colin-stubbs
commented
4 years ago Support for cipher_group argument added in f5_modules 1.2, default f5_modules (bigip) Ansible modules distributed with latest Fedora packaged RPM are 1.1.
Will merge support for cipher_group once Ansible RPM from Fedora includes support for cipher_group.
$ rpm -qi ansible Name : ansible Version : 2.9.9 Release : 1.el8 Architecture: noarch Install Date: Fri 22 May 2020 08:51:24 AEST Group : Unspecified Size : 102284783 License : GPLv3+ Signature : RSA/SHA256, Thu 14 May 2020 05:04:37 AEST, Key ID 21ea45ab2f86d6a1 Source RPM : ansible-2.9.9-1.el8.src.rpm Build Date : Wed 13 May 2020 14:22:36 AEST Build Host : buildvm-ppc64le-10.ppc.fedoraproject.org Relocations : (not relocatable) Packager : Fedora Project Vendor : Fedora Project URL : http://ansible.com Bug URL : https://bugz.fedoraproject.org/ansible Summary : SSH-based configuration management, deployment, and task execution system Description : Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. $
Can't use default F5 cipher groups. Forced to enter text for ciphers to manually define cipher match string.
https://clouddocs.f5.com/products/orchestration/ansible/devel/modules/bigip_profile_client_ssl_module.html#bigip-profile-client-ssl-module