topic check_point.gaia.cp_gaia_radius_server doesn't work in a loop in Ansible https://community.checkpoint.com/t5/Ansible/check-point-gaia-cp-gaia-radius-server-doesn-t-work-in-a-loop/m-p/242095#M831 <P>We have a simple compliance ansible role that checks if the radius servers on the nodes are correctly configured. If this is not the case, the role will add the radius servers accordingly.</P><P>Here is a snippet of the role:</P><P>&nbsp;</P><LI-CODE lang="markup">vars: radius_server: - address: "10.10.10.1" port: "1812" priority: "10" timeout: "3" - address: "10.10.10.2" port: "1812" priority: "20" timeout: "3" radius_default_shell: "cli" radius_super_user_uid: "0" tasks: - name: Get RADIUS servers settings check_point.gaia.cp_gaia_radius_server_facts: register: radius tags: - always - name: Add missing RADIUS servers check_point.gaia.cp_gaia_radius_server: default_shell: "{{ radius_default_shell }}" super_user_uid: "{{ radius_super_user_uid }}" servers: - priority: "{{ item.priority }}" address: "{{ item.address }}" port: "{{ item.port }}" timeout: "{{ item.timeout }}" secret: "{{ radius_secret }}" loop: "{{ radius_server }}" when: &gt; item.address not in (radius.ansible_facts.servers |default([]) | map(attribute='address') | list) register: added_servers</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>The task iterates through the radius_servers vars correctly:</P><P>&nbsp;</P><LI-CODE lang="markup">TASK [cp_compliance_radius : Add missing RADIUS servers] ************************************************************************************************************************************************************ changed: [gaia_node1] =&gt; (item={'address': '10.10.10.1', 'port': '1812', 'priority': '10', 'timeout': '3'}) changed: [gaia_node1] =&gt; (item={'address': '10.10.10.2', 'port': '1812', 'priority': '20', 'timeout': '3'})</LI-CODE><P>&nbsp;</P><P>&nbsp;but instead of adding each server, the module overwrites the radius entries leaving only the last one in the loop active in the configuration:<BR /><BR /></P><P>&nbsp;</P><LI-CODE lang="markup">show configuration add aaa radius-servers priority 20 host 10.10.10.2 port 1812 secret ***** timeout 3 set aaa radius-servers default-shell /etc/cli.sh set aaa radius-servers super-user-uid 0</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>Versions:</P><P>&nbsp;</P><LI-CODE lang="markup">check_point.gaia 5.0.1 ansible [core 2.15.12] python version = 3.9.19 (main, May 16 2024, 08:45:40) [GCC 8.5.0 20210514 (Red Hat 8.5.0-22)] jinja version = 3.1.4 libyaml = True OS: Gaia R81.20</LI-CODE><P>&nbsp;</P> Mon, 24 Feb 2025 07:53:17 GMT Mechanix 2025-02-24T07:53:17Z check_point.gaia.cp_gaia_radius_server doesn't work in a loop https://community.checkpoint.com/t5/Ansible/check-point-gaia-cp-gaia-radius-server-doesn-t-work-in-a-loop/m-p/242095#M831 <P>We have a simple compliance ansible role that checks if the radius servers on the nodes are correctly configured. If this is not the case, the role will add the radius servers accordingly.</P><P>Here is a snippet of the role:</P><P>&nbsp;</P><LI-CODE lang="markup">vars: radius_server: - address: "10.10.10.1" port: "1812" priority: "10" timeout: "3" - address: "10.10.10.2" port: "1812" priority: "20" timeout: "3" radius_default_shell: "cli" radius_super_user_uid: "0" tasks: - name: Get RADIUS servers settings check_point.gaia.cp_gaia_radius_server_facts: register: radius tags: - always - name: Add missing RADIUS servers check_point.gaia.cp_gaia_radius_server: default_shell: "{{ radius_default_shell }}" super_user_uid: "{{ radius_super_user_uid }}" servers: - priority: "{{ item.priority }}" address: "{{ item.address }}" port: "{{ item.port }}" timeout: "{{ item.timeout }}" secret: "{{ radius_secret }}" loop: "{{ radius_server }}" when: &gt; item.address not in (radius.ansible_facts.servers |default([]) | map(attribute='address') | list) register: added_servers</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>The task iterates through the radius_servers vars correctly:</P><P>&nbsp;</P><LI-CODE lang="markup">TASK [cp_compliance_radius : Add missing RADIUS servers] ************************************************************************************************************************************************************ changed: [gaia_node1] =&gt; (item={'address': '10.10.10.1', 'port': '1812', 'priority': '10', 'timeout': '3'}) changed: [gaia_node1] =&gt; (item={'address': '10.10.10.2', 'port': '1812', 'priority': '20', 'timeout': '3'})</LI-CODE><P>&nbsp;</P><P>&nbsp;but instead of adding each server, the module overwrites the radius entries leaving only the last one in the loop active in the configuration:<BR /><BR /></P><P>&nbsp;</P><LI-CODE lang="markup">show configuration add aaa radius-servers priority 20 host 10.10.10.2 port 1812 secret ***** timeout 3 set aaa radius-servers default-shell /etc/cli.sh set aaa radius-servers super-user-uid 0</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>Versions:</P><P>&nbsp;</P><LI-CODE lang="markup">check_point.gaia 5.0.1 ansible [core 2.15.12] python version = 3.9.19 (main, May 16 2024, 08:45:40) [GCC 8.5.0 20210514 (Red Hat 8.5.0-22)] jinja version = 3.1.4 libyaml = True OS: Gaia R81.20</LI-CODE><P>&nbsp;</P> Mon, 24 Feb 2025 07:53:17 GMT https://community.checkpoint.com/t5/Ansible/check-point-gaia-cp-gaia-radius-server-doesn-t-work-in-a-loop/m-p/242095#M831 Mechanix 2025-02-24T07:53:17Z