/ home / delowan / delowan.googlecloud / 1.0.2 / module / gcp_appengine_firewall_rule

delowan.googlecloud.gcp_appengine_firewall_rule (1.0.2) — module

Creates a GCP FirewallRule

Authors: Google Inc. (@googlecloudplatform)

preview | supported by community

Install collection

Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2

Add to requirements.yml

  collections:
    - name: delowan.googlecloud
      version: 1.0.2

Description

A single firewall rule that is evaluated against incoming traffic and provides an action to take on matched requests.

Requirements

python >= 2.6
requests >= 2.18.4
google-auth >= 1.3.0

Usage examples

Scanned by Steampunk Spotter

- name: create a firewall rule
  google.cloud.gcp_appengine_firewall_rule:
    priority: 1000
    source_range: 10.0.0.0
    action: ALLOW
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present

Inputs

state:
choices:
- present
- absent
default: present
description:
- Whether the given object should exist in GCP
type: str

action:
description:
- The action to take if this rule matches.
- 'Some valid choices include: "UNSPECIFIED_ACTION", "ALLOW", "DENY"'
required: true
type: str

scopes:
description:
- Array of scopes to be used
elements: str
type: list

project:
description:
- The Google Cloud Platform project to use.
type: str

env_type:
description:
- Specifies which Ansible environment you're running this module within.
- This should not be set unless you know what you're doing.
- This only alters the User Agent string for any API requests.
type: str

priority:
description:
- A positive integer that defines the order of rule evaluation.
- Rules with the lowest priority are evaluated first.
- A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic when
no previous rule matches. Only the action of this rule can be modified by the user.
required: false
type: int

auth_kind:
choices:
- application
- machineaccount
- serviceaccount
description:
- The type of credential used.
required: true
type: str

description:
description:
- An optional string description of this rule.
required: false
type: str

source_range:
description:
- IP address or range, defined using CIDR notation, of requests that this rule applies
to.
required: true
type: str

service_account_file:
description:
- The path of a Service Account JSON file if serviceaccount is selected as type.
type: path

service_account_email:
description:
- An optional service account email address if machineaccount is selected and the
user does not wish to use the default email.
type: str

service_account_contents:
description:
- The contents of a Service Account JSON file, either in a dictionary or as a JSON
string that represents it.
type: jsonarg

Outputs

action:
  description:
  - The action to take if this rule matches.
  returned: success
  type: str
description:
  description:
  - An optional string description of this rule.
  returned: success
  type: str
priority:
  description:
  - A positive integer that defines the order of rule evaluation.
  - Rules with the lowest priority are evaluated first.
  - A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic when
    no previous rule matches. Only the action of this rule can be modified by the
    user.
  returned: success
  type: int
sourceRange:
  description:
  - IP address or range, defined using CIDR notation, of requests that this rule applies
    to.
  returned: success
  type: str