我有以下playbook来修改ASA对象组:
---
- hosts: us_asa
connection: local
gather_facts: false
tasks:
- name: change config
asa_config:
auth_pass: "{{ ansible_ssh_password }}"
username: "{{ ansible_ssh_user }}"
password: "{{ ansible_ssh_password }}"
authorize: yes
timeout: 45
lines:
- network-object host 1.2.3.4
- network-object host 2.3.2.3
parents: ['object-group network BAD_IPs']
这适用于单个群组。
有关如何修改具有相同连接的多个组的任何建议吗?如果我在parents: ['object-group network BAD_IPs']示例之后添加另一个对象组:
---
- hosts: us_asa
connection: local
gather_facts: false
tasks:
- name: change config
asa_config:
auth_pass: "{{ ansible_ssh_password }}"
username: "{{ ansible_ssh_user }}"
password: "{{ ansible_ssh_password }}"
authorize: yes
timeout: 45
lines:
- network-object host 1.2.3.4
- network-object host 2.3.2.3
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
parents: ['object-group network Good_IPs']
这失败了 违规行似乎是:
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
^ here
我应该使用关于语法的任何建议吗?
提前谢谢!
答案 0 :(得分:0)
那里只有一个基本的YAML语法错误。带有列表值的YAML字典键看起来像这样:
key: [item1, item2, item3]
或者像这样:
key:
- item1
- item2
- item3
你有两个奇怪的组合:
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
我不确切知道你想要什么样的结构,但你所拥有的只是无效。