JCTechSol
commented
3 years ago I agree, its not good to have plain text password info exposed nor is it helpful to have to reenter the login info over and over again. This is what I came up with to utilize the session method:
- name: Logging into IAP
uri:
url: https://{{ devs }}:4343/rest/login
return_content: yes
method: POST
validate_certs: no
body_format: json
body: {
"user": "{{ ansible_user }}",
"passwd": "{{ ansible_ssh_pass }}"
}
register: login
no_log: TrueThen I can use it like so:
- name: Show running-config
arubainstant_config:
session: {
'host': "{{ devs }}",
'session_token': "{{ login.json.sid }}"
}
method: GET
iap_ip_addr: 0.0.0.0
api_type: monitoring
api_name: show running-config
register: Config
Hi you show in your code for IAP´s a example
I guess the session column means that i can use the session token for the REST API ? But could you please explain a bit more how to use it?
just want to avoid to use user and password variable for every - name: etc.etc. in the playbooks Maybe that it could looks like this ?
name: Set NTP server IP hosts: localhost connection: local gather_facts: no vars_files:
variables.yml tasks:
name: NTP IP arubainstant_config: host: "{{ virtual_controller_ip }}" username: "{{ virtual_controller_username }}" password: "{{ virtual_controller_password }}" method: POST api_type: configuration api_name: ntp-server data: { "ntp-server" : { "action" :"create", "ntp_server_ip" : "1.1.1.3" }}
name: SYSLOG IP arubainstant_config: session: {{ session_dict.msg }} #used when previous play's output is registered host: "{{ virtual_controller_ip }}" method: POST api_type: configuration api_name: syslog-server data: { "syslog-server" : { "action" :"create", "syslog_server_ip" : "1.1.1.3" }}
or maybe other solutions to shorten a complete IAP Configuration playbook ? Bye Mac