However, besides of these vendor specified modules, we can utilise the "uri" module in Ansible to make different REST Calls. As long as the remote system supports REST API, we can write Ansible scripts to interact with them.
In the following POST series, I will use my Ansible script for Cisco FirePower Management Center (FMC) as an example to describe how Ansible's REST script works.
Cisco FirePower is a very good & widely used next-Gen firewall. Especially in the enterprise environment. However, comparing to the old Cisco ASA firwall, Cisco FirePower doesn't have the time-based ACL. So it's impossible for us to apply some time-based access rules in Cisco FMC.
But Cisco FMC does supports REST API. So we can use Ansible Script to talk to FMC and automate the policy enable/disable process and work congestion with Linux CRON job to provide policy schedule functions.
You can download my playbooks from my github repo:
Here are the table of content of this Ansible Cisco FMC REST API series:
- Introduction and Ansible playbook download
- Script flow charts
- Introduction of REST API and Cisco FMC API Explorer
- Script prerequisites
- Request Access Token
- Get policy content, modify content and "PUT' in FMC - Part 1
- Get policy content, modify content and "PUT' in FMC - Part 2
- Get deployable devices and deploy policy
In the following post (02 - Flow Charts of the scripts), I will show you the flow chart of the scripts.