ngine_io.cloudstack.cs_securitygroup module – Manages security groups on Apache CloudStack based clouds.

Note

This module is part of the ngine_io.cloudstack collection (version 2.5.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install ngine_io.cloudstack. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: ngine_io.cloudstack.cs_securitygroup.

New in ngine_io.cloudstack 0.1.0

Synopsis

  • Create and remove security groups.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6

  • cs >= 0.9.0

Parameters

Parameter

Comments

account

string

Account the security group is related to.

api_http_method

string

HTTP method used to query the API endpoint.

If not given, the CLOUDSTACK_METHOD env variable is considered.

Choices:

  • "get" ← (default)

  • "post"

api_key

string / required

API key of the CloudStack API.

If not given, the CLOUDSTACK_KEY env variable is considered.

api_secret

string / required

Secret key of the CloudStack API.

If not set, the CLOUDSTACK_SECRET env variable is considered.

api_timeout

integer

HTTP timeout in seconds.

If not given, the CLOUDSTACK_TIMEOUT env variable is considered.

Default: 10

api_url

string / required

URL of the CloudStack API e.g. https://cloud.example.com/client/api.

If not given, the CLOUDSTACK_ENDPOINT env variable is considered.

api_verify_ssl_cert

string

Verify CA authority cert file.

If not given, the CLOUDSTACK_VERIFY env variable is considered.

description

string

Description of the security group.

domain

string

Domain the security group is related to.

name

string / required

Name of the security group.

project

string

Name of the project the security group to be created in.

state

string

State of the security group.

Choices:

  • "present" ← (default)

  • "absent"

validate_certs

boolean

added in ngine_io.cloudstack 2.4.0

If false, SSL certificates will not be validated.

If not given, the CLOUDSTACK_DANGEROUS_NO_TLS_VERIFY env variable is considered.

This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Notes

Note

  • A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.

  • This module supports check mode.

Examples

- name: create a security group
  ngine_io.cloudstack.cs_securitygroup:
    name: default
    description: default security group

- name: remove a security group
  ngine_io.cloudstack.cs_securitygroup:
    name: default
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

account

string

Account the security group is related to.

Returned: success

Sample: "example account"

description

string

Description of security group.

Returned: success

Sample: "application security group"

domain

string

Domain the security group is related to.

Returned: success

Sample: "example domain"

id

string

UUID of the security group.

Returned: success

Sample: "a6f7a5fc-43f8-11e5-a151-feff819cdc9f"

name

string

Name of security group.

Returned: success

Sample: "app"

project

string

Name of project the security group is related to.

Returned: success

Sample: "Production"

tags

list / elements=string

List of resource tags associated with the security group.

Returned: success

Sample: ["[ { \"key\": \"foo\"", " \"value\": \"bar\" } ]"]

Authors

  • René Moser (@resmo)