[ansible-project] Junos yaml compliance check : how to construct conditional statements in a yaml file

Thu, 21 Nov 2019 10:02:46 -0800 

Hi 

I am looking to achieve the following but might be missing something 


---------------------------------------------------------

 

name: SECURITY CONTROL 101: Approved AAA servers 

  junos_config:

    lines: 

        - show configuration system tacplus-server  -- *command to check 
AAA servers* 

     src: files/aaa_config

     comment: All devices should be configured with the appropriate AAA 
servers    

 

---------------------------------------------------------------------------------------------

The file/aaa_config contains the following lines 

 

output

===============

 

set system tacplus-server 1.2.3.4 port 49    

set system tacplus-server 1.2.3.4 secret ""

set system tacplus-server 1.2.3.4 timeout 3   *--- 1st AAA server* 

set system tacplus-server 1.2.3.5 port 49

set system tacplus-server 1.2.3.5 secret ""

set system tacplus-server 1.2.3.5 timeout 3    *---- 2nd AAA server* 

 

 

 

 

What additional conditional statement can be constructed alongside the 
above  to meet the following requirements ?

 

   1.If the command is run and the output is similar to the contents of the 
aaa_config file , then a *pass message* is delivered . Can the 

     msg parameter do this ? 

   2. If the command is run and the output produces 1 or no AAA server , 
then a fail message is delivered.

 

   3. If the command is run and the output produces more than 2 AAA server 
, then *a pass* is delivered but with an additional statement "      
Appropriate number of AAA servers exceeded " 

 

   4. Would Splunk captured these messages ? 

 

 

I have taken my example from these links and wondered if they will satisfy 
and be possible 

 

 

*Conditionals*

 

https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html?highlight=register
 

 

 

*Assert*

 

*https://docs.ansible.com/ansible/latest/modules/assert_module.html?highlight=assert
 
<https://docs.ansible.com/ansible/latest/modules/assert_module.html?highlight=assert>
   
*

 

 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/49eb3c44-acf8-4817-a1c8-95097a014465%40googlegroups.com.

Reply via email to