Skip to content

Policy

Diagram

Diagram

Classes

configuration (iosxe.devices)

NameTypeConstraintMandatoryDefault Value
policyClass[policy]No

policy (iosxe.devices.configuration)

NameTypeConstraintMandatoryDefault Value
class_mapsList[class_maps]No
policy_mapsList[policy_maps]No

class_maps (iosxe.devices.configuration.policy)

NameTypeConstraintMandatoryDefault Value
nameStringYes
typeChoicecontrol, subscriberNo
subscriberBooleantrue, falseNo
prematchChoicematch-allNo
match_authorization_status_authorizedBooleantrue, falseNo
match_result_type_aaa_timeoutBooleantrue, falseNo
match_authorization_status_unauthorizedBooleantrue, falseNo
match_activated_service_templatesListStringNo
match_authorizing_method_priority_greater_thanIntegerNo
match_method_dot1xBooleantrue, falseNo
match_result_type_method_dot1x_authoritativeBooleantrue, falseNo
match_result_type_method_dot1x_agent_not_foundBooleantrue, falseNo
match_result_type_method_dot1x_method_timeoutBooleantrue, falseNo
match_method_mabBooleantrue, falseNo
match_result_type_method_mab_authoritativeBooleantrue, falseNo
match_dscpIntegerNo
descriptionStringNo

policy_maps (iosxe.devices.configuration.policy)

NameTypeConstraintMandatoryDefault Value
nameStringYes
typeChoiceaccess-control, appnav, control, epbr, inspect, packet-service, performance-monitor, queueing, service, service-chain, umbrellaNo
subscriberBooleantrue, falseNo
descriptionStringNo
classesList[classes]No
eventsList[events]No

classes (iosxe.devices.configuration.policy.policy_maps)

NameTypeConstraintMandatoryDefault Value
nameStringYes
actionsList[actions]No

events (iosxe.devices.configuration.policy.policy_maps)

NameTypeConstraintMandatoryDefault Value
nameStringYes
event_typeChoiceaaa-available, absolute-timeout, agent-found, authentication-failure, authentication-success, authorization-failure, authorization-success, identity-update, inactivity-timeout, remote-authentication-failure, remote-authentication-success, remote-update, session-disconnected, session-started, tag-added, tag-removed, template-activated, template-activation-failed, template-deactivated, template-deactivation-failed, timer-expiry, violationNo
match_typeChoicematch-all, match-firstNo
class_numbersList[class_numbers]No
action_numbersList[action_numbers]No

actions (iosxe.devices.configuration.policy.policy_maps.classes)

NameTypeConstraintMandatoryDefault Value
typeChoicebandwidth, compression, dbl, drop, estimate, fair-queue, forward, netflow-sampler, police, priority, queue-buffers, queue-limit, random-detect, service-policy, set, shape, trustNo
bandwidth_bitsIntegermin: 1, max: 100000000No
bandwidth_percentIntegermin: 1, max: 100No
bandwidth_remaining_optionChoicepercent, ratioNo
bandwidth_remaining_percentIntegermin: 1, max: 100No
bandwidth_remaining_ratioIntegermin: 1, max: 65536No
priority_levelIntegermin: 1, max: 2No
priority_burstIntegermin: 32, max: 2000000No
queue_limitIntegermin: 1, max: 64000000No
queue_limit_typeAnybytes, ms, packets, usNo
shape_average_bit_rateIntegermin: 8000, max: 100000000000No
shape_average_bits_per_interval_sustainedIntegermin: 256, max: 154400000No
shape_average_bits_per_interval_excessIntegermin: 0, max: 154400000No
shape_average_percentIntegermin: 0, max: 100No
shape_average_burst_size_sustainedIntegermin: 10, max: 2000No
shape_average_msBooleantrue, falseNo

class_numbers (iosxe.devices.configuration.policy.policy_maps.events)

NameTypeConstraintMandatoryDefault Value
numberIntegermin: 1, max: 254Yes
classStringYes
execution_typeChoicedo-all, do-until-failure, do-until-successNo

action_numbers (iosxe.devices.configuration.policy.policy_maps.events)

NameTypeConstraintMandatoryDefault Value
numberIntegermin: 1, max: 254Yes
pause_reauthenticationBooleantrue, falseNo
authorizeBooleantrue, falseNo
terminate_configAnyChoice[dot1x, mab, webauth] or String[Regex: ^.*[\$\%]\{.*$] or String[Regex: ^.*[\$\%]\{.*$]No
activate_service_template_config_service_templateStringNo
activate_service_template_config_aaa_listStringNo
activate_service_template_config_precedenceIntegermin: 1, max: 254No
activate_service_template_config_replace_allBooleantrue, falseNo
activate_interface_templateStringNo
activate_policy_type_control_subscriberStringNo
deactivate_interface_templateStringNo
deactivate_service_templateStringNo
deactivate_policy_type_control_subscriberStringNo
authenticate_using_methodChoicedot1x, mab, webauthNo
authenticate_using_retriesIntegermin: 1, max: 5No
authenticate_using_retry_timeIntegermin: 0, max: 65535No
authenticate_using_priorityIntegermin: 1, max: 254No
authenticate_using_aaa_authc_listStringNo
authenticate_using_aaa_authz_listStringNo
authenticate_using_bothBooleantrue, falseNo
authenticate_using_parameter_mapStringNo
replaceBooleantrue, falseNo
restrictBooleantrue, falseNo
clear_sessionBooleantrue, falseNo
clear_authenticated_data_hosts_on_portBooleantrue, falseNo
protectBooleantrue, falseNo
err_disableBooleantrue, falseNo
resume_reauthenticationBooleantrue, falseNo
authentication_restartIntegermin: 1, max: 65535No
set_domainChoicedata, switch, voiceNo
unauthorizeBooleantrue, falseNo
notifyBooleantrue, falseNo
set_timer_nameStringNo
set_timer_valueIntegermin: 0, max: 65535No
map_attribute_to_service_tableStringNo

Examples

iosxe:
devices:
- name: Device1
configuration:
policy: