firewall

Synopsis

Requirements

  • pydo >= 0.1.3
  • azure-core >= 1.26.1

Parameters

Parameter Choices Default Comments
client_override_options
(dict)
Client override options (developer use). For example, can be used to override the DigitalOcean API endpoint for an internal test suite. If provided, these options will knock out existing options.
droplet_ids
(list)
An array containing the IDs of the Droplets assigned to the firewall.
inbound_rules
(list)
Array of inbound firewall rules.
module_override_options
(dict)
Module override options (developer use). Can be used to override module options to support experimental or future options. If provided, these options will knock out existing options.
name
(str)
A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).
outbound_rules
(list)
Array of outbound firewall rules.
state
(str)
  • present
  • absent
present State of the resource, present to create, absent to destroy.
tags
(list)
A flat array of tag names as strings to be applied to the resource. Tag names may be for either existing or new tags.
timeout
(int)
300 Polling timeout in seconds.
token
(str)
DigitalOcean API token. There are several environment variables which can be used to provide this value. DIGITALOCEAN_ACCESS_TOKEN, DIGITALOCEAN_TOKEN, DO_API_TOKEN, DO_API_KEY, DO_OAUTH_TOKEN and OAUTH_TOKEN

Examples

- name: Create firewall
  digitalocean.cloud.firewall:
    token: "{{ token }}"
    state: present
    name: firewall
    inbound_rules:
      - protocol: tcp
        ports: 80
        sources:
          - load_balancer_uids:
              - "4de7ac8b-495b-4884-9a69-1050c6793cd6"
    outbound_rules:
      - protocol: tcp
        ports: 80
        destinations:
          - addresses:
              - "0.0.0.0/0"
              - "::/0"
    droplet_ids:
      - 8043964

Return Values

Key Returned Description
error
(dict)
failure DigitalOcean API error.

Sample:

{
  "Message": "Informational error message.",
  "Reason": "Unauthorized",
  "Status Code": 401
}
firewall
(dict)
always Firewall information.

Sample:

{
  "firewall": {
    "created_at": "2017-05-23T21:24:00Z",
    "droplet_ids": [
      8043964
    ],
    "id": "bb4b2611-3d72-467b-8602-280330ecd65c",
    "inbound_rules": [
      {
        "ports": "80",
        "protocol": "tcp",
        "sources": {
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ]
        }
      },
      {
        "ports": "22",
        "protocol": "tcp",
        "sources": {
          "addresses": [
            "18.0.0.0/8"
          ],
          "tags": [
            "gateway"
          ]
        }
      }
    ],
    "name": "firewall",
    "outbound_rules": [
      {
        "destinations": {
          "addresses": [
            "0.0.0.0/0",
            "::/0"
          ]
        },
        "ports": "80",
        "protocol": "tcp"
      }
    ],
    "pending_changes": [
      {
        "droplet_id": 8043964,
        "removing": false,
        "status": "waiting"
      }
    ],
    "status": "waiting",
    "tags": []
  }
}
msg
(str)
always Droplet result information.

Sample:

[
  "Created firewall test-firewall (e23647ff-4b57-4da0-8f31-72616d932c0d)",
  "Deleted firewall test-firewall (e23647ff-4b57-4da0-8f31-72616d932c0d)",
  "Firewall test-firewall would be created",
  "Firewall test-firewall (e23647ff-4b57-4da0-8f31-72616d932c0d) exists",
  "Firewall test-firewall does not exist",
  "Firewall test-firewall (e23647ff-4b57-4da0-8f31-72616d932c0d) would be deleted"
]