ngine_io.cloudstack.cs_firewall – Manages firewall rules on Apache CloudStack based clouds.¶
Note
This plugin is part of the ngine_io.cloudstack collection (version 2.1.0).
To install it use: ansible-galaxy collection install ngine_io.cloudstack
.
To use it in a playbook, specify: ngine_io.cloudstack.cs_firewall
.
New in version 0.1.0: of ngine_io.cloudstack
Requirements¶
The below requirements are needed on the host that executes this module.
python >= 2.6
cs >= 0.9.0
Parameters¶
Notes¶
Note
A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.
This module supports check mode.
Examples¶
- name: Allow inbound port 80/tcp from 1.2.3.4 to 4.3.2.1
ngine_io.cloudstack.cs_firewall:
ip_address: 4.3.2.1
zone: zone01
port: 80
cidr: 1.2.3.4/32
- name: Allow inbound tcp/udp port 53 to 4.3.2.1
ngine_io.cloudstack.cs_firewall:
ip_address: 4.3.2.1
zone: zone01
port: 53
protocol: '{{ item }}'
with_items:
- tcp
- udp
- name: Ensure firewall rule is removed
ngine_io.cloudstack.cs_firewall:
ip_address: 4.3.2.1
zone: zone01
start_port: 8000
end_port: 8888
cidr: 17.0.0.0/8
state: absent
- name: Allow all outbound traffic
ngine_io.cloudstack.cs_firewall:
network: my_network
zone: zone01
type: egress
protocol: all
- name: Allow only HTTP outbound traffic for an IP
ngine_io.cloudstack.cs_firewall:
network: my_network
zone: zone01
type: egress
port: 80
cidr: 10.101.1.20
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Authors¶
René Moser (@resmo)