avi_wafpolicy – Module for setup of WafPolicy Avi RESTful Object
avi_wafpolicy – Module for setup of WafPolicy Avi RESTful Object
New in version 2.5.
Synopsis
- This module is used to configure WafPolicy object
- more examples at https://github.com/avinetworks/devops
Requirements
The below requirements are needed on the host that executes this module.
- avisdk
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
api_context - added in 2.5 |
Avi API context that includes current session ID and CSRF Token. This allows user to perform single login and re-use the session. | |
api_version - |
Default: "16.4.4" |
Avi API version of to use for Avi API and objects. |
avi_api_patch_op - added in 2.5 |
|
Patch operation to use when using avi_api_update_method as patch. |
avi_api_update_method - added in 2.5 |
|
Default method for object update is HTTP PUT. Setting to patch will override that behavior to use HTTP PATCH. |
avi_credentials - added in 2.5 |
Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details. | |
controller - |
Default: "" |
IP address or hostname of the controller. The default value is the environment variable |
created_by - |
Creator name. Field introduced in 17.2.4. | |
crs_groups - |
Waf rules are categorized in to groups based on their characterization. These groups are system created with crs groups. Field introduced in 17.2.1. | |
description - |
Field introduced in 17.2.1. | |
mode - / required |
Waf policy mode. This can be detection or enforcement. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Field introduced in 17.2.1. Default value when not specified in API or module is interpreted by Avi Controller as WAF_MODE_DETECTION_ONLY. | |
name - / required |
Field introduced in 17.2.1. | |
paranoia_level - |
Waf ruleset paranoia mode. This is used to select rules based on the paranoia-level tag. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Field introduced in 17.2.1. Default value when not specified in API or module is interpreted by Avi Controller as WAF_PARANOIA_LEVEL_LOW. | |
password - |
Default: "" |
Password of Avi user in Avi controller. The default value is the environment variable |
post_crs_groups - |
Waf rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the crs groups. Field introduced in 17.2.1. | |
pre_crs_groups - |
Waf rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the crs groups. Field introduced in 17.2.1. | |
state - |
|
The state that should be applied on the entity. |
tenant - |
Default: "admin" |
Name of tenant used for all Avi API calls and context of object. |
tenant_ref - |
It is a reference to an object of type tenant. Field introduced in 17.2.1. | |
tenant_uuid - |
Default: "" |
UUID of tenant used for all Avi API calls and context of object. |
url - |
Avi controller URL of the object. | |
username - |
Default: "" |
Username used for accessing Avi controller. The default value is the environment variable |
uuid - |
Field introduced in 17.2.1. | |
waf_profile_ref - / required |
Waf profile for waf policy. It is a reference to an object of type wafprofile. Field introduced in 17.2.1. |
Notes
Note
- For more information on using Ansible to manage Avi Network devices see https://www.ansible.com/ansible-avi-networks.
Examples
- name: Example to create WafPolicy object
avi_wafpolicy:
controller: 10.10.25.42
username: admin
password: something
state: present
name: sample_wafpolicy
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
obj dictionary |
success, changed |
WafPolicy (api/wafpolicy) object
|
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Gaurav Rastogi ([email protected])
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/avi_wafpolicy_module.html