clc_firewall_policy - Create/delete/update firewall policies
New in version 2.0.
Synopsis
Create or delete or update firewall polices on Centurylink Cloud
Requirements (on host that executes module)
- python = 2.7
- requests >= 2.5.0
- clc-sdk
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| destination |
no | None | The list of destination addresses for traffic on the terminating firewall. This is required when state is 'present' | |
| destination_account_alias |
no | None | CLC alias for the destination account | |
| enabled |
no | True |
|
Whether the firewall policy is enabled or disabled |
| firewall_policy_id |
no | None | Id of the firewall policy. This is required to update or delete an existing firewall policy | |
| location |
yes | Target datacenter for the firewall policy | ||
| ports |
no | None |
|
The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges. |
| source |
no | None | The list of source addresses for traffic on the originating firewall. This is required when state is 'present" | |
| source_account_alias |
yes | CLC alias for the source account | ||
| state |
no | present |
|
Whether to create or delete the firewall policy |
| wait |
no | True |
|
Whether to wait for the provisioning tasks to finish before returning. |
Examples
--- - name: Create Firewall Policy hosts: localhost gather_facts: False connection: local tasks: - name: Create / Verify an Firewall Policy at CenturyLink Cloud clc_firewall: source_account_alias: WFAD location: VA1 state: present source: 10.128.216.0/24 destination: 10.128.216.0/24 ports: Any destination_account_alias: WFAD --- - name: Delete Firewall Policy hosts: localhost gather_facts: False connection: local tasks: - name: Delete an Firewall Policy at CenturyLink Cloud clc_firewall: source_account_alias: WFAD location: VA1 state: absent firewall_policy_id: 'c62105233d7a4231bd2e91b9c791e43e1'
Return Values
Common return values are documented here Common Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| firewall_policy | The fire wall policy information | success | dict | {'status': 'active', 'links': [{'href': 'http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05', 'verbs': ['GET', 'PUT', 'DELETE'], 'rel': 'self'}], 'destination': ['10.1.1.0/24', '10.2.2.0/24'], 'enabled': True, 'ports': ['any'], 'source': ['10.1.1.0/24', '10.2.2.0/24'], 'destinationAccount': 'wfad', 'id': 'fc36f1bfd47242e488a9c44346438c05'} |
| changed | A flag indicating if any change was made or not | success | boolean | True |
| firewall_policy_id | The fire wall policy id | success | string | fc36f1bfd47242e488a9c44346438c05 |
Notes
Note
To use this module, it is required to set the below environment variables which enables access to the Centurylink Cloud - CLC_V2_API_USERNAME, the account login id for the centurylink cloud - CLC_V2_API_PASSWORD, the account password for the centurylink cloud
Note
Alternatively, the module accepts the API token and account alias. The API token can be generated using the CLC account login and password via the HTTP api call @ https://api.ctl.io/v2/authentication/login - CLC_V2_API_TOKEN, the API token generated from https://api.ctl.io/v2/authentication/login - CLC_ACCT_ALIAS, the account alias associated with the centurylink cloud
Note
Users can set CLC_V2_API_URL to specify an endpoint for pointing to a different CLC environment.
This is an Extras Module
For more information on what this means please read Extras Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.