aruba-iapComprehensive Aruba Instant AP (IAP) configuration management with automatic baseline capture, rollback support, and health monitoring. Supports device disco...
Install via ClawdBot CLI:
clawdbot install scsun1978/aruba-iapComprehensive Aruba Instant AP (IAP) configuration management with automatic baseline capture, rollback support, and health monitoring.
| Type | Risk | Description |
|------|-------|-------------|
| ssid_profile | Medium | Create complete SSID profile with WPA2-PSK-AES |
| ssid_delete | High | Remove existing SSID profile |
| snmp_community | Low | SNMP community configuration |
| snmp_host | Low-Medium | SNMP host/trap destination |
| syslog_level | Low | Syslog logging levels |
| auth_server | Medium | RADIUS/CPPM authentication server |
| ap_allowlist | Medium | Add/remove APs from allowlist |
| wired_port_profile | Medium | Wired port configuration |
| ntp | Low | NTP server configuration |
| dns | Low | DNS server configuration |
| rf_template | Low | RF template application |
# Clone or download the skill
cd ~/.openclaw/workspace/skills/aruba-iap-publish
# Run install script
./install.sh
# Verify installation
iapctl --help# Device Discovery
iapctl discover --cluster office-iap --vc 192.168.20.56 --out ./out
# Configuration Snapshot
iapctl snapshot --cluster office-iap --vc 192.168.20.56 --out ./out
# Verify Configuration
iapctl verify --cluster office-iap --vc 192.168.20.56 --level basic --out ./out# Create SSID configuration JSON
cat > add-ssid.json << 'EOF'
{
"changes": [
{
"type": "ssid_profile",
"profile_name": "MyWiFi",
"essid": "MyNetwork",
"opmode": "wpa2-psk-aes",
"wpa_passphrase": "MySecurePassword123",
"vlan": 1,
"rf_band": "all"
}
]
}
EOF
# Generate diff
iapctl diff --cluster office-iap --vc 192.168.20.56 \
--in add-ssid.json --out ./diff
# Apply changes
iapctl apply --cluster office-iap --vc 192.168.20.56 \
--change-id $(cat diff/commands.json | jq -r '.change_id') \
--in diff/commands.json --out ./apply# Create delete SSID configuration JSON
cat > delete-ssid.json << 'EOF'
{
"changes": [
{
"type": "ssid_delete",
"profile_name": "OldSSID"
}
]
}
EOF
# Generate diff
iapctl diff --cluster office-iap --vc 192.168.20.56 \
--in delete-ssid.json --out ./diff
# Apply changes
iapctl apply --cluster office-iap --vc 192.168.20.56 \
--change-id $(cat diff/commands.json | jq -r '.change_id') \
--in diff/commands.json --out ./apply# Monitor all categories
iapctl monitor --cluster office-iap --vc 192.168.20.56 --out ./monitor
# Monitor specific categories
iapctl monitor --cluster office-iap --vc 192.168.20.56 \
-c "system ap clients wlan" --out ./monitorconfigure terminal ā config commands ā commit applyFor Aruba IAP devices, configuration uses the CLI commit model:
configure terminalwlan ssid-profile )exitexitwrite memorycommit applyiapctl automatically assesses risks for each change set:
Always use secret_ref for passwords and keys:
{
"type": "auth_server",
"server_name": "radius-primary",
"ip": "10.10.10.10",
"secret_ref": "secret:radius-primary-key"
}Never commit plain-text secrets to version control.
Always review risk.json before applying changes:
cat diff/risk.jsonTest with --dry-run to verify commands without applying:
iapctl apply --dry-run ...Always run verify after applying changes:
iapctl verify --level full ...For large change sets, break them into smaller batches:
Comprehensive testing performed on real hardware:
Test Results: 10/11 tests passed (91%)
no for manual rollbackshow running-config after commit apply can timeoutMIT License - See LICENSE file for details
For issues, questions, or contributions:
Generated Mar 1, 2026
An IT team at a corporate office needs to deploy a new secure Wi-Fi network for employees and guests. They use the skill to discover existing APs, create SSID profiles with WPA2 encryption, and apply configurations with automatic rollback support to ensure network availability during rollout.
A managed service provider (MSP) manages wireless networks for multiple retail clients. They use the skill to standardize configurations across locations, monitor AP health, and safely push updates like NTP or DNS settings using batch operations and risk assessment features.
A university network engineer needs to diagnose intermittent Wi-Fi issues in a dormitory. They use the skill's monitoring commands to gather system, AP, and client data, compare configuration snapshots, and apply targeted fixes like RF template adjustments with dry-run verification.
A hotel chain updates its guest Wi-Fi infrastructure across properties. Staff use the skill to add and remove SSIDs seasonally, configure wired port profiles for back-office devices, and maintain audit trails for compliance with change history tracking.
A retail company expands its point-of-sale and inventory systems requiring new VLANs and SSIDs. The network team uses the skill to apply wired port profiles, set up SNMP for monitoring, and use interactive configuration mode to commit changes without disrupting operations.
Offer ongoing wireless network management as a service, using the skill for automated monitoring, configuration updates, and troubleshooting. Charge clients a monthly fee based on the number of APs or sites managed, with tiered support levels.
Provide one-time services for new network deployments or upgrades, leveraging the skill's device discovery, snapshot, and safe change features. Revenue comes from fixed-fee projects or hourly consulting rates for design and implementation.
Develop and sell training courses or certifications on Aruba IAP automation using this skill. Include hands-on labs for configuration management, risk assessment, and best practices, generating revenue from course fees and certification renewals.
š¬ Integration Tip
Integrate this skill with existing IT service management (ITSM) tools by using its JSON output for ticketing and logging, and combine it with secret management systems to handle password references securely.
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed.
Full desktop computer use for headless Linux servers. Xvfb + XFCE virtual desktop with xdotool automation. 17 actions (click, type, scroll, screenshot, drag,...
Essential Docker commands and workflows for container management, image operations, and debugging.
Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge
Deploy applications and manage projects with complete CLI reference. Commands for deployments, projects, domains, environment variables, and live documentation access.
Monitor topics of interest and proactively alert when important developments occur. Use when user wants automated monitoring of specific subjects (e.g., product releases, price changes, news topics, technology updates). Supports scheduled web searches, AI-powered importance scoring, smart alerts vs weekly digests, and memory-aware contextual summaries.