- name: test create http range rule cs_securitygroup_rule: security_group: default start_port: 8000 end_port: 8888 cidr: 1.2.3.4/32 register: sg_rule - name: verify create http range rule assert: that: - sg_rule|success - sg_rule|changed - sg_rule.type == 'ingress' - sg_rule.security_group == 'default' - sg_rule.protocol == 'tcp' - sg_rule.start_port == 8000 - sg_rule.end_port == 8888 - sg_rule.cidr == '1.2.3.4/32' - name: test create http range rule idempotence cs_securitygroup_rule: security_group: default start_port: 8000 end_port: 8888 cidr: 1.2.3.4/32 register: sg_rule - name: verify create http range rule idempotence assert: that: - sg_rule|success - not sg_rule|changed - sg_rule.type == 'ingress' - sg_rule.security_group == 'default' - sg_rule.protocol == 'tcp' - sg_rule.start_port == 8000 - sg_rule.end_port == 8888 - sg_rule.cidr == '1.2.3.4/32' - name: test create single port udp rule cs_securitygroup_rule: security_group: default port: 5353 protocol: udp type: egress user_security_group: '{{ cs_resource_prefix }}_sg' register: sg_rule - name: verify create single port udp rule assert: that: - sg_rule|success - sg_rule|changed - sg_rule.type == 'egress' - sg_rule.security_group == 'default' - sg_rule.protocol == 'udp' - sg_rule.start_port == 5353 - sg_rule.end_port == 5353 - sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg' - name: test single port udp rule idempotence cs_securitygroup_rule: security_group: default port: 5353 protocol: udp type: egress user_security_group: '{{ cs_resource_prefix }}_sg' register: sg_rule - name: verify single port udp rule idempotence assert: that: - sg_rule|success - not sg_rule|changed - sg_rule.type == 'egress' - sg_rule.security_group == 'default' - sg_rule.protocol == 'udp' - sg_rule.start_port == 5353 - sg_rule.end_port == 5353 - sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg' - name: test icmp rule cs_securitygroup_rule: security_group: default protocol: icmp type: ingress icmp_type: -1 icmp_code: -1 register: sg_rule - name: verify icmp rule assert: that: - sg_rule|success - sg_rule|changed - sg_rule.type == 'ingress' - sg_rule.security_group == 'default' - sg_rule.cidr == '0.0.0.0/0' - sg_rule.protocol == 'icmp' - sg_rule.icmp_code == -1 - sg_rule.icmp_type == -1 - name: test icmp rule idempotence cs_securitygroup_rule: security_group: default protocol: icmp type: ingress icmp_type: -1 icmp_code: -1 register: sg_rule - name: verify icmp rule idempotence assert: that: - sg_rule|success - not sg_rule|changed - sg_rule.type == 'ingress' - sg_rule.security_group == 'default' - sg_rule.cidr == '0.0.0.0/0' - sg_rule.protocol == 'icmp' - sg_rule.icmp_code == -1 - sg_rule.icmp_type == -1