W3cubDocs

/Ansible 2.10

community.general.clc_firewall_policy – Create/delete/update firewall policies

Note

This plugin is part of the community.general collection.

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.clc_firewall_policy.

Synopsis
Requirements
Parameters
Notes
Examples
Return Values

Synopsis

Create or delete or update firewall policies on Centurylink Cloud

Requirements

The below requirements are needed on the host that executes this module.

python = 2.7
requests >= 2.5.0
clc-sdk

Parameters

Parameter	Choices/Defaults	Comments
destination string		The list of destination addresses for traffic on the terminating firewall. This is required when state is 'present'
destination_account_alias string		CLC alias for the destination account
enabled string	Choices: True False Default: "yes"	Whether the firewall policy is enabled or disabled
firewall_policy_id string		Id of the firewall policy. This is required to update or delete an existing firewall policy
location string / required		Target datacenter for the firewall policy
ports string	Choices: any icmp TCP/123 UDP/123 TCP/123-456 UDP/123-456	The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges.
source string		The list of source addresses for traffic on the originating firewall. This is required when state is 'present'
source_account_alias string / required		CLC alias for the source account
state string	Choices: present ← absent	Whether to create or delete the firewall policy
wait boolean	Choices: no yes ←	Whether to wait for the provisioning tasks to finish before returning.

Notes

Note

To use this module, it is required to set the below environment variables which enables access to the Centurylink Cloud - CLC_V2_API_USERNAME, the account login id for the centurylink cloud - CLC_V2_API_PASSWORD, the account password for the centurylink cloud
Alternatively, the module accepts the API token and account alias. The API token can be generated using the CLC account login and password via the HTTP api call @ https://api.ctl.io/v2/authentication/login - CLC_V2_API_TOKEN, the API token generated from https://api.ctl.io/v2/authentication/login - CLC_ACCT_ALIAS, the account alias associated with the centurylink cloud
Users can set CLC_V2_API_URL to specify an endpoint for pointing to a different CLC environment.

Examples

---
- name: Create Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Create / Verify an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: present
        source: 10.128.216.0/24
        destination: 10.128.216.0/24
        ports: Any
        destination_account_alias: WFAD

---
- name: Delete Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Delete an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: absent
        firewall_policy_id: c62105233d7a4231bd2e91b9c791e43e1

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
firewall_policy dictionary	success	The fire wall policy information Sample: {'destination': ['10.1.1.0/24', '10.2.2.0/24'], 'destinationAccount': 'wfad', 'enabled': True, 'id': 'fc36f1bfd47242e488a9c44346438c05', 'links': [{'href': 'http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05', 'rel': 'self', 'verbs': ['GET', 'PUT', 'DELETE']}], 'ports': ['any'], 'source': ['10.1.1.0/24', '10.2.2.0/24'], 'status': 'active'}
firewall_policy_id string	success	The fire wall policy id Sample: fc36f1bfd47242e488a9c44346438c05

Authors

CLC Runner (@clc-runner)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/general/clc_firewall_policy_module.html