jesperberth.az_securitygroup

概述 版本 洞察

Az_securitygroup

在微软Azure中创建资源组

要求

需要Azure SDK

通过以下命令安装: pip install 'ansible[azure]'

角色变量

角色使用以下变量:

resourcegroup = 要创建的资源组名称
location = 要创建资源组的Azure位置
tag_owner = 创建标签所有者及其值
tag_project = 创建标签项目及其值
networksecuritygroup_name = 安全组名称
rulename = 规则名称
ruleprotocol = 协议类型 Any/Tcp/Udp/Icmp
rulesourceaddress = 源IP地址,例如 0.0.0.0/0
ruledestinationportrange = 目标端口,例如 443(用于HTTPS)
ruleaccess = 允许/拒绝
rulepriority = 规则优先级
ruledirection = 入站/出站

依赖关系

示例剧本


- hosts: localhost
  name: 创建Azure安全组
  vars:
    resourcegroup_name: resourcegroupname
    location: northeurope
    tag_owner: jesper
    tag_project: demoproject
  tasks:
    - name: Azure安全组
      include_role:
        name: jesperberth.az_securitygroup
      vars:
        resourcegroup: "{{ resourcegroup_name }}"
        networksecuritygroup_name: SG_Network
        rulename: "允许HTTPS"
        ruleprotocol: "Tcp"
        rulesourceaddress: 0.0.0.0/0
        ruledestinationportrange: "443"
        ruleaccess: "允许"
        rulepriority: "101"
        ruledirection: "入站"

包含多个规则的循环


- hosts: localhost
  name: 创建Azure安全组
  vars:
    resourcegroup_name: resourcegroupname
    location: northeurope
    tag_owner: jesper
    tag_project: demoproject
  tasks:
    - name: Azure安全组
      include_role:
        name: jesperberth.az_securitygroup
      vars:
        resourcegroup: "{{ resourcegroup_name }}"
        networksecuritygroup_name: "{{ item.networksecuritygroup_name }}"
        rulename: "{{ item.rulename }}"
        ruleprotocol: "{{ item.ruleprotocol }}"
        rulesourceaddress: "{{ item.rulesourceaddress }}"
        ruledestinationportrange: "{{ item.ruledestinationportrange }}"
        ruleaccess: "{{ item.ruleaccess }}"
        rulepriority: "{{ item.rulepriority }}"
        ruledirection: "{{ item.ruledirection }}"
      loop:
        - { networksecuritygroup_name: 'SG_Network', rulename: '允许HTTP',  ruleprotocol: 'Tcp', rulesourceaddress: '0.0.0.0/0', ruledestinationportrange: '80', ruleaccess: '允许', rulepriority: '102', ruledirection: '入站' }
        - { networksecuritygroup_name: 'SG_Network', rulename: '允许HTTPS',  ruleprotocol: 'Tcp', rulesourceaddress: '0.0.0.0/0', ruledestinationportrange: '443', ruleaccess: '允许', rulepriority: '103', ruledirection: '入站' }

许可证

BSD

作者信息

Jesper Berth

关于项目

Create Network Security Group In Azure

role
安装
ansible-galaxy install jesperberth.az_securitygroup
GitHub 仓库
2 星标
0 分叉
0 未解决问题
许可证
Unknown
下载
183
拥有者