I have the following data which is provided as extra vars.
TCP,22,22,10.10.10.10/0
TCP,8080,8080,0.0.0.0/0
So, as:
--extra-vars 'rules="TCP,22,22,10.10.10.10/0nTCP,8080,8080,0.0.0.0/0"'
How can I create multiple rules
block using Jinja based on the above CSV data?
Update: I need to have one static rule and rest using dynamic rule if the variable rules is supplied. If the rules extra vars isn’t supplied then I want only the static rule to be present.
- name: create ec2 security group
# create a security group for the vpc
amazon.aws.ec2_group:
vpc_id: "{{ vpc_id }}"
region: "{{ cloud_region }}"
state: "present"
name: "testing_sg_ansible"
description: "testing_sg_ansible"
tags:
Name: "testing_sg_ansible"
rules:
- proto: tcp # Static rule
from_port: 8085
to_port: 8085
cidr_ip: "10.10.10.0/24"
- proto: TCP # Dynamic rules using extra vars
from_port: 22
to_port: 22
cidr_ip: 10.10.10.10/0
- proto: TCP
from_port: 8080
to_port: 8080
cidr_ip: 0.0.0.0/0
2
Answers
The following worked for me.
purge_rules: no
needs to be set otherwise dynamic rule will be overwritten.One way you could achieve this is by using JMESPath capabilities and a multiselect hash.
A playbook, run with the extra variables, this way:
Would create a
rules
parameter looking like your expected result:As an example, given the task:
Run with:
Would yield: