network/roles/access/tasks/fs-s5860-48xmg-u.yml

- name: Get secrets for SNMP manager
  set_fact:
    manager: '{{ lookup("passwordstore", "host/"+snmp_manager.name, returnall=true, missing="empty") | from_yaml }}'

- name: Generate SNMP passwords
  delegate_to: localhost
  command: >
    snmpv3-hashgen --yaml
        --engine {{ snmp_engine_id }}
        --user {{ manager.snmp_user }}
        --auth {{ manager.snmp_pass }}
        --priv {{ manager.snmp_pass }}
        --hash sha1
  check_mode: false
  changed_when: false
  no_log: true
  register: snmp_config

- name: Get SNMP password hash
  set_fact:
    snmp_hashes: '{{ (snmp_config.stdout | from_yaml).snmpv3.hashes }}'

- name: Set SNMP engine ID
  ansible.netcommon.cli_command:
    command: "{{ item }}"
    prompt: "% Warning: All SNMP users will be deleted\\. Do you want to continue\\? \\[Y/N\\]:"
    answer: "y"
  loop:
    - configure
    - snmp-server local-engineid {{ snmp_engine_id }}
    - exit
  when: not ansible_check_mode

- name: Create SNMP user
  ansible.netcommon.cli_config:
    config: "snmp-server user {{ manager.snmp_user }} public v3 encrypted auth sha {{ snmp_hashes.auth | upper }} priv des56 {{ snmp_hashes.priv[:32] | upper }}"
  notify: write config