hwceco.hwcollection.hwc_vpc_security_group – Creates a resource of Vpc/SecurityGroup in Huawei Cloud

Note

This plugin is part of the hwceco.hwcollection collection (version 1.0.5).

To install it use: ansible-galaxy collection install hwceco.hwcollection.

To use it in a playbook, specify: hwceco.hwcollection.hwc_vpc_security_group.

New in version 1.0.0: of hwceco.hwcollection

Synopsis

  • Creates and manages a resource of Vpc/SecurityGroup in Huawei Cloud.

Requirements

The below requirements are needed on the host that executes this module.

  • huaweicloudsdkcore >= 3.0.47

  • huaweicloudsdkvpc >= 3.0.47

Parameters

Parameter Choices/Defaults Comments
access_key
string / required
Specifies the access key of the HuaweiCloud to use.
cloud
string
Default:
"myhuaweicloud.com"
Specifies the endpoint of the cloud. Required if you are using other cloud supported by Huaweicloud.
enterprise_project_id
string
Specifies the enterprise project ID. When creating a security group, associate the enterprise project ID with the security group.
filters
list / elements=string / required
A list of filters to apply when deciding whether existing resources match and should be altered. The item of filters is the name of input options.
identity_endpoint
string
Default:
"https://iam.myhuaweicloud.com:443/v3"
Specifies the Identity authentication URL. Required if you are using other cloud supported by Huaweicloud.
name
string / required
Specifies the security group name. The value is a string of 1 to 64 characters that can contain letters, digits, underscores _, hyphens (-), and periods (.).
project_id
string / required
Specifies the of ID of the project to login with.
region
string / required
Specifies the Huawei Cloud region.
secret_key
string / required
Specifies the secret key of the HuaweiCloud to use.
state
string
    Choices:
  • present ←
  • absent
Whether the given object should exist in Huawei Cloud.

Notes

Note

  • For authentication, you can set access_key using the `ANSIBLE_HWC_ACCESS_KEY’ env variable.

  • For authentication, you can set secret_key using the `ANSIBLE_HWC_SECRET_KEY’ env variable.

  • For authentication, you can set project_id using the `ANSIBLE_HWC_PROJECT_ID’ env variable.

  • For authentication, you can set region using the `ANSIBLE_HWC_REGION’ env variable.

  • For authentication, you can set identity_endpoint using the `ANSIBLE_HWC_IDENTITY_ENDPOINT’ env variable.

  • For authentication, you can set cloud using the `ANSIBLE_HWC_CLOUD’ env variable.

  • Environment variables values will only be used if the playbook values are not set.

Examples

# create a security group
- name: create a security group
  hwc_vpc_security_group:
    name: "ansible_network_security_group_test"
    filters:
      - "name"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
description
string
success
Specifies supplementary information about the security group.
enterprise_project_id
string
success
Specifies the enterprise project ID. When creating a security group, associate the enterprise project ID with the security group.
name
string
success
Specifies the security group name. The value is a string of 1 to 64 characters that can contain letters, digits, underscores _, hyphens (-), and periods (.).
rules
dictionary
success
Specifies the security group rule, which ensures that resources in the security group can communicate with one another.
 
description
string
success
Provides supplementary information about the security group rule.
 
direction
string
success
Specifies the direction of access control. The value can be egress or ingress.
 
ethertype
string
success
Specifies the IP protocol version. The value can be IPv4 or IPv6.
 
id
string
success
Specifies the security group rule ID.
 
port_range_max
integer
success
Specifies the end port number. The value ranges from 1 to 65535. If the protocol is not icmp, the value cannot be smaller than the port_range_min value. An empty value indicates all ports.
 
port_range_min
integer
success
Specifies the start port number. The value ranges from 1 to 65535. The value cannot be greater than the port_range_max value. An empty value indicates all ports.
 
protocol
string
success
Specifies the protocol type. The value can be icmp, tcp, udp, or others. If the parameter is left blank, the security group supports all protocols.
 
remote_address_group_id
string
success
Specifies the ID of remote IP address group.
 
remote_group_id
string
success
Specifies the ID of the peer security group.
 
remote_ip_prefix
string
success
Specifies the remote IP address. If the access control direction is set to egress, the parameter specifies the source IP address. If the access control direction is set to ingress, the parameter specifies the destination IP address.


Authors

  • Huawei (@huaweicloud)