W3cubDocs

/Ansible

community.general.clc_firewall_policy module – Create/delete/update firewall policies

Note

This module is part of the community.general collection (version 10.7.3).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: community.general.clc_firewall_policy.

DEPRECATED
Synopsis
Requirements
Parameters
Attributes
Notes
Examples
Return Values
Status

DEPRECATED

Removed in:: version 11.0.0
Why:: Lumen Public Cloud (formerly known as CenturyLink Cloud) has gone End-of-Life in September 2023. See more at https://www.ctl.io/knowledge-base/release-notes/2023/lumen-public-cloud-platform-end-of-life-notice/?.
Alternative:: There is none.

Synopsis

Create or delete or update firewall policies on Centurylink Cloud.

Requirements

The below requirements are needed on the host that executes this module.

requests >= 2.5.0
clc-sdk

Parameters

Parameter	Comments
destination list / elements=string	The list of destination addresses for traffic on the terminating firewall. This is required when `state=present`.
destination_account_alias string	CLC alias for the destination account.
enabled string	Whether the firewall policy is enabled or disabled. Choices: `"True"` ← (default) `"False"`
firewall_policy_id string	ID of the firewall policy. This is required to update or delete an existing firewall policy.
location string / required	Target datacenter for the firewall policy.
ports list / elements=string	The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges. Example: `['any', 'icmp', 'TCP/123', 'UDP/123', 'TCP/123-456', 'UDP/123-456']`.
source list / elements=string	The list of source addresses for traffic on the originating firewall. This is required when `state=present`.
source_account_alias string / required	CLC alias for the source account.
state string	Whether to create or delete the firewall policy. Choices: `"present"` ← (default) `"absent"`
wait string	Whether to wait for the provisioning tasks to finish before returning. Default: `"True"`

Attributes

Attribute	Support	Description
check_mode	Support: full	Can run in `check_mode` and return changed status prediction without modifying target.
diff_mode	Support: none	Will return details on what has changed (or possibly needs changing in `check_mode`), when in diff mode.

Notes

Note

To use this module, it is required to set the below environment variables which enables access to the Centurylink Cloud.
CLC_V2_API_USERNAME, the account login ID for the Centurylink Cloud.
CLC_V2_API_PASSWORD, the account password for the Centurylink Cloud.
Alternatively, the module accepts the API token and account alias. The API token can be generated using the CLC account login and password using the HTTP API call @ https://api.ctl.io/v2/authentication/login.
CLC_V2_API_TOKEN, the API token generated from https://api.ctl.io/v2/authentication/login.
CLC_ACCT_ALIAS, the account alias associated with the Centurylink Cloud.
Users can set CLC_V2_API_URL to specify an endpoint for pointing to a different CLC environment.

Examples

- name: Create Firewall Policy
  hosts: localhost
  gather_facts: false
  connection: local
  tasks:
    - name: Create / Verify an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: present
        source: 10.128.216.0/24
        destination: 10.128.216.0/24
        ports: Any
        destination_account_alias: WFAD

- name: Delete Firewall Policy
  hosts: localhost
  gather_facts: false
  connection: local
  tasks:
    - name: Delete an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: absent
        firewall_policy_id: c62105233d7a4231bd2e91b9c791e43e1

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
firewall_policy dictionary	The firewall policy information. Returned: success Sample: `{"destination": ["10.1.1.0/24", "10.2.2.0/24"], "destinationAccount": "wfad", "enabled": true, "id": "fc36f1bfd47242e488a9c44346438c05", "links": [{"href": "http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05", "rel": "self", "verbs": ["GET", "PUT", "DELETE"]}], "ports": ["any"], "source": ["10.1.1.0/24", "10.2.2.0/24"], "status": "active"}`
firewall_policy_id string	The firewall policy ID. Returned: success Sample: `"fc36f1bfd47242e488a9c44346438c05"`

Key

Description

firewall_policy

dictionary

The firewall policy information.

Returned: success

Sample: {"destination": ["10.1.1.0/24", "10.2.2.0/24"], "destinationAccount": "wfad", "enabled": true, "id": "fc36f1bfd47242e488a9c44346438c05", "links": [{"href": "http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05", "rel": "self", "verbs": ["GET", "PUT", "DELETE"]}], "ports": ["any"], "source": ["10.1.1.0/24", "10.2.2.0/24"], "status": "active"}

firewall_policy_id

string

The firewall policy ID.

Returned: success

Sample: "fc36f1bfd47242e488a9c44346438c05"

Status

This module will be removed in version 11.0.0. [deprecated]
For more information see DEPRECATED.

Authors

CLC Runner (@clc-runner)

Collection links

© 2012–2018 Michael DeHaan
© 2018–2025 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/clc_firewall_policy_module.html