Skip to content
Network as Code

Template

Diagram

Diagram

Classes

configuration (iosxe.devices)

NameTypeConstraintMandatoryDefault Value
templatesList[templates]No

templates (iosxe.devices.configuration)

NameTypeConstraintMandatoryDefault Value
nameStringYes
dot1x_paeChoiceauthenticator, both, supplicantNo
dot1x_max_reauth_reqIntegermin: 1, max: 10No
dot1x_max_reqIntegermin: 1, max: 10No
dot1x_timeout_tx_periodIntegermin: 1, max: 65535No
service_policy_type_control_subscriberStringNo
service_policy_inputStringNo
service_policy_outputStringNo
source_templateStringNo
switchportClass[switchport]No
mabBooleantrue, falseNo
mab_eapBooleantrue, falseNo
access_session_closedBooleantrue, falseNo
access_session_monitorBooleantrue, falseNo
access_session_port_controlChoiceauto, force-authorized, force-unauthorizedNo
access_session_control_directionChoiceboth, inNo
access_session_host_modeChoicemulti-auth, multi-domain, multi-host, single-hostNo
access_session_interface_template_stickyBooleantrue, falseNo
access_session_interface_template_sticky_timerIntegermin: 1, max: 65535No
authentication_periodicBooleantrue, falseNo
authentication_timer_reauthenticate_serverBooleantrue, falseNo
authentication_timer_reauthenticate_rangeIntegermin: 1, max: 65535No
spanning_tree_bpduguard_enableBooleantrue, falseNo
spanning_tree_service_policyBooleantrue, falseNo
spanning_tree_portfastBooleantrue, falseNo
spanning_tree_portfast_disableBooleantrue, falseNo
spanning_tree_portfast_edgeBooleantrue, falseNo
spanning_tree_portfast_networkBooleantrue, falseNo
storm_control_broadcast_level_pps_thresholdStringNo
storm_control_broadcast_level_bps_thresholdNumbermin: 0, max: 100000000000.0No
storm_control_broadcast_level_thresholdNumbermin: 0, max: 10000No
storm_control_multicast_level_pps_thresholdStringNo
storm_control_multicast_level_bps_thresholdNumbermin: 0, max: 100000000000.0No
storm_control_multicast_level_thresholdNumbermin: 0, max: 10000No
storm_control_action_shutdownBooleantrue, falseNo
storm_control_action_trapBooleantrue, falseNo
load_intervalIntegermin: 30, max: 600No
ip_dhcp_snooping_limit_rateIntegermin: 1, max: 2048No
ip_dhcp_snooping_trustBooleantrue, falseNo
ip_access_groupsList[ip_access_groups]No
subscriber_aging_inactivity_timer_valueIntegermin: 1, max: 65535No
subscriber_aging_inactivity_timer_probeBooleantrue, falseNo
subscriber_aging_probeBooleantrue, falseNo
device_trackingBooleantrue, falseNo
device_tracking_attach_policiesList[device_tracking_attach_policies]No
device_tracking_vlan_rangeStringNo
cts_manualBooleantrue, falseNo
cts_manual_policy_static_sgtIntegermin: 2, max: 65519No
cts_manual_policy_static_trustedBooleantrue, falseNo
cts_manual_propagate_sgtBooleantrue, falseNo
cts_role_based_enforcementBooleantrue, falseNo

switchport (iosxe.devices.configuration.templates)

NameTypeConstraintMandatoryDefault Value
modeChoiceaccess, trunkNo
nonegotiateBooleantrue, falseNo
block_unicastBooleantrue, falseNo
port_securityBooleantrue, falseNo
port_security_aging_staticBooleantrue, falseNo
port_security_aging_timeIntegermin: 1, max: 1440No
port_security_aging_typeBooleantrue, falseNo
port_security_aging_type_inactivityBooleantrue, falseNo
port_security_maximum_rangesList[port_security_maximum_ranges]No
port_security_violation_protectBooleantrue, falseNo
port_security_violation_restrictBooleantrue, falseNo
port_security_violation_shutdownBooleantrue, falseNo
access_vlanIntegermin: 1, max: 4094No
voice_vlanIntegermin: 1, max: 4094No
private_vlan_host_association_primary_rangeAnyInteger[min: 2, max: 1001] or Integer[min: 1006, max: 4094] or String[Regex: ^.*[\$\%]\{.*$]No
private_vlan_host_association_secondary_rangeAnyInteger[min: 2, max: 1001] or Integer[min: 1006, max: 4094] or String[Regex: ^.*[\$\%]\{.*$]No
trunk_allowed_vlansIntegermin: 1, max: 4094No
trunk_allowed_vlans_noneBooleantrue, falseNo
trunk_allowed_vlans_allBooleantrue, falseNo
trunk_native_vlan_tagBooleantrue, falseNo
trunk_native_vlan_idIntegermin: 1, max: 4094No

ip_access_groups (iosxe.devices.configuration.templates)

NameTypeConstraintMandatoryDefault Value
directionChoicein, outYes
access_listStringYes

device_tracking_attach_policies (iosxe.devices.configuration.templates)

NameTypeConstraintMandatoryDefault Value
nameStringNo
vlan_rangeStringYes

port_security_maximum_ranges (iosxe.devices.configuration.templates.switchport)

NameTypeConstraintMandatoryDefault Value
rangeIntegermin: 1, max: 3072Yes
vlanBooleantrue, falseNo
vlan_accessBooleantrue, falseNo

Examples

iosxe:
  devices:
    - name: Device1
      configuration:
        templates:
          - name: TEMPLATE1
            dot1x_pae: supplicant
            dot1x_max_reauth_req: 3
            dot1x_max_req: 5
            dot1x_timeout_tx_period: 600
            service_policy_input: input
            service_policy_output: output
            switchport:
              mode_trunk: true
              trunk_native_vlan_id: 100
              trunk_allowed_vlans: 10-20,30
              nonegotiate: true
              block_unicast: true
              port_security: true
              port_security_aging_static: true
              port_security_aging_time: 600
              port_security_aging_type_inactivity: true
              port_security_maximum_ranges:
                - range: 10
                  vlan: true
                  vlan_access: true
                - range: 20
                  vlan: true
                - range: 30
              port_security_violation_protect: true
              voice_vlan: 11
            mab: true
            mab_eap: true
            access_session_closed: true
            access_session_monitor: false
            access_session_port_control: force-authorized
            access_session_control_direction: in
            access_session_host_mode: multi-domain
            access_session_interface_template_sticky: true
            access_session_interface_template_sticky_timer: 600
            authentication_periodic: true
            authentication_timer_reauthenticate_range: 600
            spanning_tree_bpduguard_enable: true
            spanning_tree_portfast: true
            spanning_tree_portfast_disable: false
            storm_control_broadcast_level_threshold: 80
            storm_control_multicast_level_threshold: 70
            storm_control_action_shutdown: true
            storm_control_action_trap: true
            load_interval: 90
            ip_dhcp_snooping_limit_rate: 1024
            ip_dhcp_snooping_trust: true
            ip_access_groups:
              - direction: in
                access_list: ACL_IN
              - direction: out
                access_list: ACL_OUT
            subscriber_aging_inactivity_timer_value: 600
            device_tracking: true
            cts_manual: true
            cts_manual_policy_static_sgt: 100
            cts_manual_policy_static_trusted: true
            cts_manual_propagate_sgt: true
            cts_role_based_enforcement: true