aruba-ansible-modules icon indicating copy to clipboard operation
aruba-ansible-modules copied to clipboard

Published 20 hours ago verified publisher icon aruba

Session Cookie for IAP

Open mac0815 opened this issue 4 years ago • 1 comments

Hi you show in your code for IAP´s a example

  • name: Change the hostname of a particular IAP arubainstant_config: session: {{ session_dict.msg }} #used when previous play's output is registered method: POST api_type: action api_name: hostname data: { "iap_ip_addr": "2.2.2.2", "hostname_info": {"hostname": "iap-floor1-building1"}}

I guess the session column means that i can use the session token for the REST API ? But could you please explain a bit more how to use it?

just want to avoid to use user and password variable for every - name: etc.etc. in the playbooks Maybe that it could looks like this ?

  • name: Set NTP server IP hosts: localhost connection: local gather_facts: no vars_files:

    • variables.yml tasks:

    • name: NTP IP arubainstant_config: host: "{{ virtual_controller_ip }}" username: "{{ virtual_controller_username }}" password: "{{ virtual_controller_password }}" method: POST api_type: configuration api_name: ntp-server data: { "ntp-server" : { "action" :"create", "ntp_server_ip" : "1.1.1.3" }}

    • name: SYSLOG IP arubainstant_config: session: {{ session_dict.msg }} #used when previous play's output is registered host: "{{ virtual_controller_ip }}" method: POST api_type: configuration api_name: syslog-server data: { "syslog-server" : { "action" :"create", "syslog_server_ip" : "1.1.1.3" }}

or maybe other solutions to shorten a complete IAP Configuration playbook ? Bye Mac

mac0815 avatar May 08 '20 06:05 mac0815

I agree, its not good to have plain text password info exposed nor is it helpful to have to reenter the login info over and over again. This is what I came up with to utilize the session method:

- name: Logging into IAP
  uri:
    url: https://{{ devs }}:4343/rest/login
    return_content: yes
    method: POST
    validate_certs: no
    body_format: json
    body: {
      "user": "{{ ansible_user }}",
      "passwd": "{{ ansible_ssh_pass }}" 
      }
  register: login
  no_log: True

Then I can use it like so:

- name: Show running-config
  arubainstant_config:
    session: {
      'host': "{{ devs }}",
      'session_token': "{{ login.json.sid }}"
      }
    method: GET
    iap_ip_addr: 0.0.0.0
    api_type: monitoring
    api_name: show running-config
  register: Config

JCTechSol avatar Mar 17 '21 14:03 JCTechSol