Try SpotterCreates a resource of Vpc/SecurityGroupRule in Huawei Cloud
| "added in version" 0.2.0 of community.general"
Authors: Huawei Inc. (@huaweicloud)
Install with ansible-galaxy collection install community.general:==8.5.0
collections:
- name: community.general
version: 8.5.0vpc security group management.
# create a security group rule
- name: Create a security group
hwc_vpc_security_group:
name: "ansible_network_security_group_test"
register: sg
- name: Create a security group rule
community.general.hwc_vpc_security_group_rule:
direction: "ingress"
protocol: "tcp"
ethertype: "IPv4"
port_range_max: 22
security_group_id: "{{ sg.id }}"
port_range_min: 22
remote_ip_prefix: "0.0.0.0/0"
id:
description:
- The ID of resource to be managed.
type: str
user:
description:
- The user name to login with.
- Currently only user names are supported, and not user IDs.
required: true
type: str
state:
choices:
- present
- absent
default: present
description:
- Whether the given object should exist in Huawei Cloud.
type: str
domain:
description:
- The name of the Domain to scope to (Identity v3).
- Currently only domain names are supported, and not domain IDs.
required: true
type: str
region:
description:
- The region to which the project belongs.
type: str
project:
description:
- The name of the Tenant (Identity v2) or Project (Identity v3).
- Currently only project names are supported, and not project IDs.
required: true
type: str
password:
description:
- The password to login with.
required: true
type: str
protocol:
description:
- Specifies the protocol type. The value can be icmp, tcp, or udp. If the parameter
is left blank, the security group supports all protocols.
required: false
type: str
direction:
description:
- Specifies the direction of access control. The value can be egress or ingress.
required: true
type: str
ethertype:
description:
- Specifies the IP protocol version. The value can be IPv4 or IPv6. If you do not
set this parameter, IPv4 is used by default.
required: false
type: str
description:
description:
- Provides supplementary information about the security group rule. The value is a
string of no more than 255 characters that can contain letters and digits.
required: false
type: str
port_range_max:
description:
- Specifies the end port number. The value ranges from 1 to 65535. If the protocol
is not icmp, the value cannot be smaller than the port_range_min value. An empty
value indicates all ports.
required: false
type: int
port_range_min:
description:
- Specifies the start port number. The value ranges from 1 to 65535. The value cannot
be greater than the port_range_max value. An empty value indicates all ports.
required: false
type: int
remote_group_id:
description:
- Specifies the ID of the peer security group. The value is exclusive with parameter
remote_ip_prefix.
required: false
type: str
remote_ip_prefix:
description:
- Specifies the remote IP address. If the access control direction is set to egress,
the parameter specifies the source IP address. If the access control direction is
set to ingress, the parameter specifies the destination IP address. The value can
be in the CIDR format or IP addresses. The parameter is exclusive with parameter
remote_group_id.
required: false
type: str
identity_endpoint:
description:
- The Identity authentication URL.
required: true
type: str
security_group_id:
description:
- Specifies the security group rule ID, which uniquely identifies the security group
rule.
required: true
type: str
description:
description:
- Provides supplementary information about the security group rule. The value is
a string of no more than 255 characters that can contain letters and digits.
returned: success
type: str
direction:
description:
- Specifies the direction of access control. The value can be egress or ingress.
returned: success
type: str
ethertype:
description:
- Specifies the IP protocol version. The value can be IPv4 or IPv6. If you do not
set this parameter, IPv4 is used by default.
returned: success
type: str
port_range_max:
description:
- Specifies the end port number. The value ranges from 1 to 65535. If the protocol
is not icmp, the value cannot be smaller than the port_range_min value. An empty
value indicates all ports.
returned: success
type: int
port_range_min:
description:
- Specifies the start port number. The value ranges from 1 to 65535. The value cannot
be greater than the port_range_max value. An empty value indicates all ports.
returned: success
type: int
protocol:
description:
- Specifies the protocol type. The value can be icmp, tcp, or udp. If the parameter
is left blank, the security group supports all protocols.
returned: success
type: str
remote_group_id:
description:
- Specifies the ID of the peer security group. The value is exclusive with parameter
remote_ip_prefix.
returned: success
type: str
remote_ip_prefix:
description:
- Specifies the remote IP address. If the access control direction is set to egress,
the parameter specifies the source IP address. If the access control direction
is set to ingress, the parameter specifies the destination IP address. The value
can be in the CIDR format or IP addresses. The parameter is exclusive with parameter
remote_group_id.
returned: success
type: str
security_group_id:
description:
- Specifies the security group rule ID, which uniquely identifies the security group
rule.
returned: success
type: str