clc_firewall_policy – Create/delete/update firewall policies

New in version 2.0.

Synopsis

• Create or delete or update firewall polices on Centurylink Cloud

Requirements

The below requirements are needed on the host that executes this module.

• python = 2.7
• requests >= 2.5.0
• clc-sdk

Parameters

Parameter	Choices/Defaults	Comments
destination -		The list of destination addresses for traffic on the terminating firewall. This is required when state is 'present'
destination_account_alias -		CLC alias for the destination account
enabled -	Choices: yes ← no Default: "yes"	Whether the firewall policy is enabled or disabled
firewall_policy_id -		Id of the firewall policy. This is required to update or delete an existing firewall policy
location - / required		Target datacenter for the firewall policy
ports -	Choices: any icmp TCP/123 UDP/123 TCP/123-456 UDP/123-456	The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges.
source -		The list of source addresses for traffic on the originating firewall. This is required when state is 'present'
source_account_alias - / required		CLC alias for the source account
state -	Choices: present ← absent	Whether to create or delete the firewall policy
wait boolean	Choices: no yes ←	Whether to wait for the provisioning tasks to finish before returning.

Notes

Note

• To use this module, it is required to set the below environment variables which enables access to the Centurylink Cloud - CLC_V2_API_USERNAME, the account login id for the centurylink cloud - CLC_V2_API_PASSWORD, the account password for the centurylink cloud
• Alternatively, the module accepts the API token and account alias. The API token can be generated using the CLC account login and password via the HTTP api call @ https://api.ctl.io/v2/authentication/login - CLC_V2_API_TOKEN, the API token generated from https://api.ctl.io/v2/authentication/login - CLC_ACCT_ALIAS, the account alias associated with the centurylink cloud
• Users can set CLC_V2_API_URL to specify an endpoint for pointing to a different CLC environment.

Examples

---
- name: Create Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Create / Verify an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: present
        source: 10.128.216.0/24
        destination: 10.128.216.0/24
        ports: Any
        destination_account_alias: WFAD

---
- name: Delete Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Delete an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: absent
        firewall_policy_id: c62105233d7a4231bd2e91b9c791e43e1

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
firewall_policy dictionary	success	The fire wall policy information Sample: {'destination': ['10.1.1.0/24', '10.2.2.0/24'], 'destinationAccount': 'wfad', 'enabled': True, 'id': 'fc36f1bfd47242e488a9c44346438c05', 'links': [{'href': 'http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05', 'rel': 'self', 'verbs': ['GET', 'PUT', 'DELETE']}], 'ports': ['any'], 'source': ['10.1.1.0/24', '10.2.2.0/24'], 'status': 'active'}
firewall_policy_id string	success	The fire wall policy id Sample: fc36f1bfd47242e488a9c44346438c05

Status

• This module is not guaranteed to have a backwards compatible interface. [preview]
• This module is maintained by the Ansible Community. [community]

Authors

• CLC Runner (@clc-runner)

Hint

If you notice any issues in this documentation you can edit this document to improve it.