1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/test/integration/roles/azure_rm_securitygroup/tasks/main.yml

173 lines
4 KiB
YAML
Raw Normal View History

- name: Create resource group
azure_rm_resourcegroup:
name: "{{ resource_group }}"
location: "{{ location }}"
- name: Create security group
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: mysecgroup
tags:
testing: testing
delete: on-exit
foo: bar
purge_rules: yes
rules:
- name: DenySSH
protocol: Tcp
destination_port_range: 22
access: Deny
priority: 100
direction: Inbound
- name: 'AllowSSH'
protocol: Tcp
source_address_prefix: '174.109.158.0/24'
destination_port_range: 22
access: Allow
priority: 101
direction: Inbound
register: output
- debug: var=output
when: playbook_debug
- assert: { that: "{{ output.state.rules | length }} == 2" }
- name: Gather facts by tags
azure_rm_securitygroup_facts:
resource_group: "{{ resource_group }}"
tags:
- testing
- foo:bar
register: output
- debug: var=output
when: playbook_debug
- assert:
that: azure_securitygroups | length == 1
- name: Add/Update rules on existing security group
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: mysecgroup
rules:
- name: DenySSH
protocol: Tcp
destination_port_range: 22-23
access: Deny
priority: 100
- name: AllowSSHFromHome
protocol: Tcp
source_address_prefix: '174.109.158.0/24'
destination_port_range: 22-23
priority: 102
register: output
- debug: var=output
when: playbook_debug
- assert: { that: "{{ output.state.rules | length }} == 3" }
- name: Test idempotence
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: mysecgroup
rules:
- name: DenySSH
protocol: Tcp
destination_port_range: 22-23
access: Deny
priority: 100
- name: AllowSSHFromHome
protocol: Tcp
source_address_prefix: '174.109.158.0/24'
destination_port_range: 22-23
priority: 102
register: output
- debug: var=output
when: playbook_debug
- assert:
that: not output.changed
- name: Update tags
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: mysecgroup
tags:
testing: testing
delete: never
baz: bar
register: output
- debug: var=output
when: playbook_debug
- assert:
that:
- output.state.tags | length == 3
- output.state.tags.delete == 'never'
- name: Purge tags
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: mysecgroup
tags:
testing: testing
delete: on-exit
register: output
- debug: var=output
when: playbook_debug
- assert:
that:
- output.state.tags | length == 2
- output.state.tags.delete == 'on-exit'
- name: Gather facts for one accounts
azure_rm_securitygroup_facts:
resource_group: "{{ resource_group }}"
name: mysecgroup
register: output
- debug: var=output
when: playbook_debug
- assert:
that:
- azure_securitygroups | length == 1
- name: Gather facts for all accounts
azure_rm_securitygroup_facts:
resource_group: "{{ resource_group }}"
register: output
- debug: var=output
when: playbook_debug
- assert:
that:
- azure_securitygroups | length > 0
- name: Delete all security groups
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: "{{ item.name }}"
state: absent
with_items: "{{ azure_securitygroups }}"
- name: Should have no security groups remaining
azure_rm_securitygroup_facts:
resource_group: "{{ resource_group }}"
register: output
- debug: var=output
when: playbook_debug
- assert:
that:
- azure_securitygroups | length == 0