vultr_firewall_rule – Manages firewall rules on Vultr.

From Get docs
Ansible/docs/2.7/modules/vultr firewall rule module


vultr_firewall_rule – Manages firewall rules on Vultr.

New in version 2.5.


Synopsis

  • Create and remove firewall rules.

Aliases: vr_firewall_rule

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6

Parameters

Parameter Choices/Defaults Comments

api_account

-

Default:

"default"

Name of the ini section in the vultr.ini file.

The ENV variable VULTR_API_ACCOUNT is used as default, when defined.

api_endpoint

-

URL to API endpint (without trailing slash).

The ENV variable VULTR_API_ENDPOINT is used as default, when defined.

Fallback value is https://api.vultr.com if not specified.

api_key

-

API key of the Vultr API.

The ENV variable VULTR_API_KEY is used as default, when defined.

api_retries

-

Amount of retries in case of the Vultr API retuns an HTTP 503 code.

The ENV variable VULTR_API_RETRIES is used as default, when defined.

Fallback value is 5 retries if not specified.

api_timeout

-

HTTP timeout to Vultr API.

The ENV variable VULTR_API_TIMEOUT is used as default, when defined.

Fallback value is 60 seconds if not specified.

cidr

-

Network in CIDR format

The CIDR format must match with the ip_version value.

Required if state=present.

Defaulted to 0.0.0.0/0 or ::/0 depending on ip_version.

end_port

-

End port for the firewall rule.

Only considered if protocol is tcp or udp and state=present.

group

- / required

Name of the firewall group.

ip_version

-

  • v4

  • v6

IP address version


aliases: ip_type

protocol

-

  • icmp
  • tcp

  • udp
  • gre

Protocol of the firewall rule.

start_port

-

Start port for the firewall rule.

Required if protocol is tcp or udp and state=present.


aliases: port

state

-

  • present

  • absent

State of the firewall rule.

validate_certs

boolean

  • no
  • yes

Validate SSL certs of the Vultr API.



Notes

Note


Examples

- name: ensure a firewall rule is present
  local_action:
    module: vultr_firewall_rule
    group: application
    protocol: tcp
    start_port: 8000
    end_port: 9000
    cidr: 17.17.17.0/24

- name: open DNS port for all ipv4 and ipv6
  local_action:
    module: vultr_firewall_rule
    group: dns
    protocol: udp
    port: 53
    ip_version: "{{ item }}"
  with_items: [ v4, v6 ]

- name: allow ping
  local_action:
    module: vultr_firewall_rule
    group: web
    protocol: icmp

- name: ensure a firewall rule is absent
  local_action:
    module: vultr_firewall_rule
    group: application
    protocol: tcp
    start_port: 8000
    end_port: 9000
    cidr: 17.17.17.0/24
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

vultr_api

complex

success

Response from Vultr API with a few additions/modification


api_account

string

success

Account used in the ini file to select the key


Sample:

default

api_endpoint

string

success

Endpoint used for the API requests


Sample:

api_retries

integer

success

Amount of max retries for the API requests


Sample:

5

api_timeout

integer

success

Timeout used for the API requests


Sample:

60

vultr_firewall_rule

complex

success

Response from Vultr API


action

string

success

Action of the firewall rule


Sample:

accept

cidr

string

success and when port range

CIDR of the firewall rule (IPv4 or IPv6)


Sample:

0.0.0.0/0

end_port

integer

success and when port range and protocol is tcp or udp

End port of the firewall rule


Sample:

8080

group

string

success

Firewall group the rule is into.


Sample:

web

protocol

string

success

Protocol of the firewall rule


Sample:

tcp

rule_number

integer

success

Rule number of the firewall rule


Sample:

2

start_port

integer

success and protocol is tcp or udp

Start port of the firewall rule


Sample:

80




Status

Authors

  • René Moser (@resmo)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/vultr_firewall_rule_module.html