archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
devel
stable-2.16
stable-2.17
milestone
stable-2.15
stable-2.14
stable-2.12
stable-2.13
stable-2.9
stable-2.11
stable-2.3
stable-2.10
stable-2.8
stable-2.4
stable-2.5
stable-2.6
stable-2.7
temp-2.10-devel
mazer_role_loader
stable-2.2
threading_plus_forking
threading_instead_of_forking
stable-2.1
stable-1.9
stable-2.0
stable-2.0.0.1
stable-2.0-network
release1.8.4
release1.8.3
release1.8.2
release1.8.1
release1.8.0
release1.7.2
release1.7.1
release1.7.0
release1.6.8
release1.6.10
release1.6.9
release1.6.7
release1.6.6
release1.6.5
release1.6.4
release1.6.3
release1.6.2
release1.6.1
release1.6.0
release1.5.5
release1.5.4
release1.5.3
release1.5.2
release1.5.1
release1.5.0
v2.14.3
v2.13.8
v2.14.3rc1
v2.13.8rc1
v2.14.2
v2.14.2rc1
v2.14.1
v2.13.7
v2.13.7rc1
v2.14.1rc1
v2.13.6
v2.14.0
v2.14.0rc2
v2.13.6rc1
v2.14.0rc1
v2.14.0b3
v2.13.5
v2.12.10
v2.14.0b2
v2.13.5rc1
v2.12.10rc1
v2.14.0b1
v2.12.9
v2.13.4
v2.13.4rc1
v2.12.9rc1
v2.13.3
v2.12.8
v2.12.8rc1
v2.13.3rc1
v2.13.2
v2.13.2rc1
v2.12.7
v2.13.1
v2.12.7rc1
v2.13.1rc1
v2.12.6
v2.11.12
v2.12.6rc1
v2.11.12rc1
v2.13.0
v2.13.0rc1
v2.13.0b1
v2.12.5
v2.11.11
v2.12.5rc1
v2.11.11rc1
v2.13.0b0
v2.12.4
v2.11.10
v2.12.4rc1
v2.11.10rc1
v2.11.9
v2.12.3
v2.12.3rc1
v2.11.9rc1
v2.12.2
v2.11.8
v2.10.17
v2.12.2rc1
v2.11.8rc1
v2.10.17rc1
v2.12.1
v2.11.7
v2.10.16
v2.10.16rc1
v2.11.7rc1
v2.12.1rc1
v2.12.0
v2.12.0rc1
v2.12.0b2
v2.11.6
v2.10.15
v2.9.27
v2.9.27rc1
v2.10.15rc1
v2.11.6rc1
v2.12.0b1
v2.11.5
v2.10.14
v2.9.26
v2.11.5rc1
v2.10.14rc1
v2.9.26rc1
v2.11.4
v2.10.13
v2.9.25
v2.9.25rc1
v2.10.13rc1
v2.11.4rc1
v2.11.3
v2.10.12
v2.9.24
v2.11.3rc1
v2.10.12rc1
v2.9.24rc1
v2.9.23
v2.10.11
v2.11.2
v2.11.2rc1
v2.10.11rc1
v2.9.23rc1
v2.11.1
v2.10.10
v2.9.22
v2.9.22rc1
v2.10.10rc1
v2.11.1rc1
v2.10.9
v2.9.21
v2.10.9rc1
v2.9.21rc1
v2.11.0
v2.8.20
v2.9.20
v2.10.8
v2.11.0rc2
v2.8.20rc1
v2.9.20rc1
v2.10.8rc1
v2.11.0rc1
stable-2.11-branchpoint
v2.11.0b4
v2.11.0b3
v2.11.0b2
v2.10.7
v2.9.19
v2.10.7rc1
v2.9.19rc1
v2.11.0b1
v2.8.19
v2.9.18
v2.10.6
v2.8.19rc1
v2.9.18rc1
v2.10.6rc1
v2.9.17
v2.10.5
v2.10.5rc1
v2.9.17rc1
v2.8.18
v2.9.16
v2.10.4
v2.8.18rc1
v2.9.16rc1
v2.10.4rc1
v2.8.17
v2.9.15
v2.10.3
v2.8.17rc1
v2.9.15rc1
v2.10.3rc1
v2.10.2
v2.9.14
v2.8.16
v2.8.16rc1
v2.9.14rc1
v2.10.2rc1
v2.10.1
v2.10.1rc3
v2.10.1rc2
v2.8.15
v2.9.13
v2.10.0
v2.9.12
v2.8.14
v2.10.0rc4
v2.10.0rc3
v2.10.0rc2
v2.10.0rc1
v2.9.11
v2.8.13
v2.9.10
v2.10.0b1
stable-2.10-branchpoint
v2.9.9
v2.7.18
v2.8.12
v2.9.8
v2.9.7
v2.8.11
v2.7.17
pre-ansible-base
v2.8.10
v2.8.9
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.8.8
v2.7.16
v2.9.2
v2.9.1
v2.8.7
v2.7.15
v2.9.0
v2.9.0rc5
v2.8.6
v2.7.14
v2.9.0rc4
v2.6.20
v2.9.0rc3
v2.9.0rc2
v2.9.0rc1
v2.8.5
v2.9.0b1
stable-2.9-branchpoint
v2.6.19
v2.7.13
v2.8.4
v2.8.3
v2.6.18
v2.7.12
v2.8.2
v2.8.1
v2.7.11
v2.6.17
v2.8.0
v2.8.0rc3
v2.8.0rc2
v2.8.0rc1
v2.8.0b1
v2.8.0a1
v2.6.16
v2.7.10
v2.6.15
v2.7.9
v2.7.8
v2.6.14
v2.5.15
v2.7.7
v2.6.13
v2.6.12
v2.7.6
v2.5.14
v2.7.5
v2.6.11
v2.6.10
v2.7.4
v2.5.13
v2.7.3
v2.6.9
v2.5.12
v2.6.8
v2.7.2
v2.6.7
v2.5.11
v2.7.1
v2.6.6
v2.7.0
v2.6.5
v2.7.0rc4
v2.5.10
v2.7.0rc3
v2.7.0rc2
v2.5.9
v2.6.4
v2.7.0rc1
v2.7.0b1
v2.7.0.a1
v2.6.3
v2.5.8
v2.6.2
v2.5.7
v2.6.1
v2.5.6
v2.4.6.0-1
v2.6.0
v2.6.0rc5
v2.6.0rc4
v2.4.5.0-1
v2.6.0rc3
v2.5.5
v2.4.5.0-0.1.rc1
v2.6.0rc2
v2.6.0rc1
v2.5.4
v2.6.0a2
v2.6.0a1
v2.5.3
v2.5.2
v2.5.1
v2.4.4.0-1
v2.4.4.0-0.3.rc2
v2.5.0
v2.5.0rc3
v2.5.0rc2
v2.4.4-0.2.rc1
v2.3.4.0-0.1.rc1
v2.5.0rc1
v2.4.4-0.1.beta1
v2.5.0b1
v2.5.0a1
v2.4.3.0-1
v2.4.3.0-0.6.rc3
v2.4.3.0-0.5.rc2
v2.4.3.0-0.4.rc1
v2.4.3-0.3.beta3
v2.4.3.0-0.2.beta2
v2.3.3.0-1
v2.4.3.0-0.1.beta1
v2.4.2.0-1
v2.4.2.0-0.5.rc1
v2.4.2.0-0.4.beta4
v2.3.3.0-0.3.rc3
v2.4.2.0-0.3.beta3
v2.4.2.0-0.2.beta2
v2.4.2.0-0.1.beta1
v2.4.1.0-1
v2.4.1.0-0.4.rc2
v2.3.3.0-0.2.rc2
v2.4.1.0-0.3.rc1
v2.4.1.0-0.2.beta2
v2.3.3.0-0.1.rc1
v2.4.1.0-0.1.beta1
v2.4.0.0-1
v2.4.0.0-0.5.rc5
v2.4.0.0-0.4.rc4
v2.4.0.0-0.3.rc3
v2.4.0.0-0.2.rc2
v2.4.0.0-0.1.rc1
v2.3.2.0-1
v2.3.2.0-0.5.rc5
v2.3.2.0-0.4.rc4
v2.3.2.0-0.3.rc3
v2.3.2.0-0.2.rc2
v2.3.2.0-0.1.rc1
v2.1.6.0-1
v2.3.1.0-1
v2.3.1.0-0.2.rc2
v2.2.3.0-1
v2.1.6.0-0.1.rc1
v2.3.1.0-0.1.rc1
v2.3.0.0-1
v2.3.0.0-0.6.rc6
v2.3.0.0-0.5.rc5
v2.3.0.0-0.4.rc4
v2.2.3.0-0.1.rc1
v2.3.0.0-0.3.rc3
v2.3.0.0-0.2.rc2
v2.2.2.0-1
v2.1.5.0-1
v2.3.0.0-0.1.rc1
v2.1.5.0-0.2.rc2
v2.2.2.0-0.2.rc2
v2.1.5.0-0.1.rc1
v2.2.2.0-0.1.rc1
v2.1.4.0-1
v2.2.1.0-1
v2.1.4.0-0.3.rc3
v2.2.1.0-0.5.rc5
v2.1.4.0-0.2.rc2
v2.2.1.0-0.4.rc4
v2.1.4.0-0.1.rc1
v2.2.1.0-0.3.rc3
v2.2.1.0-0.2.rc2
v2.2.1.0-0.1.rc1
v2.1.3.0-1
v2.2.0.0-1
v2.2.0.0-0.4.rc4
v2.1.3.0-0.3.rc3
v2.1.3.0-0.2.rc2
v2.2.0.0-0.3.rc3
v2.1.3.0-0.1.rc1
v2.2.0.0-0.2.rc2
v2.2.0.0-0.1.rc1
v2.1.2.0-1
v2.1.2.0-0.5.rc5
v2.1.2.0-0.4.rc4
v2.1.2.0-0.3.rc3
v2.1.2.0-0.2.rc2
v2.1.2.0-0.1.rc1
v2.1.1.0-1
v2.1.1.0-0.5.rc5
v2.1.1.0-0.4.rc4
v2.1.1.0-0.3.rc3
v2.1.1.0-0.2.rc2
v2.1.1.0-0.1.rc1
v2.1.0.0-1
v2.1.0.0-0.4.rc4
v2.1.0.0-0.2.rc2
v2.1.0.0-0.3.rc3
v2.1.0.0-0.1.rc1
v2.0.2.0-1
v1.9.6-1
v2.0.2.0-0.4.rc4
v2.0.2.0-0.3.rc3
v1.9.6-0.1.rc1
v2.0.2.0-0.2.rc2
v2.0.2.0-0.1.rc1
v1.9.5-1
v1.9.5-0.1.rc1
v2.0.1.0-1
v2.0.1.0-0.2.rc2
v2.0.1.0-0.1.rc1
v2.0.0.2-1
v2.0.0.1-1
v2.0.0.0-1
v2.0.0-0.9.rc4
v2.0.0-0.8.rc3
v2.0.0-0.7.rc2
v2.0.0-0.6.rc1
v2.0.0-0.5.beta3
v2.0.0-0.4.beta2
v1.9.4-1
v2.0.0-0.3.beta1
v1.9.4-0.3.rc3
v1.9.4-0.2.rc2
v1.9.4-0.1.rc1
v2.0.0-0.2.alpha2
v1.9.3-1
v2.0.0-0.1.alpha1
v1.9.3-0.3.rc3
v1.9.3-0.2.rc2
v1.9.3-0.1.rc1
v1.9.2-1
v1.9.2-0.2.rc2
v1_last
v1.9.2-0.1.rc1
v1.9.1-1
v1.9.1-0.4.rc4
v1.9.1-0.3.rc3
v1.9.1-0.2.rc2
v1.9.1-0.1.rc1
v1.9.0.1-1
v1.9.0-2
v1.9.0-1
v1.9.0-0.2.rc2
v1.9.0-0.1.rc1
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.2
v1.7.1
v1.7.0
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.3
v1.2.2
v1.2.1
v1.2
v1.1
v1.0
0.8
0.7.2
0.7
0.6
0.5
0.4.1
0.4
0.3.1
0.3
0.01
0.0.1
0.0.2
0.7.1
v0.9
v2.13.10
v2.13.10rc1
v2.13.11
v2.13.11rc1
v2.13.12
v2.13.12rc1
v2.13.13
v2.13.13rc1
v2.13.9
v2.13.9rc1
v2.14.10
v2.14.10rc1
v2.14.11
v2.14.11rc1
v2.14.12
v2.14.12rc1
v2.14.13
v2.14.14
v2.14.14rc1
v2.14.15
v2.14.15rc1
v2.14.16
v2.14.16rc1
v2.14.17
v2.14.17rc1
v2.14.4
v2.14.4rc1
v2.14.5
v2.14.5rc1
v2.14.6
v2.14.6rc1
v2.14.7
v2.14.7rc1
v2.14.8
v2.14.8rc1
v2.14.9
v2.14.9rc1
v2.15.0
v2.15.0b1
v2.15.0b2
v2.15.0b3
v2.15.0rc1
v2.15.0rc2
v2.15.1
v2.15.10
v2.15.10rc1
v2.15.11
v2.15.11rc1
v2.15.12
v2.15.12rc1
v2.15.1rc1
v2.15.2
v2.15.2rc1
v2.15.3
v2.15.3rc1
v2.15.4
v2.15.4rc1
v2.15.5
v2.15.5rc1
v2.15.6
v2.15.6rc1
v2.15.7
v2.15.7rc1
v2.15.8
v2.15.9
v2.15.9rc1
v2.16.0
v2.16.0b1
v2.16.0b2
v2.16.0rc1
v2.16.1
v2.16.10
v2.16.10rc1
v2.16.11
v2.16.11rc1
v2.16.1rc1
v2.16.2
v2.16.3
v2.16.3rc1
v2.16.4
v2.16.4rc1
v2.16.5
v2.16.5rc1
v2.16.6
v2.16.7
v2.16.7rc1
v2.16.8
v2.16.8rc1
v2.16.9
v2.16.9rc1
v2.17.0
v2.17.0b1
v2.17.0rc1
v2.17.0rc2
v2.17.1
v2.17.1rc1
v2.17.2
v2.17.2rc1
v2.17.2rc2
v2.17.3
v2.17.3rc1
v2.17.4
v2.17.4rc1
v2.5.0b2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c8c326d88e'
${ noResults }
ansible/test/integration/targets/cs_network_acl_rule/tasks/main.yml

540 lines
16 KiB
YAML
Raw Blame History

---
- name: setup vpc
cs_vpc:
name: "{{ cs_resource_prefix }}_vpc"
display_text: "{{ cs_resource_prefix }}_display_text"
cidr: 10.10.0.0/16
zone: "{{ cs_common_zone_adv }}"
register: vpc
- name: verify setup vpc
assert:
that:
- vpc is successful
- name: setup network acl
cs_network_acl:
name: "{{ cs_resource_prefix }}_acl"
vpc: "{{ cs_resource_prefix }}_vpc"
zone: "{{ cs_common_zone_adv }}"
register: acl
- name: verify setup network acl
assert:
that:
- acl is successful
- name: setup network acl rule
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
zone: "{{ cs_common_zone_adv }}"
state: absent
register: acl_rule
- name: verify setup network acl rule
assert:
that:
- acl_rule is successful
- name: test fail missing params
cs_network_acl_rule:
ignore_errors: true
register: acl_rule
- name: verify test fail missing param
assert:
that:
- acl_rule is failed
- "acl_rule.msg.startswith('missing required arguments: ')"
- name: test fail missing params for tcp
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: ingress
action_policy: allow
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
ignore_errors: true
register: acl_rule
- name: verify test fail missing param for tcp
assert:
that:
- acl_rule is failed
- "acl_rule.msg == 'protocol is tcp but the following are missing: start_port, end_port'"
- name: test fail missing params for icmp
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: ingress
action_policy: allow
cidr: 0.0.0.0/0
protocol: icmp
zone: "{{ cs_common_zone_adv }}"
ignore_errors: true
register: acl_rule
- name: verify test fail missing param for icmp
assert:
that:
- acl_rule is failed
- "acl_rule.msg == 'protocol is icmp but the following are missing: icmp_type, icmp_code'"
- name: test fail missing params for by number
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: ingress
action_policy: allow
cidr: 0.0.0.0/0
protocol: by_number
zone: "{{ cs_common_zone_adv }}"
ignore_errors: true
register: acl_rule
- name: verify test fail missing param for by number
assert:
that:
- acl_rule is failed
- "acl_rule.msg == 'protocol is by_number but the following are missing: protocol_number'"
- name: test create network acl rule in check mode
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: ingress
action_policy: allow
port: 80
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
check_mode: true
- name: verify test create network acl rule in check mode
assert:
that:
- acl_rule is successful
- acl_rule is changed
- name: test create network acl rule
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: ingress
action_policy: allow
port: 80
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
- name: verify test create network acl rule
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 80
- acl_rule.end_port == 80
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "ingress"
- acl_rule.rule_position == 1
- name: test create network acl rule idempotence
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: ingress
action_policy: allow
port: 80
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
- name: verify test create network acl idempotence
assert:
that:
- acl_rule is successful
- acl_rule is not changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 80
- acl_rule.end_port == 80
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "ingress"
- acl_rule.rule_position == 1
- name: test change network acl rule in check mode
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: deny
port: 81
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
check_mode: true
- name: verify test change network acl rule in check mode
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 80
- acl_rule.end_port == 80
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "ingress"
- acl_rule.rule_position == 1
- name: test change network acl rule
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: deny
port: 81
protocol: udp
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
- name: verify test change network acl rule
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 81
- acl_rule.end_port == 81
- acl_rule.action_policy == "deny"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "udp"
- acl_rule.rule_position == 1
- name: test change network acl rule idempotence
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: deny
port: 81
protocol: udp
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
- name: verify test change network acl idempotence
assert:
that:
- acl_rule is successful
- acl_rule is not changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 81
- acl_rule.end_port == 81
- acl_rule.action_policy == "deny"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "udp"
- acl_rule.rule_position == 1
- name: test change network acl by protocol number in check mode
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: deny
protocol: by_number
protocol_number: 8
port: 81
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
check_mode: true
- name: verify test change network acl by protocol number in check mode
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 81
- acl_rule.end_port == 81
- acl_rule.action_policy == "deny"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "udp"
- acl_rule.rule_position == 1
- name: test change network acl by protocol number
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: deny
protocol: by_number
protocol_number: 8
port: 81
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
- name: verify test change network acl by protocol number
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 81
- acl_rule.end_port == 81
- acl_rule.action_policy == "deny"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "by_number"
- acl_rule.protocol_number == 8
- acl_rule.rule_position == 1
- name: test change network acl by protocol number idempotence
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: deny
protocol: by_number
protocol_number: 8
port: 81
cidr: 0.0.0.0/0
zone: "{{ cs_common_zone_adv }}"
register: acl_rule
- name: verify test change network acl by protocol number idempotence
assert:
that:
- acl_rule is successful
- acl_rule is not changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 81
- acl_rule.end_port == 81
- acl_rule.action_policy == "deny"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "by_number"
- acl_rule.protocol_number == 8
- acl_rule.rule_position == 1
- name: test create 2nd network acl rule in check mode
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 2
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: allow
cidr: 10.23.12.0/24
zone: "{{ cs_common_zone_adv }}"
protocol: all
register: acl_rule
check_mode: true
- name: verify test create 2nd network acl rule in check mode
assert:
that:
- acl_rule is successful
- acl_rule is changed
- name: test create 2nd network acl rule
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 2
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: allow
cidr: 10.23.12.0/24
zone: "{{ cs_common_zone_adv }}"
protocol: all
register: acl_rule
- name: verify test create 2nd network acl rule
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "10.23.12.0/24"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "all"
- acl_rule.rule_position == 2
- name: test create 2nd network acl rule idempotence
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 2
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: allow
cidr: 10.23.12.0/24
zone: "{{ cs_common_zone_adv }}"
protocol: all
register: acl_rule
- name: verify test create 2nd network acl rule idempotence
assert:
that:
- acl_rule is successful
- acl_rule is not changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "10.23.12.0/24"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "all"
- acl_rule.rule_position == 2
- name: test update 2nd network acl rule to icmp
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 2
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: allow
cidr: 10.23.12.0/24
zone: "{{ cs_common_zone_adv }}"
protocol: icmp
icmp_type: 0
icmp_code: 8
register: acl_rule
- name: verify test create 2nd network acl rule
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "10.23.12.0/24"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "icmp"
- acl_rule.icmp_type == 0
- acl_rule.icmp_code == 8
- acl_rule.rule_position == 2
- name: test update 2nd network acl rule to icmp idempotence
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 2
vpc: "{{ cs_resource_prefix }}_vpc"
traffic_type: egress
action_policy: allow
cidr: 10.23.12.0/24
zone: "{{ cs_common_zone_adv }}"
protocol: icmp
icmp_type: 0
icmp_code: 8
register: acl_rule
- name: verify test create 2nd network acl rule idempotence
assert:
that:
- acl_rule is successful
- acl_rule is not changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "10.23.12.0/24"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "icmp"
- acl_rule.icmp_type == 0
- acl_rule.icmp_code == 8
- acl_rule.rule_position == 2
- name: test absent network acl rule in check mode
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
zone: "{{ cs_common_zone_adv }}"
state: absent
register: acl_rule
check_mode: true
- name: verify test absent network acl rule in check mode
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 81
- acl_rule.end_port == 81
- acl_rule.action_policy == "deny"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "egress"
- acl_rule.rule_position == 1
- name: test absent network acl rule
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
zone: "{{ cs_common_zone_adv }}"
state: absent
register: acl_rule
- name: verify test absent network acl rule
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.start_port == 81
- acl_rule.end_port == 81
- acl_rule.action_policy == "deny"
- acl_rule.cidr == "0.0.0.0/0"
- acl_rule.traffic_type == "egress"
- acl_rule.rule_position == 1
- name: test absent network acl rule idempotence
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 1
vpc: "{{ cs_resource_prefix }}_vpc"
zone: "{{ cs_common_zone_adv }}"
state: absent
register: acl_rule
- name: verify test absent network acl rule idempotence
assert:
that:
- acl_rule is successful
- acl_rule is not changed
- name: test absent 2nd network acl rule
cs_network_acl_rule:
network_acl: "{{ cs_resource_prefix }}_acl"
rule_position: 2
vpc: "{{ cs_resource_prefix }}_vpc"
zone: "{{ cs_common_zone_adv }}"
state: absent
register: acl_rule
- name: verify test absent 2nd network acl rule
assert:
that:
- acl_rule is successful
- acl_rule is changed
- acl_rule.vpc == "{{ cs_resource_prefix }}_vpc"
- acl_rule.network_acl == "{{ cs_resource_prefix }}_acl"
- acl_rule.action_policy == "allow"
- acl_rule.cidr == "10.23.12.0/24"
- acl_rule.traffic_type == "egress"
- acl_rule.protocol == "icmp"
- acl_rule.icmp_type == 0
- acl_rule.icmp_code == 8
- acl_rule.rule_position == 2
Reference in New Issue View Git Blame Copy Permalink