ansible / ansible.builtin / v2.6.20 / module / azure_rm_securitygroup_facts Get security group facts. | "added in version" 2.1 of ansible.builtin" Authors: Chris Houseknecht (@chouseknecht), Matt Davis (@nitzmahone) preview | supported by certifiedansible.builtin.azure_rm_securitygroup_facts (v2.6.20) — module
pip
Install with pip install ansible==2.6.20
Get facts for a specific security group or all security groups within a resource group.
- name: Get facts for one security group azure_rm_securitygroup_facts: resource_group: Testing name: secgroup001
- name: Get facts for all security groups azure_rm_securitygroup_facts: resource_group: Testing
name: description: - Only show results for a specific security group. tags: description: - Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. secret: description: - Azure client secret. Use when authenticating with a Service Principal. type: str tenant: description: - Azure tenant ID. Use when authenticating with a Service Principal. type: str ad_user: description: - Active Directory username. Use when authenticating with an Active Directory user rather than service principal. type: str profile: description: - Security profile found in ~/.azure/credentials file. type: str password: description: - Active Directory user password. Use when authenticating with an Active Directory user rather than service principal. type: str client_id: description: - Azure client ID. Use when authenticating with a Service Principal. type: str api_profile: default: latest description: - Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack. type: str version_added: 0.0.1 version_added_collection: azure.azcollection auth_source: choices: - auto - cli - credential_file - env - msi description: - Controls the source of the credentials to use for authentication. - If not specified, ANSIBLE_AZURE_AUTH_SOURCE environment variable will be used and default to C(auto) if variable is not defined. - C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials). - When set to C(cli), the credentials will be sources from the default Azure CLI profile. - Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable. - When set to C(msi), the host machine must be an azure resource with an enabled MSI extension. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used to identify the subscription ID if the resource is granted access to more than one subscription, otherwise the first subscription is chosen. - The C(msi) was added in Ansible 2.6. type: str version_added: 0.0.1 version_added_collection: azure.azcollection resource_group: description: - Name of the resource group to use. required: true subscription_id: description: - Your Azure subscription Id. type: str cloud_environment: default: AzureCloud description: - For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable. type: str version_added: 0.0.1 version_added_collection: azure.azcollection adfs_authority_url: description: - Azure AD authority url. Use when authenticating with Username/password, and has your own ADFS authority. type: str version_added: 0.0.1 version_added_collection: azure.azcollection cert_validation_mode: choices: - ignore - validate description: - Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable. type: str version_added: 0.0.1 version_added_collection: azure.azcollection
azure_securitygroups: description: List containing security group dicts. example: - etag: W/"d036f4d7-d977-429a-a8c6-879bc2523399" id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/secgroup001 location: eastus2 name: secgroup001 properties: defaultSecurityRules: - etag: W/"d036f4d7-d977-429a-a8c6-879bc2523399" id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/secgroup001/defaultSecurityRules/AllowVnetInBound name: AllowVnetInBound properties: access: Allow description: Allow inbound traffic from all VMs in VNET destinationAddressPrefix: VirtualNetwork destinationPortRange: '*' direction: Inbound priority: 65000 protocol: '*' provisioningState: Succeeded sourceAddressPrefix: VirtualNetwork sourcePortRange: '*' - etag: W/"d036f4d7-d977-429a-a8c6-879bc2523399" id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/secgroup001/defaultSecurityRules/AllowAzureLoadBalancerInBound name: AllowAzureLoadBalancerInBound properties: access: Allow description: Allow inbound traffic from azure load balancer destinationAddressPrefix: '*' destinationPortRange: '*' direction: Inbound priority: 65001 protocol: '*' provisioningState: Succeeded sourceAddressPrefix: AzureLoadBalancer sourcePortRange: '*' - etag: W/"d036f4d7-d977-429a-a8c6-879bc2523399" id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/secgroup001/defaultSecurityRules/DenyAllInBound name: DenyAllInBound properties: access: Deny description: Deny all inbound traffic destinationAddressPrefix: '*' destinationPortRange: '*' direction: Inbound priority: 65500 protocol: '*' provisioningState: Succeeded sourceAddressPrefix: '*' sourcePortRange: '*' - etag: W/"d036f4d7-d977-429a-a8c6-879bc2523399" id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/secgroup001/defaultSecurityRules/AllowVnetOutBound name: AllowVnetOutBound properties: access: Allow description: Allow outbound traffic from all VMs to all VMs in VNET destinationAddressPrefix: VirtualNetwork destinationPortRange: '*' direction: Outbound priority: 65000 protocol: '*' provisioningState: Succeeded sourceAddressPrefix: VirtualNetwork sourcePortRange: '*' - etag: W/"d036f4d7-d977-429a-a8c6-879bc2523399" id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/secgroup001/defaultSecurityRules/AllowInternetOutBound name: AllowInternetOutBound properties: access: Allow description: Allow outbound traffic from all VMs to Internet destinationAddressPrefix: Internet destinationPortRange: '*' direction: Outbound priority: 65001 protocol: '*' provisioningState: Succeeded sourceAddressPrefix: '*' sourcePortRange: '*' - etag: W/"d036f4d7-d977-429a-a8c6-879bc2523399" id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/secgroup001/defaultSecurityRules/DenyAllOutBound name: DenyAllOutBound properties: access: Deny description: Deny all outbound traffic destinationAddressPrefix: '*' destinationPortRange: '*' direction: Outbound priority: 65500 protocol: '*' provisioningState: Succeeded sourceAddressPrefix: '*' sourcePortRange: '*' networkInterfaces: - id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkInterfaces/nic004 provisioningState: Succeeded resourceGuid: ebd00afa-5dc8-446f-810a-50dd6f671588 securityRules: [] tags: {} type: Microsoft.Network/networkSecurityGroups returned: always type: list