vultr.cloud.firewall_rule module – Manages firewall rules on Vultr
Note
This module is part of the vultr.cloud collection (version 1.13.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install vultr.cloud.
To use it in a playbook, specify: vultr.cloud.firewall_rule.
New in vultr.cloud 1.0.0
Synopsis
Create and remove firewall rules.
Parameters
Parameter |
Comments |
|---|---|
URL to API endpint (without trailing slash). Fallback environment variable Default: |
|
API key of the Vultr API. Fallback environment variable |
|
Amount of retries in case of the Vultr API retuns an HTTP error code, such as - 429 Too Many Requests - 500 Internal Server Error - 504 Gateway Time-out Fallback environment variable Default: |
|
Retry backoff delay in seconds is exponential up to this max. value, in seconds. Fallback environment variable Default: |
|
HTTP timeout to Vultr API. Fallback environment variable Default: |
|
Name of the firewall group. |
|
IP address version Choices:
|
|
Notes of the firewall rule. |
|
Single port or port range, e.g. Required if protocol is tcp or udp and state=present. |
|
Protocol of the firewall rule. Choices:
|
|
Possible values are Mutally exclusive with subnet. |
|
State of the firewall rule. Choices:
|
|
The network or IP, e.g. 192.0.2.123 or 0.0.0.0. Mutally exclusive with source. |
|
The number of bits for the netmask in CIDR notation, e.g. |
|
Validate SSL certs of the Vultr API. Choices:
|
Notes
Note
Also see the API documentation on https://www.vultr.com/api/.
Examples
- name: Ensure a firewall rule is present
vultr.cloud.firewall_rule:
group: web
port: 80
protocol: tcp
ip_type: v4
subnet: "0.0.0.0"
subnet_size: 0
notes: "open HTTP to the world"
- name: Ensure a firewall rule with port range is present
vultr.cloud.firewall_rule:
group: apps
port: "8000:8999"
protocol: tcp
ip_type: v4
subnet: "10.10.10.0"
subnet_size: 24
- name: Ensure a firewall rule is absent
vultr.cloud.firewall_rule:
group: apps
port: "443"
protocol: tcp
ip_type: v6
subnet: "::"
subnet_size: 0
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Response from Vultr API with a few additions/modification. Returned: success |
|
Endpoint used for the API requests. Returned: success Sample: |
|
Amount of max retries for the API requests. Returned: success Sample: |
|
Exponential backoff delay in seconds between retries up to this max delay value. Returned: success Sample: |
|
Timeout used for the API requests. Returned: success Sample: |
|
Response from Vultr API. Returned: success |
|
Action of the firewall rule. Returned: success Sample: |
|
ID of the firewall rule. Returned: success Sample: |
|
IP type of the firewall rule. Returned: success Sample: |
|
Supplied description of the firewall rule. Returned: success Sample: |
|
Port or port range of the firewall rule. Returned: success Sample: |
|
Protocol of the firewall rule. Returned: success Sample: |
|
Source string of the firewall rule. Returned: success Sample: |
|
Subnet of the firewall rule. Returned: success Sample: |
|
Size of the subnet of the firewall rule. Returned: success Sample: |