na_ontap_firewall_policy - NetApp ONTAP Manage a firewall policy

New in version 2.7.

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • A physical or virtual clustered Data ONTAP system. The modules were developed with Clustered Data ONTAP 9.3
  • Ansible 2.6
  • netapp-lib (2017.10.30). Install using ‘pip install netapp-lib’
  • To enable http on the cluster you must run the following commands ‘set -privilege advanced;’ ‘system services web modify -http-enabled true;’

Parameters

Parameter Choices/Defaults Comments
allow_list
A list of IPs and masks to use
enable
    Choices:
  • enable ←
  • disable
enabled firewall
hostname
required
The hostname or IP address of the ONTAP instance.
http_port
int
Override the default port (80 or 443) with this port
https
bool
    Choices:
  • no ←
  • yes
Enable and disable https
logging
    Choices:
  • enable
  • disable ←
enable logging
node
required
The node to run the firewall configuration on
password
required
Password for the specified user.

aliases: pass
policy
required
A policy name for the firewall policy
service
required
    Choices:
  • http
  • https
  • ntp
  • rsh
  • snmp
  • ssh
  • telnet
The service to apply the policy to
state
    Choices:
  • present ←
  • absent
Whether to set up a fire policy or not
username
required
This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/.

aliases: user
validate_certs
bool
    Choices:
  • no
  • yes ←
If set to False, the SSL certificates will not be validated.
This should only set to False used on personally controlled sites using self-signed certificates.
vserver
required
The Vserver to apply the policy to.

Notes

Note

  • The modules prefixed with na_ontap are built to support the ONTAP storage platform.

Examples

- name: create firewall Policy
  na_ontap_firewall_policy:
    state: present
    allow_list: [1.2.3.4/24,1.3.3.4/24]
    policy: pizza
    service: http
    vserver: ci_dev
    hostname: "{{ netapp hostname }}"
    username: "{{ netapp username }}"
    password: "{{ netapp password }}"
    node: laurentn-vsim1

- name: Modify firewall Policy
  na_ontap_firewall_policy:
    state: present
    allow_list: [1.2.3.4/24,1.3.3.4/24]
    policy: pizza
    service: http
    vserver: ci_dev
    hostname: "{{ netapp hostname }}"
    username: "{{ netapp username }}"
    password: "{{ netapp password }}"
    node: laurentn-vsim1

- name: Destory firewall Policy
  na_ontap_firewall_policy:
    state: absent
    policy: pizza
    service: http
    vserver: ci_dev
    hostname: "{{ netapp hostname }}"
    username: "{{ netapp username }}"
    password: "{{ netapp password }}"
    node: laurentn-vsim1

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as certified which means that it is maintained by an Ansible Partner. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by an Ansible Partner, see here.

Author

Hint

If you notice any issues in this documentation you can edit this document to improve it.