joelwking / joelwking.pensando / 1.0.1 / module / network_security_policy Create, update, query or delete a Network Security Policy | "added in version" 2.9 of joelwking.pensando" Authors: Joel W. King (@joelwking)joelwking.pensando.network_security_policy (1.0.1) — module
Install with ansible-galaxy collection install joelwking.pensando:==1.0.1
collections: - name: joelwking.pensando version: 1.0.1
A Network Security Policy contains firewall rules such as 'to' and 'from', 'ports', 'protocols, etc.
and is applied to the Pensando policy and services manager (PSM). These policies are propagated to
the Distributed Service Card (DSC) by the PSM. This module programatically manages the policy using the
API of the PSM.
- network_security_policy: hostname: psm.example.net username: admin password: '{{ password }}' api_version: v1 tenant: default namespace: default state: present policy_name: quarantine rules: - action: deny from-ip-addresses: - 198.51.100.0/24 proto-ports: - ports: '123' protocol: udp to-ip-addresses: - 192.0.2.0/24
- name: Query Policy network_security_policy: hostname: psm.example.net username: admin password: '{{ password }}' state: query
- name: Delete Policy network_security_policy: hostname: psm.example.net username: admin password: '{{ password }}' state: absent policy_name: foo
rules: description: - A list of dictionary objects which define the firewall rules to be applied to the PSM required: false state: default: present description: - Use 'present' or 'absent' to add or remove - Use 'query' for listing the current policy required: false tenant: default: default description: - Name of the tenant required: false hostname: description: - Hostname (or IP address) of the Pensando Policy and Service Manager (PSM) required: true password: description: - Password used to authenticate with the PSM required: true username: default: admin description: - Username used to authenticate with the PSM required: false namespace: default: default description: - Name of the Namespace required: false operation: default: replace description: - Use 'replace' to replace all entries of an existing policy - Use 'append' to append the provided rules to an existing policy required: false api_version: default: v1 description: - Optionally specify the API version required: false policy_name: default: '' description: - Name of the network security policy (only one network security policy is currently allowed) - The default is a null string, which indicates return all policies required: false attach_tenant: default: true description: - A Network Security Policy rule is typically deployed tenant-wide. Specify True to enable. required: false