forked from pemcg/ansible_playbooks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_firewall_group_sIT.yml
109 lines (93 loc) · 3.09 KB
/
create_firewall_group_sIT.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
---
- name: Create Firewall Group
hosts: localhost
vars:
- firewall_group_dro_name: "{{ 'Firewall Group'|urlencode }}"
tasks:
- name: Change the service name
uri:
url: "{{ manageiq.api_url }}/api/{{ manageiq.service }}"
method: POST
validate_certs: no
headers:
X-Auth-Token: "{{ manageiq.api_token }}"
body_format: json
body:
action: edit
resource:
name: "{{ firewall_group_name }}"
description: "Firewall Group {{ firewall_group_name }}"
register: output
- name: Find the "Firewall Group" DRO definition
uri:
url: "{{ manageiq.api_url }}/api/generic_object_definitions?expand=resources&filter[]=name='{{ firewall_group_dro_name }}'"
method: GET
validate_certs: no
headers:
X-Auth-Token: "{{ manageiq.api_token }}"
body_format: json
register: group_dro_definition
- set_fact:
group_dro_definition_href: "{{ group_dro_definition.json.resources[0].href }}"
#- debug: var=group_dro_definition_href
- name: Lookup the requesting user
uri:
url: "{{ manageiq.api_url }}/api/{{ manageiq.user }}"
method: GET
validate_certs: no
headers:
X-Auth-Token: "{{ manageiq.api_token }}"
body_format: json
register: requester
- set_fact:
requester_name: "{{ requester.json.name | default('') }}"
requester_email: "{{ requester.json.email | default('') }}"
- name: Lookup the user's group
uri:
url: "{{ manageiq.api_url }}/api/groups/{{ requester.json.current_group_id }}"
method: GET
validate_certs: no
headers:
X-Auth-Token: "{{ manageiq.api_token }}"
body_format: json
register: requester_group
- set_fact:
group_description: "{{ requester_group.json.description | default('') }}"
- name: Create the "Firewall Group" DRO entry
uri:
url: "{{ manageiq.api_url }}/api/generic_objects"
method: POST
validate_certs: no
headers:
X-Auth-Token: "{{ manageiq.api_token }}"
body_format: json
body:
action: create
name: "{{ firewall_group_name }}"
generic_object_definition:
href: "{{ group_dro_definition_href }}"
property_attributes:
requester_department: "{{ group_description }}"
requester: "{{ requester_name }}"
requester_email: "{{ requester_email }}"
service_id: "{{ manageiq.service.split('/')[1] }}"
fw_group_provisioning_change_number: 123
register: group_dro
- set_fact:
group_dro_href: "{{ group_dro.json.results[0].href }}"
#- debug: var=group_dro_href
- name: Register firewall group with the service
uri:
url: "{{ manageiq.api_url }}/api/{{ manageiq.service }}"
method: POST
validate_certs: no
headers:
X-Auth-Token: "{{ manageiq.api_token }}"
body_format: json
body:
action: add_resource
resource:
resource:
href: "{{ group_dro_href }}"
register: output
#- debug: var=output.json