https://github.com/netascode/terraform-ise-nac-ise
Terraform Cisco ISE Network-as-Code Module
https://github.com/netascode/terraform-ise-nac-ise
cisco iac ise nac network-as-code terraform terraform-module
Last synced: about 1 month ago
JSON representation
Terraform Cisco ISE Network-as-Code Module
- Host: GitHub
- URL: https://github.com/netascode/terraform-ise-nac-ise
- Owner: netascode
- License: apache-2.0
- Created: 2023-12-14T08:20:50.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-11-18T10:44:56.000Z (6 months ago)
- Last Synced: 2025-03-21T18:04:18.632Z (2 months ago)
- Topics: cisco, iac, ise, nac, network-as-code, terraform, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/netascode/nac-ise/ise
- Size: 119 KB
- Stars: 3
- Watchers: 1
- Forks: 2
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# Terraform Network-as-Code Cisco ISE Module
A Terraform module to configure Cisco ISE.
## Usage
This module supports an inventory driven approach, where a complete ISE configuration or parts of it are either modeled in one or more YAML files or natively using Terraform variables.
## Examples
Configuring a Network Access Condition using YAML:
#### `network_access_condition.yaml`
```yaml
---
ise:
network_access:
policy_elements:
conditions:
- name: CertificateNotExpired
type: LibraryConditionAttributes
is_negate: false
dictionary_name: CERTIFICATE
attribute_name: Is Expired
operator: equals
attribute_value: "False"
```
#### `main.tf`
```hcl
module "ise" {
source = "netascode/nac-ise/ise"
version = ">= 0.1.0"
yaml_files = ["network_access_condition.yaml"]
}
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
| [ise](#requirement\_ise) | >= 0.2.4 |
| [local](#requirement\_local) | >= 2.3.0 |
| [time](#requirement\_time) | >= 0.10.0 |
| [utils](#requirement\_utils) | >= 0.2.5 |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [model](#input\_model) | As an alternative to YAML files, a native Terraform data structure can be provided as well. | `map(any)` | `{}` | no |
| [write\_default\_values\_file](#input\_write\_default\_values\_file) | Write all default values to a YAML file. Value is a path pointing to the file to be created. | `string` | `""` | no |
| [yaml\_directories](#input\_yaml\_directories) | List of paths to YAML directories. | `list(string)` | `[]` | no |
| [yaml\_files](#input\_yaml\_files) | List of paths to YAML files. | `list(string)` | `[]` | no |
## Outputs
| Name | Description |
|------|-------------|
| [default\_values](#output\_default\_values) | All default values. |
| [model](#output\_model) | Full model. |
## Resources
| Name | Type |
|------|------|
| [ise_active_directory_add_groups.active_directory_groups](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/active_directory_add_groups) | resource |
| [ise_active_directory_join_domain_with_all_nodes.active_directory_join_domain_with_all_nodes](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/active_directory_join_domain_with_all_nodes) | resource |
| [ise_active_directory_join_point.active_directory_join_point](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/active_directory_join_point) | resource |
| [ise_allowed_protocols.allowed_protocols](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/allowed_protocols) | resource |
| [ise_allowed_protocols_tacacs.allowed_protocols_tacacs](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/allowed_protocols_tacacs) | resource |
| [ise_authorization_profile.authorization_profile](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/authorization_profile) | resource |
| [ise_certificate_authentication_profile.certificate_authentication_profile](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/certificate_authentication_profile) | resource |
| [ise_device_admin_authentication_rule.default_device_admin_authentication_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authentication_rule) | resource |
| [ise_device_admin_authentication_rule.device_admin_authentication_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authentication_rule) | resource |
| [ise_device_admin_authentication_rule_update_rank.device_admin_authentication_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authentication_rule_update_rank) | resource |
| [ise_device_admin_authorization_exception_rule.device_admin_authorization_exception_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authorization_exception_rule) | resource |
| [ise_device_admin_authorization_exception_rule_update_rank.device_admin_authorization_exception_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authorization_exception_rule_update_rank) | resource |
| [ise_device_admin_authorization_global_exception_rule.device_admin_authorization_global_exception_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authorization_global_exception_rule) | resource |
| [ise_device_admin_authorization_global_exception_rule_update_rank.device_admin_authorization_global_exception_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authorization_global_exception_rule_update_rank) | resource |
| [ise_device_admin_authorization_rule.default_device_admin_authorization_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authorization_rule) | resource |
| [ise_device_admin_authorization_rule.device_admin_authorization_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authorization_rule) | resource |
| [ise_device_admin_authorization_rule_update_rank.device_admin_authorization_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_authorization_rule_update_rank) | resource |
| [ise_device_admin_condition.device_admin_condition](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_condition) | resource |
| [ise_device_admin_policy_set.default_device_admin_policy_set](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_policy_set) | resource |
| [ise_device_admin_policy_set.device_admin_policy_set](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_policy_set) | resource |
| [ise_device_admin_policy_set_update_rank.device_admin_policy_set_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_policy_set_update_rank) | resource |
| [ise_device_admin_time_and_date_condition.device_admin_time_and_date_condition](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/device_admin_time_and_date_condition) | resource |
| [ise_downloadable_acl.downloadable_acl](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/downloadable_acl) | resource |
| [ise_endpoint.endpoint](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/endpoint) | resource |
| [ise_endpoint_identity_group.endpoint_identity_group_0](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/endpoint_identity_group) | resource |
| [ise_endpoint_identity_group.endpoint_identity_group_1](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/endpoint_identity_group) | resource |
| [ise_endpoint_identity_group.endpoint_identity_group_2](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/endpoint_identity_group) | resource |
| [ise_endpoint_identity_group.endpoint_identity_group_3](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/endpoint_identity_group) | resource |
| [ise_endpoint_identity_group.endpoint_identity_group_4](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/endpoint_identity_group) | resource |
| [ise_endpoint_identity_group.endpoint_identity_group_5](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/endpoint_identity_group) | resource |
| [ise_identity_source_sequence.identity_source_sequences](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/identity_source_sequence) | resource |
| [ise_internal_user.internal_user](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/internal_user) | resource |
| [ise_license_tier_state.license_tier_state](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/license_tier_state) | resource |
| [ise_network_access_authentication_rule.default_network_access_authentication_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authentication_rule) | resource |
| [ise_network_access_authentication_rule.network_access_authentication_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authentication_rule) | resource |
| [ise_network_access_authentication_rule_update_rank.network_access_authentication_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authentication_rule_update_rank) | resource |
| [ise_network_access_authorization_exception_rule.network_access_authorization_exception_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authorization_exception_rule) | resource |
| [ise_network_access_authorization_exception_rule_update_rank.network_access_authorization_exception_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authorization_exception_rule_update_rank) | resource |
| [ise_network_access_authorization_global_exception_rule.network_access_authorization_global_exception_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authorization_global_exception_rule) | resource |
| [ise_network_access_authorization_global_exception_rule_update_rank.network_access_authorization_global_exception_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authorization_global_exception_rule_update_rank) | resource |
| [ise_network_access_authorization_rule.default_network_access_authorization_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authorization_rule) | resource |
| [ise_network_access_authorization_rule.network_access_authorization_rule](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authorization_rule) | resource |
| [ise_network_access_authorization_rule_update_rank.network_access_authorization_rule_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_authorization_rule_update_rank) | resource |
| [ise_network_access_condition.network_access_condition](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_condition) | resource |
| [ise_network_access_dictionary.network_access_dictionary](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_dictionary) | resource |
| [ise_network_access_policy_set.default_network_access_policy_set](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_policy_set) | resource |
| [ise_network_access_policy_set.network_access_policy_set](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_policy_set) | resource |
| [ise_network_access_policy_set_update_rank.network_access_policy_set_update_rank](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_policy_set_update_rank) | resource |
| [ise_network_access_time_and_date_condition.network_access_time_and_date_condition](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_access_time_and_date_condition) | resource |
| [ise_network_device.network_device](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_device) | resource |
| [ise_network_device_group.network_device_group_0](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_device_group) | resource |
| [ise_network_device_group.network_device_group_1](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_device_group) | resource |
| [ise_network_device_group.network_device_group_2](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_device_group) | resource |
| [ise_network_device_group.network_device_group_3](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_device_group) | resource |
| [ise_network_device_group.network_device_group_4](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_device_group) | resource |
| [ise_network_device_group.network_device_group_5](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/network_device_group) | resource |
| [ise_repository.repository](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/repository) | resource |
| [ise_tacacs_command_set.tacacs_command_set](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/tacacs_command_set) | resource |
| [ise_tacacs_profile.tacacs_profile](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/tacacs_profile) | resource |
| [ise_trustsec_egress_matrix_cell.trustsec_egress_matrix_cell](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/trustsec_egress_matrix_cell) | resource |
| [ise_trustsec_ip_to_sgt_mapping.trustsec_ip_to_sgt_mapping](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/trustsec_ip_to_sgt_mapping) | resource |
| [ise_trustsec_ip_to_sgt_mapping_group.trustsec_ip_to_sgt_mapping_group](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/trustsec_ip_to_sgt_mapping_group) | resource |
| [ise_trustsec_security_group.trustsec_security_group](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/trustsec_security_group) | resource |
| [ise_trustsec_security_group_acl.trustsec_security_group_acl](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/trustsec_security_group_acl) | resource |
| [ise_user_identity_group.user_identity_group_0](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/user_identity_group) | resource |
| [ise_user_identity_group.user_identity_group_1](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/user_identity_group) | resource |
| [ise_user_identity_group.user_identity_group_2](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/user_identity_group) | resource |
| [ise_user_identity_group.user_identity_group_3](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/user_identity_group) | resource |
| [ise_user_identity_group.user_identity_group_4](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/user_identity_group) | resource |
| [ise_user_identity_group.user_identity_group_5](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/resources/user_identity_group) | resource |
| [local_sensitive_file.defaults](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/sensitive_file) | resource |
| [time_sleep.device_admin_policy_object_wait](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
| [time_sleep.network_device_group_wait](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
| [time_sleep.sgt_wait](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
| [ise_active_directory_groups_by_domain.all_groups](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/active_directory_groups_by_domain) | data source |
| [ise_device_admin_condition.device_admin_condition](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/device_admin_condition) | data source |
| [ise_device_admin_condition.device_admin_condition_circular](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/device_admin_condition) | data source |
| [ise_endpoint_identity_group.endpoint_identity_group](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/endpoint_identity_group) | data source |
| [ise_network_access_condition.network_access_condition](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/network_access_condition) | data source |
| [ise_network_access_condition.network_access_condition_circular](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/network_access_condition) | data source |
| [ise_trustsec_security_group.trustsec_security_group](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/trustsec_security_group) | data source |
| [ise_trustsec_security_group_acl.trustsec_security_group_acl](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/trustsec_security_group_acl) | data source |
| [ise_user_identity_group.user_identity_group](https://registry.terraform.io/providers/CiscoDevNet/ise/latest/docs/data-sources/user_identity_group) | data source |
| [utils_yaml_merge.defaults](https://registry.terraform.io/providers/netascode/utils/latest/docs/data-sources/yaml_merge) | data source |
| [utils_yaml_merge.model](https://registry.terraform.io/providers/netascode/utils/latest/docs/data-sources/yaml_merge) | data source |
## Modules
No modules.