vmware_host_firewall_manager – Manage firewall configurations about an ESXi host¶
New in version 2.5.
Synopsis¶
- This module can be used to manage firewall configurations about an ESXi host when ESXi hostname or Cluster name is given.
Requirements¶
The below requirements are needed on the host that executes this module.
- python >= 2.6
- PyVmomi
Parameters¶
Examples¶
- name: Enable vvold rule set for all ESXi Host in given Cluster
  vmware_host_firewall_manager:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    cluster_name: cluster_name
    rules:
        - name: vvold
          enabled: True
  delegate_to: localhost
- name: Enable vvold rule set for an ESXi Host
  vmware_host_firewall_manager:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    esxi_hostname: '{{ esxi_hostname }}'
    rules:
        - name: vvold
          enabled: True
  delegate_to: localhost
- name: Manage multiple rule set for an ESXi Host
  vmware_host_firewall_manager:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    esxi_hostname: '{{ esxi_hostname }}'
    rules:
        - name: vvold
          enabled: True
        - name: CIMHttpServer
          enabled: False
  delegate_to: localhost
- name: Manage IP and network based firewall permissions for ESXi
  vmware_host_firewall_manager:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    esxi_hostname: '{{ esxi_hostname }}'
    rules:
        - name: gdbserver
          enabled: True
          allowed_hosts:
            all_ip: False
            ip_address:
              - 192.168.20.10
              - 192.168.20.11
        - name: CIMHttpServer
          enabled: True
          allowed_hosts:
            all_ip: False
            ip_network:
              - 192.168.100.0/24
        - name: remoteSerialPort
          enabled: True
          allowed_hosts:
            all_ip: False
            ip_address:
              - 192.168.100.11
            ip_network:
              - 192.168.200.0/24
  delegate_to: localhost
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Abhijeet Kasurde (@Akasurde)
- Aaron Longchamps (@alongchamps)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
