vultr_firewall_rule – Manages firewall rules on Vultr¶
New in version 2.5.
Requirements¶
The below requirements are needed on the host that executes this module.
- python >= 2.6
Parameters¶
| Parameter | Choices/Defaults | Comments | 
|---|---|---|
| api_account 
                    string
                                                                 | Default: "default" | Name of the ini section in the  vultr.inifile.The ENV variable  VULTR_API_ACCOUNTis used as default, when defined. | 
| api_endpoint 
                    string
                                                                 | URL to API endpint (without trailing slash). The ENV variable  VULTR_API_ENDPOINTis used as default, when defined.Fallback value is https://api.vultr.com if not specified. | |
| api_key 
                    string
                                                                 | API key of the Vultr API. The ENV variable  VULTR_API_KEYis used as default, when defined. | |
| api_retries 
                    integer
                                                                 | Amount of retries in case of the Vultr API retuns an HTTP 503 code. The ENV variable  VULTR_API_RETRIESis used as default, when defined.Fallback value is 5 retries if not specified. | |
| api_retry_max_delay 
                    integer
                                                                 added in 2.9 | Retry backoff delay in seconds is exponential up to this max. value, in seconds. The ENV variable  VULTR_API_RETRY_MAX_DELAYis used as default, when defined.Fallback value is 12 seconds. | |
| api_timeout 
                    integer
                                                                 | HTTP timeout to Vultr API. The ENV variable  VULTR_API_TIMEOUTis used as default, when defined.Fallback value is 60 seconds if not specified. | |
| cidr 
                    -
                                                                 | Network in CIDR format The CIDR format must match with the  ip_versionvalue.Required if  state=present.Defaulted to 0.0.0.0/0 or ::/0 depending on  ip_version. | |
| end_port 
                    -
                                                                 | End port for the firewall rule. Only considered if  protocolis tcp or udp and state=present. | |
| group 
                    -
                                             / required                     | Name of the firewall group. | |
| ip_version 
                    -
                                                                 | 
 | IP address version aliases: ip_type | 
| protocol 
                    -
                                                                 | 
 | Protocol of the firewall rule. | 
| start_port 
                    -
                                                                 | Start port for the firewall rule. Required if  protocolis tcp or udp and state=present.aliases: port | |
| state 
                    -
                                                                 | 
 | State of the firewall rule. | 
| validate_certs 
                    boolean
                                                                 | 
 | Validate SSL certs of the Vultr API. | 
Notes¶
Note
- Also see the API documentation on https://www.vultr.com/api/.
Examples¶
- name: ensure a firewall rule is present
  local_action:
    module: vultr_firewall_rule
    group: application
    protocol: tcp
    start_port: 8000
    end_port: 9000
    cidr: 17.17.17.0/24
- name: open DNS port for all ipv4 and ipv6
  local_action:
    module: vultr_firewall_rule
    group: dns
    protocol: udp
    port: 53
    ip_version: "{{ item }}"
  with_items: [ v4, v6 ]
- name: allow ping
  local_action:
    module: vultr_firewall_rule
    group: web
    protocol: icmp
- name: ensure a firewall rule is absent
  local_action:
    module: vultr_firewall_rule
    group: application
    protocol: tcp
    start_port: 8000
    end_port: 9000
    cidr: 17.17.17.0/24
    state: absent
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- René Moser (@resmo)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
