community.vmware.vmware_host_firewall_manager – Manage firewall configurations about an ESXi host¶
Note
This plugin is part of the community.vmware collection (version 1.9.0).
To install it use: ansible-galaxy collection install community.vmware
.
To use it in a playbook, specify: community.vmware.vmware_host_firewall_manager
.
Synopsis¶
This module can be used to manage firewall configurations about an ESXi host when ESXi hostname or Cluster name is given.
Requirements¶
The below requirements are needed on the host that executes this module.
python >= 2.6
PyVmomi
Parameters¶
Examples¶
- name: Enable vvold rule set for all ESXi Host in given Cluster
community.vmware.vmware_host_firewall_manager:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
cluster_name: cluster_name
rules:
- name: vvold
enabled: True
allowed_hosts:
all_ip: True
delegate_to: localhost
- name: Enable vvold rule set for an ESXi Host
community.vmware.vmware_host_firewall_manager:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
esxi_hostname: '{{ esxi_hostname }}'
rules:
- name: vvold
enabled: True
allowed_hosts:
all_ip: True
delegate_to: localhost
- name: Manage multiple rule set for an ESXi Host
community.vmware.vmware_host_firewall_manager:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
esxi_hostname: '{{ esxi_hostname }}'
rules:
- name: vvold
enabled: True
allowed_hosts:
all_ip: True
- name: CIMHttpServer
enabled: False
delegate_to: localhost
- name: Manage IP and network based firewall permissions for ESXi
community.vmware.vmware_host_firewall_manager:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
esxi_hostname: '{{ esxi_hostname }}'
rules:
- name: gdbserver
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- 192.168.20.10
- 192.168.20.11
- name: CIMHttpServer
enabled: True
allowed_hosts:
all_ip: False
ip_network:
- 192.168.100.0/24
- name: remoteSerialPort
enabled: True
allowed_hosts:
all_ip: False
ip_address:
- 192.168.100.11
ip_network:
- 192.168.200.0/24
delegate_to: localhost
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Authors¶
Abhijeet Kasurde (@Akasurde)
Aaron Longchamps (@alongchamps)