ansible-ise icon indicating copy to clipboard operation
ansible-ise copied to clipboard

Published 20 hours ago verified publisher icon CiscoISE

Cannot get cisco.ise.rest_id_store to work

Open wastorga opened this issue 1 year ago • 1 comments

Prerequisites

  • [x] Have you tested the operation in the API directly?
  • [ ] Do you have the latest ISE Collection version?
  • [x] Review the compatibility matrix before opening an issue.

Describe the bug I cannot get cisco.ise.rest_id_store to work.

- name: Create REST ID Store (AzureAD)
 delegate_to: localhost
 cisco.ise.rest_id_store:
   ise_hostname: "{{ ansible_host }}"
   ise_username: "{{ ise_username | default( omit ) }}"
   ise_password: "{{ ise_password | default( omit ) }}"
   state: present
   name: AAD_trust0
   description: AAD_trust0
   ersRestIDStoreAttributes:
     predefined: Azure
     usernameSuffix: "@trust0.onmicrosoft.com"
     rootUrl: "http://***:9601/azure"
     headers:
     - key: clientID
       value: "***"
     - key: clientSecret
       value: "***"
     - key: tenantID
       value: "***"
 register: aad_created
 ignore_errors: yes

I always get the error :

"ERSResponse" : {
         "operation" : "POST-create-restidstore",
         "messages" : [ {
           "title" : "Resource Initialization Failed(10)",
           "type" : "ERROR",
           "code" : "Application resource validation exception"
         } ]

Expected behavior That it works, since using ansible.builtin.uri module works.

Screenshots

- name: Create AAD_trust0 REST ID Store
  delegate_to: localhost
  ansible.builtin.uri:
    url: https://{{ ansible_host }}/ers/config/restidstore
    method: POST
    url_username: "{{ ise_username }}"
    url_password: "{{ ise_password }}"
    force_basic_auth: yes
    headers:
      Accept: application/json
      Content-Type: application/json
    body: |
      {
        "ERSRestIDStore" : {
          "name" : "AAD_trust0",
          "description" : "",
          "ersRestIDStoreAttributes" : {
            "usernameSuffix" : "@trust0.onmicrosoft.com",
            "rootUrl" : "http://****:9601/azure",
            "predefined" : "Azure",
            "headers" : [ {
              "key" : "clientID",
              "value" : "*******"
            }, {
              "key" : "clientSecret",
              "value" : "****"
            }, {
              "key" : "tenantID",
              "value" : "****"
            } ]
          },
          "ersRestIDStoreUserAttributes" : {
            "attributes" : [ ]
          }
        }
      }
    status_code: 201
    validate_certs: "{{ lookup('env','ISE_VERIFY') | default( false )}}"
    return_content: true
  register: aad_created
  ignore_errors: yes

Environment (please complete the following information):

  • ISE version and patch:
  • Ansible version: 8.1.0, ansible-core: 2.15.1
  • ciscoisesdk : 2.0.9
  • ISE collection version:
  • OS version:

Additional context Originally reported by Thomas Howard on Webex space.

wastorga avatar Jul 17 '23 14:07 wastorga

Hi @wastorga please try it with new collection version (2.5.13) and let us know if it works now.

Please see new module docs, cause there are new params: https://github.com/CiscoISE/ansible-ise/blob/main/plugins/modules/rest_id_store.py

fmunozmiranda avatar Jul 25 '23 21:07 fmunozmiranda

I'm going to close this issue, in case the problem persists feel free to reopen it or create a new one Regards

bvargasre avatar Aug 06 '24 18:08 bvargasre