ec2_group - maintain an ec2 VPC security group.

Synopsis

New in version 1.3.

maintains ec2 security groups. This module has a dependency on python-boto >= 2.5

Options

parameter required default choices comments
description yes
    Description of the security group.
    ec2_access_key no
      EC2 access key
      ec2_secret_key no
        EC2 secret key
        ec2_url no
          Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints)
          name yes
            Name of the security group.
            region no
              the EC2 region to use
              rules yes
                List of firewall rules to enforce in this group (see example).
                state no present
                  create or delete security group (added in Ansible 1.4)
                  validate_certs no yes
                  • yes
                  • no
                  When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0. (added in Ansible 1.5)
                  vpc_id no
                    ID of the VPC to create the group in.

                    Note

                    Requires boto

                    Examples


                    - name: example ec2 group
                      local_action:
                        module: ec2_group
                        name: example
                        description: an example EC2 group
                        vpc_id: 12345
                        region: eu-west-1a
                        ec2_secret_key: SECRET
                        ec2_access_key: ACCESS
                        rules:
                          - proto: tcp
                            from_port: 80
                            to_port: 80
                            cidr_ip: 0.0.0.0/0
                          - proto: tcp
                            from_port: 22
                            to_port: 22
                            cidr_ip: 10.0.0.0/8
                          - proto: udp
                            from_port: 10050
                            to_port: 10050
                            cidr_ip: 10.0.0.0/8
                          - proto: udp
                            from_port: 10051
                            to_port: 10051
                            group_id: sg-12345678
                          - proto: all
                            # the containing group name may be specified here
                            group_name: example
                    

                    Table Of Contents

                    Previous topic

                    ec2_facts - Gathers facts about remote hosts within ec2 (aws)

                    Next topic

                    ec2_key - maintain an ec2 key pair.