community.vmware.vca_fw – add remove firewall rules in a gateway in a vca

Note

This plugin is part of the community.vmware collection.

To install it use: ansible-galaxy collection install community.vmware.

To use it in a playbook, specify: community.vmware.vca_fw.

DEPRECATED

Removed in

major release after 2022-06-01

Why

Module depends upon deprecated version of Pyvcloud library.

Alternative

Use https://github.com/vmware/ansible-module-vcloud-director instead.

Synopsis

  • Adds or removes firewall rules from a gateway in a vca environment

Parameters

Parameter Choices/Defaults Comments
api_version
string
Default:
"5.7"
The API version to be used with the vca.
fw_rules
string / required
Default:
"no"
A list of firewall rules to be added to the gateway, Please see examples on valid entries
gateway_name
string
Default:
"gateway"
The name of the gateway of the vdc where the rule should be added.
host
string
The authentication host to be used when service type is vcd.
instance_id
string
The instance ID in a vchs environment to be used for creating the vapp.
org
string
The org to login to for creating vapp.
This option is required when the service_type is vdc.
password
string
The vca password, if not set the environment variable VCA_PASS is checked for the password.

aliases: pass, passwd
service_type
string
    Choices:
  • vca ←
  • vcd
  • vchs
The type of service we are authenticating against.
state
string
    Choices:
  • absent
  • present ←
Whether the object should be added or removed.
username
string
The vca username or email address, if not set the environment variable VCA_USER is checked for the username.

aliases: user
validate_certs
boolean
    Choices:
  • no
  • yes ←
If the certificates of the authentication is to be verified.

aliases: verify_certs
vdc_name
string
The name of the vdc where the gateway is located.

Examples

#Add a set of firewall rules

- hosts: localhost
  connection: local
  tasks:
   - community.vmware.vca_fw:
       instance_id: 'b15ff1e5-1024-4f55-889f-ea0209726282'
       vdc_name: 'benz_ansible'
       state: 'absent'
       fw_rules:
         - description: "ben testing"
           source_ip: "Any"
           dest_ip: 192.0.2.23
         - description: "ben testing 2"
           source_ip: 192.0.2.50
           source_port: "Any"
           dest_port: "22"
           dest_ip: 192.0.2.101
           is_enable: "true"
           enable_logging: "false"
           protocol: "Tcp"
           policy: "allow"

Status

  • This module will be removed in a major release after 2022-06-01. [deprecated]

  • For more information see DEPRECATED.

Authors

  • Peter Sprygada (@privateip)