You are reading an unmaintained version of the Ansible documentation. Unmaintained Ansible versions can contain unfixed security vulnerabilities (CVE). Please upgrade to a maintained version. See the latest Ansible documentation.

hetzner.hcloud.hcloud_firewall module – Create and manage firewalls on the Hetzner Cloud.

Note

This module is part of the hetzner.hcloud collection (version 1.6.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install hetzner.hcloud.

To use it in a playbook, specify: hetzner.hcloud.hcloud_firewall.

Synopsis

• Create, update and manage firewalls on the Hetzner Cloud.

Requirements

The below requirements are needed on the host that executes this module.

• hcloud-python >= 1.0.0

Parameters

Parameter	Comments
api_token string / required	This is the API Token for the Hetzner Cloud.
endpoint string	This is the API Endpoint for the Hetzner Cloud. Default: “https://api.hetzner.cloud/v1”
id integer	The ID of the Hetzner Cloud firewall to manage. Only required if no firewall name is given
labels dictionary	User-defined labels (key-value pairs)
name string	The Name of the Hetzner Cloud firewall to manage. Only required if no firewall id is given, or a firewall does not exists.
rules list / elements=dictionary	List of rules the firewall should contain.
description string	User defined description of this rule.
destination_ips list / elements=string	List of CIDRs that are allowed within this rule
direction string	The direction of the firewall rule. Choices: in out
port string	The port of the firewall rule.
protocol string	The protocol of the firewall rule. Choices: icmp tcp udp
source_ips list / elements=string	List of CIDRs that are allowed within this rule
state string	State of the firewall. Choices: absent present ← (default)

See Also

See also

Documentation for Hetzner Cloud API

Complete reference for the Hetzner Cloud API.

Examples

- name: Create a basic firewall
  hcloud_firewall:
    name: my-firewall
    state: present

- name: Create a firewall with rules
  hcloud_firewall:
    name: my-firewall
    rules:
       - direction: in
         protocol: icmp
         source_ips:
           - 0.0.0.0/0
           - ::/0
         description: allow icmp in
    state: present

- name: Create a firewall with labels
  hcloud_firewall:
    name: my-firewall
    labels:
        key: value
        mylabel: 123
    state: present

- name: Ensure the firewall is absent (remove if needed)
  hcloud_firewall:
    name: my-firewall
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
hcloud_firewall complex	The firewall instance Returned: Always
id integer	Numeric identifier of the firewall Returned: always Sample: 1937415
labels dictionary	User-defined labels (key-value pairs) Returned: always
name string	Name of the firewall Returned: always Sample: “my firewall”
rules complex	List of Rules within this Firewall Returned: always
description string	User defined description of the Firewall Rule Returned: always
destination_ips list / elements=string	Source IPs of the Firewall Returned: always
direction string	Direction of the Firewall Rule Returned: always Sample: “in”
port string	Port of the Firewall Rule, None/Null if protocol is icmp Returned: always Sample: “in”
protocol string	Protocol of the Firewall Rule Returned: always Sample: “icmp”
source_ips list / elements=string	Source IPs of the Firewall Returned: always

Authors

• Lukas Kaemmerling (@lkaemmerling)

Collection links

Issue Tracker Repository (Sources)