Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat(eos_cli_config_gen): add SNMPv3 hashed user passphrases support #1721

Merged
merged 14 commits into from
May 5, 2022
Merged

Feat(eos_cli_config_gen): add SNMPv3 hashed user passphrases support #1721

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
fceda85
feat(eos_cli_config_gen): add SNMPv3 hashed user passphrases support
gmuloc Apr 13, 2022
796f415
Style: fix pre-commmit and j2lint issues
gmuloc Apr 13, 2022
042ec16
Style: fix more j2lint issues
gmuloc Apr 13, 2022
56a5b92
Test: regenerate all documentation for all molecules after changes
gmuloc Apr 14, 2022
47ad071
Docs(eos_cli_config_gen): fix documenation SNMP engineID default value
gmuloc Apr 19, 2022
7a5c01c
Fix(eos_cli_config_gen): reorganize the logic for adding localized ke…
gmuloc Apr 19, 2022
2e4d3c2
fix(eos_cli_config_gen): change engineid to engine_ids
gmuloc Apr 19, 2022
81b3174
Feat(eos_cli_config_gen): add support for remote SNMPv3 users
gmuloc Apr 20, 2022
f219642
Refactor(eos_cli_config_gen): changes as per PR review
gmuloc Apr 21, 2022
81d0d63
Refactor(eos_cli_config_gen): address PR comments
gmuloc Apr 21, 2022
bf59785
Apply suggestions from code review
gmuloc Apr 26, 2022
e801bd4
Refactor(eos_cli_config_gen): update the tests
gmuloc Apr 26, 2022
c61a518
Refactor(eos_cli_config_gen): address PR comments
gmuloc May 5, 2022
82f1c1d
Refactor(eos_cli_config_gen): fix engineID fields description in README
gmuloc May 5, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 39 additions & 10 deletions ...ollections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/snmp.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,16 @@ interface Management1
| ------- | -------- | ---------- | ----- |
| DC1_OPS | DC1 | All | Enabled |


### SNMP EngineID Configuration

| Type | Name (Hex) | IP | Port |
| ---- | ---------- | -- | ---- |
| local | 424242424242424242 | - | - |
| remote | 6172697374615F6970 | 1.1.1.1 | - |
| remote | DEADBEEFCAFE123456 | 2.2.2.2 | 1337 |


### SNMP ACLs
| IP | ACL | VRF |
| -- | --- | --- |
Expand Down Expand Up @@ -87,9 +97,9 @@ interface Management1
| 10.6.75.121 | MGMT | SNMP-COMMUNITY-1 | - | - | 1 |
| 10.6.75.121 | MGMT | SNMP-COMMUNITY-2 | - | - | 2c |
| 10.6.75.122 | MGMT | SNMP-COMMUNITY-2 | - | - | 2c |
| 10.6.75.99 | MGMT | - | USER-READ | auth | 3 |
| 10.6.75.99 | MGMT | - | USER-READ-AUTH-NO-PRIV | auth | 3 |
| 10.6.75.99 | MGMT | - | USER-WRITE | auth | 3 |
| 10.6.75.100 | MGMT | - | USER-READ | priv | 3 |
| 10.6.75.100 | MGMT | - | USER-READ-AUTH-PRIV | priv | 3 |

### SNMP Views Configuration

Expand All @@ -115,15 +125,26 @@ interface Management1

### SNMP Users Configuration

| User | Group | Version | Authentication | Privacy |
| ---- | ----- | ------- | -------------- | ------- |
| USER-READ | GRP-READ-ONLY | v3 | sha | aes |
| USER-WRITE | GRP-READ-WRITE | v3 | sha | aes |
| User | Group | Version | Authentication | Privacy | Remote IP | UDP Port | Engine ID |
| ---- | ----- | ------- | -------------- | ------- | --------- | -------- | --------- |
| USER-READ-NO-AUTH-NO-PRIV | GRP-READ-ONLY | v3 | - | - | - | - | - |
| USER-READ-AUTH-NO-PRIV | GRP-READ-ONLY | v3 | sha | - | - | - | - |
| USER-READ-AUTH-PRIV | GRP-READ-ONLY | v3 | sha | aes | - | - | - |
| USER-READ-NO-AUTH-NO-PRIV-LOC | GRP-READ-ONLY | v3 | - | - | - | - | 424242424242424242 |
| USER-READ-AUTH-NO-PRIV-LOC | GRP-READ-ONLY | v3 | sha | - | - | - | 424242424242424242 |
| USER-READ-AUTH-PRIV-LOC | GRP-READ-ONLY | v3 | sha | aes | - | - | 424242424242424242 |
| USER-WRITE | GRP-READ-WRITE | v3 | sha | aes | - | - | - |
| REMOTE-USER-IP-ONLY | GRP-REMOTE | v3 | - | - | 42.42.42.42 | - | - |
| REMOTE-USER-IP-PORT | GRP-REMOTE | v3 | - | - | 42.42.42.42 | 666 | - |
| REMOTE-USER-IP-LOCALIZED | GRP-REMOTE | v3 | sha | - | 42.42.42.42 | - | DEADBEEFCAFE123456 |

### SNMP Device Configuration

```eos
!
snmp-server engineID local 424242424242424242
snmp-server engineID remote 1.1.1.1 6172697374615F6970
snmp-server engineID remote 2.2.2.2 udp-port 1337 DEADBEEFCAFE123456
snmp-server contact DC1_OPS
snmp-server location DC1
snmp-server ipv4 access-list SNMP-MGMT vrf MGMT
Expand All @@ -140,14 +161,22 @@ snmp-server community SNMP-COMMUNITY-2 view VW-READ rw ipv6 SNMP-MGMT SNMP-MGMT
snmp-server community SNMP-COMMUNITY-3 ro
snmp-server group GRP-READ-ONLY v3 priv read v3read
snmp-server group GRP-READ-WRITE v3 auth read v3read write v3write
snmp-server user USER-READ GRP-READ-ONLY v3 auth sha 7a07246a6e3467909098d01619e076adb4e2fe08 priv aes 7a07246a6e3467909098d01619e076ad
snmp-server user USER-WRITE GRP-READ-WRITE v3 auth sha 7a07246a6e3467909098d01619e076adb4e2fe08 priv aes 7a07246a6e3467909098d01619e076ad
snmp-server user USER-READ-NO-AUTH-NO-PRIV GRP-READ-ONLY v3
snmp-server user USER-READ-AUTH-NO-PRIV GRP-READ-ONLY v3 auth sha clearPassword
snmp-server user USER-READ-AUTH-PRIV GRP-READ-ONLY v3 auth sha clearPassword priv aes clearPassword
snmp-server user USER-READ-NO-AUTH-NO-PRIV-LOC GRP-READ-ONLY v3
snmp-server user USER-READ-AUTH-NO-PRIV-LOC GRP-READ-ONLY v3 localized 424242424242424242 auth sha 8da526cd35b9ea9b42d819036f7fad058576ea0a
snmp-server user USER-READ-AUTH-PRIV-LOC GRP-READ-ONLY v3 localized 424242424242424242 auth sha 8da526cd35b9ea9b42d819036f7fad058576ea0a priv aes 8da526cd35b9ea9b42d819036f7fad05
snmp-server user USER-WRITE GRP-READ-WRITE v3 auth sha clearPassword priv aes clearPassword
snmp-server user REMOTE-USER-IP-ONLY GRP-REMOTE remote 42.42.42.42 v3
snmp-server user REMOTE-USER-IP-PORT GRP-REMOTE remote 42.42.42.42 udp-port 666 v3
snmp-server user REMOTE-USER-IP-LOCALIZED GRP-REMOTE remote 42.42.42.42 v3 localized DEADBEEFCAFE123456 auth sha ShouldBeEncryptedPassword
snmp-server host 10.6.75.121 vrf MGMT version 1 SNMP-COMMUNITY-1
snmp-server host 10.6.75.121 vrf MGMT version 2c SNMP-COMMUNITY-2
snmp-server host 10.6.75.122 vrf MGMT version 2c SNMP-COMMUNITY-2
snmp-server host 10.6.75.99 vrf MGMT version 3 auth USER-READ
snmp-server host 10.6.75.99 vrf MGMT version 3 auth USER-READ-AUTH-NO-PRIV
snmp-server host 10.6.75.99 vrf MGMT version 3 auth USER-WRITE
snmp-server host 10.6.75.100 vrf MGMT version 3 priv USER-READ
snmp-server host 10.6.75.100 vrf MGMT version 3 priv USER-READ-AUTH-PRIV
snmp-server enable traps
no snmp-server vrf default
snmp-server vrf MGMT
Expand Down
19 changes: 15 additions & 4 deletions ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/snmp.cfg
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ transceiver qsfp default-mode 4x10G
!
hostname snmp
!
snmp-server engineID local 424242424242424242
snmp-server engineID remote 1.1.1.1 6172697374615F6970
snmp-server engineID remote 2.2.2.2 udp-port 1337 DEADBEEFCAFE123456
snmp-server contact DC1_OPS
snmp-server location DC1
snmp-server ipv4 access-list SNMP-MGMT vrf MGMT
Expand All @@ -20,14 +23,22 @@ snmp-server community SNMP-COMMUNITY-2 view VW-READ rw ipv6 SNMP-MGMT SNMP-MGMT
snmp-server community SNMP-COMMUNITY-3 ro
snmp-server group GRP-READ-ONLY v3 priv read v3read
snmp-server group GRP-READ-WRITE v3 auth read v3read write v3write
snmp-server user USER-READ GRP-READ-ONLY v3 auth sha 7a07246a6e3467909098d01619e076adb4e2fe08 priv aes 7a07246a6e3467909098d01619e076ad
snmp-server user USER-WRITE GRP-READ-WRITE v3 auth sha 7a07246a6e3467909098d01619e076adb4e2fe08 priv aes 7a07246a6e3467909098d01619e076ad
snmp-server user USER-READ-NO-AUTH-NO-PRIV GRP-READ-ONLY v3
snmp-server user USER-READ-AUTH-NO-PRIV GRP-READ-ONLY v3 auth sha clearPassword
snmp-server user USER-READ-AUTH-PRIV GRP-READ-ONLY v3 auth sha clearPassword priv aes clearPassword
snmp-server user USER-READ-NO-AUTH-NO-PRIV-LOC GRP-READ-ONLY v3
snmp-server user USER-READ-AUTH-NO-PRIV-LOC GRP-READ-ONLY v3 localized 424242424242424242 auth sha 8da526cd35b9ea9b42d819036f7fad058576ea0a
snmp-server user USER-READ-AUTH-PRIV-LOC GRP-READ-ONLY v3 localized 424242424242424242 auth sha 8da526cd35b9ea9b42d819036f7fad058576ea0a priv aes 8da526cd35b9ea9b42d819036f7fad05
snmp-server user USER-WRITE GRP-READ-WRITE v3 auth sha clearPassword priv aes clearPassword
snmp-server user REMOTE-USER-IP-ONLY GRP-REMOTE remote 42.42.42.42 v3
snmp-server user REMOTE-USER-IP-PORT GRP-REMOTE remote 42.42.42.42 udp-port 666 v3
snmp-server user REMOTE-USER-IP-LOCALIZED GRP-REMOTE remote 42.42.42.42 v3 localized DEADBEEFCAFE123456 auth sha ShouldBeEncryptedPassword
snmp-server host 10.6.75.121 vrf MGMT version 1 SNMP-COMMUNITY-1
snmp-server host 10.6.75.121 vrf MGMT version 2c SNMP-COMMUNITY-2
snmp-server host 10.6.75.122 vrf MGMT version 2c SNMP-COMMUNITY-2
snmp-server host 10.6.75.99 vrf MGMT version 3 auth USER-READ
snmp-server host 10.6.75.99 vrf MGMT version 3 auth USER-READ-AUTH-NO-PRIV
snmp-server host 10.6.75.99 vrf MGMT version 3 auth USER-WRITE
snmp-server host 10.6.75.100 vrf MGMT version 3 priv USER-READ
snmp-server host 10.6.75.100 vrf MGMT version 3 priv USER-READ-AUTH-PRIV
snmp-server enable traps
no snmp-server vrf default
snmp-server vrf MGMT
Expand Down
66 changes: 59 additions & 7 deletions ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/snmp.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,15 @@
### Snmp Settings ####
snmp_server:
engine_ids:
local: 424242424242424242
remote:
# First one without IP should not be rendered
- name: 1234567890ABCDEF12
- name: 6172697374615F6970
ip: 1.1.1.1
- name: DEADBEEFCAFE123456
ip: 2.2.2.2
port: 1337
contact: DC1_OPS
location: DC1
communities:
Expand Down Expand Up @@ -47,20 +57,62 @@ snmp_server:
read: v3read
write: v3write
users:
- name: USER-READ
- name: USER-READ-NO-AUTH-NO-PRIV
group: GRP-READ-ONLY
version: v3
- name: USER-READ-AUTH-NO-PRIV
group: GRP-READ-ONLY
version: v3
auth: sha
auth_passphrase: clearPassword
- name: USER-READ-AUTH-PRIV
group: GRP-READ-ONLY
version: v3
auth: sha
auth_passphrase: clearPassword
priv: aes
priv_passphrase: clearPassword
- name: USER-READ-NO-AUTH-NO-PRIV-LOC
group: GRP-READ-ONLY
version: v3
localized: 424242424242424242
- name: USER-READ-AUTH-NO-PRIV-LOC
group: GRP-READ-ONLY
version: v3
auth: sha
auth_passphrase: 8da526cd35b9ea9b42d819036f7fad058576ea0a
localized: 424242424242424242
- name: USER-READ-AUTH-PRIV-LOC
group: GRP-READ-ONLY
version: v3
auth: sha
auth_passphrase: 7a07246a6e3467909098d01619e076adb4e2fe08
auth_passphrase: 8da526cd35b9ea9b42d819036f7fad058576ea0a
priv: aes
priv_passphrase: 7a07246a6e3467909098d01619e076ad
priv_passphrase: 8da526cd35b9ea9b42d819036f7fad05
localized: 424242424242424242
- name: USER-WRITE
group: GRP-READ-WRITE
version: v3
auth: sha
auth_passphrase: 7a07246a6e3467909098d01619e076adb4e2fe08
auth_passphrase: clearPassword
priv: aes
priv_passphrase: 7a07246a6e3467909098d01619e076ad
priv_passphrase: clearPassword
- name: REMOTE-USER-IP-ONLY
group: GRP-REMOTE
version: v3
remote_ip: 42.42.42.42
- name: REMOTE-USER-IP-PORT
group: GRP-REMOTE
version: v3
remote_ip: 42.42.42.42
udp_port: 666
- name: REMOTE-USER-IP-LOCALIZED
group: GRP-REMOTE
version: v3
remote_ip: 42.42.42.42
localized: DEADBEEFCAFE123456
auth: sha
auth_passphrase: ShouldBeEncryptedPassword
hosts:
- host: 10.6.75.121
vrf: MGMT
Expand All @@ -78,15 +130,15 @@ snmp_server:
vrf: MGMT
version: 3
users:
- username: USER-READ
- username: USER-READ-AUTH-NO-PRIV
authentication_level: auth
- username: USER-WRITE
authentication_level: auth
- host: 10.6.75.100
vrf: MGMT
#version: 3 should be autodetected based on users key.
users:
- username: USER-READ
- username: USER-READ-AUTH-PRIV
authentication_level: priv
traps:
enable: true
Expand Down
9 changes: 5 additions & 4 deletions ...tions/arista/avd/molecule/eos_cli_config_gen_v4.0/documentation/devices/snmp.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ interface Management1
| ------- | -------- | ---------- | ----- |
| DC1_OPS | DC1 | All | Enabled |


ClausHolbechArista marked this conversation as resolved.
Show resolved Hide resolved
### SNMP ACLs
| IP | ACL | VRF |
| -- | --- | --- |
Expand Down Expand Up @@ -115,10 +116,10 @@ interface Management1

### SNMP Users Configuration

| User | Group | Version | Authentication | Privacy |
| ---- | ----- | ------- | -------------- | ------- |
| USER-READ | GRP-READ-ONLY | v3 | sha | aes |
| USER-WRITE | GRP-READ-WRITE | v3 | sha | aes |
| User | Group | Version | Authentication | Privacy | Remote IP | UDP Port | Engine ID |
| ---- | ----- | ------- | -------------- | ------- | --------- | -------- | --------- |
| USER-READ | GRP-READ-ONLY | v3 | sha | aes | - | - | - |
| USER-WRITE | GRP-READ-WRITE | v3 | sha | aes | - | - | - |

### SNMP Device Configuration

Expand Down
17 changes: 15 additions & 2 deletions ansible_collections/arista/avd/roles/eos_cli_config_gen/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2318,6 +2318,12 @@ sflow:

```yaml
snmp_server:
engine_ids:
local: < engine_name in hex >
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
remote:
- name: < engine_name in hex >
ip: < hostname | ip of remote engine >
port: < udp-port of remote engine >
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
contact: < contact_name >
location: < location >
communities:
Expand Down Expand Up @@ -2370,11 +2376,18 @@ snmp_server:
users:
- name: < username >
group: < group_name >
# remote_ip and udp_port are used for remote users
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
remote_ip: < ip_address >
# udp_port will not be used if no remote_ip is configured
udp_port: < udp_port >
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
version: < v1 | v2c | v3 >
# for a local user (i.e. no remote_ip) - the local engine ID should be
# used
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
localized: < engine_name in hex >
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
auth: < hash_algorithm >
auth_passphrase: < encrypted_auth_passphrase >
auth_passphrase: < hashed_auth_passphrase if localized is used else cleartext auth_passphrase >
priv: < encryption_algorithm >
priv_passphrase: < encrypted_priv_passphrase >
priv_passphrase: < hashed_priv_passphrase if localized is used else cleartext priv_passphrase >
- name: < username >
group: < group_name >
version: < v1 | v2c | v3 >
Expand Down
29 changes: 26 additions & 3 deletions ..._collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/snmp-settings.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,28 @@
| {{ row_contact }} | {{ row_location }} | {{ row_traps_disabled }} | Disabled |
{% endif %}
{% endif %}
{% if snmp_server.engine_ids is arista.avd.defined %}


ClausHolbechArista marked this conversation as resolved.
Show resolved Hide resolved
### SNMP EngineID Configuration

| Type | Name (Hex) | IP | Port |
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
| ---- | ---------- | -- | ---- |
tgodaA marked this conversation as resolved.
Show resolved Hide resolved
{% if snmp_server.engine_ids.local is arista.avd.defined %}
| local | {{ snmp_server.engine_ids.local }} | - | - |
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
{% endif %}
{% for engine_id in snmp_server.engine_ids.remote %}
{% if engine_id.name is arista.avd.defined and engine_id.ip is arista.avd.defined %}
{% set row_name = engine_id.name | arista.avd.default('-') %}
{% set row_ip = engine_id.ip | arista.avd.default('-') %}
{% set row_port = engine_id.port | arista.avd.default('-') %}
| remote | {{ row_name }} | {{ row_ip }} | {{ row_port }} |
{% endif %}
{% endfor %}
{% endif %}
{% if snmp_server.ipv4_acls is arista.avd.defined %}


ClausHolbechArista marked this conversation as resolved.
Show resolved Hide resolved
### SNMP ACLs
| IP | ACL | VRF |
| -- | --- | --- |
Expand Down Expand Up @@ -139,15 +159,18 @@

### SNMP Users Configuration

| User | Group | Version | Authentication | Privacy |
| ---- | ----- | ------- | -------------- | ------- |
| User | Group | Version | Authentication | Privacy | Remote IP | UDP Port | Engine ID |
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
| ---- | ----- | ------- | -------------- | ------- | --------- | -------- | --------- |
{% for user in snmp_server.users %}
{% set row_user = user.name | arista.avd.default('default') %}
{% set row_group = user.group | arista.avd.default('-') %}
{% set row_version = user.version | arista.avd.default('-') %}
{% set row_auth = user.auth | arista.avd.default('-') %}
{% set row_policy = user.priv | arista.avd.default('-') %}
| {{ row_user }} | {{ row_group }} | {{ row_version }} | {{ row_auth }} | {{ row_policy }} |
{% set row_remote_ip = user.remote_ip | arista.avd.default('-') %}
{% set row_udp_port = user.udp_port | arista.avd.default('-') %}
{% set row_engine_id = user.localized | arista.avd.default('-') %}
| {{ row_user }} | {{ row_group }} | {{ row_version }} | {{ row_auth }} | {{ row_policy }} | {{ row_remote_ip }} | {{ row_udp_port }} | {{ row_engine_id }} |
{% endfor %}
{% endif %}

Expand Down
34 changes: 29 additions & 5 deletions ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/snmp-settings.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,21 @@
{# eos - SNMP Settings#}
{% if snmp_server is arista.avd.defined %}
!
{% if snmp_server.engine_ids is arista.avd.defined %}
{% if snmp_server.engine_ids.local is arista.avd.defined %}
snmp-server engineID local {{ snmp_server.engine_ids.local }}
{% endif %}
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
{% for engine_id in snmp_server.engine_ids.remote %}
{% if engine_id.name is arista.avd.defined and engine_id.ip is arista.avd.defined %}
{% set remote_engine_ids_cli = "snmp-server engineID remote " ~ engine_id.ip %}
{% if engine_id.port is arista.avd.defined %}
gmuloc marked this conversation as resolved.
Show resolved Hide resolved
{% set remote_engine_ids_cli = remote_engine_ids_cli ~ " udp-port " ~ engine_id.port %}
{% endif %}
{% set remote_engine_ids_cli = remote_engine_ids_cli ~ " " ~ engine_id.name %}
{{ remote_engine_ids_cli }}
{% endif %}
{% endfor %}
{% endif %}
{% if snmp_server.contact is arista.avd.defined %}
snmp-server contact {{ snmp_server.contact }}
{% endif %}
Expand Down Expand Up @@ -102,18 +117,27 @@ snmp-server location {{ snmp_server.location }}
{% if user.group is arista.avd.defined %}
{% set user_cli = user_cli ~ " " ~ user.group %}
{% endif %}
{% if user.remote_ip is arista.avd.defined %}
{% set user_cli = user_cli ~ " remote " ~ user.remote_ip %}
{% if user.udp_port is arista.avd.defined %}
{% set user_cli = user_cli ~ " udp-port " ~ user.udp_port %}
{% endif %}
{% endif %}
{% if user.version is arista.avd.defined %}
{% set user_cli = user_cli ~ " " ~ user.version %}
{% endif %}
{% if user.auth is arista.avd.defined
and user.version is arista.avd.defined('v3')
and user.auth_passphrase is arista.avd.defined %}
ClausHolbechArista marked this conversation as resolved.
Show resolved Hide resolved
{% if user.localized is arista.avd.defined %}
{% set user_cli = user_cli ~ " localized " ~ user.localized %}
{% endif %}
{% set user_cli = user_cli ~ " auth " ~ user.auth ~ " " ~ user.auth_passphrase %}
{% endif %}
{% if user.priv is arista.avd.defined
and user.version is arista.avd.defined('v3')
and user.priv_passphrase is arista.avd.defined %}
{% set user_cli = user_cli ~ " priv " ~ user.priv ~ " " ~ user.priv_passphrase %}
{% if user.priv is arista.avd.defined
and user.version is arista.avd.defined('v3')
ClausHolbechArista marked this conversation as resolved.
Show resolved Hide resolved
and user.priv_passphrase is arista.avd.defined %}
{% set user_cli = user_cli ~ " priv " ~ user.priv ~ " " ~ user.priv_passphrase %}
{% endif %}
{% endif %}
{{ user_cli }}
{% endfor %}
Expand Down