/ home / opentelekomcloud / opentelekomcloud.cloud / 0.14.2 / module / waf_domain

opentelekomcloud.cloud.waf_domain (0.14.2) — module

Add/Modify/Delete WAF domain

| "added in version" 0.0.3 of opentelekomcloud.cloud"

Authors: Anton Sidelnikov (@anton-sidelnikov)

Install collection

Install with ansible-galaxy collection install opentelekomcloud.cloud:==0.14.2

Add to requirements.yml

  collections:
    - name: opentelekomcloud.cloud
      version: 0.14.2

Description

Add/Modify/Delete WAF domain from the OTC.

Requirements

openstacksdk
openstacksdk >= 0.36.0
otcextensions
python >= 3.6

Usage examples

Scanned by Steampunk Spotter

# Create Domain.
- waf_domain:
    name: test.domain.name
    server:
      - client_protocol: https
        server_protocol: https
        address: 4.3.2.1
        port: 8080
    proxy: False
  state: present

Scanned by Steampunk Spotter

# Modify Domain.
- waf_domain:
    name: "{{ domain_name }}"
    certificate: "{{ cert_name }}"

Scanned by Steampunk Spotter

# Delete Domain.
- waf_domain:
    name: "{{ domain_id }}"
  state: absent

Inputs

auth:
description:
- Dictionary containing auth information as needed by the cloud's auth plugin strategy.
For the default I(password) plugin, this would contain I(auth_url), I(username),
I(password), I(project_name) and any information about domains (for example, I(os_user_domain_name)
or I(os_project_domain_name)) if the cloud supports them. For other plugins, this
param will need to contain whatever parameters that auth plugin requires. This parameter
is not needed if a named cloud is provided or OpenStack OS_* environment variables
are present.
type: dict

name:
description: Specifies the domain name.
required: true
type: str

wait:
default: true
description:
- Should ansible wait until the requested resource is complete.
type: bool

cloud:
description:
- Named cloud or cloud config to operate against. If I(cloud) is a string, it references
a named cloud config as defined in an OpenStack clouds.yaml file. Provides default
values for I(auth) and I(auth_type). This parameter is not needed if I(auth) is
provided or if OpenStack OS_* environment variables are present. If I(cloud) is
a dict, it contains a complete cloud configuration like would be in a section of
clouds.yaml.
type: raw

proxy:
description: Specifies whether a proxy is configured.
type: bool

state:
choices:
- present
- absent
default: present
description:
- Should the resource be present or absent.
type: str

server:
description: Specifies the origin server information. Each element contains client_protocol
(HTTP or HTTPS), server_protocol (HTTP or HTTPS), address (IP address or domain
name), port (from 0 to 65535)
elements: dict
type: list

ca_cert:
aliases:
- cacert
description:
- A path to a CA Cert bundle that can be used as part of verifying SSL API requests.
type: str

timeout:
default: 180
description:
- How long should ansible wait for the requested resource.
type: int

auth_type:
description:
- Name of the auth plugin to use. If the cloud uses something other than password
authentication, the name of the plugin should be indicated here and the contents
of the I(auth) parameter should be updated accordingly.
type: str

interface:
aliases:
- endpoint_type
choices:
- admin
- internal
- public
default: public
description:
- Endpoint URL type to fetch from the service catalog.
type: str

client_key:
aliases:
- key
description:
- A path to a client key to use as part of the SSL transaction.
type: str

api_timeout:
description:
- How long should the socket layer wait before timing out for API calls. If this is
omitted, nothing will be passed to the requests library.
type: int

certificate:
description: Specifies the certificate.
type: str

client_cert:
aliases:
- cert
description:
- A path to a client certificate to use as part of the SSL transaction.
type: str

region_name:
description:
- Name of the region.
type: str

sdk_log_path:
description:
- Path to the logfile of the OpenStackSDK. If empty no log is written
type: str

sdk_log_level:
choices:
- ERROR
- WARN
- INFO
- DEBUG
default: WARN
description: Log level of the OpenStackSDK
type: str

validate_certs:
aliases:
- verify
description:
- Whether or not SSL API requests should be verified.
- Before Ansible 2.3 this defaulted to C(yes).
type: bool

sip_header_list:
description: Specifies the HTTP request header for identifying the real source IP
address.
elements: str
type: list

sip_header_name:
choices:
- default
- cloudflare
- akamai
- custom
description: Specifies the type of the source IP header.
type: str

Outputs

waf_domain:
  contains:
    access_status:
      description: Specifies whether a domain name is connected to WAF.
      type: int
    certificate_id:
      description: Specifies the certificate ID.
      type: str
    cname:
      description: Specifies the CNAME value.
      sample: efec1196267b41c399f2980ea4048517.waf.cloud.com.
      type: str
    hostname:
      description: Specifies the domain name.
      type: str
    id:
      description: Specifies the instance ID.
      type: str
    policy_id:
      description: Specifies the policy ID.
      type: str
    protect_status:
      description: Specifies the WAF mode.
      type: int
    protocol:
      description: Specifies the protocol type.
      type: str
    proxy:
      description: Specifies whether a proxy is configured.
      type: bool
    server:
      description: Specifies the origin server information.
      type: dict
    timestamp:
      description: Specifies the time when a domain name is created.
      type: str
  description: List of dictionaries describing domains matching query.
  returned: On Success.
  type: complex