Try SpotterManages securitygroup rules.
Authors: GCore (@GCore)
Install with ansible-galaxy collection install gcore.cloud:==1.0.1
collections:
- name: gcore.cloud
version: 1.0.1Create or delete rule from securitygroup.
- name: Add new rule to securitygroup
gcore.cloud.securitygroup_rule:
api_key: "{{ api_key }}"
region_id: "{{ region_id }}"
project_id: "{{ project_id }}"
command: create
securitygroup_id: "{{ securitygroup_id }}"
direction: "ingress"
ethertype: "IPv6"
- name: Delete rule from securitygroup
gcore.cloud.securitygroup_rule:
api_key: "{{ api_key }}"
region_id: "{{ region_id }}"
project_id: "{{ project_id }}"
command: delete
securitygroup_rule_id: "{{ securitygroup_rule_id }}"
id:
description:
- Rule ID.
- Used if I(command) is create.
required: false
type: str
api_key:
description:
- GCore API auth key
- Can be passed as I(CLOUD_API_KEY) environment variable.
type: str
command:
choices:
- create
- delete
description:
- Operation to perform.
required: true
type: str
api_host:
default: https://api.gcore.com/cloud
description:
- GCore API base host
- Can be passed as I(CLOUD_API_HOST) environment variable.
type: str
protocol:
choices:
- any
- ah
- dccp
- egp
- esp
- gre
- icmp
- igmp
- ipip
- ospf
- pgm
- rsvp
- sctp
- tcp
- udp
- udplite
- vrrp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ipencap
description:
- IP or Mask.
- Used if I(command) is create.
required: false
type: str
direction:
choices:
- egress
- ingress
description:
- Direction type.
- Used if I(command) is create.
required: false
type: str
ethertype:
choices:
- IPv4
- IPv6
description:
- Ether type.
- Used if I(command) is create.
required: false
type: str
region_id:
description:
- GCore API region ID
- Required if I(region_name) is not passed
- Can be passed as I(CLOUD_REGION_ID) environment variable.
type: int
project_id:
description:
- GCore API project ID
- Required if I(project_name) is not passed
- Can be passed as I(CLOUD_PROJECT_ID) environment variable.
type: int
api_timeout:
default: 30
description:
- Timeout in seconds to polling GCore API
type: int
description:
description:
- Rule description.
- Used if I(command) is create.
required: false
type: str
region_name:
description:
- GCore API region name
- Required if I(region_id) is not passed
- Can be passed as I(CLOUD_REGION_NAME) environment variable.
type: str
project_name:
description:
- GCore API project name
- Required if I(project_id) is not passed
- Can be passed as I(CLOUD_PROJECT_NAME) environment variable.
type: str
port_range_max:
description:
- The highest port value for the rule to be applied to.
- Used if I(command) is create.
required: false
type: int
port_range_min:
description:
- The lowest port value for the rule to be applied to.
- Used if I(command) is create.
required: false
type: int
remote_group_id:
description:
- The remote group UUID to associate with this security group rule.
- Used if I(command) is create.
required: false
type: str
revision_number:
description:
- The number of revisions.
- Used if I(command) is create.
required: false
type: int
remote_ip_prefix:
description:
- IP or Mask.
- Used if I(command) is create.
required: false
type: str
securitygroup_id:
description:
- The ID of securitygroup.
- Required if I(command) is create.
required: false
type: str
securitygroup_rule_id:
description:
- The ID of securitygroup rule.
- Required if I(command) is delete.
required: false
type: str
securitygroup:
contains:
created_at:
description: Datetime when the rule was created
returned: always
sample: 2019-07-26T13:25:03+0000
type: str
description:
description: Rule description
returned: always
sample: Test
type: str
direction:
description: Direction type
returned: always
sample: ingress
type: str
ethertype:
description: Ether type
returned: always
sample: IPv4
type: str
id:
description: Rule ID
returned: always
sample: fc84ed5b-b6f9-4e0c-95af-d0991e218bf7
type: str
port_range_max:
description: The highest port value for the rule to be applied to
returned: always
sample: 100
type: int
port_range_min:
description: The lowest port value for the rule to be applied to
returned: always
sample: 1
type: int
protocol:
description: Protocol
returned: always
sample: any
type: str
remote_group_id:
description: The remote group UUID to associate with this security group rule
returned: always
sample: af8e207c-df03-4e88-92d2-605459040722
type: str
remote_ip_prefix:
description: IP or mask
returned: always
sample: 94.14.91.255
type: str
revision_number:
description: The number of revisions
returned: always
sample: 0
type: int
security_group_id:
description: Parent security group of this rule
returned: always
sample: 3addc7a1-e926-46da-b5a2-eb4b2f935230
type: str
updated_at:
description: Datetime when the rule was last updated
returned: always
sample: 2019-07-26T13:25:03+0000
type: str
description:
- Response depends of I(command).
- Resource dictionary.
returned: always
type: complex