New in version 2.0.
Create or delete or update firewall polices on Centurylink Cloud
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| destination | no | None | The list of destination addresses for traffic on the terminating firewall. This is required when state is 'present' |
|
| destination_account_alias | no | None | CLC alias for the destination account |
|
| enabled | no | True |
| Whether the firewall policy is enabled or disabled |
| firewall_policy_id | no | None | Id of the firewall policy. This is required to update or delete an existing firewall policy |
|
| location | yes | Target datacenter for the firewall policy |
||
| ports | no | None |
| The list of ports associated with the policy. TCP and UDP can take in single ports or port ranges. |
| source | no | None | The list of source addresses for traffic on the originating firewall. This is required when state is 'present" |
|
| source_account_alias | yes | CLC alias for the source account |
||
| state | no | present |
| Whether to create or delete the firewall policy |
| wait | no | True |
| Whether to wait for the provisioning tasks to finish before returning. |
---
- name: Create Firewall Policy
hosts: localhost
gather_facts: False
connection: local
tasks:
- name: Create / Verify an Firewall Policy at CenturyLink Cloud
clc_firewall:
source_account_alias: WFAD
location: VA1
state: present
source: 10.128.216.0/24
destination: 10.128.216.0/24
ports: Any
destination_account_alias: WFAD
---
- name: Delete Firewall Policy
hosts: localhost
gather_facts: False
connection: local
tasks:
- name: Delete an Firewall Policy at CenturyLink Cloud
clc_firewall:
source_account_alias: WFAD
location: VA1
state: absent
firewall_policy_id: 'c62105233d7a4231bd2e91b9c791e43e1'
Common return values are documented here Common Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| firewall_policy | The fire wall policy information | success | dict | {'status': 'active', 'links': [{'href': 'http://api.ctl.io/v2-experimental/firewallPolicies/wfad/uc1/fc36f1bfd47242e488a9c44346438c05', 'verbs': ['GET', 'PUT', 'DELETE'], 'rel': 'self'}], 'destination': ['10.1.1.0/24', '10.2.2.0/24'], 'enabled': True, 'ports': ['any'], 'source': ['10.1.1.0/24', '10.2.2.0/24'], 'destinationAccount': 'wfad', 'id': 'fc36f1bfd47242e488a9c44346438c05'} |
| firewall_policy_id | The fire wall policy id | success | string | fc36f1bfd47242e488a9c44346438c05 |
Note
To use this module, it is required to set the below environment variables which enables access to the Centurylink Cloud - CLC_V2_API_USERNAME, the account login id for the centurylink cloud - CLC_V2_API_PASSWORD, the account password for the centurylink cloud
Note
Alternatively, the module accepts the API token and account alias. The API token can be generated using the CLC account login and password via the HTTP api call @ https://api.ctl.io/v2/authentication/login - CLC_V2_API_TOKEN, the API token generated from https://api.ctl.io/v2/authentication/login - CLC_ACCT_ALIAS, the account alias associated with the centurylink cloud
Note
Users can set CLC_V2_API_URL to specify an endpoint for pointing to a different CLC environment.
For more information on what this means please read Extras Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, developing_test_pr and Developing Modules.
© 2012–2016 Michael DeHaan
© 2016 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/clc_firewall_policy_module.html