W3cubDocs

/Ansible 2.7

clc_firewall_policy - Create/delete/update firewall policies

New in version 2.0.

Synopsis
- Requirements
Parameters
Notes
Examples
Return Values
Status
Maintenance
- Author

Synopsis

Create or delete or update firewall polices on Centurylink Cloud

Requirements

The below requirements are needed on the host that executes this module.

python = 2.7
requests >= 2.5.0
clc-sdk

Parameters

Parameter	Choices/Defaults	Comments
destination		The list of destination addresses for traffic on the terminating firewall. This is required when state is 'present'
destination_account_alias		CLC alias for the destination account
enabled	Choices: yes ← no Default: yes	Whether the firewall policy is enabled or disabled
firewall_policy_id		Id of the firewall policy. This is required to update or delete an existing firewall policy
location required		Target datacenter for the firewall policy
ports	Choices: any icmp TCP/123 UDP/123 TCP/123-456 UDP/123-456	The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges.
source		The list of source addresses for traffic on the originating firewall. This is required when state is 'present'
source_account_alias required		CLC alias for the source account
state	Choices: present ← absent	Whether to create or delete the firewall policy
wait bool	Choices: no yes ←	Whether to wait for the provisioning tasks to finish before returning.

Notes

Note

To use this module, it is required to set the below environment variables which enables access to the Centurylink Cloud - CLC_V2_API_USERNAME, the account login id for the centurylink cloud - CLC_V2_API_PASSWORD, the account password for the centurylink cloud
Alternatively, the module accepts the API token and account alias. The API token can be generated using the CLC account login and password via the HTTP api call @ https://api.ctl.io/v2/authentication/login - CLC_V2_API_TOKEN, the API token generated from https://api.ctl.io/v2/authentication/login - CLC_ACCT_ALIAS, the account alias associated with the centurylink cloud
Users can set CLC_V2_API_URL to specify an endpoint for pointing to a different CLC environment.

Examples

---
- name: Create Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Create / Verify an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: present
        source: 10.128.216.0/24
        destination: 10.128.216.0/24
        ports: Any
        destination_account_alias: WFAD

---
- name: Delete Firewall Policy
  hosts: localhost
  gather_facts: False
  connection: local
  tasks:
    - name: Delete an Firewall Policy at CenturyLink Cloud
      clc_firewall:
        source_account_alias: WFAD
        location: VA1
        state: absent
        firewall_policy_id: c62105233d7a4231bd2e91b9c791e43e1

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
firewall_policy dict	success	The fire wall policy information Sample: {'status': 'active', 'links': [{'href': 'http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05', 'verbs': ['GET', 'PUT', 'DELETE'], 'rel': 'self'}], 'destination': ['10.1.1.0/24', '10.2.2.0/24'], 'enabled': True, 'ports': ['any'], 'source': ['10.1.1.0/24', '10.2.2.0/24'], 'destinationAccount': 'wfad', 'id': 'fc36f1bfd47242e488a9c44346438c05'}
firewall_policy_id string	success	The fire wall policy id Sample: fc36f1bfd47242e488a9c44346438c05

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

CLC Runner (@clc-runner)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/clc_firewall_policy_module.html