Seeking some guidance on something I am stuck on atm. I have been spending a decent amount of time with Ansible and ISE APIs as of lately. I am able to consume ISE APIs when running several GET/POST calls. However, I am having an issue when needing to run a PUT call to essentially update a resource. In this particular use case I have a playbook that runs a few plays:
-The first play is a GET query to provide me with a specific endpoint details
-The next play prints the returned output essentially showing the admin that everything is good thus far
-Then I extract the endpoint ID string using json_query and store it as a variable
-For peace of mind the following play prints the variable to show we have the ID string of the endpoint
-Then the last play I attempt to update the endpoint group assignment via appending the id string
This is where I am stuck. Does anyone know how to convert an item to string with Ansible?
Playbook:
---
- name: ISE
hosts: localhost
connection: local
gather_facts: false
vars:
ise_user: xxxx
ise_pass: xxxx
tasks:
- name: Get Existing MAC Endpoint ID string
uri:
url: https://x.x.x.x:9060/ers/config/endpoint?filter=mac.EQ.{{ mac_addr }}
user: "{{ ise_user }}"
password: "{{ ise_pass }}"
headers:
Accept: application/json
content-type: application/json
ers-media-type: identity.endpoint.1.2
status_code: 200
method: GET
validate_certs: no
register: endpoint_id
- name: Print returned ISE json data
debug:
msg: "{{ endpoint_id.json }}"
- name: Get ISE ID String
set_fact:
id: "{{ endpoint_id | json_query(jmesquery) }}"
vars:
jmesquery: '*.SearchResult.resources[*].id'
- name: Print ISE Endpoint ID
debug:
msg: "{{ id }}"
- name: Move existing MAC to new Identity Group
uri:
url: https://x.x.x.x:9060/ers/config/endpoint/{{ id }}
user: "{{ ise_user }}"
password: "{{ ise_pass }}"
headers:
Accept: application/json
content-type: application/json
ers-media-type: identity.endpoint.1.2
status_code: 201
method: PUT
body_format: json
body: '{"ERSEndPoint" : {"staticGroupAssignment" : "true","description" : DESC,"groupId" : "6cd78cb0-3bbf-11eb-a867-1e4ebebfb039"}}'
validate_certs: no
You can see the job run results below to see how the id string gets appended in the wrong format:
PLAY [ISE] *********************************************************************
TASK [Get Existing MAC Endpoint ID string] *************************************
ok: [localhost]
TASK [Print returned ISE json data] ********************************************
ok: [localhost] => {
"msg": {
"SearchResult": {
"resources": [
{
"id": "69d3bf30-ce12-11eb-ba90-c63c5470e9ab",
"link": {
"href": "https://xx.xx.xx.xx:9060/ers/config/endpoint/69d3bf30-ce12-11eb-ba90-c63c5470e9ab",
"rel": "self",
"type": "application/json"
},
"name": "AA:BB:BB:BB:BB:BB"
}
],
"total": 1
}
}
}
TASK [Get ISE Endpoint ID String] **********************************************
ok: [localhost]
TASK [Print ISE Endpoint ID] ***************************************************
ok: [localhost] => {
"msg": [
[
"69d3bf30-ce12-11eb-ba90-c63c5470e9ab"
]
]
}
TASK [Move existing MAC to new Identity Group] *********************************
fatal: [localhost]: FAILED! => {"changed": false, "connection": "close", "content": "", "content_length": "0", "date": "Thu, 17 Jun 2021 19:12:37 GMT", "elapsed": 0, "msg": "Status code was 400 and not [201]: HTTP Error 400: ", "redirected": false, "server": "", "status": 400, "url": "https://xx.xx.xx.xx:9060/ers/config/endpoint/[[u'69d3bf30-ce12-11eb-ba90-c63c5470e9ab']]"}
PLAY RECAP *********************************************************************
localhost : ok=4 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
To summarize the current issue is how I extract/store the id as a variable and then append it like so:
"https://xx.xx.xx.xx:9060/ers/config/endpoint/[[u'69d3bf30-ce12-11eb-ba90-c63c5470e9ab']]"
Any help is greatly appreciated!!
