vCD Edge Gateway Firewall Service - vmware-archive/ansible-module-vcloud-director GitHub Wiki

vCD Edge Gateway Firewall Service Example Usage

  1. Firewall Service States

    • Create Firewall Service
     
     - name: create vCD edge gateway firewall
       vcd_gateway_services:
         vdc: ACME_PAYG
         gateway: edge-gateway
         service: firewall
         service_params:
            - name: test_firewall
              action: accept
              type: User
              enabled: True
              logging_enabled: False
              source_values:
                - ip:
                    - "192.168.110.102-192.168.110.115"
              destination_values:
                - gatewayinterface:
                    - "external-network-3"
              services:
                - tcp:
                    source_port: any
                    destination_port: any
            - name: test_firewall_2
              action: accept
              type: User
              enabled: True
              logging_enabled: False
              source_values:
                - ip:
                    - "192.168.110.102-192.168.110.115"
              destination_values:
                - gatewayinterface:
                    - "external-network-3"
              services:
                - tcp:
                    source_port: any
                    destination_port: any
         state: present
    Argument Reference
    • user - (Optional) - vCloud Director user name
    • password - (Optional) - vCloud Director password
    • org - (Optional) - vCloud Director org name to log into
    • host - (Optional) - vCloud Director host name
    • api_version - (Optional) - Pyvcloud API version
    • verify_ssl_certs - (Optional) - true to enforce to verify ssl certificate for each requests else false
    • vdc - (Required) name of vdc
    • gateway - (Required) name of gateway
    • service - (Required) name of service e.g "firewall/nat_rule"
    • service_params - (Required) required arguments to create gateway service
      • name - name of the firewall rule
      • action - possible values accept/deny
      • type - firewall rule type. Default: User
      • enabled - true if the rule has to be enabled
      • logging_enabled - true if the logging has to be enabled
      • source_values - list of source values
      • destination_values - list of destination values
      • services - protocol to port mapping
    • state - (Required) "present" to create vCD Edge gateway service
    • Update Firewall Services
     
     - name: update vCD edge gateway firewall
       vcd_gateway_services:
         vdc: ACME_PAYG
         gateway: edge-gateway
         service: firewall
         service_params:
            - name: test_firewall
              source_values:
                - gatewayinterface:
                    - "external-network-3"
              destination_values:
                - ip:
                    - "192.168.110.102-192.168.110.115"
              services:
                - tcp:
                    source_port: any
                    destination_port: any
            - name: test_firewall_2
              source_values:
                - gatewayinterface:
                    - "external-network-3"
              destination_values:
                - ip:
                    - "192.168.110.102-192.168.110.115"
              services:
                - tcp:
                    source_port: any
                    destination_port: any
         state: update
    Argument Reference
    • user - (Optional) - vCloud Director user name
    • password - (Optional) - vCloud Director password
    • org - (Optional) - vCloud Director org name to log into
    • host - (Optional) - vCloud Director host name
    • api_version - (Optional) - Pyvcloud API version
    • verify_ssl_certs - (Optional) - true to enforce to verify ssl certificate for each requests else false
    • vdc - (Required) name of vdc
    • gateway - (Required) name of gateway
    • service - (Required) name of service e.g "firewall/nat_rule"
    • service_params - (Required) required arguments to update gateway service
      • name - name of the firewall rule to update
      • new_name - new name for the firewall
      • source_values - list of source values
      • destination_values - list of destination values
      • services - protocol to port mapping
    • state - (Required) "update" to update vCD Edge gateway service
    • Delete Firewall Services
     
     - name: delete vCD edge gateway firewall
       vcd_gateway_services:
         vdc: ACME_PAYG
         gateway: edge-gateway
         service: firewall
         service_params:
            - name: test_firewall
            - name: test_firewall_2
         state: absent
    Argument Reference
    • user - (Optional) - vCloud Director user name
    • password - (Optional) - vCloud Director password
    • org - (Optional) - vCloud Director org name to log into
    • host - (Optional) - vCloud Director host name
    • api_version - (Optional) - Pyvcloud API version
    • verify_ssl_certs - (Optional) - true to enforce to verify ssl certificate for each requests else false
    • vdc - (Required) name of vdc
    • gateway - (Required) name of gateway
    • service - (Required) name of service e.g "firewall/nat_rule"
    • service_params - (Required) required arguments to delete gateway service
      • name - name of the firewall rule to delete
    • state - (Required) "absent" to delete vCD Edge gateway service

  2. Firewall Service Operations

    • List Firewalls
     
     - name: list vCD edge gateway firewalls
       vcd_gateway_services:
         vdc: ACME_PAYG
         gateway: edge-gateway
         service: firewall
         operation: list
    Argument Reference
    • user - (Optional) - vCloud Director user name
    • password - (Optional) - vCloud Director password
    • org - (Optional) - vCloud Director org name to log into
    • host - (Optional) - vCloud Director host name
    • api_version - (Optional) - Pyvcloud API version
    • verify_ssl_certs - (Optional) - true to enforce to verify ssl certificate for each requests else false
    • vdc - (Required) name of vdc
    • gateway - (Required) name of gateway
    • service - (Required) name of service e.g "firewall/nat_rule"
    • operation - (Required) "list" to list all available edge gateway firewalls
⚠️ **GitHub.com Fallback** ⚠️