cs_securitygroup – Manages security groups on Apache CloudStack based clouds.

New in version 2.0.

Synopsis

  • Create and remove security groups.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6
  • cs >= 0.6.10

Parameters

Parameter Choices/Defaults Comments
account
-
Account the security group is related to.
api_http_method
-
    Choices:
  • get
  • post
HTTP method used to query the API endpoint.
If not given, the CLOUDSTACK_METHOD env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is get if not specified.
api_key
-
API key of the CloudStack API.
If not given, the CLOUDSTACK_KEY env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
api_region
-
Default:
"cloudstack"
Name of the ini section in the cloustack.ini file.
If not given, the CLOUDSTACK_REGION env variable is considered.
api_secret
-
Secret key of the CloudStack API.
If not set, the CLOUDSTACK_SECRET env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
api_timeout
-
HTTP timeout in seconds.
If not given, the CLOUDSTACK_TIMEOUT env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is 10 seconds if not specified.
api_url
-
URL of the CloudStack API e.g. https://cloud.example.com/client/api.
If not given, the CLOUDSTACK_ENDPOINT env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
description
-
Description of the security group.
domain
-
Domain the security group is related to.
name
- / required
Name of the security group.
project
-
Name of the project the security group to be created in.
state
-
    Choices:
  • present ←
  • absent
State of the security group.

Notes

Note

  • Ansible uses the cs library’s configuration method if credentials are not provided by the arguments api_url, api_key, api_secret. Configuration is read from several locations, in the following order. The CLOUDSTACK_ENDPOINT, CLOUDSTACK_KEY, CLOUDSTACK_SECRET and CLOUDSTACK_METHOD. CLOUDSTACK_TIMEOUT environment variables. A CLOUDSTACK_CONFIG environment variable pointing to an .ini file. A cloudstack.ini file in the current working directory. A .cloudstack.ini file in the users home directory. Optionally multiple credentials and endpoints can be specified using ini sections in cloudstack.ini. Use the argument api_region to select the section name, default section is cloudstack. See https://github.com/exoscale/cs for more information.
  • A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.
  • This module supports check mode.

Examples

- name: create a security group
  local_action:
    module: cs_securitygroup
    name: default
    description: default security group

- name: remove a security group
  local_action:
    module: cs_securitygroup
    name: default
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
account
string
success
Account the security group is related to.

Sample:
example account
description
string
success
Description of security group.

Sample:
application security group
domain
string
success
Domain the security group is related to.

Sample:
example domain
id
string
success
UUID of the security group.

Sample:
a6f7a5fc-43f8-11e5-a151-feff819cdc9f
name
string
success
Name of security group.

Sample:
app
project
string
success
Name of project the security group is related to.

Sample:
Production
tags
dictionary
success
List of resource tags associated with the security group.

Sample:
[ { "key": "foo", "value": "bar" } ]


Status

  • This module is guaranteed to have no backward incompatible interface changes going forward. [stableinterface]
  • This module is maintained by the Ansible Community. [community]

Authors

  • René Moser (@resmo)

Hint

If you notice any issues in this documentation you can edit this document to improve it.