community.digitalocean.digital_ocean_firewall – Manage cloud firewalls within DigitalOcean¶
Note
This plugin is part of the community.digitalocean collection (version 1.1.1).
To install it use: ansible-galaxy collection install community.digitalocean
.
To use it in a playbook, specify: community.digitalocean.digital_ocean_firewall
.
New in version 1.1.0: of community.digitalocean
Parameters¶
Examples¶
# Allows tcp connections to port 22 (SSH) from specific sources
# Allows tcp connections to ports 80 and 443 from any source
# Allows outbound access to any destination for protocols tcp, udp and icmp
# The firewall rules will be applied to any droplets with the tag "sample"
- name: Create a Firewall named my-firewall
digital_ocean_firewall:
name: my-firewall
state: present
inbound_rules:
- protocol: "tcp"
ports: "22"
sources:
addresses: ["1.2.3.4"]
droplet_ids: ["my_droplet_id_1", "my_droplet_id_2"]
load_balancer_uids: ["my_lb_id_1", "my_lb_id_2"]
tags: ["tag_1", "tag_2"]
- protocol: "tcp"
ports: "80"
sources:
addresses: ["0.0.0.0/0", "::/0"]
- protocol: "tcp"
ports: "443"
sources:
addresses: ["0.0.0.0/0", "::/0"]
outbound_rules:
- protocol: "tcp"
ports: "1-65535"
destinations:
addresses: ["0.0.0.0/0", "::/0"]
- protocol: "udp"
ports: "1-65535"
destinations:
addresses: ["0.0.0.0/0", "::/0"]
- protocol: "icmp"
ports: "1-65535"
destinations:
addresses: ["0.0.0.0/0", "::/0"]
droplet_ids: []
tags: ["sample"]
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Authors¶
Anthony Bond (@BondAnthony)
Lucas Basquerotto (@lucasbasquerotto)