Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I Expect Firewall Policy Creation to Be Idempotent #13

Open
matt-wittmann opened this issue Dec 21, 2015 · 0 comments
Open

I Expect Firewall Policy Creation to Be Idempotent #13

matt-wittmann opened this issue Dec 21, 2015 · 0 comments

Comments

@matt-wittmann
Copy link

When I use the clc_firewall_policy module with state: present, I expect my Ansible task not to create a new firewall policy if the same policy already exists. The issue is, every time the Ansible playbook is run, a new firewall policy with the exact same settings (source, destination, and ports) is created. I can either check whether the policy already exists myself and skip the task (although I don't see anything in the clc-ansible-module documentation to support this either) or let it create duplicate policies and clean them up manually later.

- name: Configure Firewall Policy
  environment:
    CLC_V2_API_USERNAME: "{{ clc_username }}"
    CLC_V2_API_PASSWD: "{{ clc_password }}"
  clc_firewall_policy:
    source_account_alias: TEST
    location: "{{ data_center }}"
    state: present
    source: ["{{ source_ip_address }}/32"]
    destination: ["{{ destination_ip_address }}/32"]
    ports: ["{{ port_to_open }}"]
    destination_account_alias: TEST
  delegate_to: localhost
  sudo: no
bschwedler added a commit that referenced this issue Feb 6, 2017
@bschwedler
Make firewall policy creation idempotent
cdd57e4 
This was initially raised in issue #13 and makes sense to implement in
the refactor of the ansible modules.  If firewall_policy_id is
specified, search through the existing policies to determine if a policy
exists that matches the parameters passed to the model.  If so, the
policy is not created.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@matt-wittmann