Export Template
To push configuration to devices, Policy Manager must have an export template available for the given device type. The export template must be implemented in Jinja2, and is used to render Policy Manager's internal ACL model to real-world device configurations. The results of the export template are used to build configuration patches which are pushed out through a centralized device connection, using either Ansible or NSO. The export template will be given information from Policy Manager, but that information may first be transformed with the JavaScript mapper file.
Here is an example export template:
{%for policy in data%}
Extended IP access list {{policy.name}}
{%for rule in policy.rules%} {{rule.action}}{%for service in rule.services %} {{service.protocol}}{%endfor%}{%for network in rule.sourceNetworks %} {{network}}{%endfor%}{%for network in rule.destinationNetworks%} {{network}}{%for service in rule.services %}{%if service.destinationPort%} {{service.destinationPort}}{%endif%}{%if service.fragmentOptions%} {{service.fragmentOptions}}{%endif%}{%if service.typecodes%} {{service.typecodes}}{%endif%}{%if service.controlFlags%} {{service.controlFlags}}{%endif%}{%if service.dscp%} dscp {{service.dscp}}{%endif%}{%if service.precedence%} precedence {{service.precedence}}{%endif%}{%if service.tos%} tos {{service.tos}}{%endif%}{%if service.ttl%} ttl {{service.ttl}}{%endif%}{%endfor%}{%endfor%}{%if rule.flags%} {{rule.flags}}{%endif%}{%if rule.logging%} log{%endif%}
{%endfor%}{%endfor%}This example template receives a single transformed policy entity and renders it in Cisco IOS syntax.