community.general.oneandone_firewall_policy – Configure 1&1 firewall policy.
Note
This plugin is part of the community.general collection (version 3.8.1).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.oneandone_firewall_policy
.
Synopsis
- Create, remove, reconfigure, update firewall policies. This module has a dependency on 1and1 >= 1.0
Requirements
The below requirements are needed on the host that executes this module.
- 1and1
- python >= 2.6
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
add_rules list / elements=dictionary | A list of rules that will be added to an existing firewall policy. It is syntax is the same as the one used for rules parameter. Used in combination with update state. | |
add_server_ips list / elements=string | A list of server identifiers (id or name) to be assigned to a firewall policy. Used in combination with update state. | |
api_url string | Custom API URL. Overrides the ONEANDONE_API_URL environment variable. | |
auth_token string | Authenticating API token provided by 1&1. | |
description string | Firewall policy description. maxLength=256 | |
firewall_policy string | The identifier (id or name) of the firewall policy used with update state. | |
name string | Firewall policy name used with present state. Used as identifier (id or name) when used with absent state. maxLength=128 | |
remove_rules list / elements=string | A list of rule ids that will be removed from an existing firewall policy. Used in combination with update state. | |
remove_server_ips list / elements=string | A list of server IP ids to be unassigned from a firewall policy. Used in combination with update state. | |
rules list / elements=dictionary | A list of rules that will be set for the firewall policy. Each rule must contain protocol parameter, in addition to three optional parameters (port_from, port_to, and source) | |
state string |
| Define a firewall policy state to create, remove, or update. |
wait boolean |
| wait for the instance to be in state 'running' before returning |
wait_interval integer | Default: 5 | Defines the number of seconds to wait when using the _wait_for methods |
wait_timeout integer | Default: 600 | how long before wait gives up, in seconds |
Examples
- name: Create a firewall policy community.general.oneandone_firewall_policy: auth_token: oneandone_private_api_key name: ansible-firewall-policy description: Testing creation of firewall policies with ansible rules: - protocol: TCP port_from: 80 port_to: 80 source: 0.0.0.0 wait: true wait_timeout: 500 - name: Destroy a firewall policy community.general.oneandone_firewall_policy: auth_token: oneandone_private_api_key state: absent name: ansible-firewall-policy - name: Update a firewall policy community.general.oneandone_firewall_policy: auth_token: oneandone_private_api_key state: update firewall_policy: ansible-firewall-policy name: ansible-firewall-policy-updated description: Testing creation of firewall policies with ansible - updated - name: Add server to a firewall policy community.general.oneandone_firewall_policy: auth_token: oneandone_private_api_key firewall_policy: ansible-firewall-policy-updated add_server_ips: - server_identifier (id or name) - server_identifier #2 (id or name) wait: true wait_timeout: 500 state: update - name: Remove server from a firewall policy community.general.oneandone_firewall_policy: auth_token: oneandone_private_api_key firewall_policy: ansible-firewall-policy-updated remove_server_ips: - B2504878540DBC5F7634EB00A07C1EBD (server's IP id) wait: true wait_timeout: 500 state: update - name: Add rules to a firewall policy community.general.oneandone_firewall_policy: auth_token: oneandone_private_api_key firewall_policy: ansible-firewall-policy-updated description: Adding rules to an existing firewall policy add_rules: - protocol: TCP port_from: 70 port_to: 70 source: 0.0.0.0 - protocol: TCP port_from: 60 port_to: 60 source: 0.0.0.0 wait: true wait_timeout: 500 state: update - name: Remove rules from a firewall policy community.general.oneandone_firewall_policy: auth_token: oneandone_private_api_key firewall_policy: ansible-firewall-policy-updated remove_rules: - rule_id #1 - rule_id #2 - ... wait: true wait_timeout: 500 state: update
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
firewall_policy dictionary | always | Information about the firewall policy that was processed Sample: {"id": "92B74394A397ECC3359825C1656D67A6", "name": "Default Policy"} |
Authors
- Amel Ajdinovic (@aajdinov)
- Ethan Devenport (@edevenport)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/oneandone_firewall_policy_module.html