ngine_io.vultr.vultr_firewall_rule – Manages firewall rules on Vultr.¶
Note
This plugin is part of the ngine_io.vultr collection (version 1.1.0).
To install it use: ansible-galaxy collection install ngine_io.vultr
.
To use it in a playbook, specify: ngine_io.vultr.vultr_firewall_rule
.
New in version 0.1.0: of ngine_io.vultr
Requirements¶
The below requirements are needed on the host that executes this module.
python >= 2.6
Parameters¶
Parameter | Choices/Defaults | Comments |
---|---|---|
api_account
string
|
Default: "default"
|
Name of the ini section in the
vultr.ini file.The ENV variable
VULTR_API_ACCOUNT is used as default, when defined. |
api_endpoint
string
|
URL to API endpint (without trailing slash).
The ENV variable
VULTR_API_ENDPOINT is used as default, when defined.Fallback value is https://api.vultr.com if not specified.
|
|
api_key
string
|
API key of the Vultr API.
The ENV variable
VULTR_API_KEY is used as default, when defined. |
|
api_retries
integer
|
Amount of retries in case of the Vultr API retuns an HTTP 503 code.
The ENV variable
VULTR_API_RETRIES is used as default, when defined.Fallback value is 5 retries if not specified.
|
|
api_retry_max_delay
integer
|
Retry backoff delay in seconds is exponential up to this max. value, in seconds.
The ENV variable
VULTR_API_RETRY_MAX_DELAY is used as default, when defined.Fallback value is 12 seconds.
|
|
api_timeout
integer
|
HTTP timeout to Vultr API.
The ENV variable
VULTR_API_TIMEOUT is used as default, when defined.Fallback value is 60 seconds if not specified.
|
|
cidr
string
|
Network in CIDR format
The CIDR format must match with the
ip_version value.Required if
state=present .Defaulted to 0.0.0.0/0 or ::/0 depending on
ip_version . |
|
end_port
integer
|
End port for the firewall rule.
Only considered if
protocol is tcp or udp and state=present. |
|
group
string
/ required
|
Name of the firewall group.
|
|
ip_version
string
|
|
IP address version
aliases: ip_type |
protocol
string
|
|
Protocol of the firewall rule.
|
start_port
integer
|
Start port for the firewall rule.
Required if
protocol is tcp or udp and state=present.aliases: port |
|
state
string
|
|
State of the firewall rule.
|
validate_certs
boolean
|
|
Validate SSL certs of the Vultr API.
|
Notes¶
Note
Also see the API documentation on https://www.vultr.com/api/.
Examples¶
- name: ensure a firewall rule is present
ngine_io.vultr.vultr_firewall_rule:
group: application
protocol: tcp
start_port: 8000
end_port: 9000
cidr: 17.17.17.0/24
- name: open DNS port for all ipv4 and ipv6
ngine_io.vultr.vultr_firewall_rule:
group: dns
protocol: udp
port: 53
ip_version: "{{ item }}"
with_items: [ v4, v6 ]
- name: allow ping
ngine_io.vultr.vultr_firewall_rule:
group: web
protocol: icmp
- name: ensure a firewall rule is absent
ngine_io.vultr.vultr_firewall_rule:
group: application
protocol: tcp
start_port: 8000
end_port: 9000
cidr: 17.17.17.0/24
state: absent
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Authors¶
René Moser (@resmo)