New in version 2.5.
The below requirements are needed on the host that executes this module.
Parameter |
Choices/Defaults |
Comments |
---|---|---|
add_rules
|
|
A list of rules that will be added to an existing firewall policy. It is syntax is the same as the one used for rules parameter. Used in combination with update state.
|
add_server_ips
|
|
A list of server identifiers (id or name) to be assigned to a firewall policy. Used in combination with update state.
|
api_url
|
|
Custom API URL. Overrides the ONEANDONE_API_URL environement variable.
|
auth_token
required |
|
Authenticating API token provided by 1&1.
|
description
|
|
Firewall policy description. maxLength=256
|
firewall_policy
required |
|
The identifier (id or name) of the firewall policy used with update state.
|
name
required |
|
Firewall policy name used with present state. Used as identifier (id or name) when used with absent state. maxLength=128
|
remove_rules
|
|
A list of rule ids that will be removed from an existing firewall policy. Used in combination with update state.
|
remove_server_ips
|
|
A list of server IP ids to be unassigned from a firewall policy. Used in combination with update state.
|
rules
|
|
A list of rules that will be set for the firewall policy. Each rule must contain protocol parameter, in addition to three optional parameters (port_from, port_to, and source)
|
state
|
|
Define a firewall policy state to create, remove, or update.
|
wait
|
|
wait for the instance to be in state 'running' before returning
|
wait_interval
|
Default:
5
|
Defines the number of seconds to wait when using the _wait_for methods
|
wait_timeout
|
Default:
600
|
how long before wait gives up, in seconds
|
# Provisioning example. Create and destroy a firewall policy.
- oneandone_firewall_policy:
auth_token: oneandone_private_api_key
name: ansible-firewall-policy
description: Testing creation of firewall policies with ansible
rules:
-
protocol: TCP
port_from: 80
port_to: 80
source: 0.0.0.0
wait: true
wait_timeout: 500
- oneandone_firewall_policy:
auth_token: oneandone_private_api_key
state: absent
name: ansible-firewall-policy
# Update a firewall policy.
- oneandone_firewall_policy:
auth_token: oneandone_private_api_key
state: update
firewall_policy: ansible-firewall-policy
name: ansible-firewall-policy-updated
description: Testing creation of firewall policies with ansible - updated
# Add server to a firewall policy.
- oneandone_firewall_policy:
auth_token: oneandone_private_api_key
firewall_policy: ansible-firewall-policy-updated
add_server_ips:
- server_identifier (id or name)
- server_identifier #2 (id or name)
wait: true
wait_timeout: 500
state: update
# Remove server from a firewall policy.
- oneandone_firewall_policy:
auth_token: oneandone_private_api_key
firewall_policy: ansible-firewall-policy-updated
remove_server_ips:
- B2504878540DBC5F7634EB00A07C1EBD (server's IP id)
wait: true
wait_timeout: 500
state: update
# Add rules to a firewall policy.
- oneandone_firewall_policy:
auth_token: oneandone_private_api_key
firewall_policy: ansible-firewall-policy-updated
description: Adding rules to an existing firewall policy
add_rules:
-
protocol: TCP
port_from: 70
port_to: 70
source: 0.0.0.0
-
protocol: TCP
port_from: 60
port_to: 60
source: 0.0.0.0
wait: true
wait_timeout: 500
state: update
# Remove rules from a firewall policy.
- oneandone_firewall_policy:
auth_token: oneandone_private_api_key
firewall_policy: ansible-firewall-policy-updated
remove_rules:
- rule_id #1
- rule_id #2
- ...
wait: true
wait_timeout: 500
state: update
Common return values are documented here, the following are the fields unique to this module:
Key |
Returned |
Description |
---|---|---|
firewall_policy
dict
|
always |
Information about the firewall policy that was processed
Sample:
{"id": "92B74394A397ECC3359825C1656D67A6", "name": "Default Policy"}
|
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Hint
If you notice any issues in this documentation you can edit this document to improve it.