutdown,start,status,stop,undefine,unpause,virttype|} # not required. choices: create;define;destroy;freemem;get_xml;info;list_vms;nodeinfo;pause;shutdown;start;status;stop;undefine;unpause;virttype. In addition to state management, various non-idempotent commands are available.
autostart: ${5:undefined} # not required. start VM at host startup.
uri: ${6:qemu:///system} # not required. libvirt connection uri.
"""
'virt_net':
'prefix': "virt_net_snippet"
'description': "Manage libvirt network configuration"
'body': """
virt_net:
name: ${1:undefined} # required. name of the network being managed. Note that network must be previously defined with xml.
xml: ${2:undefined} # not required. XML document used with the define command.
state: ${3|active,inactive,present,absent|} # not required. choices: active;inactive;present;absent. specify which state you want a network to be in. If 'active', network will be started. If 'present', ensure that network is present but do not change its state; if it's missing, you need to specify xml argument. If 'inactive', network will be stopped. If 'undefined' or 'absent', network will be removed from I(libvirt) configuration.
command: ${4|define,create,start,stop,destroy,undefine,get_xml,list_nets,facts,info,status,modify|} # not required. choices: define;create;start;stop;destroy;undefine;get_xml;list_nets;facts;info;status;modify. in addition to state management, various non-idempotent commands are available. See examples. Modify was added in version 2.1
autostart: ${5|yes,no|} # not required. choices: yes;no. Specify if a given storage pool should be started automatically on system boot.
uri: ${6:qemu:///system} # not required. libvirt connection uri.
"""
'virt_pool':
'prefix': "virt_pool_snippet"
'description': "Manage libvirt storage pools"
'body': """
virt_pool:
xml: ${1:undefined} # not required. XML document used with the define command.
state: ${2|active,inactive,present,absent,undefined,deleted|} # not required. choices: active;inactive;present;absent;undefined;deleted. specify which state you want a storage pool to be in. If 'active', pool will be started. If 'present', ensure that pool is present but do not change its state; if it's missing, you need to specify xml argument. If 'inactive', pool will be stopped. If 'undefined' or 'absent', pool will be removed from I(libvirt) configuration. If 'deleted', pool contents will be deleted and then pool undefined.
command: ${3|define,build,create,start,stop,destroy,delete,undefine,get_xml,list_pools,facts,info,status|} # not required. choices: define;build;create;start;stop;destroy;delete;undefine;get_xml;list_pools;facts;info;status. in addition to state management, various non-idempotent commands are available. See examples.
name: ${4:undefined} # not required. name of the storage pool being managed. Note that pool must be previously defined with xml.
autostart: ${5|yes,no|} # not required. choices: yes;no. Specify if a given storage pool should be started automatically on system boot.
uri: ${6:qemu:///system} # not required. I(libvirt) connection uri.
mode: ${7|new,repair,resize,no_overwrite,overwrite,normal,zeroed|} # not required. choices: new;repair;resize;no_overwrite;overwrite;normal;zeroed. Pass additional parameters to 'build' or 'delete' commands.
"""
'vmadm':
'prefix': "vmadm_snippet"
'description': "Manage SmartOS virtual machines and zones."
'body': """
vmadm:
state: ${1|present,absent,stopped,restarted|} # required. choices: present;absent;stopped;restarted. States for the VM to be in. Please note that C(present), C(stopped) and C(restarted) operate on a VM that is currently provisioned. C(present) means that the VM will be created if it was absent, and that it will be in a running state. C(absent) will shutdown the zone before removing it. C(stopped) means the zone will be created if it doesn't exist already, before shutting it down.
brand: ${2|joyent,joyent-minimal,kvm,lx|} # required. choices: joyent;joyent-minimal;kvm;lx. Type of virtual machine.
customer_metadata: ${3:undefined} # not required. Metadata to be set and associated with this VM, this contain customer modifiable keys.
disk_driver: ${4:undefined} # not required. Default value for a virtual disk model for KVM guests.
force: ${5:undefined} # not required. Force a particular action (i.e. stop or delete a VM).
zfs_root_compression: ${6:undefined} # not required. Specifies compression algorithm used for this VMs root dataset. This option only has effect on the zoneroot dataset.
virtio_txtimer: ${7:undefined} # not required. Timeout (in nanoseconds) for the TX timer of virtio NICs.
spice_password: ${8:undefined} # not required. Password required to connect to SPICE. By default no password is set. Please note this can be read from the Global Zone.
zfs_io_priority: ${9:undefined} # not required. IO throttle priority value relative to other VMs.
ram: ${10:undefined} # not required. Amount of virtual RAM for a KVM guest (in MiBs).
dns_domain: ${11:undefined} # not required. Domain value for C(/etc/hosts).
max_physical_memory: ${12:undefined} # not required. Maximum amount of memory (in MiBs) on the host that the VM is allowed to use.
nic_driver: ${13:undefined} # not required. Default value for a virtual NIC model for KVM guests.
zfs_data_compression: ${14:undefined} # not required. Specifies compression algorithm used for this VMs data dataset. This option only has effect on delegated datasets.
image_uuid: ${15:undefined} # not required. Image UUID.
fs_allowed: ${16:undefined} # not required. Comma separated list of filesystem types this zone is allowed to mount.
indestructible_delegated: ${17:undefined} # not required. Adds an C(@indestructible) snapshot to delegated datasets.
qemu_opts: ${18:undefined} # not required. Additional qemu arguments for KVM guests. This overwrites the default arguments provided by vmadm(1M) and should only be used for debugging.
delegate_dataset: ${19:undefined} # not required. Whether to delegate a ZFS dataset to an OS VM.
firewall_enabled: ${20:undefined} # not required. Enables the firewall, allowing fwadm(1M) rules to be applied.
mdata_exec_timeout: ${21:undefined} # not required. Timeout in seconds (or 0 to disable) for the C(svc:/smartdc/mdata:execute) service that runs user-scripts in the zone.
archive_on_delete: ${22:undefined} # not required. When enabled, the zone dataset will be mounted on C(/zones/archive) upon removal.
nics: ${23:undefined} # not required. A list of nics to add, valid properties are documented in vmadm(1M).
hostname: ${24:undefined} # not required. Zone/VM hostname.
boot: ${25:undefined} # not required. Set the boot order for KVM VMs.
vga: ${26:undefined} # not required. Specify VGA emulation used by KVM VMs.
zfs_snapshot_limit: ${27:undefined} # not required. Number of snapshots the VM can have.
limit_priv: ${28:undefined} # not required. Set (comma separated) list of privileges the zone is allowed to use.
cpu_cap: ${29:undefined} # not required. Sets a limit on the amount of CPU time that can be used by a VM. Use C(0) for no cap.
maintain_resolvers: ${30:undefined} # not required. Resolvers in C(/etc/resolv.conf) will be updated when updating the I(resolvers) property.
indestructible_zoneroot: ${31:undefined} # not required. Adds an C(@indestructible) snapshot to zoneroot.
vnc_password: ${32:undefined} # not required. Password required to connect to VNC. By default no password is set. Please note this can be read from the Global Zone.
vcpus: ${33:undefined} # not required. Number of virtual CPUs for a KVM guest.
disks: ${34:undefined} # not required. A list of disks to add, valid properties are documented in vmadm(1M).
max_swap: ${35:undefined} # not required. Maximum amount of virtual memory (in MiBs) the VM is allowed to use.
zfs_root_recsize: ${36:undefined} # not required. Suggested block size (power of 2) for files in the zoneroot dataset's filesystem.
zfs_filesystem_limit: ${37:undefined} # not required. Maximum number of filesystems the VM can have.
quota: ${38:undefined} # not required. Quota on zone filesystems (in MiBs).
filesystems: ${39:undefined} # not required. Mount additional filesystems into an OS VM.
autoboot: ${40:undefined} # not required. Whether or not a VM is booted when the system is rebooted.
tmpfs: ${41:undefined} # not required. Amount of memory (in MiBs) that will be available in the VM for the C(/tmp) filesystem.
qemu_extra_opts: ${42:undefined} # not required. Additional qemu cmdline arguments for KVM guests.
resolvers: ${43:undefined} # not required. List of resolvers to be put into C(/etc/resolv.conf).
max_lwps: ${44:undefined} # not required. Maximum number of lightweight processes this VM is allowed to have running.
nowait: ${45:undefined} # not required. Consider the provisioning complete when the VM first starts, rather than when the VM has rebooted.
name: ${46:undefined} # not required. Name of the VM. vmadm(1M) uses this as an optional name.
kernel_version: ${47:undefined} # not required. Kernel version to emulate for LX VMs.
max_locked_memory: ${48:undefined} # not required. Total amount of memory (in MiBs) on the host that can be locked by this VM.
vnc_port: ${49:undefined} # not required. TCP port to listen of the VNC server. Or set C(0) for random, or C(-1) to disable.
uuid: ${50:undefined} # not required. UUID of the VM. Can either be a full UUID or C(*) for all VMs.
internal_metadata_namespace: ${51:undefined} # not required. List of namespaces to be set as I(internal_metadata-only); these namespaces will come from I(internal_metadata) rather than I(customer_metadata).
virtio_txburst: ${52:undefined} # not required. Number of packets that can be sent in a single flush of the tx queue of virtio NICs.
spice_opts: ${53:undefined} # not required. Addition options for SPICE-enabled KVM VMs.
zfs_data_recsize: ${54:undefined} # not required. Suggested block size (power of 2) for files in the delegated dataset's filesystem.
internal_metadata: ${55:undefined} # not required. Metadata to be set and associated with this VM, this contains operator generated keys.
cpu_type: ${56|qemu64,host|} # not required. choices: qemu64;host. Control the type of virtual CPU exposed to KVM VMs.
routes: ${57:undefined} # not required. Dictionary that maps destinations to gateways, these will be set as static routes in the VM.
zpool: ${58:undefined} # not required. ZFS pool the VM's zone dataset will be created in.
docker: ${59:undefined} # not required. Docker images need this flag enabled along with the I(brand) set to C(lx).
cpu_shares: ${60:undefined} # not required. Sets a limit on the number of fair share scheduler (FSS) CPU shares for a VM. This limit is relative to all other VMs on the system.
"""
'vmware_cfg_backup':
'prefix': "vmware_cfg_backup_snippet"
'description': "Backup / Restore / Reset ESXi host configuration"
'body': """
vmware_cfg_backup:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
src: ${2:undefined} # not required. The file containing the ESXi configuration that will be restored.
dest: ${3:undefined} # not required. The destination where the ESXi configuration bundle will be saved. The I(dest) can be a folder or a file.,If I(dest) is a folder, the backup file will be saved in the folder with the default filename generated from the ESXi server.,If I(dest) is a file, the backup file will be saved with that filename. The file extension will always be .tgz.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
state: ${5|saved,absent,loaded|} # not required. choices: saved;absent;loaded. If C(saved), the .tgz backup bundle will be saved in I(dest).,If C(absent), the host configuration will be reset to default values.,If C(loaded), the backup file in I(src) will be loaded to the ESXi host rewriting the hosts settings.
esxi_hostname: ${6:undefined} # not required. Name of ESXi server. This is required only if authentication against a vCenter is done.
password: ${7:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${8:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_cluster':
'prefix': "vmware_cluster_snippet"
'description': "Manage VMware vSphere clusters"
'body': """
vmware_cluster:
datacenter_name: ${1:undefined} # required. The name of the datacenter the cluster will be created in.
cluster_name: ${2:undefined} # required. The name of the cluster that will be created.
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
enable_drs: ${4:no} # not required. If set to C(yes) will enable DRS when the cluster is created.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
port: ${6:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
enable_ha: ${7:no} # not required. If set to C(yes) will enable HA when the cluster is created.
enable_vsan: ${8:no} # not required. If set to C(yes) will enable vSAN when the cluster is created.
hostname: ${9:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
state: ${10|absent,present|} # not required. choices: absent;present. Create (C(present)) or remove (C(absent)) a VMware vSphere cluster.
validate_certs: ${11:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_datacenter':
'prefix': "vmware_datacenter_snippet"
'description': "Manage VMware vSphere Datacenters"
'body': """
vmware_datacenter:
username: ${1:undefined} # required. The username of the vSphere vCenter
datacenter_name: ${2:undefined} # required. The name of the datacenter the cluster will be created in.
hostname: ${3:undefined} # required. The hostname or IP address of the vSphere vCenter API server
password: ${4:undefined} # required. The password of the vSphere vCenter
state: ${5|present,absent|} # not required. choices: present;absent. If the datacenter should be present or absent
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_datastore_facts':
'prefix': "vmware_datastore_facts_snippet"
'description': "Gather facts about datastores"
'body': """
vmware_datastore_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
datacenter: ${2:undefined} # not required. Datacenter to search for datastores,This is required if cluster is not supplied
name: ${3:undefined} # not required. Name of a datastore to match
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster: ${5:undefined} # not required. Cluster to search for datastores,This is required if datacenter is not supplied
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_dns_config':
'prefix': "vmware_dns_config_snippet"
'description': "Manage VMware ESXi DNS Configuration"
'body': """
vmware_dns_config:
dns_servers: ${1:undefined} # required. The DNS servers that the host should be configured to use.
domainname: ${2:undefined} # required. The domain the ESXi host should be apart of.
change_hostname_to: ${3:undefined} # required. The hostname that an ESXi host should be changed to.
username: ${4:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${5:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_drs_rule_facts':
'prefix': "vmware_drs_rule_facts_snippet"
'description': "Gathers facts about DRS rule on the given cluster"
'body': """
vmware_drs_rule_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
datacenter: ${2:undefined} # not required. Name of the datacenter.,DRS facts for all the clusters from the given datacenter will be returned.,This is required parameter if C(cluster_name) parameter is not provided.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${4:undefined} # not required. Name of the cluster.,DRS facts for the given cluster will be returned.,This is required parameter if C(datacenter) parameter is not provided.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_dvs_host':
'prefix': "vmware_dvs_host_snippet"
'description': "Add or remove a host from distributed virtual switch"
'body': """
vmware_dvs_host:
state: ${1|present,absent|} # required. choices: present;absent. If the host should be present or absent attached to the vSwitch.
esxi_hostname: ${2:undefined} # required. The ESXi hostname.
vmnics: ${3:undefined} # required. The ESXi hosts vmnics to use with the Distributed vSwitch.
switch_name: ${4:undefined} # required. The name of the Distributed vSwitch.
username: ${5:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${7:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
password: ${9:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_dvs_portgroup':
'prefix': "vmware_dvs_portgroup_snippet"
'description': "Create or remove a Distributed vSwitch portgroup."
'body': """
vmware_dvs_portgroup:
portgroup_name: ${1:undefined} # required. The name of the portgroup that is to be created or deleted.
state: ${2|present,absent|} # required. choices: present;absent. Determines if the portgroup should be present or not.
num_ports: ${3:undefined} # required. The number of ports the portgroup should contain.
vlan_id: ${4:undefined} # required. The VLAN ID that should be configured with the portgroup, use 0 for no VLAN.,If C(vlan_trunk) is configured to be I(true), this can be a range, example: 1-4094.
portgroup_type: ${5|earlyBinding,lateBinding,ephemeral|} # required. choices: earlyBinding;lateBinding;ephemeral. See VMware KB 1022312 regarding portgroup types.
switch_name: ${6:undefined} # required. The name of the distributed vSwitch the port group should be created on.
username: ${7:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
password: ${8:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
teaming_policy: ${9:[object Object]} # not required. Dictionary which configures the different teaming values for portgroup.,Valid attributes are:,- C(load_balance_policy) (string): Network adapter teaming policy. (default: loadbalance_srcid), - choices: [ loadbalance_ip, loadbalance_srcmac, loadbalance_srcid, failover_explicit],- C(inbound_policy) (bool): Indicate whether or not the teaming policy is applied to inbound frames as well. (default: False),- C(notify_switches) (bool): Indicate whether or not to notify the physical switch if a link fails. (default: True),- C(rolling_order) (bool): Indicate whether or not to use a rolling policy when restoring links. (default: False)
port_policy: ${10:[object Object]} # not required. Dictionary which configures the advanced policy settings for the portgroup.,Valid attributes are:,- C(block_override) (bool): indicates if the block policy can be changed per port. (default: true),- C(ipfix_override) (bool): indicates if the ipfix policy can be changed per port. (default: false),- C(live_port_move) (bool): indicates if a live port can be moved in or out of the portgroup. (default: false),- C(network_rp_override) (bool): indicates if the network resource pool can be changed per port. (default: false),- C(port_config_reset_at_disconnect) (bool): indicates if the configuration of a port is reset automatically after disconnect. (default: true),- C(security_override) (bool): indicates if the security policy can be changed per port. (default: false),- C(shaping_override) (bool): indicates if the shaping policy can be changed per port. (default: false),- C(traffic_filter_override) (bool): indicates if the traffic filter can be changed per port. (default: false),- C(uplink_teaming_override) (bool): indicates if the uplink teaming policy can be changed per port. (default: false),- C(vendor_config_override) (bool): indicates if the vendor config can be changed per port. (default: false),- C(vlan_override) (bool): indicates if the vlan can be changed per port. (default: false)
hostname: ${11:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${12:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
network_policy: ${13:[object Object]} # not required. Dictionary which configures the different security values for portgroup.,Valid attributes are:,- C(promiscuous) (bool): indicates whether promiscuous mode is allowed. (default: false),- C(forged_transmits) (bool): indicates whether forged transmits are allowed. (default: false),- C(mac_changes) (bool): indicates whether mac changes are allowed. (default: false)
validate_certs: ${14:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
vlan_trunk: ${15:false} # not required. Indicates whether this is a VLAN trunk or not.
"""
'vmware_dvswitch':
'prefix': "vmware_dvswitch_snippet"
'description': "Create or remove a distributed vSwitch"
'body': """
vmware_dvswitch:
datacenter_name: ${1:undefined} # required. The name of the datacenter that will contain the dvSwitch
discovery_proto: ${2|cdp,lldp|} # required. choices: cdp;lldp. Link discovery protocol between Cisco and Link Layer discovery
mtu: ${3:undefined} # required. The switch maximum transmission unit
switch_name: ${4:undefined} # required. The name of the switch to create or remove
uplink_quantity: ${5:undefined} # required. Quantity of uplink per ESXi host added to the switch
username: ${6:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
password: ${7:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${8:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
state: ${10|present,absent|} # not required. choices: present;absent. Create or remove dvSwitch
discovery_operation: ${11|both,none,advertise,listen|} # not required. choices: both;none;advertise;listen. Select the discovery operation
validate_certs: ${12:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
switch_version: ${13:undefined} # not required. The version of the switch to create. Can be 6.5.0, 6.0.0, 5.5.0, 5.1.0, 5.0.0 with a vcenter running vSphere 6.5,Needed if you have a vcenter version > ESXi version to join DVS. If not specified version=version of vcenter
"""
'vmware_guest':
'prefix': "vmware_guest_snippet"
'description': "Manages virtual machines in vCenter"
'body': """
vmware_guest:
name: ${1:undefined} # required. Name of the VM to work with.,VM names in vCenter are not necessarily unique, which may be problematic, see C(name_match).,This parameter is case sensitive.
resource_pool: ${2:undefined} # not required. Affect machine to the given resource pool.,This parameter is case sensitive.,Resource pool should be child of the selected host parent.
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
snapshot_src: ${4:undefined} # not required. Name of the existing snapshot to use to create a clone of a VM.,This parameter is case sensitive.
force: ${5:no} # not required. Ignore warnings and complete the actions.,This parameter is useful while removing virtual machine which is powered on state.
esxi_hostname: ${6:undefined} # not required. The ESXi hostname where the virtual machine will run.,This parameter is case sensitive.
datacenter: ${7:ha-datacenter} # not required. Destination datacenter for the deploy operation.,This parameter is case sensitive.
hardware: ${8:undefined} # not required. Manage virtual machine's hardware attributes.,All parameters case sensitive.,Valid attributes are:, - C(hotadd_cpu) (boolean): Allow virtual CPUs to be added while the VM is running., - C(hotremove_cpu) (boolean): Allow virtual CPUs to be removed while the VM is running. version_added: 2.5, - C(hotadd_memory) (boolean): Allow memory to be added while the VM is running., - C(memory_mb) (integer): Amount of memory in MB., - C(nested_virt) (bool): Enable nested virtualization. version_added: 2.5, - C(num_cpus) (integer): Number of CPUs., - C(num_cpu_cores_per_socket) (integer): Number of Cores Per Socket. Value should be multiple of C(num_cpus)., - C(scsi) (string): Valid values are C(buslogic), C(lsilogic), C(lsilogicsas) and C(paravirtual) (default)., - C(memory_reservation) (integer): Amount of memory in MB to set resource limits for memory. version_added: 2.5, - C(memory_reservation_lock) (boolean): If set true, memory resource reservation for VM will always be equal to the VM's memory size. version_added: 2.5, - C(max_connections) (integer): Maximum number of active remote display connections for the virtual machines. version_added: 2.5., - C(mem_limit) (integer): The memory utilization of a virtual machine will not exceed this limit. Unit is MB. version_added: 2.5, - C(mem_reservation) (integer): The amount of memory resource that is guaranteed available to the virtual machine. Unit is MB. version_added: 2.5, - C(cpu_limit) (integer): The CPU utilization of a virtual machine will not exceed this limit. Unit is MHz. version_added: 2.5, - C(cpu_reservation) (integer): The amount of CPU resource that is guaranteed available to the virtual machine. Unit is MHz. version_added: 2.5
cluster: ${9:undefined} # not required. The cluster name where the virtual machine will run.,This parameter is case sensitive.
name_match: ${10|first,last|} # not required. choices: first;last. If multiple VMs matching the name, use the first or last found.
customization: ${11:undefined} # not required. Parameters for OS customization when cloning from template.,All parameters and VMware object names are case sensetive.,Common parameters (Linux/Windows):, - C(dns_servers) (list): List of DNS servers to configure., - C(dns_suffix) (list): List of domain suffixes, aka DNS search path (default: C(domain) parameter)., - C(domain) (string): DNS domain name to use., - C(hostname) (string): Computer hostname (default: shorted C(name) parameter).,Parameters related to Windows customization:, - C(autologon) (bool): Auto logon after VM customization (default: False)., - C(autologoncount) (int): Number of autologon after reboot (default: 1)., - C(domainadmin) (string): User used to join in AD domain (mandatory with C(joindomain))., - C(domainadminpassword) (string): Password used to join in AD domain (mandatory with C(joindomain))., - C(fullname) (string): Server owner name (default: Administrator)., - C(joindomain) (string): AD domain to join (Not compatible with C(joinworkgroup))., - C(joinworkgroup) (string): Workgroup to join (Not compatible with C(joindomain), default: WORKGROUP)., - C(orgname) (string): Organisation name (default: ACME)., - C(password) (string): Local administrator password., - C(productid) (string): Product ID., - C(runonce) (list): List of commands to run at first user logon., - C(timezone) (int): Timezone (See U(https://msdn.microsoft.com/en-us/library/ms912391.aspx)).
cdrom: ${12:undefined} # not required. A CD-ROM configuration for the VM.,Valid attributes are:, - C(type) (string): The type of CD-ROM, valid options are C(none), C(client) or C(iso). With C(none) the CD-ROM will be disconnected but present., - C(iso_path) (string): The datastore path to the ISO file to use, in the form of C([datastore1] path/to/file.iso). Required if type is set C(iso).
disk: ${13:undefined} # not required. A list of disks to add.,This parameter is case sensitive.,Resizing disks is not supported.,Removing existing disks of virtual machine is not supported.,Valid attributes are:, - C(size_[tb,gb,mb,kb]) (integer): Disk storage size in specified unit., - C(type) (string): Valid values are:, - C(thin) thin disk, - C(eagerzeroedthick) eagerzeroedthick disk, added in version 2.5, Default: C(None) thick disk, no eagerzero., - C(datastore) (string): Datastore to use for the disk. If C(autoselect_datastore) is enabled, filter datastore selection., - C(autoselect_datastore) (bool): select the less used datastore. Specify only if C(datastore) is not specified.
networks: ${14:undefined} # not required. A list of networks (in the order of the NICs).,All parameters and VMware object names are case sensetive.,One of the below parameters is required per entry:, - C(name) (string): Name of the portgroup for this interface., - C(vlan) (integer): VLAN number for this interface.,Optional parameters per entry (used for virtual hardware):, - C(device_type) (string): Virtual network device (one of C(e1000), C(e1000e), C(pcnet32), C(vmxnet2), C(vmxnet3) (default), C(sriov))., - C(mac) (string): Customize mac address.,Optional parameters per entry (used for OS customization):, - C(type) (string): Type of IP assignment (either C(dhcp) or C(static)). C(dhcp) is default., - C(ip) (string): Static IP address (implies C(type: static))., - C(netmask) (string): Static netmask required for C(ip)., - C(gateway) (string): Static gateway., - C(dns_servers) (string): DNS servers for this network interface (Windows)., - C(domain) (string): Domain name for this network interface (Windows)., - C(wake_on_lan) (bool): Indicates if wake-on-LAN is enabled on this virtual network adapter. version_added: 2.5, - C(start_connected) (bool): Indicates that virtual network adapter starts with associated virtual machine powers on. version_added: 2.5, - C(allow_guest_control) (bool): Enables guest control over whether the connectable device is connected. version_added: 2.5
wait_for_ip_address: ${15:no} # not required. Wait until vCenter detects an IP address for the VM.,This requires vmware-tools (vmtoolsd) to properly work after creation.,vmware-tools needs to be installed on given virtual machine in order to work with this parameter.
guest_id: ${16:undefined} # not required. Set the guest ID.,This parameter is case sensitive.,Examples:, VM with RHEL7 64 bit, will be 'rhel7_64Guest', VM with CensOS 64 bit, will be 'centos64Guest', VM with Ubuntu 64 bit, will be 'ubuntu64Guest',This field is required when creating a VM.,Valid values are referenced here: U(https://www.vmware.com/support/developer/converter-sdk/conv55_apireference/vim.vm.GuestOsDescriptor.GuestOsIdentifier.html)\n
password: ${17:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
uuid: ${18:undefined} # not required. UUID of the instance to manage if known, this is VMware's unique identifier.,This is required if name is not supplied.,Please note that a supplied UUID will be ignored on VM creation, as VMware creates the UUID internally.
customvalues: ${19:undefined} # not required. Define a list of custom values to set on virtual machine.,A custom value object takes two fields C(key) and C(value).,Incorrect key and values will be ignored.
hostname: ${20:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
is_template: ${21:no} # not required. Flag the instance as a template.,This will mark VM instance as template.
annotation: ${22:undefined} # not required. A note or annotation to include in the virtual machine.
port: ${23:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
state: ${24|present,absent,poweredon,poweredoff,restarted,suspended,shutdownguest,rebootguest|} # not required. choices: present;absent;poweredon;poweredoff;restarted;suspended;shutdownguest;rebootguest. Specify state of the virtual machine be in.,If C(state) is set to C(present) and VM exists, ensure the VM configuration conforms to task arguments.
template: ${25:undefined} # not required. Template or existing VM used to create VM.,If this value is not set, VM is created without using a template.,If the VM exists already this setting will be ignored.,This parameter is case sensitive.
linked_clone: ${26:no} # not required. Whether to create a Linked Clone from the snapshot specified.
folder: ${27:undefined} # not required. Destination folder, absolute path to find an existing guest or create the new guest.,The folder should include the datacenter. ESX's datacenter is ha-datacenter.,This parameter is case sensitive.,Examples:, folder: /ha-datacenter/vm, folder: ha-datacenter/vm, folder: /datacenter1/vm, folder: datacenter1/vm, folder: /datacenter1/vm/folder1, folder: datacenter1/vm/folder1, folder: /folder1/datacenter1/vm, folder: folder1/datacenter1/vm, folder: /folder1/datacenter1/vm/folder2
validate_certs: ${28:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_guest_facts':
'prefix': "vmware_guest_facts_snippet"
'description': "Gather facts about a single VM"
'body': """
vmware_guest_facts:
datacenter: ${1:undefined} # required. Destination datacenter for the deploy operation
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
uuid: ${3:undefined} # not required. UUID of the instance to manage if known, this is VMware's unique identifier.,This is required if name is not supplied.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
name_match: ${5|first,last|} # not required. choices: first;last. If multiple VMs matching the name, use the first or last found
folder: ${6:/vm} # not required. Destination folder, absolute or relative path to find an existing guest.,This is required if name is supplied.,The folder should include the datacenter. ESX's datacenter is ha-datacenter,Examples:, folder: /ha-datacenter/vm, folder: ha-datacenter/vm, folder: /datacenter1/vm, folder: datacenter1/vm, folder: /datacenter1/vm/folder1, folder: datacenter1/vm/folder1, folder: /folder1/datacenter1/vm, folder: folder1/datacenter1/vm, folder: /folder1/datacenter1/vm/folder2, folder: vm/folder2, folder: folder2
password: ${7:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${8:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
name: ${10:undefined} # not required. Name of the VM to work with,This is required if UUID is not supplied.
"""
'vmware_guest_file_operation':
'prefix': "vmware_guest_file_operation_snippet"
'description': "Files operation in a VMware guest operating system without network"
'body': """
vmware_guest_file_operation:
vm_password: ${1:undefined} # required. The password used to login-in to the virtual machine.
vm_username: ${2:undefined} # required. The user to login in to the virtual machine.
vm_id: ${3:undefined} # required. Name of the virtual machine to work with.
username: ${4:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
datacenter: ${5:undefined} # not required. The datacenter hosting the virtual machine.,If set, it will help to speed up virtual machine search.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${8:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
cluster: ${10:undefined} # not required. The cluster hosting the virtual machine.,If set, it will help to speed up virtual machine search.
vm_id_type: ${11|uuid,dns_name,inventory_path,vm_name|} # not required. choices: uuid;dns_name;inventory_path;vm_name. The VMware identification method by which the virtual machine will be identified.
directory: ${12:undefined} # not required. Create or delete directory.,Valid attributes are:, path: directory path to create or remove, operation: Valid values are create, delete, recurse (boolean): Not required, default (false)
folder: ${13:undefined} # not required. Destination folder, absolute path to find an existing guest or create the new guest.,The folder should include the datacenter. ESX's datacenter is ha-datacenter,Used only if C(vm_id_type) is C(inventory_path).,Examples:, folder: /ha-datacenter/vm, folder: ha-datacenter/vm, folder: /datacenter1/vm, folder: datacenter1/vm, folder: /datacenter1/vm/folder1, folder: datacenter1/vm/folder1, folder: /folder1/datacenter1/vm, folder: folder1/datacenter1/vm, folder: /folder1/datacenter1/vm/folder2, folder: vm/folder2, folder: folder2
copy: ${14:undefined} # not required. Copy file to vm without requiring network.,Valid attributes are:, src: file source absolute or relative, dest: file destination, path must be exist, overwrite: False or True (not required, default False)
fetch: ${15:undefined} # not required. Get file from virtual machine without requiring network.,Valid attributes are:, src: The file on the remote system to fetch. This I(must) be a file, not a directory, dest: file destination on localhost, path must be exist
"""
'vmware_guest_find':
'prefix': "vmware_guest_find_snippet"
'description': "Find the folder path(s) for a virtual machine by name or UUID"
'body': """
vmware_guest_find:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
datacenter: ${2:undefined} # not required. Destination datacenter for the find operation.,Deprecated in 2.5, will be removed in 2.9 release.
name: ${3:undefined} # not required. Name of the VM to work with.,This is required if C(uuid) parameter is not supplied.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
uuid: ${8:undefined} # not required. UUID of the instance to manage if known, this is VMware's BIOS UUID.,This is required if C(name) parameter is not supplied.
"""
'vmware_guest_powerstate':
'prefix': "vmware_guest_powerstate_snippet"
'description': "Manages power states of virtual machines in vCenter"
'body': """
vmware_guest_powerstate:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
force: ${2:false} # not required. Ignore warnings and complete the actions.,This parameter is useful while forcing virtual machine state.
name_match: ${3|first,last|} # not required. choices: first;last. If multiple virtual machines matching the name, use the first or last found.
password: ${4:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
port: ${5:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
name: ${6:undefined} # not required. Name of the virtual machine to work with.,Virtual machine names in vCenter are not necessarily unique, which may be problematic, see C(name_match).
uuid: ${7:undefined} # not required. UUID of the instance to manage if known, this is VMware's unique identifier.,This is required if name is not supplied.
hostname: ${8:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
state: ${9|powered-off,powered-on,reboot-guest,restarted,shutdown-guest,suspended,present|} # not required. choices: powered-off;powered-on;reboot-guest;restarted;shutdown-guest;suspended;present. Set the state of the virtual machine.
folder: ${10:/vm} # not required. Destination folder, absolute or relative path to find an existing guest or create the new guest.,The folder should include the datacenter. ESX's datacenter is ha-datacenter,Examples:, folder: /ha-datacenter/vm, folder: ha-datacenter/vm, folder: /datacenter1/vm, folder: datacenter1/vm, folder: /datacenter1/vm/folder1, folder: datacenter1/vm/folder1, folder: /folder1/datacenter1/vm, folder: folder1/datacenter1/vm, folder: /folder1/datacenter1/vm/folder2, folder: vm/folder2, folder: folder2
validate_certs: ${11:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
scheduled_at: ${12:undefined} # not required. Date and time in string format at which specificed task needs to be performed.,The required format for date and time - 'dd/mm/yyyy hh:mm'.,Scheduling task requires vCenter server. A standalone ESXi server does not support this option.
"""
'vmware_guest_snapshot':
'prefix': "vmware_guest_snapshot_snippet"
'description': "Manages virtual machines snapshots in vCenter"
'body': """
vmware_guest_snapshot:
datacenter: ${1:undefined} # required. Destination datacenter for the deploy operation
state: ${2|present,absent,revert,remove_all|} # required. choices: present;absent;revert;remove_all. Manage snapshots attached to a specific virtual machine.
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
new_snapshot_name: ${4:undefined} # not required. Value to rename the existing snapshot to
uuid: ${5:undefined} # not required. UUID of the instance to manage if known, this is VMware's unique identifier.,This is required if name is not supplied.
quiesce: ${6:false} # not required. If set to C(true) and virtual machine is powered on, it will quiesce the file system in virtual machine.,Note that VMWare Tools are required for this flag.,If virtual machine is powered off or VMware Tools are not available, then this flag is set to C(false).,If virtual machine does not provide capability to take quiesce snapshot, then this flag is set to C(false).
hostname: ${7:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
memory_dump: ${8:false} # not required. If set to C(true), memory dump of virtual machine is also included in snapshot.,Note that memory snapshots take time and resources, this will take longer time to create.,If virtual machine does not provide capability to take memory snapshot, then this flag is set to C(false).
name: ${9:undefined} # not required. Name of the VM to work with,This is required if uuid is not supplied.
new_description: ${10:undefined} # not required. Value to change the description of an existing snapshot to
snapshot_name: ${11:undefined} # not required. Sets the snapshot name to manage.,This param is required only if state is not C(remove_all)
name_match: ${12|first,last|} # not required. choices: first;last. If multiple VMs matching the name, use the first or last found
remove_children: ${13:false} # not required. If set to C(true) and state is set to C(absent), then entire snapshot subtree is set for removal.
folder: ${14:undefined} # not required. Destination folder, absolute or relative path to find an existing guest.,This is required if name is supplied.,The folder should include the datacenter. ESX's datacenter is ha-datacenter,Examples:, folder: /ha-datacenter/vm, folder: ha-datacenter/vm, folder: /datacenter1/vm, folder: datacenter1/vm, folder: /datacenter1/vm/folder1, folder: datacenter1/vm/folder1, folder: /folder1/datacenter1/vm, folder: folder1/datacenter1/vm, folder: /folder1/datacenter1/vm/folder2, folder: vm/folder2, folder: folder2
password: ${15:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${16:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${17:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
description: ${18:} # not required. Define an arbitrary description to attach to snapshot.
"""
'vmware_guest_tools_wait':
'prefix': "vmware_guest_tools_wait_snippet"
'description': "Wait for VMware tools to become available"
'body': """
vmware_guest_tools_wait:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
uuid: ${2:undefined} # not required. UUID of the VM for which to wait until the tools become available, if known. This is VMware's unique identifier.,This is required if C(name) is not supplied.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
name_match: ${4|first,last|} # not required. choices: first;last. If multiple VMs match the name, use the first or last found.
folder: ${5:/vm} # not required. Destination folder, absolute or relative path to find an existing guest.,This is required if C(name) is supplied.,The folder should include the datacenter. ESX's datacenter is C(ha-datacenter).,Examples:, folder: /ha-datacenter/vm, folder: ha-datacenter/vm, folder: /datacenter1/vm, folder: datacenter1/vm, folder: /datacenter1/vm/folder1, folder: datacenter1/vm/folder1, folder: /folder1/datacenter1/vm, folder: folder1/datacenter1/vm, folder: /folder1/datacenter1/vm/folder2
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
name: ${9:undefined} # not required. Name of the VM for which to wait until the tools become available.,This is required if uuid is not supplied.
"""
'vmware_host':
'prefix': "vmware_host_snippet"
'description': "Add / Remove ESXi host to / from vCenter"
'body': """
vmware_host:
datacenter_name: ${1:undefined} # required. Name of the datacenter to add the host.
cluster_name: ${2:undefined} # required. Name of the cluster to add the host.,Required parameter from version 2.5.
esxi_hostname: ${3:undefined} # required. ESXi hostname to manage.
username: ${4:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
esxi_password: ${5:undefined} # not required. ESXi password.,Required for adding a host.,Optional for reconnect.,Unused for removing.,No longer required parameter from version 2.5.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${8:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
esxi_username: ${9:undefined} # not required. ESXi username.,Required for adding a host.,Optional for reconnect.,Unused for removing.,No longer required parameter from version 2.5.
esxi_ssl_thumbprint: ${10:} # not required. Specifying the hostsystem's certificate's thumbprint.,Use following command to get hostsystem's certificate's thumbprint - ,# openssl x509 -in /etc/vmware/ssl/rui.crt -fingerprint -sha1 -noout
state: ${11|present,absent,add_or_reconnect,reconnect|} # not required. choices: present;absent;add_or_reconnect;reconnect. present: add the host if it's absent else do nothing.,absent: remove the host if it's present else do nothing.,add_or_reconnect: add the host if it's absent else reconnect it.,reconnect: reconnect the host if it's present else fail.
validate_certs: ${12:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_acceptance':
'prefix': "vmware_host_acceptance_snippet"
'description': "Manage acceptance level of ESXi host"
'body': """
vmware_host_acceptance:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster.,Acceptance level of all ESXi host system in the given cluster will be managed.,If C(esxi_hostname) is not given, this parameter is required.
state: ${4|list,present|} # not required. choices: list;present. Set or list acceptance level of the given ESXi host.,If set to C(list), then will return current acceptance level of given host system/s.,If set to C(present), then will set given acceptance level.
esxi_hostname: ${5:undefined} # not required. ESXi hostname.,Acceptance level of this ESXi host system will be managed.,If C(cluster_name) is not given, this parameter is required.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
acceptance_level: ${9|community,partner,vmware_accepted,vmware_certified|} # not required. choices: community;partner;vmware_accepted;vmware_certified. Name of acceptance level.,If set to C(partner), then accept only partner and VMware signed and certified VIBs.,If set to C(vmware_certified), then accept only VIBs that are signed and certified by VMware.,If set to C(vmware_accepted), then accept VIBs that have been accepted by VMware.,If set to C(community), then accept all VIBs, even those that are not signed.
"""
'vmware_host_config_facts':
'prefix': "vmware_host_config_facts_snippet"
'description': "Gathers facts about an ESXi host's advance configuration information"
'body': """
vmware_host_config_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster from which the ESXi host belong to.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${4:undefined} # not required. ESXi hostname to gather facts from.,If C(cluster_name) is not given, this parameter is required.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_config_manager':
'prefix': "vmware_host_config_manager_snippet"
'description': "Manage advance configurations about an ESXi host"
'body': """
vmware_host_config_manager:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${3:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${4:undefined} # not required. Name of the cluster.,Settings are applied to every ESXi host system in given cluster.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${5:undefined} # not required. ESXi hostname.,Settings are applied to this ESXi host system.,If C(cluster_name) is not given, this parameter is required.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
options: ${8:[object Object]} # not required. A dictionary of advance configuration parameter.,Invalid configuration parameters are ignored.
"""
'vmware_host_datastore':
'prefix': "vmware_host_datastore_snippet"
'description': "Manage a datastore on ESXi host"
'body': """
vmware_host_datastore:
datacenter_name: ${1:undefined} # required. Name of the datacenter to add the datastore.
esxi_hostname: ${2:undefined} # required. ESXi hostname to manage the datastore.
datastore_type: ${3|nfs,vmfs|} # required. choices: nfs;vmfs. Type of the datastore to configure (nfs/vmfs).
datastore_name: ${4:undefined} # required. Name of the datastore to add/remove.
username: ${5:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
vmfs_version: ${7:undefined} # not required. VMFS version to use for datastore creation.,Unused if datastore type is not set to C(vmfs) and state is not set to C(present).
nfs_path: ${8:undefined} # not required. Resource path on NFS host.,Required if datastore type is set to C(nfs) and state is set to C(present), else unused.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
nfs_ro: ${10:false} # not required. ReadOnly or ReadWrite mount.,Unused if datastore type is not set to C(nfs) and state is not set to C(present).
state: ${11|present,absent|} # not required. choices: present;absent. present: Mount datastore on host if datastore is absent else do nothing.,absent: Umount datastore if datastore is present else do nothing.
hostname: ${12:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
nfs_server: ${13:undefined} # not required. NFS host serving nfs datastore.,Required if datastore type is set to C(nfs) and state is set to C(present), else unused.
vmfs_device_name: ${14:undefined} # not required. Name of the device to be used as VMFS datastore.,Required for VMFS datastore type and state is set to C(present), else unused.
validate_certs: ${15:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_dns_facts':
'prefix': "vmware_host_dns_facts_snippet"
'description': "Gathers facts about an ESXi host's DNS configuration information"
'body': """
vmware_host_dns_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster from which the ESXi host belong to.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${4:undefined} # not required. ESXi hostname to gather facts from.,If C(cluster_name) is not given, this parameter is required.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_facts':
'prefix': "vmware_host_facts_snippet"
'description': "Gathers facts about remote vmware host"
'body': """
vmware_host_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
password: ${2:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${3:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${5:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_firewall_facts':
'prefix': "vmware_host_firewall_facts_snippet"
'description': "Gathers facts about an ESXi host's firewall configuration information"
'body': """
vmware_host_firewall_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster from which the ESXi host belong to.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${4:undefined} # not required. ESXi hostname to gather facts from.,If C(cluster_name) is not given, this parameter is required.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_firewall_manager':
'prefix': "vmware_host_firewall_manager_snippet"
'description': "Manage firewall configurations about an ESXi host"
'body': """
vmware_host_firewall_manager:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
rules: ${2:} # not required. A list of Rule set which needs to be managed.,Each member of list is rule set name and state to be set the rule.,Both rule name and rule state are required parameters.,Please see examples for more information.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${4:undefined} # not required. Name of the cluster.,Firewall settings are applied to every ESXi host system in given cluster.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${5:undefined} # not required. ESXi hostname.,Firewall settings are applied to this ESXi host system.,If C(cluster_name) is not given, this parameter is required.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_lockdown':
'prefix': "vmware_host_lockdown_snippet"
'description': "Manage administrator permission for the local administrative account for the ESXi host"
'body': """
vmware_host_lockdown:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of cluster.,All host systems from given cluster used to manage lockdown.,Required parameter, if C(esxi_hostname) is not set.
state: ${4|present,absent|} # not required. choices: present;absent. State of hosts system,If set to C(present), all host systems will be set in lockdown mode.,If host system is already in lockdown mode and set to C(present), no action will be taken.,If set to C(absent), all host systems will be removed from lockdown mode.,If host system is already out of lockdown mode and set to C(absent), no action will be taken.
esxi_hostname: ${5:undefined} # not required. List of ESXi hostname to manage lockdown.,Required parameter, if C(cluster_name) is not set.,See examples for specifications.
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${7:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_ntp':
'prefix': "vmware_host_ntp_snippet"
'description': "Manage NTP configurations about an ESXi host"
'body': """
vmware_host_ntp:
ntp_servers: ${1:undefined} # required. IP or FQDN of NTP server/s.,This accepts a list of NTP servers. For multiple servers, please look at the examples.
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${4:undefined} # not required. Name of the cluster.,NTP settings are applied to every ESXi host system in the given cluster.,If C(esxi_hostname) is not given, this parameter is required.
state: ${5|present,absent|} # not required. choices: present;absent. present: Add NTP server/s, if it specified server/s are absent else do nothing.,absent: Remove NTP server/s, if specified server/s are present else do nothing.
esxi_hostname: ${6:undefined} # not required. ESXi hostname.,NTP settings are applied to this ESXi host system.,If C(cluster_name) is not given, this parameter is required.
password: ${7:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${8:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_package_facts':
'prefix': "vmware_host_package_facts_snippet"
'description': "Gathers facts about available packages on an ESXi host"
'body': """
vmware_host_package_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster.,Package facts about each ESXi server will be returned for given cluster.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${4:undefined} # not required. ESXi hostname.,Package facts about this ESXi server will be returned.,If C(cluster_name) is not given, this parameter is required.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_service_facts':
'prefix': "vmware_host_service_facts_snippet"
'description': "Gathers facts about an ESXi host's services"
'body': """
vmware_host_service_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster.,Service facts about each ESXi server will be returned for given cluster.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${4:undefined} # not required. ESXi hostname.,Service facts about this ESXi server will be returned.,If C(cluster_name) is not given, this parameter is required.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_service_manager':
'prefix': "vmware_host_service_manager_snippet"
'description': "Manage services on a given ESXi host"
'body': """
vmware_host_service_manager:
service_name: ${1:undefined} # required. Name of Service to be managed. This is brief identifier for the service, for example, ntpd, vxsyslogd etc.,This value should be a valid ESXi service name.
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
service_policy: ${3|automatic,off,on|} # not required. choices: automatic;off;on. Set of valid service policy strings.,If set C(on), then service should be started when the host starts up.,If set C(automatic), then service should run if and only if it has open firewall ports.,If set C(off), then Service should not be started when the host starts up.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${5:undefined} # not required. Name of the cluster.,Service settings are applied to every ESXi host system/s in given cluster.,If C(esxi_hostname) is not given, this parameter is required.
state: ${6|absent,present,restart,start,stop|} # not required. choices: absent;present;restart;start;stop. Desired state of service.,State value 'start' and 'present' has same effect.,State value 'stop' and 'absent' has same effect.
esxi_hostname: ${7:undefined} # not required. ESXi hostname.,Service settings are applied to this ESXi host system.,If C(cluster_name) is not given, this parameter is required.
password: ${8:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${9:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${10:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_host_vmnic_facts':
'prefix': "vmware_host_vmnic_facts_snippet"
'description': "Gathers facts about vmnics available on the given ESXi host"
'body': """
vmware_host_vmnic_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster.,Vmnic facts about each ESXi server will be returned for the given cluster.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${4:undefined} # not required. ESXi hostname.,Vmnic facts about this ESXi server will be returned.,If C(cluster_name) is not given, this parameter is required.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_local_role_manager':
'prefix': "vmware_local_role_manager_snippet"
'description': "Manage local roles on an ESXi host"
'body': """
vmware_local_role_manager:
local_role_name: ${1:undefined} # required. The local role name to be managed.
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${4:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
force_remove: ${5:false} # not required. If set to C(False) then prevents the role from being removed if any permissions are using it.
state: ${6|present,absent|} # not required. choices: present;absent. Indicate desired state of the role.,If the role already exists when C(state=present), the role info is updated.
password: ${7:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${8:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
local_privilege_ids: ${9:} # not required. The list of privileges that role needs to have.,Please see U(https://docs.vmware.com/en/VMware-vSphere/6.0/com.vmware.vsphere.security.doc/GUID-ED56F3C4-77D0-49E3-88B6-B99B8B437B62.html)
"""
'vmware_local_user_manager':
'prefix': "vmware_local_user_manager_snippet"
'description': "Manage local users on an ESXi host"
'body': """
vmware_local_user_manager:
local_user_name: ${1:undefined} # required. The local user name to be changed.
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
local_user_description: ${3:undefined} # not required. Description for the user.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
local_user_password: ${5:undefined} # not required. The password to be set.
state: ${6|present,absent|} # not required. choices: present;absent. Indicate desired state of the user. If the user already exists when C(state=present), the user info is updated
password: ${7:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${8:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_maintenancemode':
'prefix': "vmware_maintenancemode_snippet"
'description': "Place a host into maintenance mode"
'body': """
vmware_maintenancemode:
esxi_hostname: ${1:undefined} # required. Name of the host as defined in vCenter.
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
timeout: ${3:0} # not required. Specify a timeout for the operation.
validate_certs: ${4:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${5:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
evacuate: ${6:false} # not required. If set to C(True), evacuate all powered off VMs.
state: ${7|present,absent|} # not required. choices: present;absent. Enter or exit maintenance mode.
password: ${8:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
vsan: ${9|ensureObjectAccessibility,evacuateAllData,noAction|} # not required. choices: ensureObjectAccessibility;evacuateAllData;noAction. Specify which VSAN compliant mode to enter.
port: ${10:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_migrate_vmk':
'prefix': "vmware_migrate_vmk_snippet"
'description': "Migrate a VMK interface from VSS to VDS"
'body': """
vmware_migrate_vmk:
current_switch_name: ${1:undefined} # required. Switch VMK interface is currently on
device: ${2:undefined} # required. VMK interface name
migrate_switch_name: ${3:undefined} # required. Switch name to migrate VMK interface to
migrate_portgroup_name: ${4:undefined} # required. Portgroup name to migrate VMK interface to
current_portgroup_name: ${5:undefined} # required. Portgroup name VMK interface is currently on
esxi_hostname: ${6:undefined} # required. ESXi hostname to be managed
username: ${7:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
password: ${8:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
port: ${9:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${10:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${11:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_portgroup':
'prefix': "vmware_portgroup_snippet"
'description': "Create a VMware portgroup"
'body': """
vmware_portgroup:
switch_name: ${1:undefined} # required. vSwitch to modify.
vlan_id: ${2:undefined} # required. VLAN ID to assign to portgroup.
portgroup_name: ${3:undefined} # required. Portgroup name to add.
username: ${4:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
network_policy: ${5:[object Object]} # not required. Network policy specifies layer 2 security settings for a portgroup such as promiscuous mode, where guest adapter listens to all the packets, MAC address changes and forged transmits.,Dict which configures the different security values for portgroup.,Valid attributes are:,- C(promiscuous_mode) (bool): indicates whether promiscuous mode is allowed. (default: false),- C(forged_transmits) (bool): indicates whether forged transmits are allowed. (default: false),- C(mac_changes) (bool): indicates whether mac changes are allowed. (default: false)
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${7:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${9:undefined} # not required. Name of cluster name for host membership.,Portgroup will be created on all hosts of the given cluster.,This option is required if C(hosts) is not specified.
state: ${10|present,absent|} # not required. choices: present;absent. Determines if the portgroup should be present or not.
hosts: ${11:undefined} # not required. List of name of host or hosts on which portgroup needs to be added.,This option is required if C(cluster_name) is not specified.
validate_certs: ${12:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_resource_pool':
'prefix': "vmware_resource_pool_snippet"
'description': "Add/remove resource pools to/from vCenter"
'body': """
vmware_resource_pool:
resource_pool: ${1:undefined} # required. Resource pool name to manage.
datacenter: ${2:undefined} # required. Name of the datacenter to add the host.
cluster: ${3:undefined} # required. Name of the cluster to add the host.
cpu_reservation: ${4:0} # not required. Amount of resource that is guaranteed available to the virtual machine or resource pool.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
mem_expandable_reservations: ${6:true} # not required. In a resource pool with an expandable reservation, the reservation on a resource pool can grow beyond the specified value.
hostname: ${7:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cpu_expandable_reservations: ${8:true} # not required. In a resource pool with an expandable reservation, the reservation on a resource pool can grow beyond the specified value.
username: ${9:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
state: ${10|present,absent|} # not required. choices: present;absent. Add or remove the resource pool
cpu_limit: ${11:-1} # not required. The utilization of a virtual machine/resource pool will not exceed this limit, even if there are available resources.,The default value -1 indicates no limit.
mem_shares: ${12|high,custom,low,normal|} # not required. choices: high;custom;low;normal. Memory shares are used in case of resource contention.
mem_limit: ${13:-1} # not required. The utilization of a virtual machine/resource pool will not exceed this limit, even if there are available resources.,The default value -1 indicates no limit.
mem_reservation: ${14:0} # not required. Amount of resource that is guaranteed available to the virtual machine or resource pool.
validate_certs: ${15:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${16:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
cpu_shares: ${17|high,custom,low,normal|} # not required. choices: high;custom;low;normal. Memory shares are used in case of resource contention.
"""
'vmware_target_canonical_facts':
'prefix': "vmware_target_canonical_facts_snippet"
'description': "Return canonical (NAA) from an ESXi host"
'body': """
vmware_target_canonical_facts:
target_id: ${1:undefined} # required. The target id based on order of scsi device
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
password: ${4:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${5:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${6:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vm_facts':
'prefix': "vmware_vm_facts_snippet"
'description': "Return basic facts pertaining to a vSphere virtual machine guest"
'body': """
vmware_vm_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
vm_type: ${2|all,vm,template|} # not required. choices: all;vm;template. If set to C(vm), then facts are gathered for virtual machines only.,If set to C(template), then facts are gathered for virtual machine templates only.,If set to C(all), then facts are gathered for all virtual machines and virtual machine templates.
hostname: ${3:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
password: ${4:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${5:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${6:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vm_shell':
'prefix': "vmware_vm_shell_snippet"
'description': "Run commands in a VMware guest operating system"
'body': """
vmware_vm_shell:
vm_password: ${1:undefined} # required. The password used to login-in to the virtual machine.
vm_shell: ${2:undefined} # required. The absolute path to the program to start.,On Linux, shell is executed via bash.
vm_username: ${3:undefined} # required. The user to login-in to the virtual machine.
vm_id: ${4:undefined} # required. Name of the virtual machine to work with.
username: ${5:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
datacenter: ${6:undefined} # not required. The datacenter hosting the virtual machine.,If set, it will help to speed up virtual machine search.
vm_shell_cwd: ${7:undefined} # not required. The current working directory of the application from which it will be run.
vm_shell_args: ${8: } # not required. The argument to the program.
hostname: ${9:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
vm_shell_env: ${10:undefined} # not required. Comma separated list of environment variable, specified in the guest OS notation.
cluster: ${11:undefined} # not required. The cluster hosting the virtual machine.,If set, it will help to speed up virtual machine search.
vm_id_type: ${12|uuid,dns_name,inventory_path,vm_name|} # not required. choices: uuid;dns_name;inventory_path;vm_name. The VMware identification method by which the virtual machine will be identified.
validate_certs: ${13:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
folder: ${14:/vm} # not required. Destination folder, absolute or relative path to find an existing guest or create the new guest.,The folder should include the datacenter. ESX's datacenter is ha-datacenter,Examples:, folder: /ha-datacenter/vm, folder: ha-datacenter/vm, folder: /datacenter1/vm, folder: datacenter1/vm, folder: /datacenter1/vm/folder1, folder: datacenter1/vm/folder1, folder: /folder1/datacenter1/vm, folder: folder1/datacenter1/vm, folder: /folder1/datacenter1/vm/folder2, folder: vm/folder2, folder: folder2
password: ${15:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
port: ${16:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vm_vm_drs_rule':
'prefix': "vmware_vm_vm_drs_rule_snippet"
'description': "Configure VMware DRS Affinity rule for virtual machine in given cluster"
'body': """
vmware_vm_vm_drs_rule:
drs_rule_name: ${1:undefined} # required. The name of the DRS rule to manage.
cluster_name: ${2:undefined} # required. Desired cluster name where virtual machines are present for the DRS rule.
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
mandatory: ${4:false} # not required. If set to C(True), the DRS rule will be mandatory.,Effective only if C(state) is set to C(present).
affinity_rule: ${5:true} # not required. If set to C(True), the DRS rule will be an Affinity rule.,If set to C(False), the DRS rule will be an Anti-Affinity rule.,Effective only if C(state) is set to C(present).
password: ${6:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
vms: ${7:undefined} # not required. List of virtual machines name for which DRS rule needs to be applied.,Required if C(state) is set to C(present).
hostname: ${8:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
enabled: ${9:false} # not required. If set to C(True), the DRS rule will be enabled.,Effective only if C(state) is set to C(present).
port: ${10:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
state: ${11|present,absent|} # not required. choices: present;absent. If set to C(present), then the DRS rule is created if not present.,If set to C(present), then the DRS rule is deleted and created if present already.,If set to C(absent), then the DRS rule is deleted if present.
validate_certs: ${12:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vm_vss_dvs_migrate':
'prefix': "vmware_vm_vss_dvs_migrate_snippet"
'description': "Migrates a virtual machine from a standard vswitch to distributed"
'body': """
vmware_vm_vss_dvs_migrate:
vm_name: ${1:undefined} # required. Name of the virtual machine to migrate to a dvSwitch
dvportgroup_name: ${2:undefined} # required. Name of the portgroup to migrate to the virtual machine to
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vmkernel':
'prefix': "vmware_vmkernel_snippet"
'description': "Manage a VMware VMkernel Interface aka. Virtual NICs of host system."
'body': """
vmware_vmkernel:
portgroup_name: ${1:undefined} # required. The name of the port group for the VMKernel interface.
esxi_hostname: ${2:undefined} # required. Name of ESXi host to which VMKernel is to be managed.,From version 2.5 onwards, this parameter is required.
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
enable_vsan: ${4:undefined} # not required. Enable the VMKernel interface for VSAN traffic.
network: ${5:undefined} # not required. A dictionary of network details.,Following parameter is required:, - C(type) (string): Type of IP assignment (either C(dhcp) or C(static)).,Following parameters are required in case of C(type) is set to C(static), - C(ip_address) (string): Static IP address (implies C(type: static))., - C(netmask) (string): Static netmask required for C(ip).
enable_vmotion: ${6:undefined} # not required. Enable the VMKernel interface for vMotion traffic.
subnet_mask: ${7:undefined} # not required. The Subnet Mask for the VMKernel interface.,Use C(network) parameter with C(subnet_mask) instead.,Deprecated option, will be removed in version 2.9.
vswitch_name: ${8:undefined} # not required. The name of the vSwitch where to add the VMKernel interface.,Required parameter only if C(state) is set to C(present).,Optional parameter from version 2.5 and onwards.
validate_certs: ${9:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${10:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
mtu: ${11:1500} # not required. The MTU for the VMKernel interface.,The default value of 1500 is valid from version 2.5 and onwards.
enable_mgmt: ${12:undefined} # not required. Enable the VMKernel interface for Management traffic.
state: ${13|present,absent|} # not required. choices: present;absent. If set to C(present), VMKernel is created with the given specifications.,If set to C(absent), VMKernel is removed from the given configurations.,If set to C(present) and VMKernel exists then VMKernel configurations are updated.
password: ${14:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
ip_address: ${15:undefined} # not required. The IP Address for the VMKernel interface.,Use C(network) parameter with C(ip_address) instead.,Deprecated option, will be removed in version 2.9.
port: ${16:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
vlan_id: ${17:undefined} # not required. The VLAN ID for the VMKernel interface.,Required parameter only if C(state) is set to C(present).,Optional parameter from version 2.5 and onwards.
enable_ft: ${18:undefined} # not required. Enable the VMKernel interface for Fault Tolerance traffic.
"""
'vmware_vmkernel_facts':
'prefix': "vmware_vmkernel_facts_snippet"
'description': "Gathers VMKernel facts about an ESXi host"
'body': """
vmware_vmkernel_facts:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_name: ${3:undefined} # not required. Name of the cluster.,VMKernel facts about each ESXi server will be returned for the given cluster.,If C(esxi_hostname) is not given, this parameter is required.
esxi_hostname: ${4:undefined} # not required. ESXi hostname.,VMKernel facts about this ESXi server will be returned.,If C(cluster_name) is not given, this parameter is required.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vmkernel_ip_config':
'prefix': "vmware_vmkernel_ip_config_snippet"
'description': "Configure the VMkernel IP Address"
'body': """
vmware_vmkernel_ip_config:
vmk_name: ${1:undefined} # required. VMkernel interface name
subnet_mask: ${2:undefined} # required. Subnet Mask to assign to VMkernel interface
ip_address: ${3:undefined} # required. IP address to assign to VMkernel interface
username: ${4:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${5:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${6:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
password: ${7:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
port: ${8:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vmotion':
'prefix': "vmware_vmotion_snippet"
'description': "Move a virtual machine using vMotion"
'body': """
vmware_vmotion:
vm_name: ${1:undefined} # required. Name of the VM to perform a vMotion on
destination_host: ${2:undefined} # required. Name of the end host the VM should be running on
username: ${3:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${4:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
password: ${5:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${6:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${7:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vsan_cluster':
'prefix': "vmware_vsan_cluster_snippet"
'description': "Configure VSAN clustering on an ESXi host"
'body': """
vmware_vsan_cluster:
username: ${1:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
hostname: ${2:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
cluster_uuid: ${3:undefined} # not required. Desired cluster UUID
password: ${4:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
validate_certs: ${5:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
port: ${6:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
"""
'vmware_vswitch':
'prefix': "vmware_vswitch_snippet"
'description': "Add or remove a VMware Standard Switch to an ESXi host"
'body': """
vmware_vswitch:
switch: ${1:undefined} # required. vSwitch name to add.,Alias C(switch) is added in version 2.4.
username: ${2:undefined} # not required. The username of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead.,Environment variable supported added in version 2.6.
password: ${3:undefined} # not required. The password of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead.,Environment variable supported added in version 2.6.
port: ${4:443} # not required. The port number of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead.,Environment variable supported added in version 2.6.
number_of_ports: ${5:128} # not required. Number of port to configure on vSwitch.
nics: ${6:undefined} # not required. A list of vmnic names or vmnic name to attach to vSwitch.,Alias C(nics) is added in version 2.4.
hostname: ${7:undefined} # not required. The hostname or IP address of the vSphere vCenter or ESXi server.,If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead.,Environment variable supported added in version 2.6.
mtu: ${8:1500} # not required. MTU to configure on vSwitch.
state: ${9|absent,present|} # not required. choices: absent;present. Add or remove the switch.
esxi_hostname: ${10:undefined} # not required. Manage the vSwitch using this ESXi host system
validate_certs: ${11:True} # not required. Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted.,If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead.,Environment variable supported added in version 2.6.
"""
'vr_account_facts':
'prefix': "vr_account_facts_snippet"
'description': "Gather facts about the Vultr account."
'body': """
vr_account_facts:
api_endpoint: ${1:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
api_key: ${2:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
api_retries: ${3:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
api_account: ${4:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
api_timeout: ${5:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
validate_certs: ${6:true} # not required. Validate SSL certs of the Vultr API.
"""
'vr_dns_domain':
'prefix': "vr_dns_domain_snippet"
'description': "Manages DNS domains on Vultr."
'body': """
vr_dns_domain:
name: ${1:undefined} # required. The domain name.
api_retries: ${2:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
api_timeout: ${3:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
api_endpoint: ${4:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
state: ${5|present,absent|} # not required. choices: present;absent. State of the DNS domain.
server_ip: ${6:undefined} # not required. The default server IP.,Use M(vr_dns_record) to change it once the domain is created.,Required if C(state=present).
api_account: ${7:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
api_key: ${8:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
validate_certs: ${9:true} # not required. Validate SSL certs of the Vultr API.
"""
'vr_dns_record':
'prefix': "vr_dns_record_snippet"
'description': "Manages DNS records on Vultr."
'body': """
vr_dns_record:
domain: ${1:undefined} # required. The domain the record is related to.
api_endpoint: ${2:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
api_timeout: ${3:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
multiple: ${4:false} # not required. Whether to use more than one record with similar C(name) including no name and C(record_type).,Only allowed for a few record types, e.g. C(record_type=A), C(record_type=NS) or C(record_type=MX).,C(data) will not be updated, instead it is used as a key to find existing records.
name: ${5:} # not required. The record name (subrecord).
validate_certs: ${6:true} # not required. Validate SSL certs of the Vultr API.
api_account: ${7:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
priority: ${8:0} # not required. Priority of the record.
record_type: ${9|A,AAAA,CNAME,MX,SRV,ALIAS,SPF,TXT,NS|} # not required. choices: A;AAAA;CNAME;MX;SRV;ALIAS;SPF;TXT;NS. Type of the record.
state: ${10|present,absent|} # not required. choices: present;absent. State of the DNS record.
ttl: ${11:300} # not required. TTL of the record.
api_retries: ${12:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
api_key: ${13:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
data: ${14:undefined} # not required. Data of the record.,Required if C(state=present) or C(multiple=yes).
"""
'vr_firewall_group':
'prefix': "vr_firewall_group_snippet"
'description': "Manages firewall groups on Vultr."
'body': """
vr_firewall_group:
name: ${1:undefined} # required. Name of the firewall group.
api_retries: ${2:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
api_timeout: ${3:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
api_endpoint: ${4:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
state: ${5|present,absent|} # not required. choices: present;absent. State of the firewall group.
api_account: ${6:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
api_key: ${7:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
validate_certs: ${8:true} # not required. Validate SSL certs of the Vultr API.
"""
'vr_firewall_rule':
'prefix': "vr_firewall_rule_snippet"
'description': "Manages firewall rules on Vultr."
'body': """
vr_firewall_rule:
group: ${1:undefined} # required. Name of the firewall group.
api_timeout: ${2:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
protocol: ${3|icmp,tcp,udp,gre|} # not required. choices: icmp;tcp;udp;gre. Protocol of the firewall rule.
end_port: ${4:undefined} # not required. End port for the firewall rule.,Only considered if C(protocol) is tcp or udp and C(state=present).
api_account: ${5:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
start_port: ${6:undefined} # not required. Start port for the firewall rule.,Required if C(protocol) is tcp or udp and C(state=present).
api_retries: ${7:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
cidr: ${8:0.0.0.0/0 or ::/0 depending on C(ip_version)} # not required. Network in CIDR format,The CIDR format must match with the C(ip_type) value.,Required if C(state=present).
api_endpoint: ${9:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
state: ${10|present,absent|} # not required. choices: present;absent. State of the firewall rule.
ip_version: ${11|v4,v6|} # not required. choices: v4;v6. IP address version
api_key: ${12:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
validate_certs: ${13:true} # not required. Validate SSL certs of the Vultr API.
"""
'vr_server':
'prefix': "vr_server_snippet"
'description': "Manages virtual servers on Vultr."
'body': """
vr_server:
name: ${1:undefined} # required. Name of the server.
reserved_ip_v4: ${2:undefined} # not required. IP address of the floating IP to use as the main IP of this server.,Only considered on creation.
force: ${3:undefined} # not required. Force stop/start the server if required to apply changes,Otherwise a running server will not be changed.
api_timeout: ${4:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
user_data: ${5:undefined} # not required. User data to be passed to the server.
tag: ${6:undefined} # not required. Tag for the server.
plan: ${7:undefined} # not required. Plan to use for the server.,Required if the server does not yet exist.
api_account: ${8:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
ipv6_enabled: ${9:undefined} # not required. Whether to enable IPv6 or not.
ssh_keys: ${10:undefined} # not required. List of SSH keys passed to the server on creation.
private_network_enabled: ${11:undefined} # not required. Whether to enable private networking or not.
api_retries: ${12:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
validate_certs: ${13:true} # not required. Validate SSL certs of the Vultr API.
region: ${14:undefined} # not required. Region the server is deployed into.,Required if the server does not yet exist.
hostname: ${15:undefined} # not required. Hostname to assign to this server.
firewall_group: ${16:undefined} # not required. The firewall group to assign this server to.
notify_activate: ${17:undefined} # not required. Whether to send an activation email when the server is ready or not.,Only considered on creation.
api_endpoint: ${18:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
state: ${19|present,absent,restarted,reinstalled,started,stopped|} # not required. choices: present;absent;restarted;reinstalled;started;stopped. State of the server.
auto_backup_enabled: ${20:undefined} # not required. Whether to enable automatic backups or not.
startup_script: ${21:undefined} # not required. Name of the startup script to execute on boot.,Only considered while creating the server.
api_key: ${22:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
os: ${23:undefined} # not required. The operating system.,Required if the server does not yet exist.
"""
'vr_ssh_key':
'prefix': "vr_ssh_key_snippet"
'description': "Manages ssh keys on Vultr."
'body': """
vr_ssh_key:
name: ${1:undefined} # required. Name of the ssh key.
api_retries: ${2:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
api_timeout: ${3:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
ssh_key: ${4:undefined} # not required. SSH public key.,Required if C(state=present).
api_endpoint: ${5:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
state: ${6|present,absent|} # not required. choices: present;absent. State of the ssh key.
api_account: ${7:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
api_key: ${8:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
validate_certs: ${9:true} # not required. Validate SSL certs of the Vultr API.
"""
'vr_startup_script':
'prefix': "vr_startup_script_snippet"
'description': "Manages startup scripts on Vultr."
'body': """
vr_startup_script:
name: ${1:undefined} # required. The script name.
api_retries: ${2:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
script: ${3:undefined} # not required. The script source code.,Required if (state=present).
api_timeout: ${4:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
api_endpoint: ${5:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
state: ${6|present,absent|} # not required. choices: present;absent. State of the script.
api_account: ${7:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
api_key: ${8:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
validate_certs: ${9:true} # not required. Validate SSL certs of the Vultr API.
script_type: ${10|boot,pxe|} # not required. choices: boot;pxe. The script type, can not be changed once created.
"""
'vr_user':
'prefix': "vr_user_snippet"
'description': "Manages users on Vultr."
'body': """
vr_user:
name: ${1:undefined} # required. Name of the user
force: ${2|true,false|} # not required. choices: true;false. Password will only be changed with enforcement.
api_timeout: ${3:60} # not required. HTTP timeout to Vultr API.,The ENV variable C(VULTR_API_TIMEOUT) is used as default, when defined.
api_account: ${4:default} # not required. Name of the ini section in the C(vultr.ini) file.,The ENV variable C(VULTR_API_ACCOUNT) is used as default, when defined.
api_retries: ${5:5} # not required. Amount of retries in case of the Vultr API retuns an HTTP 503 code.,The ENV variable C(VULTR_API_RETRIES) is used as default, when defined.
password: ${6:undefined} # not required. Password of the user.,Only considered while creating a user or when C(force=yes).
api_enabled: ${7|true,false|} # not required. choices: true;false. Whether the API is enabled or not.
api_endpoint: ${8:https://api.vultr.com} # not required. URL to API endpint (without trailing slash).,The ENV variable C(VULTR_API_ENDPOINT) is used as default, when defined.
state: ${9|present,absent|} # not required. choices: present;absent. State of the user.
acls: ${10|manage_users,subscriptions,provisioning,billing,support,abuse,dns,upgrade|} # not required. choices: manage_users;subscriptions;provisioning;billing;support;abuse;dns;upgrade. List of ACLs this users should have, see U(https://www.vultr.com/api/#user_user_list).,Required if C(state=present).,One or more of the choices list, some depend on each other.
api_key: ${11:undefined} # not required. API key of the Vultr API.,The ENV variable C(VULTR_API_KEY) is used as default, when defined.
validate_certs: ${12:true} # not required. Validate SSL certs of the Vultr API.
email: ${13:undefined} # not required. Email of the user.,Required if C(state=present).
"""
'vsphere_copy':
'prefix': "vsphere_copy_snippet"
'description': "Copy a file to a vCenter datastore"
'body': """
vsphere_copy:
src: ${1:undefined} # required. The file to push to vCenter
datacenter: ${2:undefined} # required. The datacenter on the vCenter server that holds the datastore.
host: ${3:undefined} # required. The vCenter server on which the datastore is available.
path: ${4:undefined} # required. The file to push to the datastore on the vCenter server.
login: ${5:undefined} # required. The login name to authenticate on the vCenter server.
password: ${6:undefined} # required. The password to authenticate on the vCenter server.
datastore: ${7:undefined} # required. The datastore on the vCenter server to push files to.
validate_certs: ${8:yes} # not required. If C(no), SSL certificates will not be validated. This should only be set to C(no) when no other option exists.
"""
'vsphere_guest':
'prefix': "vsphere_guest_snippet"
'description': "Create/delete/manage a guest VM through VMware vSphere."
'body': """
vsphere_guest:
username: ${1:null} # required. Username to connect to vcenter as.
vcenter_hostname: ${2:null} # required. The hostname of the vcenter server the module will connect to, to create the guest.
password: ${3:null} # required. Password of the user to connect to vcenter as.
guest: ${4:undefined} # required. The virtual server name you wish to manage.
resource_pool: ${5:None} # not required. The name of the resource_pool to create the VM in.
force: ${6:no} # not required. Boolean. Allows you to run commands which may alter the running state of a guest. Also used to reconfigure and destroy.
vm_disk: ${7:null} # not required. A key, value list of disks and their sizes and which datastore to keep it in.
vm_hw_version: ${8:null} # not required. Desired hardware version identifier (for example, \"vmx-08\" for vms that needs to be managed with vSphere Client). Note that changing hardware version of existing vm is not supported.
cluster: ${9:None} # not required. The name of the cluster to create the VM in. By default this is derived from the host you tell the module to build the guest on.
vmware_guest_facts: ${10:null} # not required. Gather facts from vCenter on a particular VM
vm_extra_config: ${11:null} # not required. A key, value pair of any extra values you want set or changed in the vmx file of the VM. Useful to set advanced options on the VM.
template_src: ${12:None} # not required. Name of the source template to deploy from
power_on_after_clone: ${13:true} # not required. Specifies if the VM should be powered on after the clone.
vm_nic: ${14:null} # not required. A key, value list of nics, their types and what network to put them on.
esxi: ${15:null} # not required. Dictionary which includes datacenter and hostname on which the VM should be created. For standalone ESXi hosts, ha-datacenter should be used as the datacenter name
vm_hardware: ${16:null} # not required. A key, value list of VM config settings. Must include ['memory_mb', 'num_cpus', 'osid', 'scsi'].
validate_certs: ${17:true} # not required. Validate SSL certs. Note, if running on python without SSLContext support (typically, python < 2.7.9) you will have to set this to C(no) as pysphere does not support validating certificates on older python. Prior to 2.1, this module would always validate on python >= 2.7.9 and never validate on python <= 2.7.8.
state: ${18|present,powered_off,absent,powered_on,restarted,reconfigured|} # not required. choices: present;powered_off;absent;powered_on;restarted;reconfigured. Indicate desired state of the vm. 'reconfigured' only applies changes to 'vm_cdrom', 'memory_mb', and 'num_cpus' in vm_hardware parameter. The 'memory_mb' and 'num_cpus' changes are applied to powered-on vms when hot-plugging is enabled for the guest.
from_template: ${19:false} # not required. Specifies if the VM should be deployed from a template (mutually exclusive with 'state' parameter). No guest customization changes to hardware such as CPU, RAM, NICs or Disks can be applied when launching from template.
snapshot_to_clone: ${20:none} # not required. A string that when specified, will create a linked clone copy of the VM. Snapshot must already be taken in vCenter.
"""
'vyos_banner':
'prefix': "vyos_banner_snippet"
'description': "Manage multiline banners on VyOS devices"
'body': """
vyos_banner:
banner: ${1|pre-login,post-login|} # required. choices: pre-login;post-login. Specifies which banner that should be configured on the remote device.
text: ${2:null} # not required. The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires I(state=present).
state: ${3|present,absent|} # not required. choices: present;absent. Specifies whether or not the configuration is present in the current devices active running configuration.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
"""
'vyos_command':
'prefix': "vyos_command_snippet"
'description': "Run one or more commands on VyOS devices"
'body': """
vyos_command:
commands: ${1:undefined} # required. The ordered set of commands to execute on the remote device running VyOS. The output from the command execution is returned to the playbook. If the I(wait_for) argument is provided, the module is not returned until the condition is satisfied or the number of retries has been exceeded.
retries: ${2:10} # not required. Specifies the number of retries a command should be tried before it is considered failed. The command is run on the target device every retry and evaluated against the I(wait_for) conditionals.
interval: ${3:1} # not required. Configures the interval in seconds to wait between I(retries) of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
wait_for: ${5:null} # not required. Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured I(retries), the task fails. See examples.
match: ${6|any,all|} # not required. choices: any;all. The I(match) argument is used in conjunction with the I(wait_for) argument to specify the match policy. Valid values are C(all) or C(any). If the value is set to C(all) then all conditionals in the wait_for must be satisfied. If the value is set to C(any) then only one of the values must be satisfied.
"""
'vyos_config':
'prefix': "vyos_config_snippet"
'description': "Manage VyOS configuration on remote device"
'body': """
vyos_config:
comment: ${1:configured by vyos_config} # not required. Allows a commit description to be specified to be included when the configuration is committed. If the configuration is not changed or committed, this argument is ignored.
src: ${2:null} # not required. The C(src) argument specifies the path to the source config file to load. The source config file can either be in bracket format or set format. The source file can include Jinja2 template variables.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
config: ${4:null} # not required. The C(config) argument specifies the base configuration to use to compare against the desired configuration. If this value is not specified, the module will automatically retrieve the current active configuration from the remote device.
lines: ${5:null} # not required. The ordered set of configuration lines to be managed and compared with the existing configuration on the remote device.
save: ${6|yes,no|} # not required. choices: yes;no. The C(save) argument controls whether or not changes made to the active configuration are saved to disk. This is independent of committing the config. When set to True, the active configuration is saved.
backup: ${7:no} # not required. The C(backup) argument will backup the current devices active configuration to the Ansible control host prior to making any changes. The backup file will be located in the backup folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created.
match: ${8|line,none|} # not required. choices: line;none. The C(match) argument controls the method used to match against the current active configuration. By default, the desired config is matched against the active config and the deltas are loaded. If the C(match) argument is set to C(none) the active configuration is ignored and the configuration is always loaded.
"""
'vyos_facts':
'prefix': "vyos_facts_snippet"
'description': "Collect facts from remote devices running VyOS"
'body': """
vyos_facts:
gather_subset: ${1:!config} # not required. When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, default, config, and neighbors. Can specify a list of values to include a larger subset. Values can also be used with an initial C(M(!)) to specify that a specific subset should not be collected.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
"""
'vyos_interface':
'prefix': "vyos_interface_snippet"
'description': "Manage Interface on VyOS network devices"
'body': """
vyos_interface:
name: ${1:undefined} # required. Name of the Interface.
neighbors: ${2:undefined} # not required. Check the operational state of given interface C(name) for LLDP neighbor.,The following suboptions are available.
duplex: ${3|full,half,auto|} # not required. choices: full;half;auto. Interface link status.
enabled: ${4:undefined} # not required. Interface link status.
mtu: ${5:undefined} # not required. Maximum size of transmit packet.
delay: ${6:10} # not required. Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are I(state) with values C(up)/C(down) and I(neighbors).
state: ${7|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the Interface configuration, C(up) means present and operationally up and C(down) means present and operationally C(down)
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${9:undefined} # not required. List of Interfaces definitions.
speed: ${10:undefined} # not required. Interface link speed.
description: ${11:undefined} # not required. Description of Interface.
"""
'vyos_l3_interface':
'prefix': "vyos_l3_interface_snippet"
'description': "Manage L3 interfaces on VyOS network devices"
'body': """
vyos_l3_interface:
name: ${1:undefined} # not required. Name of the L3 interface.
ipv6: ${2:undefined} # not required. IPv6 of the L3 interface.
state: ${3|present,absent|} # not required. choices: present;absent. State of the L3 interface configuration.
ipv4: ${4:undefined} # not required. IPv4 of the L3 interface.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${6:undefined} # not required. List of L3 interfaces definitions
"""
'vyos_linkagg':
'prefix': "vyos_linkagg_snippet"
'description': "Manage link aggregation groups on VyOS network devices"
'body': """
vyos_linkagg:
name: ${1:undefined} # required. Name of the link aggregation group.
state: ${2|present,absent,up,down|} # not required. choices: present;absent;up;down. State of the link aggregation group.
mode: ${3|802.3ad,active-backup,broadcast,round-robin,transmit-load-balance,adaptive-load-balance,xor-hash,on|} # not required. choices: 802.3ad;active-backup;broadcast;round-robin;transmit-load-balance;adaptive-load-balance;xor-hash;on. Mode of the link aggregation group.
members: ${4:undefined} # not required. List of members of the link aggregation group.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${6:undefined} # not required. List of link aggregation definitions.
"""
'vyos_lldp':
'prefix': "vyos_lldp_snippet"
'description': "Manage LLDP configuration on VyOS network devices"
'body': """
vyos_lldp:
state: ${1|present,absent|} # not required. choices: present;absent. State of the LLDP configuration.
provider: ${2:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
"""
'vyos_lldp_interface':
'prefix': "vyos_lldp_interface_snippet"
'description': "Manage LLDP interfaces configuration on VyOS network devices"
'body': """
vyos_lldp_interface:
aggregate: ${1:undefined} # not required. List of interfaces LLDP should be configured on.
state: ${2|present,absent,enabled,disabled|} # not required. choices: present;absent;enabled;disabled. State of the LLDP configuration.
name: ${3:undefined} # not required. Name of the interface LLDP should be configured on.
provider: ${4:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
"""
'vyos_logging':
'prefix': "vyos_logging_snippet"
'description': "Manage logging on network devices"
'body': """
vyos_logging:
aggregate: ${1:undefined} # not required. List of logging definitions.
state: ${2|present,absent|} # not required. choices: present;absent. State of the logging configuration.
name: ${3:undefined} # not required. If value of C(dest) is I(file) it indicates file-name, for I(user) it indicates username and for I(host) indicates the host name to be notified.
level: ${4:undefined} # not required. Set logging severity levels.
dest: ${5|console,file,global,host,user|} # not required. choices: console;file;global;host;user. Destination of the logs.
facility: ${6:undefined} # not required. Set logging facility.
provider: ${7:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
"""
'vyos_static_route':
'prefix': "vyos_static_route_snippet"
'description': "Manage static IP routes on Vyatta VyOS network devices"
'body': """
vyos_static_route:
state: ${1|present,absent|} # not required. choices: present;absent. State of the static route configuration.
next_hop: ${2:undefined} # not required. Next hop IP of the static route.
provider: ${3:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${4:undefined} # not required. List of static route definitions
mask: ${5:undefined} # not required. Network prefix mask of the static route.
prefix: ${6:undefined} # not required. Network prefix of the static route. C(mask) param should be ignored if C(prefix) is provided with C(mask) value C(prefix/mask).
admin_distance: ${7:undefined} # not required. Admin distance of the static route.
"""
'vyos_system':
'prefix': "vyos_system_snippet"
'description': "Run `set system` commands on VyOS devices"
'body': """
vyos_system:
domain_search: ${1:undefined} # not required. A list of domain names to search. Mutually exclusive with I(name_server)
domain_name: ${2:undefined} # not required. The new domain name to apply to the device.
state: ${3|present,absent|} # not required. choices: present;absent. Whether to apply (C(present)) or remove (C(absent)) the settings.
host_name: ${4:undefined} # not required. Configure the device hostname parameter. This option takes an ASCII string value.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
name_servers: ${6:null} # not required. A list of name servers to use with the device. Mutually exclusive with I(domain_search)
"""
'vyos_user':
'prefix': "vyos_user_snippet"
'description': "Manage the collection of local users on VyOS device"
'body': """
vyos_user:
update_password: ${1|on_create,always|} # not required. choices: on_create;always. Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to C(always), the password will always be updated in the device and when set to C(on_create) the password will be updated only if the username is created.
configured_password: ${2:undefined} # not required. The password to be configured on the VyOS device. The password needs to be provided in clear and it will be encrypted on the device. Please note that this option is not same as C(provider password).
name: ${3:undefined} # not required. The username to be configured on the VyOS device. This argument accepts a string value and is mutually exclusive with the C(aggregate) argument. Please note that this option is not same as C(provider username).
level: ${4:undefined} # not required. The C(level) argument configures the level of the user when logged into the system. This argument accepts string values admin or operator.
purge: ${5:false} # not required. Instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user (the current defined set of users).
state: ${6|present,absent|} # not required. choices: present;absent. Configures the state of the username definition as it relates to the device operational configuration. When set to I(present), the username(s) should be configured in the device active configuration and when set to I(absent) the username(s) should not be in the device active configuration
full_name: ${7:undefined} # not required. The C(full_name) argument provides the full name of the user account to be created on the remote device. This argument accepts any text string value.
provider: ${8:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
aggregate: ${9:undefined} # not required. The set of username objects to be configured on the remote VyOS device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the C(name) argument.
"""
'vyos_vlan':
'prefix': "vyos_vlan_snippet"
'description': "Manage VLANs on VyOS network devices"
'body': """
vyos_vlan:
interfaces: ${1:undefined} # required. List of interfaces that should be associated to the VLAN.
vlan_id: ${2:undefined} # required. ID of the VLAN. Range 0-4094.
delay: ${3:10} # not required. Delay the play should wait to check for declarative intent params values.
name: ${4:undefined} # not required. Name of the VLAN.
provider: ${5:null} # not required. B(Deprecated),Starting with Ansible 2.5 we recommend using C(connection: network_cli).,For more information please see the L(Network Guide, ../network/getting_started/network_differences.html#multiple-communication-protocols).,HORIZONTALLINE,A dict object containing connection details.
purge: ${6:false} # not required. Purge VLANs not defined in the I(aggregate) parameter.
associated_interfaces: ${7:undefined} # not required. This is a intent option and checks the operational state of the for given vlan C(name) for associated interfaces. If the value in the C(associated_interfaces) does not match with the operational state of vlan on device it will result in failure.
state: ${8|present,absent|} # not required. choices: present;absent. State of the VLAN configuration.
address: ${9:undefined} # not required. Configure Virtual interface address.
aggregate: ${10:undefined} # not required. List of VLANs definitions.
"""
'wait_for':
'prefix': "wait_for_snippet"
'description': "Waits for a condition before continuing"
'body': """
wait_for:
active_connection_states: ${1:ESTABLISHED,FIN_WAIT1,FIN_WAIT2,SYN_RECV,SYN_SENT,TIME_WAIT} # not required. The list of TCP connection states which are counted as active connections.
host: ${2:127.0.0.1} # not required. A resolvable hostname or IP address to wait for.
connect_timeout: ${3:5} # not required. Maximum number of seconds to wait for a connection to happen before closing and retrying.
delay: ${4:0} # not required. Number of seconds to wait before starting to poll.
search_regex: ${5:undefined} # not required. Can be used to match a string in either a file or a socket connection.,Defaults to a multiline regex.
state: ${6|absent,drained,present,started,stopped|} # not required. choices: absent;drained;present;started;stopped. Either C(present), C(started), or C(stopped), C(absent), or C(drained).,When checking a port C(started) will ensure the port is open, C(stopped) will check that it is closed, C(drained) will check for active connections.,When checking for a file or a search string C(present) or C(started) will ensure that the file or string is present before continuing, C(absent) will check that file is absent or removed.
sleep: ${7:1} # not required. Number of seconds to sleep between checks, before 2.3 this was hardcoded to 1 second.
timeout: ${8:300} # not required. Maximum number of seconds to wait for, when used with another condition it will force an error.,When used without other conditions it is equivalent of just sleeping.
exclude_hosts: ${9:undefined} # not required. List of hosts or IPs to ignore when looking for active TCP connections for C(drained) state.
msg: ${10:null} # not required. This overrides the normal error message from a failure to meet the required conditions.
path: ${11:undefined} # not required. Path to a file on the filesystem that must exist before continuing.
port: ${12:undefined} # not required. Port number to poll.
"""
'wait_for_connection':
'prefix': "wait_for_connection_snippet"
'description': "Waits until remote system is reachable/usable"
'body': """
wait_for_connection:
delay: ${1:0} # not required. Number of seconds to wait before starting to poll.
sleep: ${2:1} # not required. Number of seconds to sleep between checks.
connect_timeout: ${3:5} # not required. Maximum number of seconds to wait for a connection to happen before closing and retrying.
timeout: ${4:600} # not required. Maximum number of seconds to wait for.
"""
'wakeonlan':
'prefix': "wakeonlan_snippet"
'description': "Send a magic Wake-on-LAN (WoL) broadcast packet"
'body': """
wakeonlan:
mac: ${1:undefined} # required. MAC address to send Wake-on-LAN broadcast packet for.
broadcast: ${2:255.255.255.255} # not required. Network broadcast address to use for broadcasting magic Wake-on-LAN packet.
port: ${3:7} # not required. UDP port to use for magic Wake-on-LAN packet.
"""
'webfaction_app':
'prefix': "webfaction_app_snippet"
'description': "Add or remove applications on a Webfaction host"
'body': """
webfaction_app:
name: ${1:undefined} # required. The name of the application
login_password: ${2:undefined} # required. The webfaction password to use
type: ${3:undefined} # required. The type of application to create. See the Webfaction docs at http://docs.webfaction.com/xmlrpc-api/apps.html for a list.
login_name: ${4:undefined} # required. The webfaction account to use
port_open: ${5:false} # not required. IF the port should be opened
machine: ${6:undefined} # not required. The machine name to use (optional for accounts with only one machine)
state: ${7|present,absent|} # not required. choices: present;absent. Whether the application should exist
autostart: ${8:no} # not required. Whether the app should restart with an autostart.cgi script
extra_info: ${9:null} # not required. Any extra parameters required by the app
"""
'webfaction_db':
'prefix': "webfaction_db_snippet"
'description': "Add or remove a database on Webfaction"
'body': """
webfaction_db:
name: ${1:undefined} # required. The name of the database
login_password: ${2:undefined} # required. The webfaction password to use
type: ${3|mysql,postgresql|} # required. choices: mysql;postgresql. The type of database to create.
login_name: ${4:undefined} # required. The webfaction account to use
machine: ${5:undefined} # not required. The machine name to use (optional for accounts with only one machine)
state: ${6|present,absent|} # not required. choices: present;absent. Whether the database should exist
password: ${7:None} # not required. The password for the new database user.
"""
'webfaction_domain':
'prefix': "webfaction_domain_snippet"
'description': "Add or remove domains and subdomains on Webfaction"
'body': """
webfaction_domain:
login_name: ${1:undefined} # required. The webfaction account to use
name: ${2:undefined} # required. The name of the domain
login_password: ${3:undefined} # required. The webfaction password to use
state: ${4|present,absent|} # not required. choices: present;absent. Whether the domain should exist
subdomains: ${5:null} # not required. Any subdomains to create.
"""
'webfaction_mailbox':
'prefix': "webfaction_mailbox_snippet"
'description': "Add or remove mailboxes on Webfaction"
'body': """
webfaction_mailbox:
mailbox_password: ${1:null} # required. The password for the mailbox
login_name: ${2:undefined} # required. The webfaction account to use
mailbox_name: ${3:undefined} # required. The name of the mailbox
login_password: ${4:undefined} # required. The webfaction password to use
state: ${5|present,absent|} # not required. choices: present;absent. Whether the mailbox should exist
"""
'webfaction_site':
'prefix': "webfaction_site_snippet"
'description': "Add or remove a website on a Webfaction host"
'body': """
webfaction_site:
name: ${1:undefined} # required. The name of the website
host: ${2:undefined} # required. The webfaction host on which the site should be created.
login_password: ${3:undefined} # required. The webfaction password to use
login_name: ${4:undefined} # required. The webfaction account to use
subdomains: ${5:null} # not required. A list of subdomains associated with this site.
state: ${6|present,absent|} # not required. choices: present;absent. Whether the website should exist
https: ${7:false} # not required. Whether or not to use HTTPS
site_apps: ${8:undefined} # not required. A mapping of URLs to apps
"""
'win_acl':
'prefix': "win_acl_snippet"
'description': "Set file/directory/registry permissions for a system user or group"
'body': """
win_acl:
user: ${1:undefined} # required. User or Group to add specified rights to act on src file/folder or registry key.
rights: ${2:undefined} # required. The rights/permissions that are to be allowed/denied for the specified user or group for the item at C(path).,If C(path) is a file or directory, rights can be any right under MSDN FileSystemRights U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx).,If C(path) is a registry key, rights can be any right under MSDN RegistryRights U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.registryrights.aspx).
path: ${3:undefined} # required. The path to the file or directory.
type: ${4|allow,deny|} # required. choices: allow;deny. Specify whether to allow or deny the rights specified.
propagation: ${5|InheritOnly,None,NoPropagateInherit|} # not required. choices: InheritOnly;None;NoPropagateInherit. Propagation flag on the ACL rules.,For more information on the choices see MSDN PropagationFlags enumeration at U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.propagationflags.aspx).
state: ${6|absent,present|} # not required. choices: absent;present. Specify whether to add C(present) or remove C(absent) the specified access rule.
inherit: ${7|ContainerInherit,ObjectInherit|} # not required. choices: ContainerInherit;ObjectInherit. Inherit flags on the ACL rules.,Can be specified as a comma separated list, e.g. C(ContainerInherit), C(ObjectInherit).,For more information on the choices see MSDN InheritanceFlags enumeration at U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.inheritanceflags.aspx).,Defaults to C(ContainerInherit, ObjectInherit) for Directories.
"""
'win_acl_inheritance':
'prefix': "win_acl_inheritance_snippet"
'description': "Change ACL inheritance"
'body': """
win_acl_inheritance:
path: ${1:undefined} # required. Path to be used for changing inheritance
state: ${2|present,absent|} # not required. choices: present;absent. Specify whether to enable I(present) or disable I(absent) ACL inheritance
reorganize: ${3|false,true|} # not required. choices: false;true. For P(state) = I(absent), indicates if the inherited ACE's should be copied from the parent directory. This is necessary (in combination with removal) for a simple ACL instead of using multiple ACE deny entries.,For P(state) = I(present), indicates if the inherited ACE's should be deduplicated compared to the parent directory. This removes complexity of the ACL structure.
"""
'win_audit_policy_system':
'prefix': "win_audit_policy_system_snippet"
'description': "Used to make changes to the system wide Audit Policy."
'body': """
win_audit_policy_system:
audit_type: ${1|success,failure,none|} # required. choices: success;failure;none. The type of event you would like to audit for.,Accepts a list. See examples.
category: ${2:undefined} # not required. Single string value for the category you would like to adjust the policy on.,Cannot be used with I(subcategory). You must define one or the other.,Changing this setting causes all subcategories to be adjusted to the defined I(audit_type).
subcategory: ${3:undefined} # not required. Single string value for the subcategory you would like to adjust the policy on.,Cannot be used with I(category). You must define one or the other.
"""
'win_audit_rule':
'prefix': "win_audit_rule_snippet"
'description': "Adds an audit rule to files, folders, or registry keys"
'body': """
win_audit_rule:
user: ${1:undefined} # required. The user or group to adjust rules for.
rights: ${2:undefined} # required. Comma seperated list of the rights desired. Only required for adding a rule.,If I(path) is a file or directory, rights can be any right under MSDN FileSystemRights U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx).,If I(path) is a registry key, rights can be any right under MSDN RegistryRights U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.registryrights.aspx).
audit_flags: ${3|Success,Failure|} # required. choices: Success;Failure. Defines whether to log on failure, success, or both.,To log both define as comma seperated list \"Success, Failure\".
path: ${4:undefined} # required. Path to the file, folder, or registry key.,Registry paths should be in Powershell format, beginning with an abbreviation for the root such as, 'hklm:\\software'.
state: ${5|present,absent|} # not required. choices: present;absent. Whether the rule should be C(present) or C(absent).,For absent, only I(path), I(user), and I(state) are required.,Specifying C(absent) will remove all rules matching the defined I(user).
inheritance_flags: ${6|ContainerInherit,ObjectInherit|} # not required. choices: ContainerInherit;ObjectInherit. Defines what objects inside of a folder or registry key will inherit the settings.,If you are setting a rule on a file, this value has to be changed to C(none).,For more information on the choices see MSDN PropagationFlags enumeration at U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.inheritanceflags.aspx).
propagation_flags: ${7|None,InherityOnly,NoPropagateInherit|} # not required. choices: None;InherityOnly;NoPropagateInherit. Propagation flag on the audit rules.,This value is ignored when the path type is a file.,For more information on the choices see MSDN PropagationFlags enumeration at U(https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.propagationflags.aspx).
"""
'win_certificate_store':
'prefix': "win_certificate_store_snippet"
'description': "Manages the certificate store"
'body': """
win_certificate_store:
key_exportable: ${1:yes} # not required. Whether to allow the private key to be exported.,If C(no), then this module and other process will only be able to export the certificate and the private key cannot be exported.,Used when C(state=present) only.
key_storage: ${2|default,machine,user|} # not required. choices: default;machine;user. Specifies where Windows will store the private key when it is imported.,When set to C(default), the default option as set by Windows is used.,When set to C(machine), the key is stored in a path accessible by various users.,When set to C(user), the key is stored in a path only accessible by the current user.,Used when C(state=present) only and cannot be changed once imported.,See U(https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags.aspx) for more details.
file_type: ${3|der,pem,pkcs12|} # not required. choices: der;pem;pkcs12. The file type to export the certificate as when C(state=exported).,C(der) is a binary ASN.1 encoded file.,C(pem) is a base64 encoded file of a der file in the OpenSSL form.,C(pkcs12) (also known as pfx) is a binary container that contains both the certificate and private key unlike the other options.,When C(pkcs12) is set and the private key is not exportable or accessible by the current user, it will throw an exception.
store_location: ${4|CurrentUser,LocalMachine|} # not required. choices: CurrentUser;LocalMachine. The store location to use when importing a certificate or searching for a certificate.
store_name: ${5|AddressBook,AuthRoot,CertificateAuthority,Disallowed,My,Root,TrustedPeople,TrustedPublisher|} # not required. choices: AddressBook;AuthRoot;CertificateAuthority;Disallowed;My;Root;TrustedPeople;TrustedPublisher. The store name to use when importing a certificate or searching for a certificate.,C(AddressBook): The X.509 certificate store for other users,C(AuthRoot): The X.509 certificate store for third-party certificate authorities (CAs),C(CertificateAuthority): The X.509 certificate store for intermediate certificate authorities (CAs),C(Disallowed): The X.509 certificate store for revoked certificates,C(My): The X.509 certificate store for personal certificates,C(Root): The X.509 certificate store for trusted root certificate authorities (CAs),C(TrustedPeople): The X.509 certificate store for directly trusted people and resources,C(TrustedPublisher): The X.509 certificate store for directly trusted publishers
state: ${6|present,absent,exported|} # not required. choices: present;absent;exported. If C(present), will ensure that the certificate at I(path) is imported into the certificate store specified.,If C(absent), will ensure that the certificate specified by I(thumbprint) or the thumbprint of the cert at I(path) is removed from the store specified.,If C(exported), will ensure the file at I(path) is a certificate specified by I(thumbprint).,When exporting a certificate, if I(path) is a directory then the module will fail, otherwise the file will be replaced if needed.
thumbprint: ${7:undefined} # not required. The thumbprint as a hex string to either export or remove.,See the examples for how to specify the thumbprint.
path: ${8:undefined} # not required. The path to a certificate file.,This is required when I(state) is C(present) or C(exported).,When I(state) is C(absent) and I(thumbprint) is not specified, the thumbprint is derived from the certificate at this path.
password: ${9:undefined} # not required. The password of the pkcs12 certificate key.,This is used when reading a pkcs12 certificate file or the password to set when C(state=exported) and C(file_type=pkcs12).,If the pkcs12 file has no password set or no password should be set on the exported file, do not set this option.
"""
'win_chocolatey':
'prefix': "win_chocolatey_snippet"
'description': "Manage packages using chocolatey"
'body': """
win_chocolatey:
name: ${1:undefined} # required. Name of the package to be installed.,This must be a single package name.
force: ${2:no} # not required. Forces install of the package (even if it already exists).,Using C(force) will cause ansible to always report that a change was made.
proxy_password: ${3:undefined} # not required. Proxy password used to install chocolatey and the package.,See notes in C(proxy_username) when dealing with double quotes in a password.
install_args: ${4:undefined} # not required. Arguments to pass to the native installer.
ignore_dependencies: ${5:no} # not required. Ignore dependencies, only install/upgrade the package itself.
upgrade: ${6:no} # not required. If package is already installed it, try to upgrade to the latest version or to the specified version.,As of Ansible v2.3 this is deprecated, set parameter C(state) to C(latest) for the same result.
skip_scripts: ${7:no} # not required. Do not run I(chocolateyInstall.ps1) or I(chocolateyUninstall.ps1) scripts.
ignore_checksums: ${8:no} # not required. Ignore checksums altogether.
proxy_url: ${9:undefined} # not required. Proxy url used to install chocolatey and the package.
allow_empty_checksums: ${10:no} # not required. Allow empty checksums to be used.
source: ${11:undefined} # not required. Specify source rather than using default chocolatey repository.
state: ${12|absent,downgrade,latest,present,reinstalled|} # not required. choices: absent;downgrade;latest;present;reinstalled. State of the package on the system.
version: ${13:undefined} # not required. Specific version of the package to be installed.,Ignored when C(state) is set to C(absent).
params: ${14:undefined} # not required. Parameters to pass to the package
proxy_username: ${15:undefined} # not required. Proxy username used to install chocolatey and the package.,When dealing with a username with double quote characters C(\"), they need to be escaped with C(\\) beforehand. See examples for more details.
timeout: ${16:2700} # not required. The time to allow chocolatey to finish before timing out.
"""
'win_command':
'prefix': "win_command_snippet"
'description': "Executes a command on a remote Windows node"
'body': """
win_command:
free_form: ${1:undefined} # required. the C(win_command) module takes a free form command to run. There is no parameter actually named 'free form'. See the examples!
creates: ${2:undefined} # not required. a path or path filter pattern; when the referenced path exists on the target host, the task will be skipped.
chdir: ${3:undefined} # not required. set the specified path as the current working directory before executing a command.
removes: ${4:undefined} # not required. a path or path filter pattern; when the referenced path B(does not) exist on the target host, the task will be skipped.
stdin: ${5:undefined} # not required. Set the stdin of the command directly to the specified value.
"""
'win_copy':
'prefix': "win_copy_snippet"
'description': "Copies files to remote locations on windows hosts"
'body': """
win_copy:
src: ${1:undefined} # required. Local path to a file to copy to the remote server; can be absolute or relative.,If path is a directory, it is copied (including the source folder name) recursively to C(dest).,If path is a directory and ends with \"/\", only the inside contents of that directory are copied to the destination. Otherwise, if it does not end with \"/\", the directory itself with all contents is copied.,If path is a file and dest ends with \"\\\", the file is copied to the folder with the same filename.
dest: ${2:undefined} # required. Remote absolute path where the file should be copied to. If src is a directory, this must be a directory too.,Use \\ for path separators or \\\\ when in \"double quotes\".,If C(dest) ends with \\ then source or the contents of source will be copied to the directory without renaming.,If C(dest) is a nonexistent path, it will only be created if C(dest) ends with \"/\" or \"\\\", or C(src) is a directory.,If C(src) and C(dest) are files and if the parent directory of C(dest) doesn't exist, then the task will fail.
content: ${3:undefined} # not required. When used instead of C(src), sets the contents of a file directly to the specified value. This is for simple values, for anything complex or with formatting please switch to the template module.
force: ${4:yes} # not required. If set to C(yes), the file will only be transferred if the content is different than destination.,If set to C(no), the file will only be transferred if the destination does not exist.,If set to C(no), no checksuming of the content is performed which can help improve performance on larger files.
remote_src: ${5:no} # not required. If False, it will search for src at originating/master machine, if True it will go to the remote/target machine for the src.
decrypt: ${6:yes} # not required. This option controls the autodecryption of source files using vault.
local_follow: ${7:yes} # not required. This flag indicates that filesystem links in the source tree, if they exist, should be followed.
"""
'win_defrag':
'prefix': "win_defrag_snippet"
'description': "Consolidate fragmented files on local volumes"
'body': """
win_defrag:
priority: ${1|low,normal|} # not required. choices: low;normal. Run the operation at low or normal priority.
freespace_consolidation: ${2:undefined} # not required. Perform free space consolidation on the specified volumes.
include_volumes: ${3:undefined} # not required. A list of drive letters or mount point paths of the volumes to be defragmented.,If this parameter is omitted, all volumes (not excluded) will be fragmented.
parallel: ${4:no} # not required. Run the operation on each volume in parallel in the background.
exclude_volumes: ${5:undefined} # not required. A list of drive letters or mount point paths to exclude from defragmentation.
"""
'win_disk_facts':
'prefix': "win_disk_facts_snippet"
'description': "Show the attached disks and disk information of the target host"
'body': """
win_disk_facts:
"""
'win_disk_image':
'prefix': "win_disk_image_snippet"
'description': "Manage ISO/VHD/VHDX mounts on Windows hosts"
'body': """
win_disk_image:
image_path: ${1:undefined} # required. path to an ISO, VHD, or VHDX image on the target Windows host (the file cannot reside on a network share)
state: ${2|present,absent|} # not required. choices: present;absent. whether the image should be present as a drive-letter mount or not.
"""
'win_dns_client':
'prefix': "win_dns_client_snippet"
'description': "Configures DNS lookup on Windows hosts"
'body': """
win_dns_client:
adapter_names: ${1:undefined} # required. Adapter name or list of adapter names for which to manage DNS settings ('*' is supported as a wildcard value). The adapter name used is the connection caption in the Network Control Panel or via C(Get-NetAdapter), eg C(Local Area Connection).
ipv4_addresses: ${2:undefined} # required. Single or ordered list of DNS server IPv4 addresses to configure for lookup. An empty list will configure the adapter to use the DHCP-assigned values on connections where DHCP is enabled, or disable DNS lookup on statically-configured connections.
"""
'win_domain':
'prefix': "win_domain_snippet"
'description': "Ensures the existence of a Windows domain."
'body': """
win_domain:
dns_domain_name: ${1:undefined} # required. the DNS name of the domain which should exist and be reachable or reside on the target Windows host
safe_mode_password: ${2:undefined} # required. safe mode password for the domain controller
database_path: ${3:undefined} # not required. The path to a directory on a fixed disk of the Windows host where the domain database will be created.,If not set then the default path is C(%SYSTEMROOT%\\NTDS).
sysvol_path: ${4:undefined} # not required. The path to a directory on a fixed disk of the Windows host where the Sysvol file will be created.,If not set then the default path is C(%SYSTEMROOT%\\SYSVOL).
"""
'win_domain_controller':
'prefix': "win_domain_controller_snippet"
'description': "Manage domain controller/member server state for a Windows host"
'body': """
win_domain_controller:
domain_admin_user: ${1:undefined} # required. Username of a domain admin for the target domain (necessary to promote or demote a domain controller).
domain_admin_password: ${2:undefined} # required. Password for the specified C(domain_admin_user).
read_only: ${3:no} # not required. Whether to install the domain controller as a read only replica for an existing domain.
database_path: ${4:undefined} # not required. The path to a directory on a fixed disk of the Windows host where the domain database will be created..,If not set then the default path is C(%SYSTEMROOT%\\NTDS).
site_name: ${5:undefined} # not required. Specifies the name of an existing site where you can place the new domain controller.,This option is required when I(read_only) is C(yes).
dns_domain_name: ${6:undefined} # not required. When C(state) is C(domain_controller), the DNS name of the domain for which the targeted Windows host should be a DC.
safe_mode_password: ${7:undefined} # not required. Safe mode password for the domain controller (required when C(state) is C(domain_controller)).
state: ${8|domain_controller,member_server|} # not required. choices: domain_controller;member_server. Whether the target host should be a domain controller or a member server.
local_admin_password: ${9:undefined} # not required. Password to be assigned to the local C(Administrator) user (required when C(state) is C(member_server)).
sysvol_path: ${10:undefined} # not required. The path to a directory on a fixed disk of the Windows host where the Sysvol folder will be created.,If not set then the default path is C(%SYSTEMROOT%\\SYSVOL).
"""
'win_domain_group':
'prefix': "win_domain_group_snippet"
'description': "creates, modifies or removes domain groups"
'body': """
win_domain_group:
name: ${1:undefined} # required. The name of the group to create, modify or remove.,This value can be in the forms C(Distinguished Name), C(objectGUID), C(objectSid) or C(sAMAccountName), see examples for more details.
category: ${2|distribution,security|} # not required. choices: distribution;security. The category of the group, this is the value to assign to the LDAP C(groupType) attribute.,If a new group is created then C(security) will be used by default.
protect: ${3:undefined} # not required. Will set the C(ProtectedFromAccidentalDeletion) flag based on this value.,This flag stops a user from deleting or moving a group to a different path.
display_name: ${4:undefined} # not required. The value to assign to the LDAP C(displayName) attribute.
description: ${5:undefined} # not required. The value to be assigned to the LDAP C(description) attribute.
domain_username: ${6:undefined} # not required. The username to use when interacting with AD.,If this is not set then the user Ansible used to log in with will be used instead.
ignore_protection: ${7:no} # not required. Will ignore the C(ProtectedFromAccidentalDeletion) flag when deleting or moving a group.,The module will fail if one of these actions need to occur and this value is set to no.
state: ${8|absent,present|} # not required. choices: absent;present. If C(state=present) this module will ensure the group is created and is configured accordingly.,If C(state=absent) this module will delete the group if it exists
domain_password: ${9:undefined} # not required. The password for C(username).
organizational_unit: ${10:undefined} # not required. The full LDAP path to create or move the group to.,This should be the path to the parent object to create or move the group to.,See examples for details of how this path is formed.
domain_server: ${11:undefined} # not required. Specifies the Active Directory Domain Services instance to connect to.,Can be in the form of an FQDN or NetBIOS name.,If not specified then the value is based on the domain of the computer running PowerShell.
managed_by: ${12:undefined} # not required. The value to be assigned to the LDAP C(managedBy) attribute.,This value can be in the forms C(Distinguished Name), C(objectGUID), C(objectSid) or C(sAMAccountName), see examples for more details.
attributes: ${13:undefined} # not required. A dict of custom LDAP attributes to set on the group.,This can be used to set custom attributes that are not exposed as module parameters, e.g. C(mail).,See the examples on how to format this parameter.
scope: ${14|domainlocal,global,universal|} # not required. choices: domainlocal;global;universal. The scope of the group.,If C(state=present) and the group doesn't exist then this must be set.
"""
'win_domain_membership':
'prefix': "win_domain_membership_snippet"
'description': "Manage domain/workgroup membership for a Windows host"
'body': """
win_domain_membership:
domain_admin_user: ${1:undefined} # required. username of a domain admin for the target domain (required to join or leave the domain)
workgroup_name: ${2:undefined} # not required. when C(state) is C(workgroup), the name of the workgroup that the Windows host should be in
domain_ou_path: ${3:undefined} # not required. The desired OU path for adding the computer object.,This is only used when adding the target host to a domain, if it is already a member then it is ignored.
state: ${4|domain,workgroup|} # not required. choices: domain;workgroup. whether the target host should be a member of a domain or workgroup
dns_domain_name: ${5:undefined} # not required. when C(state) is C(domain), the DNS name of the domain to which the targeted Windows host should be joined
hostname: ${6:undefined} # not required. the desired hostname for the Windows host
domain_admin_password: ${7:undefined} # not required. password for the specified C(domain_admin_user)
"""
'win_domain_user':
'prefix': "win_domain_user_snippet"
'description': "Manages Windows Active Directory user accounts"
'body': """
win_domain_user:
name: ${1:undefined} # required. Name of the user to create, remove or modify.
upn: ${2:undefined} # not required. Configures the User Principal Name (UPN) for the account. This is not required, but is best practice to configure for modern versions of Active Directory. The format is \"<username>@<domain>\".
update_password: ${3|always,on_create|} # not required. choices: always;on_create. C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users. Note that C(always) will always report an Ansible status of 'changed' because we cannot determine whether the new password differs from the old password.
surname: ${4:undefined} # not required. Configures the user's last name (surname)
description: ${5:undefined} # not required. Description of the user
firstname: ${6:undefined} # not required. Configures the user's first name (given name)
company: ${7:undefined} # not required. Configures the user's company name
groups_action: ${8|replace,add,remove|} # not required. choices: replace;add;remove. If C(replace), the user is added as a member of each group in I(groups) and removed from any other groups. If C(add), the user is added to each group in I(groups) where not already a member. If C(remove), the user is removed from each group in I(groups).
password_expired: ${9:undefined} # not required. C(yes) will require the user to change their password at next login. C(no) will clear the expired password flag. This is mutually exclusive with I(password_never_expires).
street: ${10:undefined} # not required. Configures the user's street address
postal_code: ${11:undefined} # not required. Configures the user's postal code / zip code
groups: ${12:undefined} # not required. Adds or removes the user from this list of groups, depending on the value of I(groups_action). To remove all but the Principal Group, set C(groups=<principal group name>) and I(groups_action=replace). Note that users cannot be removed from their principal group (for example, \"Domain Users\").
path: ${13:undefined} # not required. Container or OU for the new user; if you do not specify this, the user will be placed in the default container for users in the domain. Setting the path is only available when a new user is created; if you specify a path on an existing user, the user's path will not be updated - you must delete (e.g., state=absent) the user and then re-add the user with the appropriate path.
password_never_expires: ${14:undefined} # not required. C(yes) will set the password to never expire. C(no) will allow the password to expire. This is mutually exclusive with I(password_expired)
account_locked: ${15|no|} # not required. choices: no. C(no) will unlock the user account if locked. Note that there is not a way to lock an account as an administrator. Accounts are locked due to user actions; as an admin, you may only unlock a locked account. If you wish to administratively disable an account, set 'enabled' to 'no'.
state_province: ${16:undefined} # not required. Configures the user's state or province
city: ${17:undefined} # not required. Configures the user's city
password: ${18:undefined} # not required. Optionally set the user's password to this (plain text) value. In order to enable an account - I(enabled) - a password must already be configured on the account, or you must provide a password here.
domain_username: ${19:undefined} # not required. The username to use when interacting with AD.,If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation.
country: ${20:undefined} # not required. Configures the user's country code. Note that this is a two-character ISO 3166 code.
enabled: ${21:yes} # not required. C(yes) will enable the user account. C(no) will disable the account.
state: ${22|present,absent,query|} # not required. choices: present;absent;query. When C(present), creates or updates the user account. When C(absent), removes the user account if it exists. When C(query), retrieves the user account details without making any changes.
domain_password: ${23:undefined} # not required. The password for C(username).
domain_server: ${24:undefined} # not required. Specifies the Active Directory Domain Services instance to connect to.,Can be in the form of an FQDN or NetBIOS name.,If not specified then the value is based on the domain of the computer running PowerShell.
attributes: ${25:undefined} # not required. A dict of custom LDAP attributes to set on the user.,This can be used to set custom attributes that are not exposed as module parameters, e.g. C(telephoneNumber).,See the examples on how to format this parameter.
email: ${26:undefined} # not required. Configures the user's email address. This is a record in AD and does not do anything to configure any email servers or systems.
user_cannot_change_password: ${27:undefined} # not required. C(yes) will prevent the user from changing their password. C(no) will allow the user to change their password.
"""
'win_dotnet_ngen':
'prefix': "win_dotnet_ngen_snippet"
'description': "Runs ngen to recompile DLLs after .NET updates"
'body': """
win_dotnet_ngen:
"""
'win_dsc':
'prefix': "win_dsc_snippet"
'description': "Invokes a PowerShell DSC configuration"
'body': """
win_dsc:
free_form: ${1:undefined} # required. The M(win_dsc) module takes in multiple free form options based on the DSC resource being invoked by I(resource_name).,There is no option actually named C(free_form) so see the examples.,This module will try and convert the option to the correct type required by the DSC resource and throw a warning if it fails.,If the type of the DSC resource option is a C(CimInstance) or C(CimInstance[]), this means the value should be a dictionary or list of dictionaries based on the values required by that option.,If the type of the DSC resource option is a C(PSCredential) then there needs to be 2 options set in the Ansible task definition suffixed with C(_username) and C(_password).,If the type of the DSC resource option is an array, then a list should be provided but a comma separated string also work. Use a list where possible as no escaping is required and it works with more complex types list C(CimInstance[]).
resource_name: ${2:undefined} # required. The name of the DSC Resource to use.,Must be accessible to PowerShell using any of the default paths.
module_version: ${3:latest} # not required. Can be used to configure the exact version of the DSC resource to be invoked.,Useful if the target node has multiple versions installed of the module containing the DSC resource.,If not specified, the module will follow standard PowerShell convention and use the highest version available.
"""
'win_environment':
'prefix': "win_environment_snippet"
'description': "Modify environment variables on windows hosts"
'body': """
win_environment:
name: ${1:undefined} # required. The name of the environment variable.
level: ${2|machine,user,process|} # required. choices: machine;user;process. The level at which to set the environment variable.,Use C(machine) to set for all users.,Use C(user) to set for the current user that ansible is connected as.,Use C(process) to set for the current process. Probably not that useful.
state: ${3|absent,present|} # not required. choices: absent;present. Set to C(present) to ensure environment variable is set.,Set to C(absent) to ensure it is removed.
value: ${4:undefined} # not required. The value to store in the environment variable.,Must be set when C(state=present) and cannot be an empty string.,Can be omitted for C(state=absent).
"""
'win_eventlog':
'prefix': "win_eventlog_snippet"
'description': "Manage Windows event logs"
'body': """
win_eventlog:
name: ${1:undefined} # required. Name of the event log to manage.
parameter_file: ${2:undefined} # not required. For one or more sources specified, the path to a custom parameter resource file.
overflow_action: ${3|OverwriteOlder,OverwriteAsNeeded,DoNotOverwrite|} # not required. choices: OverwriteOlder;OverwriteAsNeeded;DoNotOverwrite. The action for the log to take once it reaches its maximum size.,For C(OverwriteOlder), new log entries overwrite those older than the C(retention_days) value.,For C(OverwriteAsNeeded), each new entry overwrites the oldest entry.,For C(DoNotOverwrite), all existing entries are kept and new entries are not retained.
retention_days: ${4:undefined} # not required. The minimum number of days event entries must remain in the log.,This option is only used when C(overflow_action) is C(OverwriteOlder).
sources: ${5:undefined} # not required. A list of one or more sources to ensure are present/absent in the log.,When C(category_file), C(message_file) and/or C(parameter_file) are specified, these values are applied across all sources.
state: ${6|present,clear,absent|} # not required. choices: present;clear;absent. Desired state of the log and/or sources.,When C(sources) is populated, state is checked for sources.,When C(sources) is not populated, state is checked for the specified log itself.,If C(state) is C(clear), event log entries are cleared for the target log.
message_file: ${7:undefined} # not required. For one or more sources specified, the path to a custom event message resource file.
maximum_size: ${8:undefined} # not required. The maximum size of the event log.,Value must be between 64KB and 4GB, and divisible by 64KB.,Size can be specified in KB, MB or GB (e.g. 128KB, 16MB, 2.5GB).
category_file: ${9:undefined} # not required. For one or more sources specified, the path to a custom category resource file.
"""
'win_eventlog_entry':
'prefix': "win_eventlog_entry_snippet"
'description': "Write entries to Windows event logs"
'body': """
win_eventlog_entry:
source: ${1:undefined} # required. Name of the log source to indicate where the entry is from.
log: ${2:undefined} # required. Name of the event log to write an entry to.
event_id: ${3:undefined} # required. The numeric event identifier for the entry.,Value must be between 0 and 65535.
message: ${4:undefined} # required. The message for the given log entry.
category: ${5:undefined} # not required. A numeric task category associated with the category message file for the log source.
raw_data: ${6:undefined} # not required. Binary data associated with the log entry.,Value must be a comma-separated array of 8-bit unsigned integers (0 to 255).
entry_type: ${7|Error,FailureAudit,Information,SuccessAudit,Warning|} # not required. choices: Error;FailureAudit;Information;SuccessAudit;Warning. Indicates the entry being written to the log is of a specific type.
"""
'win_feature':
'prefix': "win_feature_snippet"
'description': "Installs and uninstalls Windows Features on Windows Server"
'body': """
win_feature:
name: ${1:undefined} # required. Names of roles or features to install as a single feature or a comma-separated list of features.
source: ${2:undefined} # not required. Specify a source to install the feature from.,Not supported in Windows 2008 R2 and will be ignored.,Can either be C({driveletter}:\\sources\\sxs) or C(\\\\{IP}\\share\\sources\\sxs).
state: ${3|present,absent|} # not required. choices: present;absent. State of the features or roles on the system.
include_management_tools: ${4:no} # not required. Adds the corresponding management tools to the specified feature.,Not supported in Windows 2008 R2 and will be ignored.
include_sub_features: ${5:no} # not required. Adds all subfeatures of the specified feature.
restart: ${6:no} # not required. Restarts the computer automatically when installation is complete, if restarting is required by the roles or features installed.,DEPRECATED in Ansible 2.4, as unmanaged reboots cause numerous issues under Ansible. Check the C(reboot_required) return value from this module to determine if a reboot is necessary, and if so, use the M(win_reboot) action to perform it.
"""
'win_file':
'prefix': "win_file_snippet"
'description': "Creates, touches or removes files or directories."
'body': """
win_file:
path: ${1:undefined} # required. path to the file being managed. Aliases: I(dest), I(name)
state: ${2|file,directory,touch,absent|} # not required. choices: file;directory;touch;absent. If C(directory), all immediate subdirectories will be created if they do not exist. If C(file), the file will NOT be created if it does not exist, see the M(copy) or M(template) module if you want that behavior. If C(absent), directories will be recursively deleted, and files will be removed. If C(touch), an empty file will be created if the C(path) does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way C(touch) works from the command line).
"""
'win_file_version':
'prefix': "win_file_version_snippet"
'description': "Get DLL or EXE file build version"
'body': """
win_file_version:
path: ${1:undefined} # required. File to get version(provide absolute path)
"""
'win_find':
'prefix': "win_find_snippet"
'description': "Return a list of files based on specific criteria"
'body': """
win_find:
paths: ${1:undefined} # required. List of paths of directories to search for files or folders in. This can be supplied as a single path or a list of paths.
file_type: ${2|file,directory|} # not required. choices: file;directory. Type of file to search for.
checksum_algorithm: ${3|md5,sha1,sha256,sha384,sha512|} # not required. choices: md5;sha1;sha256;sha384;sha512. Algorithm to determine the checksum of a file. Will throw an error if the host is unable to use specified algorithm.
age: ${4:undefined} # not required. Select files or folders whose age is equal to or greater than the specified time. Use a negative age to find files equal to or less than the specified time. You can choose seconds, minutes, hours, days or weeks by specifying the first letter of an of those words (e.g., \"2s\", \"10d\", 1w\").
recurse: ${5:no} # not required. Will recursively descend into the directory looking for files or folders.
age_stamp: ${6|atime,mtime,ctime|} # not required. choices: atime;mtime;ctime. Choose the file property against which we compare C(age). The default attribute we compare with is the last modification time.
patterns: ${7:undefined} # not required. One or more (powershell or regex) patterns to compare filenames with. The type of pattern matching is controlled by C(use_regex) option. The patterns retrict the list of files or folders to be returned based on the filenames. For a file to be matched it only has to match with one pattern in a list provided.
get_checksum: ${8:yes} # not required. Whether to return a checksum of the file in the return info (default sha1), use C(checksum_algorithm) to change from the default.
use_regex: ${9:no} # not required. Will set patterns to run as a regex check if true.
follow: ${10:no} # not required. Set this to true to follow symlinks in the path. This needs to be used in conjunction with C(recurse).
hidden: ${11:no} # not required. Set this to include hidden files or folders.
size: ${12:undefined} # not required. Select files or folders whose size is equal to or greater than the specified size. Use a negative value to find files equal to or less than the specified size. You can specify the size with a suffix of the byte type i.e. kilo = k, mega = m... Size is not evaluated for symbolic links.
"""
'win_firewall':
'prefix': "win_firewall_snippet"
'description': "Enable or disable the Windows Firewall"
'body': """
win_firewall:
state: ${1|enabled,disabled|} # not required. choices: enabled;disabled. Set state of firewall for given profile.
profiles: ${2|Domain,Private,Public|} # not required. choices: Domain;Private;Public. Specify one or more profiles to change.
"""
'win_firewall_rule':
'prefix': "win_firewall_rule_snippet"
'description': "Windows firewall automation"
'body': """
win_firewall_rule:
direction: ${1|in,out|} # required. choices: in;out. Is this rule for inbound or outbound traffic.
name: ${2:undefined} # required. The rules name
action: ${3|allow,block,bypass|} # required. choices: allow;block;bypass. What to do with the items this rule is for.
remoteport: ${4:undefined} # not required. The remote port this rule applies to.
protocol: ${5:any} # not required. The protocol this rule applies to.
service: ${6:undefined} # not required. The service this rule applies to.
description: ${7:undefined} # not required. Description for the firewall rule.
enabled: ${8:yes} # not required. Is this firewall rule enabled or disabled.
profiles: ${9:domain,private,public} # not required. The profile this rule applies to.
localip: ${10:any} # not required. The local ip address this rule applies to.
state: ${11|present,absent|} # not required. choices: present;absent. Should this rule be added or removed.
program: ${12:undefined} # not required. The program this rule applies to.
remoteip: ${13:any} # not required. The remote ip address/range this rule applies to.
force: ${14|no,yes|} # not required. choices: no;yes. Replace any existing rule by removing it first.,This is no longer required in 2.4 as rules no longer need replacing when being modified.,DEPRECATED in 2.4 and will be removed in 2.9.
localport: ${15:undefined} # not required. The local port this rule applies to.
"""
'win_get_url':
'prefix': "win_get_url_snippet"
'description': "Downloads file from HTTP, HTTPS, or FTP to node"
'body': """
win_get_url:
url: ${1:undefined} # required. The full URL of a file to download.
dest: ${2:undefined} # required. The location to save the file at the URL.,Be sure to include a filename and extension as appropriate.
url_password: ${3:undefined} # not required. Basic authentication password.
force_basic_auth: ${4:no} # not required. If C(yes), will add a Basic authentication header on the initial request.,If C(no), will use Microsoft's WebClient to handle authentication.
force: ${5:yes} # not required. If C(yes), will always download the file. If C(no), will only download the file if it does not exist or the remote file has been modified more recently than the local file.,This works by sending an http HEAD request to retrieve last modified time of the requested resource, so for this to work, the remote web server must support HEAD requests.
use_proxy: ${6:yes} # not required. If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts.
skip_certificate_validation: ${7:no} # not required. This option is deprecated since v2.4, please use C(validate_certs) instead.,If C(yes), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
proxy_url: ${8:undefined} # not required. The full URL of the proxy server to download through.
proxy_password: ${9:undefined} # not required. Proxy authentication password.
headers: ${10:undefined} # not required. Add custom HTTP headers to a request (as a dictionary).
proxy_username: ${11:undefined} # not required. Proxy authentication username.
timeout: ${12:10} # not required. Timeout in seconds for URL request.
url_username: ${13:undefined} # not required. Basic authentication username.
validate_certs: ${14:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.,If C(skip_certificate_validation) was set, it overrides this option.
"""
'win_group':
'prefix': "win_group_snippet"
'description': "Add and remove local groups"
'body': """
win_group:
name: ${1:null} # required. Name of the group
state: ${2|present,absent|} # not required. choices: present;absent. Create or remove the group
description: ${3:null} # not required. Description of the group
"""
'win_group_membership':
'prefix': "win_group_membership_snippet"
'description': "Manage Windows local group membership"
'body': """
win_group_membership:
name: ${1:undefined} # required. Name of the local group to manage membership on.
members: ${2:undefined} # required. A list of members to ensure are present/absent from the group.,Accepts local users as username, .\\username, and SERVERNAME\\username.,Accepts domain users and groups as DOMAIN\\username and username@DOMAIN.,Accepts service users as NT AUTHORITY\\username.
state: ${3|present,absent|} # not required. choices: present;absent. Desired state of the members in the group.
"""
'win_hotfix':
'prefix': "win_hotfix_snippet"
'description': "install and uninstalls Windows hotfixes"
'body': """
win_hotfix:
hotfix_identifier: ${1:undefined} # not required. The name of the hotfix as shown in DISM, see examples for details.,This or C(hotfix_kb) MUST be set when C(state=absent).,If C(state=present) then the hotfix at C(source) will be validated against this value, if it does not match an error will occur.,You can get the identifier by running 'Get-WindowsPackage -Online -PackagePath path-to-cab-in-msu' after expanding the msu file.
state: ${2|absent,present|} # not required. choices: absent;present. Whether to install or uninstall the hotfix.,When C(present), C(source) MUST be set.,When C(absent), C(hotfix_identifier) or C(hotfix_kb) MUST be set.
hotfix_kb: ${3:undefined} # not required. The name of the KB the hotfix relates to, see examples for details.,This of C(hotfix_identifier) MUST be set when C(state=absent).,If C(state=present) then the hotfix at C(source) will be validated against this value, if it does not match an error will occur.,Because DISM uses the identifier as a key and doesn't refer to a KB in all cases it is recommended to use C(hotfix_identifier) instead.
source: ${4:undefined} # not required. The path to the downloaded hotfix .msu file.,This MUST be set if C(state=present) and MUST be a .msu hotfix file.
"""
'win_iis_virtualdirectory':
'prefix': "win_iis_virtualdirectory_snippet"
'description': "Configures a virtual directory in IIS."
'body': """
win_iis_virtualdirectory:
name: ${1:undefined} # required. The name of the virtual directory to create or remove
site: ${2:undefined} # required. The site name under which the virtual directory is created or exists.
application: ${3:null} # not required. The application under which the virtual directory is created or exists.
state: ${4|absent,present|} # not required. choices: absent;present. Whether to add or remove the specified virtual directory
physical_path: ${5:null} # not required. The physical path to the folder in which the new virtual directory is created. The specified folder must already exist.
"""
'win_iis_webapplication':
'prefix': "win_iis_webapplication_snippet"
'description': "Configures IIS web applications"
'body': """
win_iis_webapplication:
name: ${1:undefined} # required. Name of the web application.
site: ${2:undefined} # required. Name of the site on which the application is created.
state: ${3|absent,present|} # not required. choices: absent;present. State of the web application.
application_pool: ${4:undefined} # not required. The application pool in which the new site executes.
physical_path: ${5:undefined} # not required. The physical path on the remote host to use for the new application.,The specified folder must already exist.
"""
'win_iis_webapppool':
'prefix': "win_iis_webapppool_snippet"
'description': "configures an IIS Web Application Pool"
'body': """
win_iis_webapppool:
name: ${1:undefined} # required. Name of the application pool.
attributes: ${2:undefined} # not required. As of Ansible 2.4, this field can take in dict entries to set the application pool attributes.,These attributes are based on the naming standard at U(https://www.iis.net/configreference/system.applicationhost/applicationpools/add#005), see the examples section for more details on how to set this.,You can also set the attributes of child elements like cpu and processModel, see the examples to see how it is done.,While you can use the numeric values for enums it is recommended to use the enum name itself, e.g. use SpecificUser instead of 3 for processModel.identityType.,managedPipelineMode may be either \"Integrated\" or \"Classic\".,startMode may be either \"OnDemand\" or \"AlwaysRunning\".,Use C(state) module parameter to modify the state of the app pool.,When trying to set 'processModel.password' and you receive a 'Value does fall within the expected range' error, you have a corrupted keystore. Please follow U(http://structuredsight.com/2014/10/26/im-out-of-range-youre-out-of-range/) to help fix your host.,DEPRECATED As of Ansible 2.4 this field should be set using a dict form, in older versions of Ansible this field used to be a string.,This string has attributes that are separated by a pipe '|' and attribute name/values by colon ':' Ex. \"startMode:OnDemand|managedPipelineMode:Classic\".
state: ${3|present,absent,stopped,started,restarted|} # not required. choices: present;absent;stopped;started;restarted. The state of the application pool.,If C(present) will ensure the app pool is configured and exists.,If C(absent) will ensure the app pool is removed.,If C(stopped) will ensure the app pool exists and is stopped.,If C(started) will ensure the app pool exists and is started.,If C(restarted) will ensure the app pool exists and will restart, this is never idempotent.
"""
'win_iis_webbinding':
'prefix': "win_iis_webbinding_snippet"
'description': "Configures a IIS Web site binding."
'body': """
win_iis_webbinding:
name: ${1:undefined} # required. Names of web site
protocol: ${2:http} # not required. The protocol to be used for the Web binding (usually HTTP, HTTPS, or FTP).
certificate_hash: ${3:undefined} # not required. Certificate hash (thumbprint) for the SSL binding. The certificate hash is the unique identifier for the certificate.
ip: ${4:*} # not required. The IP address to bind to / use for the new site.
host_header: ${5:undefined} # not required. The host header to bind to / use for the new site.,If you are creating/removing a catch-all binding, omit this parameter rather than defining it as '*'.
state: ${6|present,absent|} # not required. choices: present;absent. State of the binding
certificate_store_name: ${7:my} # not required. Name of the certificate store where the certificate for the binding is located.
port: ${8:80} # not required. The port to bind to / use for the new site.
ssl_flags: ${9:undefined} # not required. This parameter is only valid on Server 2012 and newer.,Primarily used for enabling and disabling server name indication (SNI).,Set to c(0) to disable SNI.,Set to c(1) to enable SNI.
"""
'win_iis_website':
'prefix': "win_iis_website_snippet"
'description': "Configures a IIS Web site."
'body': """
win_iis_website:
name: ${1:null} # required. Names of web site
application_pool: ${2:null} # not required. The application pool in which the new site executes.
parameters: ${3:null} # not required. Custom site Parameters from string where properties are separated by a pipe and property name/values by colon Ex. \"foo:1|bar:2\"
ip: ${4:null} # not required. The IP address to bind to / use for the new site.
physical_path: ${5:null} # not required. The physical path on the remote host to use for the new site. The specified folder must already exist.
hostname: ${6:null} # not required. The host header to bind to / use for the new site.
site_id: ${7:null} # not required. Explicitly set the IIS numeric ID for a site. Note that this value cannot be changed after the website has been created.
ssl: ${8:null} # not required. Enables HTTPS binding on the site..
state: ${9|started,restarted,stopped,absent|} # not required. choices: started;restarted;stopped;absent. State of the web site
port: ${10:null} # not required. The port to bind to / use for the new site.
"""
'win_lineinfile':
'prefix': "win_lineinfile_snippet"
'description': "Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression."
'body': """
win_lineinfile:
path: ${1:undefined} # required. The path of the file to modify.,Note that the Windows path delimiter C(\\) must be escaped as C(\\\\) when the line is double quoted.,Before 2.3 this option was only usable as I(dest), I(destfile) and I(name).
insertbefore: ${2|BOF,*regex*|} # not required. choices: BOF;*regex*. Used with C(state=present). If specified, the line will be inserted before the last match of specified regular expression. A value is available; C(BOF) for inserting the line at the beginning of the file.,If specified regular expression has no matches, the line will be inserted at the end of the file. May not be used with C(backrefs).
encoding: ${3:auto} # not required. Specifies the encoding of the source text file to operate on (and thus what the output encoding will be). The default of C(auto) will cause the module to auto-detect the encoding of the source file and ensure that the modified file is written with the same encoding.,An explicit encoding can be passed as a string that is a valid value to pass to the .NET framework System.Text.Encoding.GetEncoding() method - see U(https://msdn.microsoft.com/en-us/library/system.text.encoding%28v=vs.110%29.aspx).\n,This is mostly useful with C(create=yes) if you want to create a new file with a specific encoding. If C(create=yes) is specified without a specific encoding, the default encoding (UTF-8, no BOM) will be used.
create: ${4|yes,no|} # not required. choices: yes;no. Used with C(state=present). If specified, the file will be created if it does not already exist. By default it will fail if the file is missing.
newline: ${5|windows,unix|} # not required. choices: windows;unix. Specifies the line separator style to use for the modified file. This defaults to the windows line separator (C(\\r\\n)). Note that the indicated line separator will be used for file output regardless of the original line separator that appears in the input file.\n
backrefs: ${6|yes,no|} # not required. choices: yes;no. Used with C(state=present). If set, line can contain backreferences (both positional and named) that will get populated if the C(regexp) matches. This flag changes the operation of the module slightly; C(insertbefore) and C(insertafter) will be ignored, and if the C(regexp) doesn't match anywhere in the file, the file will be left unchanged.,If the C(regexp) does match, the last matching line will be replaced by the expanded line parameter.
state: ${7|present,absent|} # not required. choices: present;absent. Whether the line should be there or not.
insertafter: ${8|EOF,*regex*|} # not required. choices: EOF;*regex*. Used with C(state=present). If specified, the line will be inserted after the last match of specified regular expression. A special value is available; C(EOF) for inserting the line at the end of the file.,If specified regular expression has no matches, EOF will be used instead. May not be used with C(backrefs).
regexp: ${9:undefined} # not required. The regular expression to look for in every line of the file. For C(state=present), the pattern to replace if found; only the last line found will be replaced. For C(state=absent), the pattern of the line to remove. Uses .NET compatible regular expressions; see U(https://msdn.microsoft.com/en-us/library/hs600312%28v=vs.110%29.aspx).\n
line: ${10:undefined} # not required. Required for C(state=present). The line to insert/replace into the file. If C(backrefs) is set, may contain backreferences that will get expanded with the C(regexp) capture groups if the regexp matches.,Be aware that the line is processed first on the controller and thus is dependent on yaml quoting rules. Any double quoted line will have control characters, such as '\\r\\n', expanded. To print such characters literally, use single or no quotes.
backup: ${11|yes,no|} # not required. choices: yes;no. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
validate: ${12:None} # not required. Validation to run before copying into place. Use %s in the command to indicate the current file to validate.,The command is passed securely so shell features like expansion and pipes won't work.
"""
'win_mapped_drive':
'prefix': "win_mapped_drive_snippet"
'description': "maps a network drive for a user"
'body': """
win_mapped_drive:
letter: ${1:undefined} # required. The letter of the network path to map to.,This letter must not already be in use with Windows.
username: ${2:undefined} # not required. Credentials to map the drive with.,The username MUST include the domain or servername like SERVER\\user, see the example for more information.
path: ${3:undefined} # not required. The UNC path to map the drive to.,This is required if C(state=present).,If C(state=absent) and path is not set, the module will delete the mapped drive regardless of the target.,If C(state=absent) and the path is set, the module will throw an error if path does not match the target of the mapped drive.
state: ${4|absent,present|} # not required. choices: absent;present. If C(state=present) will ensure the mapped drive exists.,If C(state=absent) will ensure the mapped drive does not exist.
password: ${5:undefined} # not required. The password for C(username).
"""
'win_msg':
'prefix': "win_msg_snippet"
'description': "Sends a message to logged in users on Windows hosts."
'body': """
win_msg:
msg: ${1:Hello world!} # not required. The text of the message to be displayed.,The message must be less than 256 characters.
to: ${2:*} # not required. Who to send the message to. Can be a username, sessionname or sessionid.
display_seconds: ${3:10} # not required. How long to wait for receiver to acknowledge message, in seconds.
wait: ${4:no} # not required. Whether to wait for users to respond. Module will only wait for the number of seconds specified in display_seconds or 10 seconds if not specified. However, if I(wait) is true, the message is sent to each logged on user in turn, waiting for the user to either press 'ok' or for the timeout to elapse before moving on to the next user.
"""
'win_msi':
'prefix': "win_msi_snippet"
'description': "Installs and uninstalls Windows MSI files"
'body': """
win_msi:
path: ${1:undefined} # required. File system path to the MSI file to install
creates: ${2:undefined} # not required. Path to a file created by installing the MSI to prevent from attempting to reinstall the package on every run.
extra_args: ${3:undefined} # not required. Additional arguments to pass to the msiexec.exe command.
state: ${4|absent,present|} # not required. choices: absent;present. Whether the MSI file should be installed or uninstalled.
removes: ${5:undefined} # not required. Path to a file removed by uninstalling the MSI to prevent from attempting to re-uninstall the package on every run.
wait: ${6:no} # not required. Specify whether to wait for install or uninstall to complete before continuing.
"""
'win_nssm':
'prefix': "win_nssm_snippet"
'description': "NSSM - the Non-Sucking Service Manager"
'body': """
win_nssm:
name: ${1:undefined} # required. Name of the service to operate on
start_mode: ${2|auto,delayed,manual,disabled|} # not required. choices: auto;delayed;manual;disabled. If C(auto) is selected, the service will start at bootup.,C(delayed) causes a delayed but automatic start after boot (added in version 2.5).,C(manual) means that the service will start only when another service needs it.,C(disabled) means that the service will stay off, regardless if it is needed or not.
state: ${3|present,started,stopped,restarted,absent|} # not required. choices: present;started;stopped;restarted;absent. State of the service on the system,Note that NSSM actions like \"pause\", \"continue\", \"rotate\" do not fit the declarative style of ansible, so these should be implemented via the ansible command module
app_parameters_free_form: ${4:undefined} # not required. Single string of parameters to be passed to the service.,Use either this or C(app_parameters), not both
application: ${5:undefined} # not required. The application binary to run as a service,Specify this whenever the service may need to be installed (state: present, started, stopped, restarted),Note that the application name must look like the following, if the directory includes spaces:,nssm install service \"c:\\\\Program Files\\\\app.exe\\\\\" \"C:\\\\Path with spaces\\\\\",See commit 0b386fc1984ab74ee59b7bed14b7e8f57212c22b in the nssm.git project for more info: U(https://git.nssm.cc/?p=nssm.git;a=commit;h=0b386fc1984ab74ee59b7bed14b7e8f57212c22b)\n
stderr_file: ${6:undefined} # not required. Path to receive error output
dependencies: ${7:undefined} # not required. Service dependencies that has to be started to trigger startup, separated by comma.
user: ${8:undefined} # not required. User to be used for service startup
password: ${9:undefined} # not required. Password to be used for service startup
stdout_file: ${10:undefined} # not required. Path to receive output
app_parameters: ${11:undefined} # not required. Parameters to be passed to the application when it starts.,Use either this or C(app_parameters_free_form), not both
"""
'win_owner':
'prefix': "win_owner_snippet"
'description': "Set owner"
'body': """
win_owner:
path: ${1:undefined} # required. Path to be used for changing owner
user: ${2:undefined} # required. Name to be used for changing owner
recurse: ${3:no} # not required. Indicates if the owner should be changed recursively
"""
'win_package':
'prefix': "win_package_snippet"
'description': "Installs/uninstalls an installable package"
'body': """
win_package:
username: ${1:undefined} # not required. Username of an account with access to the package if it is located on a file share.,This is only needed if the WinRM transport is over an auth method that does not support credential delegation like Basic or NTLM.
creates_path: ${2:undefined} # not required. Will check the existance of the path specified and use the result to determine whether the package is already installed.,You can use this in conjunction with C(product_id) and other C(creates_*).
name: ${3:undefined} # not required. Name of the package, if name isn't specified the path will be used for log messages.,As of Ansible 2.4 this is deprecated and no longer required.
creates_service: ${4:undefined} # not required. Will check the existing of the service specified and use the result to determine whether the package is already installed.,You can use this in conjunction with C(product_id) and other C(creates_*).
expected_return_code: ${5:0,3010} # not required. One or more return codes from the package installation that indicates success.,Before Ansible 2.4 this was just 0 but since 2.4 this is both C(0) and C(3010).,A return code of C(3010) usually means that a reboot is required, the C(reboot_required) return value is set if the return code is C(3010).
state: ${6:present} # not required. Whether to install or uninstall the package.,The module uses C(product_id) and whether it exists at the registry path to see whether it needs to install or uninstall the package.
arguments: ${7:undefined} # not required. Any arguments the installer needs to either install or uninstall the package.,If the package is an MSI do not supply the C(/qn), C(/log) or C(/norestart) arguments.,As of Ansible 2.5, this parameter can be a list of arguments and the module will escape the arguments as necessary, it is recommended to use a string when dealing with MSI packages due to the unique escaping issues with msiexec.
creates_version: ${8:undefined} # not required. Will check the file version property of the file at C(creates_path) and use the result to determine whether the package is already installed.,C(creates_path) MUST be set and is a file.,You can use this in conjunction with C(product_id) and other C(creates_*).
path: ${9:undefined} # not required. Location of the package to be installed or uninstalled.,This package can either be on the local file system, network share or a url.,If the path is on a network share and the current WinRM transport doesn't support credential delegation, then C(user_name) and C(user_password) must be set to access the file.,There are cases where this file will be copied locally to the server so it can access it, see the notes for more info.,If C(state=present) then this value MUST be set.,If C(state=absent) then this value does not need to be set if C(product_id) is.
password: ${10:undefined} # not required. The password for C(user_name), must be set when C(user_name) is.
validate_certs: ${11:yes} # not required. If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.,Before Ansible 2.4 this defaulted to C(no).
product_id: ${12:undefined} # not required. The product id of the installed packaged.,This is used for checking whether the product is already installed and getting the uninstall information if C(state=absent).,You can find product ids for installed programs in the Windows registry editor either at C(HKLM:Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall) or for 32 bit programs at C(HKLM:Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall).,This SHOULD be set when the package is not an MSI, or the path is a url or a network share and credential delegation is not being used. The C(creates_*) options can be used instead but is not recommended.
"""
'win_pagefile':
'prefix': "win_pagefile_snippet"
'description': "Query or change pagefile configuration"
'body': """
win_pagefile:
test_path: ${1:yes} # not required. Use Test-Path on the drive to make sure the drive is accessible before creating the pagefile.
initial_size: ${2:undefined} # not required. The initial size of the pagefile in megabytes.
drive: ${3:undefined} # not required. The drive of the pagefile.
state: ${4|present,absent,query|} # not required. choices: present;absent;query. State of the pagefile.
system_managed: ${5:no} # not required. Configures current pagefile to be managed by the system.
remove_all: ${6:no} # not required. Remove all pagefiles in the system, not including automatic managed.
override: ${7:yes} # not required. Override the current pagefile on the drive.
maximum_size: ${8:undefined} # not required. The maximum size of the pagefile in megabytes.
automatic: ${9:undefined} # not required. Configures AutomaticManagedPagefile for the entire system.
"""
'win_path':
'prefix': "win_path_snippet"
'description': "Manage Windows path environment variables"
'body': """
win_path:
elements: ${1:undefined} # required. A single path element, or a list of path elements (ie, directories) to add or remove.,When multiple elements are included in the list (and C(state) is C(present)), the elements are guaranteed to appear in the same relative order in the resultant path value.,Variable expansions (eg, C(%VARNAME%)) are allowed, and are stored unexpanded in the target path element.,Any existing path elements not mentioned in C(elements) are always preserved in their current order.,New path elements are appended to the path, and existing path elements may be moved closer to the end to satisfy the requested ordering.,Paths are compared in a case-insensitive fashion, and trailing backslashes are ignored for comparison purposes. However, note that trailing backslashes in YAML require quotes.
scope: ${2|machine,user|} # not required. choices: machine;user. The level at which the environment variable specified by C(name) should be managed (either for the current user or global machine scope).
state: ${3|present,absent|} # not required. choices: present;absent. Whether the path elements specified in C(elements) should be present or absent.
name: ${4:PATH} # not required. Target path environment variable name
"""
'win_ping':
'prefix': "win_ping_snippet"
'description': "A windows version of the classic ping module"
'body': """
win_ping:
data: ${1:pong} # not required. Alternate data to return instead of 'pong'.,If this parameter is set to C(crash), the module will cause an exception.
"""
'win_power_plan':
'prefix': "win_power_plan_snippet"
'description': "Changes the power plan of a Windows system"
'body': """
win_power_plan:
name: ${1:undefined} # required. String value that indicates the desired power plan. The power plan must already be present on the system. Commonly there will be options for C(balanced) and C(high performance).
"""
'win_product_facts':
'prefix': "win_product_facts_snippet"
'description': "Provides Windows product information (product id, product key)"
'body': """
win_product_facts:
"""
'win_psexec':
'prefix': "win_psexec_snippet"
'description': "Runs commands (remotely) as another (privileged) user"
'body': """
win_psexec:
command: ${1:undefined} # required. The command line to run through PsExec (limited to 260 characters).
username: ${2:undefined} # not required. The (remote) user to run the command as.,If not provided, the current user is used.
limited: ${3:no} # not required. Run the command as limited user (strips the Administrators group and allows only privileges assigned to the Users group).
executable: ${4:psexec.exe} # not required. The location of the PsExec utility (in case it is not located in your PATH).
chdir: ${5:undefined} # not required. Run the command from this (remote) directory.
interactive: ${6:no} # not required. Run the program so that it interacts with the desktop on the remote system.
noprofile: ${7:no} # not required. Run the command without loading the account's profile.
system: ${8:no} # not required. Run the remote command in the System account.
elevated: ${9:no} # not required. Run the command with elevated privileges.
priority: ${10|background,low,belownormal,abovenormal,high,realtime|} # not required. choices: background;low;belownormal;abovenormal;high;realtime. Used to run the command at a different priority.
password: ${11:undefined} # not required. The password for the (remote) user to run the command as.,This is mandatory in order authenticate yourself.
hostnames: ${12:undefined} # not required. The hostnames to run the command.,If not provided, the command is run locally.
timeout: ${13:undefined} # not required. The connection timeout in seconds
nobanner: ${14:no} # not required. Do not display the startup banner and copyright message.,This only works for specific versions of the PsExec binary.
wait: ${15:yes} # not required. Wait for the application to terminate.,Only use for non-interactive applications.
"""
'win_psmodule':
'prefix': "win_psmodule_snippet"
'description': "Adds or removes a Powershell Module."
'body': """
win_psmodule:
name: ${1:undefined} # required. Name of the powershell module that has to be installed.
url: ${2:undefined} # not required. Url of the custom repository.
allow_clobber: ${3|false,true|} # not required. choices: false;true. If yes imports all commands, even if they have the same names as commands that already exists. Available only in Powershell 5.1 or higher.
repository: ${4:undefined} # not required. Name of the custom repository to register.
state: ${5|present,absent|} # not required. choices: present;absent. If present a new module is installed. If absent a module is removed.
"""
'win_rabbitmq_plugin':
'prefix': "win_rabbitmq_plugin_snippet"
'description': "Manage RabbitMQ plugins"
'body': """
win_rabbitmq_plugin:
names: ${1:undefined} # required. Comma-separated list of plugin names.
state: ${2|enabled,disabled|} # not required. choices: enabled;disabled. Specify if plugins are to be enabled or disabled.
new_only: ${3:no} # not required. Only enable missing plugins.,Does not disable plugins that are not in the names list.
prefix: ${4:undefined} # not required. Specify a custom install prefix to a Rabbit.
"""
'win_reboot':
'prefix': "win_reboot_snippet"
'description': "Reboot a windows machine"
'body': """
win_reboot:
pre_reboot_delay: ${1:2} # not required. Seconds for shutdown to wait before requesting reboot
post_reboot_delay: ${2:0} # not required. Seconds to wait after the reboot was successful and the connection was re-established,This is useful if you want wait for something to settle despite your connection already working
test_command: ${3:whoami} # not required. Command to expect success for to determine the machine is ready for management
shutdown_timeout: ${4:600} # not required. Maximum seconds to wait for shutdown to occur,Increase this timeout for very slow hardware, large update applications, etc,This option has been removed since Ansible 2.5 as the win_reboot behavior has changed
reboot_timeout: ${5:600} # not required. Maximum seconds to wait for machine to re-appear on the network and respond to a test command,This timeout is evaluated separately for both network appearance and test command success (so maximum clock time is actually twice this value)
msg: ${6:Reboot initiated by Ansible} # not required. Message to display to users
connect_timeout: ${7:5} # not required. Maximum seconds to wait for a single successful TCP connection to the WinRM endpoint before trying again
"""
'win_reg_stat':
'prefix': "win_reg_stat_snippet"
'description': "returns information about a Windows registry key or property of a key"
'body': """
win_reg_stat:
path: ${1:undefined} # required. The full registry key path including the hive to search for.
name: ${2:undefined} # not required. The registry property name to get information for, the return json will not include the sub_keys and properties entries for the I(key) specified.
"""
'win_regedit':
'prefix': "win_regedit_snippet"
'description': "Add, change, or remove registry keys and values"
'body': """
win_regedit:
path: ${1:undefined} # required. Name of the registry path.,Should be in one of the following registry hives: HKCC, HKCR, HKCU, HKLM, HKU.
state: ${2|present,absent|} # not required. choices: present;absent. The state of the registry entry.
delete_key: ${3:yes} # not required. When C(state) is 'absent' then this will delete the entire key.,If this is False then it will only clear out the '(Default)' property for that key.
name: ${4:undefined} # not required. Name of the registry entry in the above C(path) parameters.,If not provided, or empty then the '(Default)' property for the key will be used.
type: ${5|binary,dword,expandstring,multistring,string,qword|} # not required. choices: binary;dword;expandstring;multistring;string;qword. The registry value data type.
hive: ${6:undefined} # not required. A path to a hive key like C:\\Users\\Default\\NTUSER.DAT to load in the registry.,This hive is loaded under the HKLM:\\ANSIBLE key which can then be used in I(name) like any other path.,This can be used to load the default user profile registry hive or any other hive saved as a file.,Using this function requires the user to have the C(SeRestorePrivilege) and C(SeBackupPrivilege) privileges enabled.
data: ${7:undefined} # not required. Value of the registry entry C(name) in C(path).,If not specified then the value for the property will be null for the corresponding C(type).,Binary and None data should be expressed in a yaml byte array or as comma separated hex values.,An easy way to generate this is to run C(regedit.exe) and use the I(export) option to save the registry values to a file.,In the exported file, binary value will look like C(hex:be,ef,be,ef), the C(hex:) prefix is optional.,DWORD and QWORD values should either be represented as a decimal number or a hex value.,Multistring values should be passed in as a list.,See the examples for more details on how to format this data.
"""
'win_region':
'prefix': "win_region_snippet"
'description': "Set the region and format settings"
'body': """
win_region:
unicode_language: ${1:undefined} # not required. The unicode language format to set for all users, see U(https://msdn.microsoft.com/en-us/library/system.globalization.cultureinfo.aspx) for a list of culture names to use. This needs to be set if C(location) or C(format) is not set. After setting this value a reboot is required for it to take effect.
copy_settings: ${2|true,false|} # not required. choices: true;false. This will copy the current format and location values to new user profiles and the welcome screen. This will only run if C(location), C(format) or C(unicode_language) has resulted in a change. If this process runs then it will always result in a change.
location: ${3:undefined} # not required. The location to set for the current user, see U(https://msdn.microsoft.com/en-us/library/dd374073.aspx) for a list of GeoIDs you can use and what location it relates to. This needs to be set if C(format) or C(unicode_language) is not set.
format: ${4:undefined} # not required. The language format to set for the current user, see U(https://msdn.microsoft.com/en-us/library/system.globalization.cultureinfo.aspx) for a list of culture names to use. This needs to be set if C(location) or C(unicode_language) is not set.
"""
'win_regmerge':
'prefix': "win_regmerge_snippet"
'description': "Merges the contents of a registry file into the windows registry"
'body': """
win_regmerge:
path: ${1:no default} # required. The full path including file name to the registry file on the remote machine to be merged
compare_key: ${2:no default} # not required. The parent key to use when comparing the contents of the registry to the contents of the file. Needs to be in HKLM or HKCU part of registry. Use a PS-Drive style path for example HKLM:\\SOFTWARE not HKEY_LOCAL_MACHINE\\SOFTWARE If not supplied, or the registry key is not found, no comparison will be made, and the module will report changed.
"""
'win_robocopy':
'prefix': "win_robocopy_snippet"
'description': "Synchronizes the contents of two directories using Robocopy"
'body': """
win_robocopy:
dest: ${1:undefined} # required. Destination file/directory to sync (Will receive contents of src).
src: ${2:undefined} # required. Source file/directory to sync.
recurse: ${3:no} # not required. Includes all subdirectories (Toggles the C(/e) flag to RoboCopy).,If C(flags) is set, this will be ignored.
purge: ${4:no} # not required. Deletes any files/directories found in the destination that do not exist in the source.,Toggles the C(/purge) flag to RoboCopy. If C(flags) is set, this will be ignored.
flags: ${5:undefined} # not required. Directly supply Robocopy flags. If set, C(purge) and C(recurse) will be ignored.
"""
'win_route':
'prefix': "win_route_snippet"
'description': "Add or remove a static route."
'body': """
win_route:
destination: ${1:undefined} # required. Destination IP address in CIDR format (ip address/prefix length)
metric: ${2:1} # not required. Metric used by the static route.
gateway: ${3:undefined} # not required. The gateway used by the static route.,If C(gateway) is not provided it will be set to C(0.0.0.0).
state: ${4:present} # not required. If present, it adds a network static route. If absent, it removes a network static route.
"""
'win_say':
'prefix': "win_say_snippet"
'description': "Text to speech module for Windows to speak messages and optionally play sounds"
'body': """
win_say:
end_sound_path: ${1:undefined} # not required. Full path to a C(.wav) file containing a sound to play after the text has been spoken.,Useful on conference calls to alert other speakers that ansible has finished speaking.
msg: ${2:undefined} # not required. The text to be spoken.,Use either C(msg) or C(msg_file).,Optional so that you can use this module just to play sounds.
start_sound_path: ${3:undefined} # not required. Full path to a C(.wav) file containing a sound to play before the text is spoken.,Useful on conference calls to alert other speakers that ansible has something to say.
voice: ${4:system default voice} # not required. Which voice to use. See notes for how to discover installed voices.,If the requested voice is not available the default voice will be used. Example voice names from Windows 10 are C(Microsoft Zira Desktop) and C(Microsoft Hazel Desktop).
msg_file: ${5:undefined} # not required. Full path to a windows format text file containing the text to be spokend.,Use either C(msg) or C(msg_file).,Optional so that you can use this module just to play sounds.
speech_speed: ${6:0} # not required. How fast or slow to speak the text.,Must be an integer value in the range -10 to 10.,-10 is slowest, 10 is fastest.
"""
'win_scheduled_task':
'prefix': "win_scheduled_task_snippet"
'description': "Manage scheduled tasks"
'body': """
win_scheduled_task:
name: ${1:undefined} # required. The name of the scheduled task without the path.
run_only_if_network_available: ${2:undefined} # not required. Whether the task will run only when a network is available.
update_password: ${3:yes} # not required. Whether to update the password even when not other changes have occured.,When C(yes) will always result in a change when executing the module.
execution_time_limit: ${4:undefined} # not required. The amount of time allowed to complete the task.,When not set, the time limit is infinite.,This is in the ISO 8601 Duration format C(P[n]Y[n]M[n]DT[n]H[n]M[n]S).
actions: ${5:undefined} # not required. A list of action to configure for the task.,See suboptions for details on how to construct each list entry.,When creating a task there MUST be at least one action but when deleting a task this can be a null or an empty list.,The ordering of this list is important, the module will ensure the order is kept when modifying the task.,This module only supports the C(ExecAction) type but can still delete the older legacy types.
group: ${6:undefined} # not required. The group that will run the task.,C(group) and C(username) are exclusive to each other and cannot be set at the same time.,C(logon_type) can either be not set or equal C(group).
frequency: ${7|daily,once,weekly|} # not required. choices: daily;once;weekly. The frequency of the task to run.,DEPRECATED since 2.5, use the C(triggers) option list and specify the type based on the frequency required.,Will be removed in 2.7.
wake_to_run: ${8:undefined} # not required. Whether the task will wake the computer when it is time to run the task.
run_only_if_idle: ${9:undefined} # not required. Whether the task will run the task only if the computer is in an idle state.
executable: ${10:undefined} # not required. The path to the executable to run for a scheduled task action.,DEPRECATED since 2.5, use the C(actions) option instead to specify a list of actions to run.,Will be removed in 2.7.
display_name: ${11:undefined} # not required. The name of the user/group that is displayed in the Task Scheduler UI.
author: ${12:undefined} # not required. The author of the task.
restart_count: ${13:undefined} # not required. The number of times that the Task Scheduler will attempt to restart the task.
run_level: ${14|limited,highest|} # not required. choices: limited;highest. The level of user rights used to run the task.,If not specified the task will be created with limited rights.
priority: ${15:undefined} # not required. The priority level (0-10) of the task.,When creating a new task the default if C(7).,See U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa383512.aspx) for details on the priority levels.
source: ${16:undefined} # not required. The source of the task.
state: ${17|absent,present|} # not required. choices: absent;present. When C(state=present) will ensure the task exists.,When C(state=absent) will ensure the task does not exist.
version: ${18:undefined} # not required. The version number of the task.
allow_demand_start: ${19:undefined} # not required. Whether the task can be started by using either the Run command or the Context menu.
arguments: ${20:undefined} # not required. Arguments to provide for a scheduled task action.,DEPRECATED since 2.5, use the C(actions) option instead to specify a list of actions to run.,Will be removed in 2.7.
logon_type: ${21|none,password,s4u,interactive_token,group,service_account,token_or_password|} # not required. choices: none;password;s4u;interactive_token;group;service_account;token_or_password. The logon method that the task will run with.,C(password) means the password will be stored and the task has access to network resources.,C(s4u) means the existing token will be used to run the task and no password will be stored with the task. Means no network or encrypted files access.,C(interactive_token) means the user must already be logged on interactively and will run in an existing interactive session.,C(group) means that the task will run as a group.,C(service_account) means that a service account like System, Local Service or Network Service will run the task.
hidden: ${22:undefined} # not required. Whether the task will be hidden in the UI.
username: ${23:undefined} # not required. The user to run the scheduled task as.,Will default to the current user under an interactive token if not specified during creation.
stop_if_going_on_batteries: ${24:undefined} # not required. Whether the task will be stopped if the computer begins to run on battery power.
disallow_start_if_on_batteries: ${25:undefined} # not required. Whether the task will not be started if the computer is running on battery power.
description: ${26:undefined} # not required. The description of the task.
delete_expired_task_after: ${27:undefined} # not required. The amount of time that the Task Scheduler will wait before deleting the task after it expires.,A task expires after the end_boundary has been exceeded for all triggers associated with the task.,This is in the ISO 8601 Duration format C(P[n]Y[n]M[n]DT[n]H[n]M[n]S).
days_of_week: ${28:undefined} # not required. Days of the week to run a weekly task.,Specify a list or comma separate days in the full version, e.g. monday instead of mon.,DEPRECATED since 2.5, use the C(triggers) option list with the type of C(monthlydow) or C(weekly).,Will be removed in 2.7.
restart_interval: ${29:undefined} # not required. How long the Task Scheduler will attempt to restart the task.,If this is set then C(restart_count) must also be set.,The maximum allowed time is 31 days.,The minimum allowed time is 1 minute.,This is in the ISO 8601 Duration format C(P[n]Y[n]M[n]DT[n]H[n]M[n]S).
start_when_available: ${30:undefined} # not required. Whether the task can start at any time after its scheduled time has passed.
date: ${31:undefined} # not required. The date when the task was registered.
path: ${32:\\} # not required. Task folder in which this task will be stored.,Will create the folder when C(state=present) and the folder does not already exist.,Will remove the folder when C(state=absent) and there are no tasks left in the folder.
password: ${33:undefined} # not required. The password for the user account to run the scheduled task as.,This is required when running a task without the user being logged in, excluding the builtin service accounts.,If set, will always result in a change unless C(update_password) is set to C(no) and no othr changes are required for the service.
compatibility: ${34|0,1,2|} # not required. choices: 0;1;2. The integer value with indicates which version of Task Scheduler a task is compatible with.,C(0) means the task is compatible with the AT command.,C(1) means the task is compatible with Task Scheduler 1.0.,C(2) means the task is compatible with Task Scheduler 2.0.
multiple_instances: ${35|0,1,2,3|} # not required. choices: 0;1;2;3. An integer that indicates the behaviour when starting a task that is already running.,C(0) will start a new instance in parallel with existing instances of that task.,C(1) will wait until other instances of that task to finish running before starting itself.,C(2) will not start a new instance if another is running.,C(3) will stop other instances of the task and start the new one.
triggers: ${36:undefined} # not required. A list of triggers to configure for the task.,See suboptions for details on how to construct each list entry.,The ordering of this list is important, the module will ensure the order is kept when modifying the task.,There are multiple types of triggers, see U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa383868.aspx) for a list of trigger types and their options.,The suboption options listed below are not required for all trigger types, read the description for more details.
enabled: ${37:undefined} # not required. Whether the task is enabled, the task can only run when C(yes).
store_password: ${38:yes} # not required. Whether to store the password for the user running the task.,If C(no), the task will only have access to local resources.,DEPRECATED since 2.5, use C(logon_type=password) to set whether to store the password for the task.,Will be removed in 2.7.
allow_hard_terminate: ${39:undefined} # not required. Whether the task can be terminated by using TerminateProcess.
time: ${40:undefined} # not required. The start time to execute the scheduled task.,DEPRECATED since 2.5, use the C(triggers) option list and use the C(start_boundary) option to set the start time.,Will be removed in 2.7.
"""
'win_scheduled_task_stat':
'prefix': "win_scheduled_task_stat_snippet"
'description': "Returns information about a Windows Scheduled Task"
'body': """
win_scheduled_task_stat:
path: ${1:\\} # not required. The folder path where the task lives.
name: ${2:undefined} # not required. The name of the scheduled task to get information for.
"""
'win_security_policy':
'prefix': "win_security_policy_snippet"
'description': "changes local security policy settings"
'body': """
win_security_policy:
section: ${1:undefined} # required. The ini section the key exists in.,If the section does not exist then the module will return an error.,Example sections to use are 'Account Policies', 'Local Policies', 'Event Log', 'Restricted Groups', 'System Services', 'Registry' and 'File System"
key: ${2:undefined} # required. The ini key of the section or policy name to modify.,The module will return an error if this key is invalid.
value: ${3:undefined} # required. The value for the ini key or policy name.,If the key takes in a boolean value then 0 = False and 1 = True.
"""
'win_service':
'prefix': "win_service_snippet"
'description': "Manage and query Windows services"
'body': """
win_service:
name: ${1:undefined} # required. Name of the service.,If only the name parameter is specified, the module will report on whether the service exists or not without making any changes.
username: ${2:undefined} # not required. The username to set the service to start as.,This and the C(password) argument must be supplied together when using a local or domain account.,Set to C(LocalSystem) to use the SYSTEM account.
display_name: ${3:undefined} # not required. The display name to set for the service.
desktop_interact: ${4:no} # not required. Whether to allow the service user to interact with the desktop.,This should only be set to true when using the LocalSystem username.
force_dependent_services: ${5:no} # not required. If C(yes), stopping or restarting a service with dependent services will force the dependent services to stop or restart also.,If C(no), stopping or restarting a service with dependent services may fail.
dependency_action: ${6|set,add,remove|} # not required. choices: set;add;remove. Used in conjunction with C(dependency) to either add the dependencies to the existing service dependencies.,Remove the dependencies to the existing dependencies.,Set the dependencies to only the values in the list replacing the existing dependencies.
description: ${7:undefined} # not required. The description to set for the service.
start_mode: ${8|auto,manual,disabled,delayed|} # not required. choices: auto;manual;disabled;delayed. Set the startup type for the service.,C(delayed) added in Ansible 2.3
state: ${9|started,stopped,restarted,absent,paused|} # not required. choices: started;stopped;restarted;absent;paused. C(started)/C(stopped)/C(absent)/C(pause) are idempotent actions that will not run commands unless necessary.,C(restarted) will always bounce the service.,C(absent) added in Ansible 2.3,C(pause) was added in Ansible 2.4,Only services that support the paused state can be paused, you can check the return value C(can_pause_and_continue).,You can only pause a service that is already started.
dependencies: ${10:undefined} # not required. A list of service dependencies to set for this particular service.,This should be a list of service names and not the display name of the service.,This works by C(dependency_action) to either add/remove or set the services in this list.
path: ${11:undefined} # not required. The path to the executable to set for the service.
password: ${12:undefined} # not required. The password to set the service to start as.,This and the C(username) argument must be supplied together.,If specifying LocalSystem, NetworkService or LocalService this field must be an empty string and not null.
"""
'win_share':
'prefix': "win_share_snippet"
'description': "Manage Windows shares"
'body': """
win_share:
name: ${1:undefined} # required. Share name.
path: ${2:undefined} # required. Share directory.
deny: ${3:undefined} # not required. Specify user list that should get no access, regardless of implied access on share, separated by comma.
full: ${4:undefined} # not required. Specify user list that should get full access on share, separated by comma.
encrypt: ${5:no} # not required. Sets whether to encrypt the traffic to the share or not.
read: ${6:undefined} # not required. Specify user list that should get read access on share, separated by comma.
list: ${7:no} # not required. Specify whether to allow or deny file listing, in case user got no permission on share.
state: ${8|present,absent|} # not required. choices: present;absent. Specify whether to add C(present) or remove C(absent) the specified share.
caching_mode: ${9|BranchCache,Documents,Manual,None,Programs,Unknown|} # not required. choices: BranchCache;Documents;Manual;None;Programs;Unknown. Set the CachingMode for this share.
change: ${10:undefined} # not required. Specify user list that should get read and write access on share, separated by comma.
description: ${11:undefined} # not required. Share description
"""
'win_shell':
'prefix': "win_shell_snippet"
'description': "Execute shell commands on target hosts."
'body': """
win_shell:
free_form: ${1:undefined} # required. The C(win_shell) module takes a free form command to run. There is no parameter actually named 'free form'. See the examples!
creates: ${2:undefined} # not required. a path or path filter pattern; when the referenced path exists on the target host, the task will be skipped.
executable: ${3:undefined} # not required. change the shell used to execute the command (eg, C(cmd)). The target shell must accept a C(/c) parameter followed by the raw command line to be executed.
chdir: ${4:undefined} # not required. set the specified path as the current working directory before executing a command
stdin: ${5:undefined} # not required. Set the stdin of the command directly to the specified value.
removes: ${6:undefined} # not required. a path or path filter pattern; when the referenced path B(does not) exist on the target host, the task will be skipped.
"""
'win_shortcut':
'prefix': "win_shortcut_snippet"
'description': "Manage shortcuts on Windows"
'body': """
win_shortcut:
dest: ${1:undefined} # required. Destination file for the shortcuting file.,File name should have a C(.lnk) or C(.url) extension.
windowstyle: ${2|maximized,minimized,normal|} # not required. choices: maximized;minimized;normal. Influences how the application is displayed when it is launched.
src: ${3:undefined} # not required. Executable or URL the shortcut points to.,The executable needs to be in your PATH, or has to be an absolute path to the executable.
description: ${4:undefined} # not required. Description for the shortcut.,This is usually shown when hoovering the icon.
args: ${5:undefined} # not required. Additional arguments for the executable defined in C(src).
directory: ${6:undefined} # not required. Working directory for executable defined in C(src).
state: ${7|absent,present|} # not required. choices: absent;present. When C(present), creates or updates the shortcut.,When C(absent), removes the shortcut if it exists.
hotkey: ${8:undefined} # not required. Key combination for the shortcut.,This is a combination of one or more modifiers and a key.,Possible modifiers are Alt, Ctrl, Shift, Ext.,Possible keys are [A-Z] and [0-9].
icon: ${9:undefined} # not required. Icon used for the shortcut.,File name should have a C(.ico) extension.,The file name is followed by a comma and the number in the library file (.dll) or use 0 for an image file.
"""
'win_stat':
'prefix': "win_stat_snippet"
'description': "returns information about a Windows file"
'body': """
win_stat:
path: ${1:undefined} # required. The full path of the file/object to get the facts of; both forward and back slashes are accepted.
get_md5: ${2:no} # not required. Whether to return the checksum sum of the file. Between Ansible 1.9 and 2.2 this is no longer an MD5, but a SHA1 instead. As of Ansible 2.3 this is back to an MD5. Will return None if host is unable to use specified algorithm.,The default of this option changed from C(yes) to C(no) in Ansible 2.5 and will be removed altogether in Ansible 2.9.,Use C(get_checksum=true) with C(checksum_algorithm=md5) to return an md5 hash under the C(checksum) return value.
get_checksum: ${3:yes} # not required. Whether to return a checksum of the file (default sha1)
checksum_algorithm: ${4|md5,sha1,sha256,sha384,sha512|} # not required. choices: md5;sha1;sha256;sha384;sha512. Algorithm to determine checksum of file. Will throw an error if the host is unable to use specified algorithm.
"""
'win_tempfile':
'prefix': "win_tempfile_snippet"
'description': "Creates temporary files and directories."
'body': """
win_tempfile:
path: ${1:%TEMP%} # not required. Location where temporary file or directory should be created.,If path is not specified default system temporary directory (%TEMP%) will be used.
state: ${2|file,directory|} # not required. choices: file;directory. Whether to create file or directory.
prefix: ${3:ansible.} # not required. Prefix of file/directory name created by module.
suffix: ${4:} # not required. Suffix of file/directory name created by module.
"""
'win_template':
'prefix': "win_template_snippet"
'description': "Templates a file out to a remote server."
'body': """
win_template:
src: ${1:undefined} # required. Path of a Jinja2 formatted template on the local server. This can be a relative or absolute path.
dest: ${2:undefined} # required. Location to render the template to on the remote machine.
force: ${3|yes,no|} # not required. choices: yes;no. the default is C(yes), which will replace the remote file when contents are different than the source. If C(no), the file will only be transferred if the destination does not exist.
trim_blocks: ${4:no} # not required. If this is set to True the first newline after a block is removed (block, not variable tag!).
block_end_string: ${5:%}} # not required. The string marking the end of a block.
variable_start_string: ${6:{{} # not required. The string marking the beginning of a print statement.
newline_sequence: ${7|\\n,\\r,\\r\\n|} # not required. choices: \\n;\\r;\\r\\n. Specify the newline sequence to use for templating files.
variable_end_string: ${8:}}} # not required. The string marking the end of a print statement.
block_start_string: ${9:{%} # not required. The string marking the beginning of a block.
"""
'win_timezone':
'prefix': "win_timezone_snippet"
'description': "Sets Windows machine timezone"
'body': """
win_timezone:
timezone: ${1:undefined} # required. Timezone to set to. Example Central Standard Time
"""
'win_toast':
'prefix': "win_toast_snippet"
'description': "Sends Toast windows notification to logged in users on Windows 10 or later hosts"
'body': """
win_toast:
popup: ${1:true} # not required. If false, the notification will not pop up and will only appear in the Action Center.
group: ${2:Powershell} # not required. Which notification group to add the notification to.
expire: ${3:45} # not required. How long in seconds before the notification expires.
title: ${4:Notification HH:mm} # not required. The notification title, which appears in the pop up..
msg: ${5:Hello, World!} # not required. The message to appear inside the notification. May include \\n to format the message to appear within the Action Center.
tag: ${6:Ansible} # not required. The tag to add to the notification.
"""
'win_unzip':
'prefix': "win_unzip_snippet"
'description': "Unzips compressed files and archives on the Windows node"
'body': """
win_unzip:
dest: ${1:undefined} # required. Destination of zip file (provide absolute path of directory). If it does not exist, the directory will be created.
src: ${2:undefined} # required. File to be unzipped (provide absolute path).
delete_archive: ${3:no} # not required. Remove the zip file, after unzipping.
recurse: ${4:no} # not required. Recursively expand zipped files within the src file.,Setting to a value of C(yes) requires the PSCX module to be installed.
creates: ${5:undefined} # not required. If this file or directory exists the specified src will not be extracted.
"""
'win_updates':
'prefix': "win_updates_snippet"
'description': "Download and install Windows updates"
'body': """
win_updates:
blacklist: ${1:undefined} # not required. A list of update titles or KB numbers that can be used to specify which updates are to be excluded from installation.,If an available update does match one of the entries, then it is skipped and not installed.,Each entry can either be the KB article or Update title as a regex according to the PowerShell regex rules.
reboot_timeout: ${2:1200} # not required. The time in seconds to wait until the host is back online from a reboot.,This is only used if C(reboot=True) and a reboot is required.
state: ${3|installed,searched|} # not required. choices: installed;searched. Controls whether found updates are returned as a list or actually installed.,This module also supports Ansible check mode, which has the same effect as setting state=searched
log_path: ${4:undefined} # not required. If set, C(win_updates) will append update progress to the specified file. The directory must already exist.
whitelist: ${5:undefined} # not required. A list of update titles or KB numbers that can be used to specify which updates are to be searched or installed.,If an available update does not match one of the entries, then it is skipped and not installed.,Each entry can either be the KB article or Update title as a regex according to the PowerShell regex rules.,The whitelist is only validated on updates that were found based on I(category_names). It will not force the module to install an update if it was not in the category specified.
category_names: ${6|Application,Connectors,CriticalUpdates,DefinitionUpdates,DeveloperKits,FeaturePacks,Guidance,SecurityUpdates,ServicePacks,Tools,UpdateRollups,Updates|} # not required. choices: Application;Connectors;CriticalUpdates;DefinitionUpdates;DeveloperKits;FeaturePacks;Guidance;SecurityUpdates;ServicePacks;Tools;UpdateRollups;Updates. A scalar or list of categories to install updates from
reboot: ${7:no} # not required. Ansible will automatically reboot the remote host if it is required and continue to install updates after the reboot.,This can be used instead of using a M(win_reboot) task after this one and ensures all updates for that category is installed in one go.,Async does not work when C(reboot=True).
"""
'win_uri':
'prefix': "win_uri_snippet"
'description': "Interacts with webservices"
'body': """
win_uri:
url: ${1:undefined} # required. Supports FTP, HTTP or HTTPS URLs in the form of (ftp|http|https)://host.domain:port/path.
body: ${2:undefined} # not required. The body of the HTTP request/response to the web service.
dest: ${3:undefined} # not required. Output the response body to a file.
status_code: ${4:200} # not required. A valid, numeric, HTTP status code that signifies success of the request.,Can also be comma separated list of status codes.
force_basic_auth: ${5:no} # not required. By default the authentication information is only sent when a webservice responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail.,This option forces the sending of the Basic authentication header upon the initial request.
removes: ${6:undefined} # not required. A filename, when it does not exist, this step will be skipped.
client_cert_password: ${7:undefined} # not required. The password for the client certificate (.pfx) file that is used for a secure web request.
use_basic_parsing: ${8:yes} # not required. As of Ansible 2.5, this option is no longer valid and cannot be changed from C(yes), this option will be removed in Ansible 2.7.,Before Ansible 2.5, this module relies upon 'Invoke-WebRequest', which by default uses the Internet Explorer Engine to parse a webpage.,There's an edge-case where if a user hasn't run IE before, this will fail.,The only advantage to using the Internet Explorer praser is that you can traverse the DOM in a powershell script.,That isn't useful for Ansible, so by default we toggle 'UseBasicParsing'. However, you can toggle that off here.
content_type: ${9:undefined} # not required. Sets the \"Content-Type\" header.
password: ${10:undefined} # not required. Password to use for authentication.
maximum_redirection: ${11:5} # not required. Specifies how many times C(win_uri) redirects a connection to an alternate Uniform Resource Identifier (URI) before the connection fails.,If C(maximum_redirection) is set to 0 (zero) or C(follow_redirects) is set to C(none), or set to C(safe) when not doing C(GET) or C(HEAD) it prevents all redirection.
method: ${12|CONNECT,DELETE,GET,HEAD,MERGE,OPTIONS,PATCH,POST,PUT,REFRESH,TRACE|} # not required. choices: CONNECT;DELETE;GET;HEAD;MERGE;OPTIONS;PATCH;POST;PUT;REFRESH;TRACE. The HTTP Method of the request or response.
creates: ${13:undefined} # not required. A filename, when it already exists, this step will be skipped.
headers: ${14:undefined} # not required. Extra headers to set on the request, see the examples for more details on how to set this.
timeout: ${15:30} # not required. Specifies how long the request can be pending before it times out (in seconds).,The value 0 (zero) specifies an indefinite time-out.,A Domain Name System (DNS) query can take up to 15 seconds to return or time out. If your request contains a host name that requires resolution, and you set C(timeout) to a value greater than zero, but less than 15 seconds, it can take 15 seconds or more before your request times out.
follow_redirects: ${16|all,none,safe|} # not required. choices: all;none;safe. Whether or not the C(win_uri) module should follow redirects.,C(all) will follow all redirects.,C(none) will not follow any redirects.,C(safe) will follow only \"safe\" redirects, where \"safe\" means that the client is only doing a C(GET) or C(HEAD) on the URI to which it is being redirected.
return_content: ${17:no} # not required. Whether or not to return the body of the response as a \"content\" key in the dictionary result. If the reported Content-type is \"application/json\", then the JSON is additionally loaded into a key called C(json) in the dictionary results.
validate_certs: ${18:yes} # not required. If C(no), SSL certificates will not be validated. This should only set to C(no) used on personally controlled sites using self-signed certificates.
client_cert: ${19:undefined} # not required. Specifies the client certificate (.pfx) that is used for a secure web request.,The WinRM connection must be authenticated with C(CredSSP) if the certificate file is not password protected.,Other authentication types can set I(client_cert_password) when the cert is password protected.
user: ${20:undefined} # not required. Username to use for authentication.
"""
'win_user':
'prefix': "win_user_snippet"
'description': "Manages local Windows user accounts"
'body': """
win_user:
name: ${1:undefined} # required. Name of the user to create, remove or modify.
update_password: ${2|always,on_create|} # not required. choices: always;on_create. C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users.
password: ${3:null} # not required. Optionally set the user's password to this (plain text) value.
description: ${4:null} # not required. Description of the user
groups_action: ${5|replace,add,remove|} # not required. choices: replace;add;remove. If C(replace), the user is added as a member of each group in I(groups) and removed from any other groups. If C(add), the user is added to each group in I(groups) where not already a member. If C(remove), the user is removed from each group in I(groups).
password_expired: ${6|yes,no|} # not required. choices: yes;no. C(yes) will require the user to change their password at next login. C(no) will clear the expired password flag.
state: ${7|present,absent,query|} # not required. choices: present;absent;query. When C(present), creates or updates the user account. When C(absent), removes the user account if it exists. When C(query) (new in 1.9), retrieves the user account details without making any changes.
groups: ${8:undefined} # not required. Adds or removes the user from this comma-separated lis of groups, depending on the value of I(groups_action). When I(groups_action) is C(replace) and I(groups) is set to the empty string ('groups='), the user is removed from all groups.
account_disabled: ${9|yes,no|} # not required. choices: yes;no. C(yes) will disable the user account. C(no) will clear the disabled flag.
fullname: ${10:null} # not required. Full name of the user
password_never_expires: ${11|yes,no|} # not required. choices: yes;no. C(yes) will set the password to never expire. C(no) will allow the password to expire.
account_locked: ${12|no|} # not required. choices: no. C(no) will unlock the user account if locked.
user_cannot_change_password: ${13|yes,no|} # not required. choices: yes;no. C(yes) will prevent the user from changing their password. C(no) will allow the user to change their password.
"""
'win_user_right':
'prefix': "win_user_right_snippet"
'description': "Manage Windows User Rights"
'body': """
win_user_right:
name: ${1:undefined} # required. The name of the User Right as shown by the C(Constant Name) value from U(https://technet.microsoft.com/en-us/library/dd349804.aspx).,The module will return an error if the right is invalid.
users: ${2:undefined} # required. A list of users or groups to add/remove on the User Right.,These can be in the form DOMAIN\\user-group, user-group@DOMAIN.COM for domain users/groups.,For local users/groups it can be in the form user-group, .\\user-group, SERVERNAME\\user-group where SERVERNAME is the name of the remote server.,You can also add special local accounts like SYSTEM and others.
action: ${3|set,add,remove|} # not required. choices: set;add;remove. C(add) will add the users/groups to the existing right.,C(remove) will remove the users/groups from the existing right.,C(set) will replace the users/groups of the existing right.
"""
'win_wait_for':
'prefix': "win_wait_for_snippet"
'description': "Waits for a condition before continuing"
'body': """
win_wait_for:
host: ${1:127.0.0.1} # not required. A resolvable hostname or IP address to wait for.,If C(state=drained) then it will only check for connections on the IP specified, you can use '0.0.0.0' to use all host IPs.
port: ${2:undefined} # not required. The port number to poll on C(host).
delay: ${3:undefined} # not required. The number of seconds to wait before starting to poll.
state: ${4|present,started,stopped,absent,drained|} # not required. choices: present;started;stopped;absent;drained. When checking a port, C(started) will ensure the port is open, C(stopped) will check that is it closed and C(drained) will check for active connections.,When checking for a file or a search string C(present) or C(started) will ensure that the file or string is present, C(absent) will check that the file or search string is absent or removed.
sleep: ${5:1} # not required. Number of seconds to sleep between checks.
timeout: ${6:300} # not required. The maximum number of seconds to wait for.
exclude_hosts: ${7:undefined} # not required. The list of hosts or IPs to ignore when looking for active TCP connections when C(state=drained).
search_regex: ${8:undefined} # not required. Can be used to match a string in a file.,If C(state) is present or started then it will wait until the regex matches.,If C(state) is absent then it will wait until the regex does not match.,Defaults to a multiline regex.
path: ${9:undefined} # not required. The path to a file on the filesystem to check.,If C(state) is present or started then it will wait until the file exists.,If C(state) is absent then it will wait until the file does not exist.
connect_timeout: ${10:5} # not required. The maximum number of seconds to wait for a connection to happen before closing and retrying.
"""
'win_wakeonlan':
'prefix': "win_wakeonlan_snippet"
'description': "Send a magic Wake-on-LAN (WoL) broadcast packet"
'body': """
win_wakeonlan:
mac: ${1:undefined} # required. MAC address to send Wake-on-LAN broadcast packet for.
broadcast: ${2:255.255.255.255} # not required. Network broadcast address to use for broadcasting magic Wake-on-LAN packet.
port: ${3:7} # not required. UDP port to use for magic Wake-on-LAN packet.
"""
'win_webpicmd':
'prefix': "win_webpicmd_snippet"
'description': "Installs packages using Web Platform Installer command-line"
'body': """
win_webpicmd:
name: ${1:undefined} # required. Name of the package to be installed
"""
'win_whoami':
'prefix': "win_whoami_snippet"
'description': "Returns information about the current user and process"
'body': """
win_whoami:
"""
'xattr':
'prefix': "xattr_snippet"
'description': "Manage user defined extended attributes"
'body': """
xattr:
path: ${1:undefined} # required. The full path of the file/object to get the facts of.,Before 2.3 this option was only usable as I(name).
state: ${2|absent,all,keys,present,read|} # not required. choices: absent;all;keys;present;read. defines which state you want to do. C(read) retrieves the current value for a C(key) (default) C(present) sets C(name) to C(value), default if value is set C(all) dumps all data C(keys) retrieves all keys C(absent) deletes the key
key: ${3:undefined} # not required. The name of a specific Extended attribute key to set/retrieve.
value: ${4:undefined} # not required. The value to set the named name/key to, it automatically sets the C(state) to 'set'.
follow: ${5:yes} # not required. If C(yes), dereferences symlinks and sets/gets attributes on symlink target, otherwise acts on symlink itself.
"""
'xbps':
'prefix': "xbps_snippet"
'description': "Manage packages with XBPS"
'body': """
xbps:
recurse: ${1|yes,no|} # not required. choices: yes;no. When removing a package, also remove its dependencies, provided that they are not required by other packages and were not explicitly installed by a user.
state: ${2|present,absent,latest|} # not required. choices: present;absent;latest. Desired state of the package.
upgrade: ${3|yes,no|} # not required. choices: yes;no. Whether or not to upgrade whole system
update_cache: ${4|yes,no|} # not required. choices: yes;no. Whether or not to refresh the master package lists. This can be run as part of a package installation or as a separate step.
name: ${5:null} # not required. Name of the package to install, upgrade, or remove.
"""
'xenserver_facts':
'prefix': "xenserver_facts_snippet"
'description': "get facts reported on xenserver"
'body': """
xenserver_facts:
"""
'xml':
'prefix': "xml_snippet"
'description': "Manage bits and pieces of XML files or strings"
'body': """
xml:
xmlstring: ${1:undefined} # required. A string containing XML on which to operate.,This parameter is required, unless C(path) is given.
path: ${2:undefined} # required. Path to the file to operate on. File must exist ahead of time.,This parameter is required, unless C(xmlstring) is given.
xpath: ${3:/} # not required. A valid XPath expression describing the item(s) you want to manipulate.,Operates on the document root, C(/), by default.
count: ${4:no} # not required. Search for a given C(xpath) and provide the count of any matches.,This parameter requires C(xpath) to be set.
set_children: ${5:undefined} # not required. Set the child-element(s) of a selected element for a given C(xpath).,Removes any existing children.,Child elements must be specified as in C(add_children).,This parameter requires C(xpath) to be set.
attribute: ${6:undefined} # not required. The attribute to select when using parameter C(value).,This is a string, not prepended with C(@).
pretty_print: ${7:no} # not required. Pretty print XML output.
add_children: ${8:undefined} # not required. Add additional child-element(s) to a selected element for a given C(xpath).,Child elements must be given in a list and each item may be either a string (eg. C(children=ansible) to add an empty C(<ansible/>) child element), or a hash where the key is an element name and the value is the element value.,This parameter requires C(xpath) to be set.
value: ${9:undefined} # not required. Desired state of the selected attribute.,Either a string, or to unset a value, the Python C(None) keyword (YAML Equivalent, C(null)).,Elements default to no value (but present).,Attributes default to an empty string.
content: ${10|attribute,text|} # not required. choices: attribute;text. Search for a given C(xpath) and get content.,This parameter requires C(xpath) to be set.
state: ${11|absent,present|} # not required. choices: absent;present. Set or remove an xpath selection (node(s), attribute(s)).
namespaces: ${12:undefined} # not required. The namespace C(prefix:uri) mapping for the XPath expression.,Needs to be a C(dict), not a C(list) of items.
input_type: ${13|xml,yaml|} # not required. choices: xml;yaml. Type of input for C(add_children) and C(set_children).
print_match: ${14:no} # not required. Search for a given C(xpath) and print out any matches.,This parameter requires C(xpath) to be set.
backup: ${15:no} # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
"""
'yum':
'prefix': "yum_snippet"
'description': "Manages packages with the I(yum) package manager"
'body': """
yum:
name: ${1:undefined} # required. A package name , or package specifier with version, like C(name-1.0).,If a previous version is specified, the task also needs to turn C(allow_downgrade) on. See the C(allow_downgrade) documentation for caveats with downgrading packages.,When using state=latest, this can be '*' which means run C(yum -y update).,You can also pass a url or a local path to a rpm file (using state=present). To operate on several packages this can accept a comma separated list of packages or (as of 2.0) a list of packages.
update_cache: ${2:no} # not required. Force yum to check if cache is out of date and redownload if needed. Has an effect only if state is I(present) or I(latest).
exclude: ${3:undefined} # not required. Package name(s) to exclude when state=present, or latest
installroot: ${4:/} # not required. Specifies an alternative installroot, relative to which all packages will be installed.
allow_downgrade: ${5:no} # not required. Specify if the named package and version is allowed to downgrade a maybe already installed higher version of that package. Note that setting allow_downgrade=True can make this module behave in a non-idempotent way. The task could end up with a set of packages that does not match the complete list of specified packages to install (because dependencies between the downgraded package and others can cause changes to the packages which were in the earlier transaction).
validate_certs: ${6:yes} # not required. This only applies if using a https url as the source of the rpm. e.g. for localinstall. If set to C(no), the SSL certificates will not be validated.,This should only set to C(no) used on personally controlled sites using self-signed certificates as it avoids verifying the source site.,Prior to 2.1 the code worked as if this was set to C(yes).
list: ${7:undefined} # not required. Package name to run the equivalent of yum list <package> against. In addition to listing packages, use can also list the following: C(installed), C(updates), C(available) and C(repos).
disable_gpg_check: ${8:no} # not required. Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is I(present) or I(latest).
conf_file: ${9:undefined} # not required. The remote yum configuration file to use for the transaction.
update_only: ${10|yes,no|} # not required. choices: yes;no. When using latest, only update installed packages. Do not install packages.,Has an effect only if state is I(latest)
state: ${11|absent,installed,latest,present,removed|} # not required. choices: absent;installed;latest;present;removed. Whether to install (C(present) or C(installed), C(latest)), or remove (C(absent) or C(removed)) a package.
disablerepo: ${12:undefined} # not required. I(Repoid) of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a \",\".
skip_broken: ${13:no} # not required. Resolve depsolve problems by removing packages that are causing problems from the trans‐ action.
enablerepo: ${14:undefined} # not required. I(Repoid) of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a \",\".
disable_plugin: ${15:undefined} # not required. I(Plugin) name to disable for the install/update operation. The disabled plugins will not persist beyond the transaction.
security: ${16:no} # not required. If set to C(yes), and C(state=latest) then only installs updates that have been marked security related.
enable_plugin: ${17:undefined} # not required. I(Plugin) name to enable for the install/update operation. The enabled plugin will not persist beyond the transaction.
"""
'yum_repository':
'prefix': "yum_repository_snippet"
'description': "Add or remove YUM repositories"
'body': """
yum_repository:
name: ${1:undefined} # required. Unique repository ID.,This parameter is only required if I(state) is set to C(present) or C(absent).
seuser: ${2:null} # not required. User part of SELinux file context. Will default to system policy, if applicable. If set to C(_default), it will use the C(user) portion of the policy if available.
ip_resolve: ${3|4,6,IPv4,IPv6,whatever|} # not required. choices: 4;6;IPv4;IPv6;whatever. Determines how yum resolves host names.,C(4) or C(IPv4) - resolve to IPv4 addresses only.,C(6) or C(IPv6) - resolve to IPv6 addresses only.
enabled: ${4|yes,no|} # not required. choices: yes;no. This tells yum whether or not use this repository.
proxy_password: ${5:null} # not required. Username to use for proxy.
mode: ${6:null} # not required. Mode the file or directory should be. For those used to I(/usr/bin/chmod) remember that modes are actually octal numbers (like C(0644) or C(01777)). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, C(u+rwx) or C(u=rw,g=r,o=r)).
owner: ${7:null} # not required. Name of the user that should own the file/directory, as would be fed to I(chown).
bandwidth: ${8:0} # not required. Maximum available network bandwidth in bytes/second. Used with the I(throttle) option.,If I(throttle) is a percentage and bandwidth is C(0) then bandwidth throttling will be disabled. If I(throttle) is expressed as a data rate (bytes/sec) then this option is ignored. Default is C(0) (no bandwidth throttling).
cost: ${9:1000} # not required. Relative cost of accessing this repository. Useful for weighing one repo's packages as greater/less than any other.
file: ${10:null} # not required. File name without the C(.repo) extension to save the repo in. Defaults to the value of I(name).
mirrorlist_expire: ${11:21600} # not required. Time (in seconds) after which the mirrorlist locally cached will expire.,Default value is 6 hours.
exclude: ${12:null} # not required. List of packages to exclude from updates or installs. This should be a space separated list. Shell globs using wildcards (eg. C(*) and C(?)) are allowed.,The list can also be a regular YAML array.
attributes: ${13:None} # not required. Attributes the file or directory should have. To get supported flags look at the man page for I(chattr) on the target system. This string should contain the attributes in the same order as the one displayed by I(lsattr).
keepalive: ${14|yes,no|} # not required. choices: yes;no. This tells yum whether or not HTTP/1.1 keepalive should be used with this repository. This can improve transfer speeds by using one connection when downloading multiple files from a repository.
repo_gpgcheck: ${15|yes,no|} # not required. choices: yes;no. This tells yum whether or not it should perform a GPG signature check on the repodata from this repository.
sslverify: ${16|yes,no|} # not required. choices: yes;no. Defines whether yum should verify SSL certificates/hosts at all.
failovermethod: ${17|roundrobin,priority|} # not required. choices: roundrobin;priority. C(roundrobin) randomly selects a URL out of the list of URLs to start with and proceeds through each of them as it encounters a failure contacting the host.,C(priority) starts from the first I(baseurl) listed and reads through them sequentially.
unsafe_writes: ${18:false} # not required. Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.,This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
deltarpm_metadata_percentage: ${19:100} # not required. When the relative size of deltarpm metadata vs pkgs is larger than this, deltarpm metadata is not downloaded from the repo. Note that you can give values over C(100), so C(200) means that the metadata is required to be half the size of the packages. Use C(0) to turn off this check, and always download metadata.
gpgkey: ${20:null} # not required. A URL pointing to the ASCII-armored GPG key file for the repository.,It can also be a list of multiple URLs.
serole: ${21:null} # not required. Role part of SELinux file context, C(_default) feature works as for I(seuser).
http_caching: ${22|all,packages,none|} # not required. choices: all;packages;none. Determines how upstream HTTP caches are instructed to handle any HTTP downloads that Yum does.,C(all) means that all HTTP downloads should be cached.,C(packages) means that only RPM package downloads should be cached (but not repository metadata downloads).,C(none) means that no HTTP downloads should be cached.
priority: ${23:99} # not required. Enforce ordered protection of repositories. The value is an integer from 1 to 99.,This option only works if the YUM Priorities plugin is installed.
state: ${24|absent,present|} # not required. choices: absent;present. State of the repo file.
mirrorlist: ${25:null} # not required. Specifies a URL to a file containing a list of baseurls.,This, the I(baseurl) or I(metalink) parameters are required if I(state) is set to C(present).
setype: ${26:null} # not required. Type part of SELinux file context, C(_default) feature works as for I(seuser).
gpgcheck: ${27|yes,no|} # not required. choices: yes;no. Tells yum whether or not it should perform a GPG signature check on packages.
include: ${28:null} # not required. Include external configuration file. Both, local path and URL is supported. Configuration file will be inserted at the position of the I(include=) line. Included files may contain further include lines. Yum will abort with an error if an inclusion loop is detected.
proxy_username: ${29:null} # not required. Password for this proxy.
username: ${30:null} # not required. Username to use for basic authentication to a repo or really any url.
metadata_expire: ${31:21600} # not required. Time (in seconds) after which the metadata will expire.,Default value is 6 hours.
description: ${32:null} # not required. A human readable string describing the repository.,This parameter is only required if I(state) is set to C(present).
retries: ${33:10} # not required. Set the number of times any attempt to retrieve a file should retry before returning an error. Setting this to C(0) makes yum try forever.
selevel: ${34:s0} # not required. Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser).
sslclientcert: ${35:null} # not required. Path to the SSL client certificate yum should use to connect to repos/remote sites.
baseurl: ${36:null} # not required. URL to the directory where the yum repository's 'repodata' directory lives.,It can also be a list of multiple URLs.,This, the I(metalink) or I(mirrorlist) parameters are required if I(state) is set to C(present).
gpgcakey: ${37:null} # not required. A URL pointing to the ASCII-armored CA key file for the repository.
s3_enabled: ${38|yes,no|} # not required. choices: yes;no. Enables support for S3 repositories.,This option only works if the YUM S3 plugin is installed.
includepkgs: ${39:null} # not required. List of packages you want to only use from a repository. This should be a space separated list. Shell globs using wildcards (eg. C(*) and C(?)) are allowed. Substitution variables (e.g. C($releasever)) are honored here.,The list can also be a regular YAML array.
enablegroups: ${40|yes,no|} # not required. choices: yes;no. Determines whether yum will allow the use of package groups for this repository.
group: ${41:null} # not required. Name of the group that should own the file/directory, as would be fed to I(chown).
password: ${42:null} # not required. Password to use with the username for basic authentication.
ui_repoid_vars: ${43:releasever basearch} # not required. When a repository id is displayed, append these yum variables to the string if they are used in the I(baseurl)/etc. Variables are appended in the order listed (and found).
protect: ${44|yes,no|} # not required. choices: yes;no. Protect packages from updates from other repositories.
ssl_check_cert_permissions: ${45|yes,no|} # not required. choices: yes;no. Whether yum should check the permissions on the paths for the certificates on the repository (both remote and local).,If we can't read any of the files then yum will force I(skip_if_unavailable) to be C(yes). This is most useful for non-root processes which use yum on repos that have client cert files which are readable only by root.
throttle: ${46:null} # not required. Enable bandwidth throttling for downloads.,This option can be expressed as a absolute data rate in bytes/sec. An SI prefix (k, M or G) may be appended to the bandwidth value.
deltarpm_percentage: ${47:75} # not required. When the relative size of delta vs pkg is larger than this, delta is not used. Use C(0) to turn off delta rpm processing. Local repositories (with file:// I(baseurl)) have delta rpms turned off by default.
sslclientkey: ${48:null} # not required. Path to the SSL client key yum should use to connect to repos/remote sites.
metalink: ${49:null} # not required. Specifies a URL to a metalink file for the repomd.xml, a list of mirrors for the entire repository are generated by converting the mirrors for the repomd.xml file to a I(baseurl).,This, the I(baseurl) or I(mirrorlist) parameters are required if I(state) is set to C(present).
reposdir: ${50:/etc/yum.repos.d} # not required. Directory where the C(.repo) files will be stored.
skip_if_unavailable: ${51|yes,no|} # not required. choices: yes;no. If set to C(yes) yum will continue running if this repository cannot be contacted for any reason. This should be set carefully as all repos are consulted for any given command.
keepcache: ${52|0,1|} # not required. choices: 0;1. Either C(1) or C(0). Determines whether or not yum keeps the cache of headers and packages after successful installation.
sslcacert: ${53:null} # not required. Path to the directory containing the databases of the certificate authorities yum should use to verify SSL certificates.
timeout: ${54:30} # not required. Number of seconds to wait for a connection before timing out.
async: ${55|yes,no|} # not required. choices: yes;no. If set to C(yes) Yum will download packages and metadata from this repo in parallel, if possible.
metadata_expire_filter: ${56|never,read-only:past,read-only:present,read-only:future|} # not required. choices: never;read-only:past;read-only:present;read-only:future. Filter the I(metadata_expire) time, allowing a trade of speed for accuracy if a command doesn't require it. Each yum command can specify that it requires a certain level of timeliness quality from the remote repos. from \"I'm about to install/upgrade, so this better be current\" to \"Anything that's available is good enough\".,C(never) - Nothing is filtered, always obey I(metadata_expire).,C(read-only:past) - Commands that only care about past information are filtered from metadata expiring. Eg. I(yum history) info (if history needs to lookup anything about a previous transaction, then by definition the remote package was available in the past).,C(read-only:present) - Commands that are balanced between past and future. Eg. I(yum list yum).,C(read-only:future) - Commands that are likely to result in running other commands which will require the latest metadata. Eg. I(yum check-update).,Note that this option does not override \"yum clean expire-cache\".
proxy: ${57:null} # not required. URL to the proxy server that yum should use. Set to C(_none_) to disable the global proxy setting.
"""
'zabbix_group':
'prefix': "zabbix_group_snippet"
'description': "Zabbix host groups creates/deletes"
'body': """
zabbix_group:
host_groups: ${1:undefined} # required. List of host groups to create or delete.
login_user: ${2:undefined} # required. Zabbix user name.
server_url: ${3:undefined} # required. Url of Zabbix server, with protocol (http or https). C(url) is an alias for C(server_url).
login_password: ${4:undefined} # required. Zabbix user password.
http_login_password: ${5:None} # not required. Basic Auth password
http_login_user: ${6:None} # not required. Basic Auth login
state: ${7|present,absent|} # not required. choices: present;absent. Create or delete host group.
timeout: ${8:10} # not required. The timeout of API request(seconds).
validate_certs: ${9|true,false|} # not required. choices: true;false. If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'zabbix_host':
'prefix': "zabbix_host_snippet"
'description': "Zabbix host creates/updates/deletes"
'body': """
zabbix_host:
server_url: ${1:undefined} # required. Url of Zabbix server, with protocol (http or https). C(url) is an alias for C(server_url).
login_user: ${2:undefined} # required. Zabbix user name.
login_password: ${3:undefined} # required. Zabbix user password.
host_name: ${4:undefined} # required. Name of the host in Zabbix.,host_name is the unique identifier used and cannot be updated using this module.
status: ${5|enabled,disabled|} # not required. choices: enabled;disabled. Monitoring status of the host.
http_login_user: ${6:None} # not required. Basic Auth login
force: ${7|yes,no|} # not required. choices: yes;no. Overwrite the host configuration, even if already present
description: ${8:undefined} # not required. Description of the host in Zabbix.
interfaces: ${9:} # not required. List of interfaces to be created for the host (see example below).,Available keys are: I(dns), I(ip), I(main), I(port), I(type), I(useip), and I(bulk).,Please review the interface documentation for more information on the supported properties,https://www.zabbix.com/documentation/2.0/manual/appendix/api/hostinterface/definitions#host_interface,If an interface definition is incomplete, this module will attempt to fill in sensible values.,I(type) can also be C(agent), C(snmp), C(ipmi), or C(jmx) instead of its numerical value.
tls_accept: ${10:1} # not required. Specifies what types of connections are allowed for incoming connections.,The tls_accept parameter accepts values of 1 to 7,Possible values, 1 (no encryption), 2 (PSK), 4 (certificate).,Values can be combined.,Works only with >= Zabbix 3.0
ipmi_username: ${11:undefined} # not required. IPMI username.,also see the last note in the I(ipmi_authtype) documentation
ipmi_authtype: ${12:undefined} # not required. IPMI authentication algorithm.,Please review the Host object documentation for more information on the supported properties,https://www.zabbix.com/documentation/3.4/manual/api/reference/host/object,Possible values are, C(0) (none), C(1) (MD2), C(2) (MD5), C(4) (straight), C(5) (OEM), C(6) (RMCP+), with -1 being the API default.,Please note that the Zabbix API will treat absent settings as default when updating any of the I(ipmi_)-options; this means that if you attempt to set any of the four options individually, the rest will be reset to default values.
proxy: ${13:None} # not required. The name of the Zabbix Proxy to be used
host_groups: ${14:undefined} # not required. List of host groups the host is part of.
inventory_zabbix: ${15:undefined} # not required. Add Facts for a zabbix inventory (e.g. Tag) (see example below).,Please review the interface documentation for more information on the supported properties,https://www.zabbix.com/documentation/3.2/manual/api/reference/host/object#host_inventory
inventory_mode: ${16|automatic,manual,disabled|} # not required. choices: automatic;manual;disabled. Configure the inventory mode.
tls_psk_identity: ${17:undefined} # not required. PSK value is a hard to guess string of hexadecimal digits.,It is a unique name by which this specific PSK is referred to by Zabbix components,Do not put sensitive information in PSK identity string, it is transmitted over the network unencrypted.,Works only with >= Zabbix 3.0
tls_issuer: ${18:undefined} # not required. Required certificate issuer.,Works only with >= Zabbix 3.0
http_login_password: ${19:None} # not required. Basic Auth password
tls_psk: ${20:undefined} # not required. The preshared key, at least 32 hex digits. Required if either tls_connect or tls_accept has PSK enabled.,Works only with >= Zabbix 3.0
ipmi_privilege: ${21:undefined} # not required. IPMI privilege level.,Please review the Host object documentation for more information on the supported properties,https://www.zabbix.com/documentation/3.4/manual/api/reference/host/object,Possible values are C(1) (callback), C(2) (user), C(3) (operator), C(4) (admin), C(5) (OEM), with C(2) being the API default.,also see the last note in the I(ipmi_authtype) documentation
tls_connect: ${22:1} # not required. Specifies what encryption to use for outgoing connections.,The tls_connect parameter accepts values of 1 to 7,Possible values, 1 (no encryption), 2 (PSK), 4 (certificate).,Values can be combined.,Works only with >= Zabbix 3.0
ipmi_password: ${23:undefined} # not required. IPMI password.,also see the last note in the I(ipmi_authtype) documentation
visible_name: ${24:undefined} # not required. Visible name of the host in Zabbix.
state: ${25|present,absent|} # not required. choices: present;absent. State of the host.,On C(present), it will create if host does not exist or update the host if the associated data is different.,On C(absent) will remove a host if it exists.
timeout: ${26:10} # not required. The timeout of API request(seconds).
tls_subject: ${27:undefined} # not required. Required certificate subject.,Works only with >= Zabbix 3.0
validate_certs: ${28|true,false|} # not required. choices: true;false. If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
link_templates: ${29:None} # not required. List of templates linked to the host.
"""
'zabbix_hostmacro':
'prefix': "zabbix_hostmacro_snippet"
'description': "Zabbix host macro creates/updates/deletes"
'body': """
zabbix_hostmacro:
macro_value: ${1:undefined} # required. Value of the host macro.
macro_name: ${2:undefined} # required. Name of the host macro.
login_user: ${3:undefined} # required. Zabbix user name.
server_url: ${4:undefined} # required. Url of Zabbix server, with protocol (http or https). C(url) is an alias for C(server_url).
host_name: ${5:undefined} # required. Name of the host.
login_password: ${6:undefined} # required. Zabbix user password.
http_login_password: ${7:None} # not required. Basic Auth password
http_login_user: ${8:None} # not required. Basic Auth login
state: ${9|present,absent|} # not required. choices: present;absent. State of the macro.,On C(present), it will create if macro does not exist or update the macro if the associated data is different.,On C(absent) will remove a macro if it exists.
timeout: ${10:10} # not required. The timeout of API request(seconds).
force: ${11|yes,no|} # not required. choices: yes;no. Only updates an existing macro if set to C(yes).
validate_certs: ${12|true,false|} # not required. choices: true;false. If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'zabbix_maintenance':
'prefix': "zabbix_maintenance_snippet"
'description': "Create Zabbix maintenance windows"
'body': """
zabbix_maintenance:
login_user: ${1:undefined} # required. Zabbix user name.
server_url: ${2:undefined} # required. Url of Zabbix server, with protocol (http or https). C(url) is an alias for C(server_url).
login_password: ${3:undefined} # required. Zabbix user password.
desc: ${4:Created by Ansible} # required. Short description of maintenance window.
name: ${5:undefined} # required. Unique name of maintenance window.
host_names: ${6:null} # not required. Hosts to manage maintenance window for. Separate multiple hosts with commas. C(host_name) is an alias for C(host_names). B(Required) option when C(state) is I(present) and no C(host_groups) specified.
host_groups: ${7:null} # not required. Host groups to manage maintenance window for. Separate multiple groups with commas. C(host_group) is an alias for C(host_groups). B(Required) option when C(state) is I(present) and no C(host_names) specified.
collect_data: ${8:true} # not required. Type of maintenance. With data collection, or without.
http_login_password: ${9:None} # not required. Basic Auth password
validate_certs: ${10|true,false|} # not required. choices: true;false. If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
http_login_user: ${11:None} # not required. Basic Auth login
state: ${12|present,absent|} # not required. choices: present;absent. Create or remove a maintenance window.
timeout: ${13:10} # not required. The timeout of API request(seconds).
minutes: ${14:10} # not required. Length of maintenance window in minutes.
"""
'zabbix_proxy':
'prefix': "zabbix_proxy_snippet"
'description': "Zabbix proxy creates/deletes/gets/updates"
'body': """
zabbix_proxy:
login_password: ${1:undefined} # required. Zabbix user password.
login_user: ${2:undefined} # required. Zabbix user name.
server_url: ${3:undefined} # required. Url of Zabbix server, with protocol (http or https). C(url) is an alias for C(server_url).
proxy_name: ${4:undefined} # required. Name of the proxy in Zabbix.
status: ${5|active,passive|} # not required. choices: active;passive. Type of proxy. (4 - active, 5 - passive)
http_login_password: ${6:None} # not required. Basic Auth password
tls_psk: ${7:undefined} # not required. The preshared key, at least 32 hex digits. Required if either I(tls_connect) or I(tls_accept) has PSK enabled.
description: ${8:undefined} # not required. Description of the proxy..
tls_connect: ${9|no_encryption,PSK,certificate|} # not required. choices: no_encryption;PSK;certificate. Connections to proxy.
tls_accept: ${10|no_encryption,PSK,certificate|} # not required. choices: no_encryption;PSK;certificate. Connections from proxy.
state: ${11|present,absent|} # not required. choices: present;absent. State of the proxy.,On C(present), it will create if proxy does not exist or update the proxy if the associated data is different.,On C(absent) will remove a proxy if it exists.
timeout: ${12:10} # not required. The timeout of API request(seconds).
tls_issuer: ${13:undefined} # not required. Certificate issuer.
interface: ${14:[object Object]} # not required. Dictionary with params for the interface when proxy is in passive mode,Available values are: dns, ip, main, port, type and useip.,Please review the interface documentation for more information on the supported properties,U(https://www.zabbix.com/documentation/3.2/manual/api/reference/proxy/object#proxy_interface)
tls_subject: ${15:undefined} # not required. Certificate subject.
validate_certs: ${16|true,false|} # not required. choices: true;false. If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
tls_psk_identity: ${17:undefined} # not required. PSK identity. Required if either I(tls_connect) or I(tls_accept) has PSK enabled.
http_login_user: ${18:None} # not required. Basic Auth login
"""
'zabbix_screen':
'prefix': "zabbix_screen_snippet"
'description': "Zabbix screen creates/updates/deletes"
'body': """
zabbix_screen:
login_user: ${1:undefined} # required. Zabbix user name.
server_url: ${2:undefined} # required. Url of Zabbix server, with protocol (http or https). C(url) is an alias for C(server_url).
screens: ${3:undefined} # required. List of screens to be created/updated/deleted(see example).,If the screen(s) already been added, the screen(s) name won't be updated.,When creating or updating screen(s), C(screen_name), C(host_group) are required.,When deleting screen(s), the C(screen_name) is required.,The available states are: C(present) (default) and C(absent). If the screen(s) already exists, and the state is not C(absent), the screen(s) will just be updated as needed.\n
login_password: ${4:undefined} # required. Zabbix user password.
http_login_password: ${5:None} # not required. Basic Auth password
http_login_user: ${6:None} # not required. Basic Auth login
timeout: ${7:10} # not required. The timeout of API request(seconds).
validate_certs: ${8|true,false|} # not required. choices: true;false. If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
"""
'zabbix_template':
'prefix': "zabbix_template_snippet"
'description': "create/delete/dump zabbix template"
'body': """
zabbix_template:
login_user: ${1:undefined} # required. Zabbix user name.
server_url: ${2:undefined} # required. Url of Zabbix server, with protocol (http or https). C(url) is an alias for C(server_url).
login_password: ${3:undefined} # required. Zabbix user password.
template_name: ${4:undefined} # required. Name of zabbix template
template_groups: ${5:undefined} # not required. List of template groups to create or delete.
http_login_password: ${6:None} # not required. Basic Auth password
clear_templates: ${7:undefined} # not required. List of templates cleared from the template.,see templates_clear in https://www.zabbix.com/documentation/3.0/manual/api/reference/template/update
http_login_user: ${8:None} # not required. Basic Auth login
template_json: ${9:undefined} # not required. JSON dump of template to import
macros: ${10:undefined} # not required. List of templates macro
state: ${11|present,absent,dump|} # not required. choices: present;absent;dump. state present create/update template, absent delete template
timeout: ${12:10} # not required. The timeout of API request(seconds).
validate_certs: ${13|true,false|} # not required. choices: true;false. If set to False, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
link_templates: ${14:undefined} # not required. List of templates linked to the template.
"""
'zfs':
'prefix': "zfs_snippet"
'description': "Manage zfs"
'body': """
zfs:
state: ${1|absent,present|} # required. choices: absent;present. Whether to create (C(present)), or remove (C(absent)) a file system, snapshot or volume. All parents/children will be created/destroyed as needed to reach the desired state.
name: ${2:undefined} # required. File system, snapshot or volume name e.g. C(rpool/myfs).
origin: ${3:undefined} # not required. Snapshot from which to create a clone.
extra_zfs_properties: ${4:undefined} # not required. A dictionary of zfs properties to be set.,See the zfs(8) man page for more information.
key_value: ${5:undefined} # not required. (**DEPRECATED**) This will be removed in Ansible-2.9. Set these values in the,C(extra_zfs_properties) option instead.,The C(zfs) module takes key=value pairs for zfs properties to be set.,See the zfs(8) man page for more information.
"""
'zfs_facts':
'prefix': "zfs_facts_snippet"
'description': "Gather facts about ZFS datasets."
'body': """
zfs_facts:
name: ${1:undefined} # required. ZFS dataset name.
parsable: ${2:false} # not required. Specifies if property values should be displayed in machine friendly format.
depth: ${3:None} # not required. Specifiies recurion depth.
type: ${4|all,filesystem,volume,snapshot,bookmark|} # not required. choices: all;filesystem;volume;snapshot;bookmark. Specifies which datasets types to display. Multiple values have to be provided in comma-separated form.
recurse: ${5:false} # not required. Specifies if properties for any children should be recursively displayed.
properties: ${6:all} # not required. Specifies which dataset properties should be queried in comma-separated format. For more information about dataset properties, check zfs(1M) man page.
"""
'znode':
'prefix': "znode_snippet"
'description': "Create, delete, retrieve, and update znodes using ZooKeeper"
'body': """
znode:
hosts: ${1:undefined} # required. A list of ZooKeeper servers (format '[server]:[port]').
name: ${2:undefined} # required. The path of the znode.
state: ${3:None} # not required. The state to enforce. Mutually exclusive with op.
timeout: ${4:300} # not required. The amount of time to wait for a node to appear.
op: ${5:None} # not required. An operation to perform. Mutually exclusive with state.
value: ${6:None} # not required. The value assigned to the znode.
recursive: ${7:false} # not required. Recursively delete node and all its children.
"""
'zpool_facts':
'prefix': "zpool_facts_snippet"
'description': "Gather facts about ZFS pools."
'body': """
zpool_facts:
parsable: ${1:false} # not required. Specifies if property values should be displayed in machine friendly format.
name: ${2:undefined} # not required. ZFS pool name.
properties: ${3:all} # not required. Specifies which dataset properties should be queried in comma-separated format. For more information about dataset properties, check zpool(1M) man page.
"""
'zypper':
'prefix': "zypper_snippet"
'description': "Manage packages on SUSE and openSUSE"
'body': """
zypper:
name: ${1:undefined} # required. Package name C(name) or package specifier or a list of either.,Can include a version like C(name=1.0), C(name>3.4) or C(name<=2.7). If a version is given, C(oldpackage) is implied and zypper is allowed to update the package within the version range given.,You can also pass a url or a local path to a rpm file.,When using state=latest, this can be '*', which updates all installed packages.
force: ${2|yes,no|} # not required. choices: yes;no. Adds C(--force) option to I(zypper). Allows to downgrade packages and change vendor or architecture.
disable_gpg_check: ${3|yes,no|} # not required. choices: yes;no. Whether to disable to GPG signature checking of the package signature being installed. Has an effect only if state is I(present) or I(latest).
extra_args: ${4:undefined} # not required. Add additional options to C(zypper) command.,Options should be supplied in a single line as if given in the command line.
state: ${5|present,latest,absent,dist-upgrade|} # not required. choices: present;latest;absent;dist-upgrade. C(present) will make sure the package is installed. C(latest) will make sure the latest version of the package is installed. C(absent) will make sure the specified package is not installed. C(dist-upgrade) will make sure the latest version of all installed packages from all enabled repositories is installed.,When using C(dist-upgrade), I(name) should be C('*').
oldpackage: ${6|yes,no|} # not required. choices: yes;no. Adds C(--oldpackage) option to I(zypper). Allows to downgrade packages with less side-effects than force. This is implied as soon as a version is specified as part of the package name.
update_cache: ${7|yes,no|} # not required. choices: yes;no. Run the equivalent of C(zypper refresh) before the operation. Disabled in check mode.
disable_recommends: ${8|yes,no|} # not required. choices: yes;no. Corresponds to the C(--no-recommends) option for I(zypper). Default behavior (C(yes)) modifies zypper's default behavior; C(no) does install recommended packages.
type: ${9|package,patch,pattern,product,srcpackage,application|} # not required. choices: package;patch;pattern;product;srcpackage;application. The type of package to be operated on.
"""
'zypper_repository':
'prefix': "zypper_repository_snippet"
'description': "Add and remove Zypper repositories"
'body': """
zypper_repository:
repo: ${1:none} # not required. URI of the repository or .repo file. Required when state=present.
name: ${2:none} # not required. A name for the repository. Not required when adding repofiles.
auto_import_keys: ${3|yes,no|} # not required. choices: yes;no. Automatically import the gpg signing key of the new or changed repository.,Has an effect only if state is I(present). Has no effect on existing (unchanged) repositories or in combination with I(absent).,Implies runrefresh.,Only works with C(.repo) files if `name` is given explicitly.
enabled: ${4|yes,no|} # not required. choices: yes;no. Set repository to enabled (or disabled).
disable_gpg_check: ${5|yes,no|} # not required. choices: yes;no. Whether to disable GPG signature checking of all packages. Has an effect only if state is I(present).,Needs zypper version >= 1.6.2.
priority: ${6:undefined} # not required. Set priority of repository. Packages will always be installed from the repository with the smallest priority number.,Needs zypper version >= 1.12.25.
state: ${7|absent,present|} # not required. choices: absent;present. A source string state.
autorefresh: ${8|yes,no|} # not required. choices: yes;no. Enable autorefresh of the repository.
overwrite_multiple: ${9|yes,no|} # not required. choices: yes;no. Overwrite multiple repository entries, if repositories with both name and URL already exist.
runrefresh: ${10|yes,no|} # not required. choices: yes;no. Refresh the package list of the given repository.,Can be used with repo=* to refresh all repositories.
description: ${11:none} # not required. A description of the repository
"""