XLAB Steampunk logo Try Spotter
 / home / joelwking / joelwking.pensando / 1.0.1 / module / network_security_policy

joelwking.pensando.network_security_policy (1.0.1) — module

Create, update, query or delete a Network Security Policy

| "added in version" 2.9 of joelwking.pensando"

Authors: Joel W. King (@joelwking)

Install collection | Add to requirements.yml | Description | Usage examples | Inputs

Install collection

Install with ansible-galaxy collection install joelwking.pensando:==1.0.1


Add to requirements.yml

  collections:
    - name: joelwking.pensando
      version: 1.0.1

Description

A Network Security Policy contains firewall rules such as 'to' and 'from', 'ports', 'protocols, etc.

and is applied to the Pensando policy and services manager (PSM). These policies are propagated to

the Distributed Service Card (DSC) by the PSM. This module programatically manages the policy using the

API of the PSM.

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.

- network_security_policy:
      hostname: psm.example.net
      username: admin
      password: '{{ password }}'
      api_version: v1
      tenant: default
      namespace: default
      state: present
      policy_name: quarantine
      rules:
        - action: deny
          from-ip-addresses:
            - 198.51.100.0/24
          proto-ports:
            - ports: '123'
              protocol: udp
          to-ip-addresses:
            - 192.0.2.0/24
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Query Policy
  network_security_policy:
      hostname: psm.example.net
      username: admin
      password: '{{ password }}'
      state: query
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Delete Policy
  network_security_policy:
      hostname: psm.example.net
      username: admin
      password: '{{ password }}'
      state: absent
      policy_name: foo

Inputs

    
rules:
    description:
    - A list of dictionary objects which define the firewall rules to be applied to the
      PSM
    required: false

state:
    default: present
    description:
    - Use 'present' or 'absent' to add or remove
    - Use 'query' for listing the current policy
    required: false

tenant:
    default: default
    description:
    - Name of the tenant
    required: false

hostname:
    description:
    - Hostname (or IP address) of the Pensando Policy and Service Manager (PSM)
    required: true

password:
    description:
    - Password used to authenticate with the PSM
    required: true

username:
    default: admin
    description:
    - Username used to authenticate with the PSM
    required: false

namespace:
    default: default
    description:
    - Name of the Namespace
    required: false

operation:
    default: replace
    description:
    - Use 'replace' to replace all entries of an existing policy
    - Use 'append' to append the provided rules to an existing policy
    required: false

api_version:
    default: v1
    description:
    - Optionally specify the API version
    required: false

policy_name:
    default: ''
    description:
    - Name of the network security policy (only one network security policy is currently
      allowed)
    - The default is a null string, which indicates return all policies
    required: false

attach_tenant:
    default: true
    description:
    - A Network Security Policy rule is typically deployed tenant-wide. Specify True to
      enable.
    required: false
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy