Documentation

clc_firewall_policy - Create/delete/update firewall policies

New in version 2.0.

Synopsis

  • Create or delete or update firewall polices on Centurylink Cloud

Requirements (on host that executes module)

  • python = 2.7
  • requests >= 2.5.0
  • clc-sdk

Options

parameter required default choices comments
destination
 no None
The list of destination addresses for traffic on the terminating firewall. This is required when state is 'present'
destination_account_alias
 no None
CLC alias for the destination account
enabled
 no True
  • True
  • False
Whether the firewall policy is enabled or disabled
firewall_policy_id
 no None
Id of the firewall policy. This is required to update or delete an existing firewall policy
location
 yes
Target datacenter for the firewall policy
ports
 no None
  • any
  • icmp
  • TCP/123
  • UDP/123
  • TCP/123-456
  • UDP/123-456
The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges.
source
 no None
The list of source addresses for traffic on the originating firewall. This is required when state is 'present"
source_account_alias
 yes
CLC alias for the source account
state
 no present
  • present
  • absent
Whether to create or delete the firewall policy
wait
 no True
  • True
  • False
Whether to wait for the provisioning tasks to finish before returning.

Examples

---
- name: Create Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Create / Verify an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: present
        source: 10.128.216.0/24
        destination: 10.128.216.0/24
        ports: Any
        destination_account_alias: WFAD

---
- name: Delete Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Delete an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: absent
        firewall_policy_id: c62105233d7a4231bd2e91b9c791e43e1

Return Values

Common return values are documented here Return Values, the following are the fields unique to this module:

name description returned type sample
firewall_policy
The fire wall policy information
 success dict {'status': 'active', 'links': [{'href': 'http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05', 'verbs': ['GET', 'PUT', 'DELETE'], 'rel': 'self'}], 'destination': ['10.1.1.0/24', '10.2.2.0/24'], 'enabled': True, 'ports': ['any'], 'source': ['10.1.1.0/24', '10.2.2.0/24'], 'destinationAccount': 'wfad', 'id': 'fc36f1bfd47242e488a9c44346438c05'}
firewall_policy_id
The fire wall policy id
 success string fc36f1bfd47242e488a9c44346438c05


Notes

Note

  • To use this module, it is required to set the below environment variables which enables access to the Centurylink Cloud - CLC_V2_API_USERNAME, the account login id for the centurylink cloud - CLC_V2_API_PASSWORD, the account password for the centurylink cloud
  • Alternatively, the module accepts the API token and account alias. The API token can be generated using the CLC account login and password via the HTTP api call @ https://api.ctl.io/v2/authentication/login - CLC_V2_API_TOKEN, the API token generated from https://api.ctl.io/v2/authentication/login - CLC_ACCT_ALIAS, the account alias associated with the centurylink cloud
  • Users can set CLC_V2_API_URL to specify an endpoint for pointing to a different CLC environment.

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.