Documentation

vca_fw - add remove firewall rules in a gateway in a vca

New in version 2.0.

Synopsis

Adds or removes firewall rules from a gateway in a vca environment

Options

parameter required default choices comments
api_version
 no 5.7
    The api version to be used with the vca
    fw_rules
    		 yes
      A list of firewall rules to be added to the gateway, Please see examples on valid entries
      gateway_name
      		 no gateway
        The name of the gateway of the vdc where the rule should be added
        host
        		 no None
          The authentication host to be used when service type is vcd.
          instance_id
          		 no None
            The instance id in a vchs environment to be used for creating the vapp
            org
            		 no None
              The org to login to for creating vapp, mostly set when the service_type is vdc.
              password
              		 no None
                The vca password, if not set the environment variable VCA_PASS is checked for the password

                aliases: pass, pwd
                service_type
                		 no vca
                • vca
                • vchs
                • vcd
                The type of service we are authenticating against
                state
                		 no present
                • present
                • absent
                if the object should be added or removed
                username
                		 no None
                  The vca username or email address, if not set the environment variable VCA_USER is checked for the username.

                  aliases: user
                  vdc_name
                  		 no None
                    The name of the vdc where the gateway is located.
                    verify_certs
                    		 no True
                      If the certificates of the authentication is to be verified

                      Examples

                      #Add a set of firewall rules

- hosts: localhost
  connection: local
  tasks:
   - vca_fw:
       instance_id: 'b15ff1e5-1024-4f55-889f-ea0209726282'
       vdc_name: 'benz_ansible'
       state: 'absent'
       fw_rules:
         - description: "ben testing"
           source_ip: "Any"
           dest_ip: 192.168.2.11
         - description: "ben testing 2"
           source_ip: 192.168.2.100
           source_port: "Any"
           dest_port: "22"
           dest_ip: 192.168.2.13
           is_enable: "true"
           enable_logging: "false"
           protocol: "Tcp"
           policy: "allow"

                      This is an Extras Module

                      For more information on what this means please read Extras Modules

                      For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.