archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
devel
stable-2.15
stable-2.14
stable-2.16
stable-2.17
milestone
stable-2.12
stable-2.13
stable-2.9
stable-2.11
stable-2.3
stable-2.10
stable-2.8
stable-2.4
stable-2.5
stable-2.6
stable-2.7
temp-2.10-devel
mazer_role_loader
stable-2.2
threading_plus_forking
threading_instead_of_forking
stable-2.1
stable-1.9
stable-2.0
stable-2.0.0.1
stable-2.0-network
release1.8.4
release1.8.3
release1.8.2
release1.8.1
release1.8.0
release1.7.2
release1.7.1
release1.7.0
release1.6.8
release1.6.10
release1.6.9
release1.6.7
release1.6.6
release1.6.5
release1.6.4
release1.6.3
release1.6.2
release1.6.1
release1.6.0
release1.5.5
release1.5.4
release1.5.3
release1.5.2
release1.5.1
release1.5.0
v2.14.3
v2.13.8
v2.14.3rc1
v2.13.8rc1
v2.14.2
v2.14.2rc1
v2.14.1
v2.13.7
v2.13.7rc1
v2.14.1rc1
v2.13.6
v2.14.0
v2.14.0rc2
v2.13.6rc1
v2.14.0rc1
v2.14.0b3
v2.13.5
v2.12.10
v2.14.0b2
v2.13.5rc1
v2.12.10rc1
v2.14.0b1
v2.12.9
v2.13.4
v2.13.4rc1
v2.12.9rc1
v2.13.3
v2.12.8
v2.12.8rc1
v2.13.3rc1
v2.13.2
v2.13.2rc1
v2.12.7
v2.13.1
v2.12.7rc1
v2.13.1rc1
v2.12.6
v2.11.12
v2.12.6rc1
v2.11.12rc1
v2.13.0
v2.13.0rc1
v2.13.0b1
v2.12.5
v2.11.11
v2.12.5rc1
v2.11.11rc1
v2.13.0b0
v2.12.4
v2.11.10
v2.12.4rc1
v2.11.10rc1
v2.11.9
v2.12.3
v2.12.3rc1
v2.11.9rc1
v2.12.2
v2.11.8
v2.10.17
v2.12.2rc1
v2.11.8rc1
v2.10.17rc1
v2.12.1
v2.11.7
v2.10.16
v2.10.16rc1
v2.11.7rc1
v2.12.1rc1
v2.12.0
v2.12.0rc1
v2.12.0b2
v2.11.6
v2.10.15
v2.9.27
v2.9.27rc1
v2.10.15rc1
v2.11.6rc1
v2.12.0b1
v2.11.5
v2.10.14
v2.9.26
v2.11.5rc1
v2.10.14rc1
v2.9.26rc1
v2.11.4
v2.10.13
v2.9.25
v2.9.25rc1
v2.10.13rc1
v2.11.4rc1
v2.11.3
v2.10.12
v2.9.24
v2.11.3rc1
v2.10.12rc1
v2.9.24rc1
v2.9.23
v2.10.11
v2.11.2
v2.11.2rc1
v2.10.11rc1
v2.9.23rc1
v2.11.1
v2.10.10
v2.9.22
v2.9.22rc1
v2.10.10rc1
v2.11.1rc1
v2.10.9
v2.9.21
v2.10.9rc1
v2.9.21rc1
v2.11.0
v2.8.20
v2.9.20
v2.10.8
v2.11.0rc2
v2.8.20rc1
v2.9.20rc1
v2.10.8rc1
v2.11.0rc1
stable-2.11-branchpoint
v2.11.0b4
v2.11.0b3
v2.11.0b2
v2.10.7
v2.9.19
v2.10.7rc1
v2.9.19rc1
v2.11.0b1
v2.8.19
v2.9.18
v2.10.6
v2.8.19rc1
v2.9.18rc1
v2.10.6rc1
v2.9.17
v2.10.5
v2.10.5rc1
v2.9.17rc1
v2.8.18
v2.9.16
v2.10.4
v2.8.18rc1
v2.9.16rc1
v2.10.4rc1
v2.8.17
v2.9.15
v2.10.3
v2.8.17rc1
v2.9.15rc1
v2.10.3rc1
v2.10.2
v2.9.14
v2.8.16
v2.8.16rc1
v2.9.14rc1
v2.10.2rc1
v2.10.1
v2.10.1rc3
v2.10.1rc2
v2.8.15
v2.9.13
v2.10.0
v2.9.12
v2.8.14
v2.10.0rc4
v2.10.0rc3
v2.10.0rc2
v2.10.0rc1
v2.9.11
v2.8.13
v2.9.10
v2.10.0b1
stable-2.10-branchpoint
v2.9.9
v2.7.18
v2.8.12
v2.9.8
v2.9.7
v2.8.11
v2.7.17
pre-ansible-base
v2.8.10
v2.8.9
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.8.8
v2.7.16
v2.9.2
v2.9.1
v2.8.7
v2.7.15
v2.9.0
v2.9.0rc5
v2.8.6
v2.7.14
v2.9.0rc4
v2.6.20
v2.9.0rc3
v2.9.0rc2
v2.9.0rc1
v2.8.5
v2.9.0b1
stable-2.9-branchpoint
v2.6.19
v2.7.13
v2.8.4
v2.8.3
v2.6.18
v2.7.12
v2.8.2
v2.8.1
v2.7.11
v2.6.17
v2.8.0
v2.8.0rc3
v2.8.0rc2
v2.8.0rc1
v2.8.0b1
v2.8.0a1
v2.6.16
v2.7.10
v2.6.15
v2.7.9
v2.7.8
v2.6.14
v2.5.15
v2.7.7
v2.6.13
v2.6.12
v2.7.6
v2.5.14
v2.7.5
v2.6.11
v2.6.10
v2.7.4
v2.5.13
v2.7.3
v2.6.9
v2.5.12
v2.6.8
v2.7.2
v2.6.7
v2.5.11
v2.7.1
v2.6.6
v2.7.0
v2.6.5
v2.7.0rc4
v2.5.10
v2.7.0rc3
v2.7.0rc2
v2.5.9
v2.6.4
v2.7.0rc1
v2.7.0b1
v2.7.0.a1
v2.6.3
v2.5.8
v2.6.2
v2.5.7
v2.6.1
v2.5.6
v2.4.6.0-1
v2.6.0
v2.6.0rc5
v2.6.0rc4
v2.4.5.0-1
v2.6.0rc3
v2.5.5
v2.4.5.0-0.1.rc1
v2.6.0rc2
v2.6.0rc1
v2.5.4
v2.6.0a2
v2.6.0a1
v2.5.3
v2.5.2
v2.5.1
v2.4.4.0-1
v2.4.4.0-0.3.rc2
v2.5.0
v2.5.0rc3
v2.5.0rc2
v2.4.4-0.2.rc1
v2.3.4.0-0.1.rc1
v2.5.0rc1
v2.4.4-0.1.beta1
v2.5.0b1
v2.5.0a1
v2.4.3.0-1
v2.4.3.0-0.6.rc3
v2.4.3.0-0.5.rc2
v2.4.3.0-0.4.rc1
v2.4.3-0.3.beta3
v2.4.3.0-0.2.beta2
v2.3.3.0-1
v2.4.3.0-0.1.beta1
v2.4.2.0-1
v2.4.2.0-0.5.rc1
v2.4.2.0-0.4.beta4
v2.3.3.0-0.3.rc3
v2.4.2.0-0.3.beta3
v2.4.2.0-0.2.beta2
v2.4.2.0-0.1.beta1
v2.4.1.0-1
v2.4.1.0-0.4.rc2
v2.3.3.0-0.2.rc2
v2.4.1.0-0.3.rc1
v2.4.1.0-0.2.beta2
v2.3.3.0-0.1.rc1
v2.4.1.0-0.1.beta1
v2.4.0.0-1
v2.4.0.0-0.5.rc5
v2.4.0.0-0.4.rc4
v2.4.0.0-0.3.rc3
v2.4.0.0-0.2.rc2
v2.4.0.0-0.1.rc1
v2.3.2.0-1
v2.3.2.0-0.5.rc5
v2.3.2.0-0.4.rc4
v2.3.2.0-0.3.rc3
v2.3.2.0-0.2.rc2
v2.3.2.0-0.1.rc1
v2.1.6.0-1
v2.3.1.0-1
v2.3.1.0-0.2.rc2
v2.2.3.0-1
v2.1.6.0-0.1.rc1
v2.3.1.0-0.1.rc1
v2.3.0.0-1
v2.3.0.0-0.6.rc6
v2.3.0.0-0.5.rc5
v2.3.0.0-0.4.rc4
v2.2.3.0-0.1.rc1
v2.3.0.0-0.3.rc3
v2.3.0.0-0.2.rc2
v2.2.2.0-1
v2.1.5.0-1
v2.3.0.0-0.1.rc1
v2.1.5.0-0.2.rc2
v2.2.2.0-0.2.rc2
v2.1.5.0-0.1.rc1
v2.2.2.0-0.1.rc1
v2.1.4.0-1
v2.2.1.0-1
v2.1.4.0-0.3.rc3
v2.2.1.0-0.5.rc5
v2.1.4.0-0.2.rc2
v2.2.1.0-0.4.rc4
v2.1.4.0-0.1.rc1
v2.2.1.0-0.3.rc3
v2.2.1.0-0.2.rc2
v2.2.1.0-0.1.rc1
v2.1.3.0-1
v2.2.0.0-1
v2.2.0.0-0.4.rc4
v2.1.3.0-0.3.rc3
v2.1.3.0-0.2.rc2
v2.2.0.0-0.3.rc3
v2.1.3.0-0.1.rc1
v2.2.0.0-0.2.rc2
v2.2.0.0-0.1.rc1
v2.1.2.0-1
v2.1.2.0-0.5.rc5
v2.1.2.0-0.4.rc4
v2.1.2.0-0.3.rc3
v2.1.2.0-0.2.rc2
v2.1.2.0-0.1.rc1
v2.1.1.0-1
v2.1.1.0-0.5.rc5
v2.1.1.0-0.4.rc4
v2.1.1.0-0.3.rc3
v2.1.1.0-0.2.rc2
v2.1.1.0-0.1.rc1
v2.1.0.0-1
v2.1.0.0-0.4.rc4
v2.1.0.0-0.2.rc2
v2.1.0.0-0.3.rc3
v2.1.0.0-0.1.rc1
v2.0.2.0-1
v1.9.6-1
v2.0.2.0-0.4.rc4
v2.0.2.0-0.3.rc3
v1.9.6-0.1.rc1
v2.0.2.0-0.2.rc2
v2.0.2.0-0.1.rc1
v1.9.5-1
v1.9.5-0.1.rc1
v2.0.1.0-1
v2.0.1.0-0.2.rc2
v2.0.1.0-0.1.rc1
v2.0.0.2-1
v2.0.0.1-1
v2.0.0.0-1
v2.0.0-0.9.rc4
v2.0.0-0.8.rc3
v2.0.0-0.7.rc2
v2.0.0-0.6.rc1
v2.0.0-0.5.beta3
v2.0.0-0.4.beta2
v1.9.4-1
v2.0.0-0.3.beta1
v1.9.4-0.3.rc3
v1.9.4-0.2.rc2
v1.9.4-0.1.rc1
v2.0.0-0.2.alpha2
v1.9.3-1
v2.0.0-0.1.alpha1
v1.9.3-0.3.rc3
v1.9.3-0.2.rc2
v1.9.3-0.1.rc1
v1.9.2-1
v1.9.2-0.2.rc2
v1_last
v1.9.2-0.1.rc1
v1.9.1-1
v1.9.1-0.4.rc4
v1.9.1-0.3.rc3
v1.9.1-0.2.rc2
v1.9.1-0.1.rc1
v1.9.0.1-1
v1.9.0-2
v1.9.0-1
v1.9.0-0.2.rc2
v1.9.0-0.1.rc1
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.2
v1.7.1
v1.7.0
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.3
v1.2.2
v1.2.1
v1.2
v1.1
v1.0
0.8
0.7.2
0.7
0.6
0.5
0.4.1
0.4
0.3.1
0.3
0.01
0.0.1
0.0.2
0.7.1
v0.9
v2.13.10
v2.13.10rc1
v2.13.11
v2.13.11rc1
v2.13.12
v2.13.12rc1
v2.13.13
v2.13.13rc1
v2.13.9
v2.13.9rc1
v2.14.10
v2.14.10rc1
v2.14.11
v2.14.11rc1
v2.14.12
v2.14.12rc1
v2.14.13
v2.14.14
v2.14.14rc1
v2.14.15
v2.14.15rc1
v2.14.16
v2.14.16rc1
v2.14.17
v2.14.17rc1
v2.14.4
v2.14.4rc1
v2.14.5
v2.14.5rc1
v2.14.6
v2.14.6rc1
v2.14.7
v2.14.7rc1
v2.14.8
v2.14.8rc1
v2.14.9
v2.14.9rc1
v2.15.0
v2.15.0b1
v2.15.0b2
v2.15.0b3
v2.15.0rc1
v2.15.0rc2
v2.15.1
v2.15.10
v2.15.10rc1
v2.15.11
v2.15.11rc1
v2.15.12
v2.15.12rc1
v2.15.1rc1
v2.15.2
v2.15.2rc1
v2.15.3
v2.15.3rc1
v2.15.4
v2.15.4rc1
v2.15.5
v2.15.5rc1
v2.15.6
v2.15.6rc1
v2.15.7
v2.15.7rc1
v2.15.8
v2.15.9
v2.15.9rc1
v2.16.0
v2.16.0b1
v2.16.0b2
v2.16.0rc1
v2.16.1
v2.16.10
v2.16.10rc1
v2.16.11
v2.16.11rc1
v2.16.1rc1
v2.16.2
v2.16.3
v2.16.3rc1
v2.16.4
v2.16.4rc1
v2.16.5
v2.16.5rc1
v2.16.6
v2.16.7
v2.16.7rc1
v2.16.8
v2.16.8rc1
v2.16.9
v2.16.9rc1
v2.17.0
v2.17.0b1
v2.17.0rc1
v2.17.0rc2
v2.17.1
v2.17.1rc1
v2.17.2
v2.17.2rc1
v2.17.2rc2
v2.17.3
v2.17.3rc1
v2.17.4
v2.17.4rc1
v2.5.0b2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1a8ed08e6c'
${ noResults }
ansible/test/integration/targets/aws_waf_web_acl/tasks/main.yml

422 lines
12 KiB
YAML
Raw Normal View History Unescape Escape

Add new aws_waf_condition module (#33110)
7 years ago
- block:
- name: set yaml anchor
set_fact:
aws_connection_info: &aws_connection_info
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
security_token: "{{ security_token }}"
no_log: yes
[cloud][aws] New module: aws_waf_rule module (#33124) Add a new module for managing AWS WAF rules Preceded by aws_waf_condition and to be succeeded by aws_waf_web_acl
7 years ago
##################################################
# aws_waf_condition tests
##################################################
Add new aws_waf_condition module (#33110)
7 years ago
- name: create WAF IP condition
aws_waf_condition:
name: "{{ resource_prefix }}_ip_condition"
filters:
- ip_address: "10.0.0.0/8"
type: ip
<<: *aws_connection_info
register: create_waf_ip_condition
- name: add an IP address to WAF condition
aws_waf_condition:
name: "{{ resource_prefix }}_ip_condition"
filters:
- ip_address: "10.0.0.0/8"
- ip_address: "192.168.0.0/24"
type: ip
<<: *aws_connection_info
register: add_ip_address_to_waf_condition
- name: check expected waf filter length
assert:
that:
- add_ip_address_to_waf_condition.condition.ip_set_descriptors|length == 2
- name: add an IP address to WAF condition (rely on purge_filters defaulting to false)
aws_waf_condition:
name: "{{ resource_prefix }}_ip_condition"
filters:
- ip_address: "192.168.10.0/24"
type: ip
<<: *aws_connection_info
register: add_ip_address_to_waf_condition_no_purge
- name: check waf filter length has increased
assert:
that:
- add_ip_address_to_waf_condition_no_purge.condition.ip_set_descriptors|length == 3
- add_ip_address_to_waf_condition_no_purge.changed
- name: add an IP address to WAF condition (set purge_filters)
aws_waf_condition:
name: "{{ resource_prefix }}_ip_condition"
filters:
- ip_address: "192.168.20.0/24"
purge_filters: yes
type: ip
<<: *aws_connection_info
register: add_ip_address_to_waf_condition_purge
- name: check waf filter length has reduced
assert:
that:
- add_ip_address_to_waf_condition_purge.condition.ip_set_descriptors|length == 1
- add_ip_address_to_waf_condition_purge.changed
- name: create WAF byte condition
aws_waf_condition:
name: "{{ resource_prefix }}_byte_condition"
filters:
- field_to_match: header
position: STARTS_WITH
target_string: Hello
header: Content-type
type: byte
<<: *aws_connection_info
register: create_waf_byte_condition
- name: recreate WAF byte condition
aws_waf_condition:
name: "{{ resource_prefix }}_byte_condition"
filters:
- field_to_match: header
position: STARTS_WITH
target_string: Hello
header: Content-type
type: byte
<<: *aws_connection_info
register: recreate_waf_byte_condition
- name: assert that no change was made
assert:
that:
- not recreate_waf_byte_condition.changed
- name: create WAF geo condition
aws_waf_condition:
name: "{{ resource_prefix }}_geo_condition"
filters:
- country: US
- country: AU
- country: AT
type: geo
<<: *aws_connection_info
register: create_waf_geo_condition
- name: create WAF size condition
aws_waf_condition:
name: "{{ resource_prefix }}_size_condition"
filters:
- field_to_match: query_string
size: 300
comparison: GT
type: size
<<: *aws_connection_info
register: create_waf_size_condition
- name: create WAF sql condition
aws_waf_condition:
name: "{{ resource_prefix }}_sql_condition"
filters:
- field_to_match: query_string
transformation: url_decode
type: sql
<<: *aws_connection_info
register: create_waf_sql_condition
- name: create WAF xss condition
aws_waf_condition:
name: "{{ resource_prefix }}_xss_condition"
filters:
- field_to_match: query_string
transformation: url_decode
type: xss
<<: *aws_connection_info
register: create_waf_xss_condition
- name: create WAF regex condition
aws_waf_condition:
name: "{{ resource_prefix }}_regex_condition"
filters:
- field_to_match: query_string
regex_pattern:
name: greetings
regex_strings:
- '[hH]ello'
- '^Hi there'
- '.*Good Day to You'
type: regex
<<: *aws_connection_info
register: create_waf_regex_condition
- name: create a second WAF regex condition with the same regex
aws_waf_condition:
name: "{{ resource_prefix }}_regex_condition_part_2"
filters:
- field_to_match: header
header: cookie
regex_pattern:
name: greetings
regex_strings:
- '[hH]ello'
- '^Hi there'
- '.*Good Day to You'
type: regex
<<: *aws_connection_info
register: create_second_waf_regex_condition
- name: check that the pattern is shared
assert:
that:
- >
create_waf_regex_condition.condition.regex_match_tuples[0].regex_pattern_set_id ==
create_second_waf_regex_condition.condition.regex_match_tuples[0].regex_pattern_set_id
- create_second_waf_regex_condition.changed
- name: delete first WAF regex condition
aws_waf_condition:
name: "{{ resource_prefix }}_regex_condition"
filters:
- field_to_match: query_string
regex_pattern:
name: greetings
regex_strings:
- '[hH]ello'
- '^Hi there'
- '.*Good Day to You'
type: regex
state: absent
<<: *aws_connection_info
register: delete_waf_regex_condition
- name: delete second WAF regex condition
aws_waf_condition:
name: "{{ resource_prefix }}_regex_condition_part_2"
filters:
- field_to_match: header
header: cookie
regex_pattern:
name: greetings
regex_strings:
- '[hH]ello'
- '^Hi there'
- '.*Good Day to You'
type: regex
state: absent
<<: *aws_connection_info
register: delete_second_waf_regex_condition
- name: create WAF regex condition
aws_waf_condition:
name: "{{ resource_prefix }}_regex_condition"
filters:
- field_to_match: query_string
regex_pattern:
name: greetings
regex_strings:
- '[hH]ello'
- '^Hi there'
- '.*Good Day to You'
type: regex
<<: *aws_connection_info
register: recreate_waf_regex_condition
- name: check that a new pattern is created (because the first pattern should have been deleted once unused)
assert:
that:
- >
recreate_waf_regex_condition.condition.regex_match_tuples[0].regex_pattern_set_id !=
create_waf_regex_condition.condition.regex_match_tuples[0].regex_pattern_set_id
[cloud][aws] New module: aws_waf_rule module (#33124) Add a new module for managing AWS WAF rules Preceded by aws_waf_condition and to be succeeded by aws_waf_web_acl
7 years ago
##################################################
# aws_waf_rule tests
##################################################
- name: create WAF rule
aws_waf_rule:
name: "{{ resource_prefix }}_rule"
conditions:
- name: "{{ resource_prefix }}_regex_condition"
type: regex
negated: no
- name: "{{ resource_prefix }}_geo_condition"
type: geo
negated: no
- name: "{{ resource_prefix }}_byte_condition"
type: byte
negated: no
purge_conditions: yes
<<: *aws_connection_info
register: create_aws_waf_rule
- name: check WAF rule
assert:
that:
- create_aws_waf_rule.changed
- create_aws_waf_rule.rule.predicates|length == 3
- name: recreate WAF rule
aws_waf_rule:
name: "{{ resource_prefix }}_rule"
conditions:
- name: "{{ resource_prefix }}_regex_condition"
type: regex
negated: no
- name: "{{ resource_prefix }}_geo_condition"
type: geo
negated: no
- name: "{{ resource_prefix }}_byte_condition"
type: byte
negated: no
<<: *aws_connection_info
register: create_aws_waf_rule
- name: check WAF rule did not change
assert:
that:
- not create_aws_waf_rule.changed
- create_aws_waf_rule.rule.predicates|length == 3
- name: add further WAF rules relying on purge_conditions defaulting to false
aws_waf_rule:
name: "{{ resource_prefix }}_rule"
conditions:
- name: "{{ resource_prefix }}_ip_condition"
type: ip
negated: yes
- name: "{{ resource_prefix }}_sql_condition"
type: sql
negated: no
- name: "{{ resource_prefix }}_xss_condition"
type: xss
negated: no
<<: *aws_connection_info
register: add_conditions_to_aws_waf_rule
- name: check WAF rule added rules
assert:
that:
- add_conditions_to_aws_waf_rule.changed
- add_conditions_to_aws_waf_rule.rule.predicates|length == 6
- name: remove some rules through purging conditions
aws_waf_rule:
name: "{{ resource_prefix }}_rule"
conditions:
- name: "{{ resource_prefix }}_ip_condition"
type: ip
negated: yes
- name: "{{ resource_prefix }}_xss_condition"
type: xss
negated: no
- name: "{{ resource_prefix }}_byte_condition"
type: byte
negated: no
- name: "{{ resource_prefix }}_size_condition"
type: size
negated: no
purge_conditions: yes
<<: *aws_connection_info
register: add_and_remove_waf_rule_conditions
- name: check WAF rules were updated as expected
assert:
that:
- add_and_remove_waf_rule_conditions.changed
- add_and_remove_waf_rule_conditions.rule.predicates|length == 4
- name: attempt to remove an in use condition
aws_waf_condition:
name: "{{ resource_prefix }}_size_condition"
type: size
state: absent
<<: *aws_connection_info
ignore_errors: yes
register: remove_in_use_condition
- name: check failure was sensible
assert:
that:
- remove_in_use_condition.failed
- "'Condition {{ resource_prefix }}_size_condition is in use' in remove_in_use_condition.msg"
Add new aws_waf_condition module (#33110)
7 years ago
always:
- debug:
msg: "****** TEARDOWN STARTS HERE ******"
[cloud][aws] New module: aws_waf_rule module (#33124) Add a new module for managing AWS WAF rules Preceded by aws_waf_condition and to be succeeded by aws_waf_web_acl
7 years ago
- name: remove WAF rule
aws_waf_rule:
name: "{{ resource_prefix }}_rule"
state: absent
<<: *aws_connection_info
ignore_errors: yes
Add new aws_waf_condition module (#33110)
7 years ago
- name: remove XSS condition
aws_waf_condition:
name: "{{ resource_prefix }}_xss_condition"
type: xss
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove SQL condition
aws_waf_condition:
name: "{{ resource_prefix }}_sql_condition"
type: sql
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove size condition
aws_waf_condition:
name: "{{ resource_prefix }}_size_condition"
type: size
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove geo condition
aws_waf_condition:
name: "{{ resource_prefix }}_geo_condition"
type: geo
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove byte condition
aws_waf_condition:
name: "{{ resource_prefix }}_byte_condition"
type: byte
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove ip address condition
aws_waf_condition:
name: "{{ resource_prefix }}_ip_condition"
type: ip
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove regex part 2 condition
aws_waf_condition:
name: "{{ resource_prefix }}_regex_condition_part_2"
type: regex
state: absent
<<: *aws_connection_info
ignore_errors: yes
- name: remove first regex condition
aws_waf_condition:
name: "{{ resource_prefix }}_regex_condition"
type: regex
state: absent
<<: *aws_connection_info
ignore_errors: yes