vca_fw – add remove firewall rules in a gateway in a vca

From Get docs
Ansible/docs/2.8/modules/vca fw module


vca_fw – add remove firewall rules in a gateway in a vca

New in version 2.0.


Synopsis

  • Adds or removes firewall rules from a gateway in a vca environment

Parameters

Parameter Choices/Defaults Comments

api_version

string

Default:

"5.7"

The API version to be used with the vca.

fw_rules

- / required

Default:

"no"

A list of firewall rules to be added to the gateway, Please see examples on valid entries

gateway_name

string

Default:

"gateway"

The name of the gateway of the vdc where the rule should be added.

host

string

The authentication host to be used when service type is vcd.

instance_id

string

The instance ID in a vchs environment to be used for creating the vapp.

org

string

The org to login to for creating vapp.

This option is required when the service_type is vdc.

password

string

The vca password, if not set the environment variable VCA_PASS is checked for the password.


aliases: pass, passwd

service_type

string

  • vca

  • vcd
  • vchs

The type of service we are authenticating against.

state

string

  • absent
  • present

Whether the object should be added or removed.

username

string

The vca username or email address, if not set the environment variable VCA_USER is checked for the username.


aliases: user

validate_certs

boolean

  • no
  • yes

If the certificates of the authentication is to be verified.


aliases: verify_certs

vdc_name

string

The name of the vdc where the gateway is located.



Examples

#Add a set of firewall rules

- hosts: localhost
  connection: local
  tasks:
   - vca_fw:
       instance_id: 'b15ff1e5-1024-4f55-889f-ea0209726282'
       vdc_name: 'benz_ansible'
       state: 'absent'
       fw_rules:
         - description: "ben testing"
           source_ip: "Any"
           dest_ip: 192.0.2.23
         - description: "ben testing 2"
           source_ip: 192.0.2.50
           source_port: "Any"
           dest_port: "22"
           dest_ip: 192.0.2.101
           is_enable: "true"
           enable_logging: "false"
           protocol: "Tcp"
           policy: "allow"

Status

Authors

  • Peter Sprygada (@privateip)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/vca_fw_module.html