Closed S-D55 closed 1 year ago
The design right now treats the list as the desired end-state. Currently you can use the bigip_firewall_rule module to add a rule to the end of a current policy by default.
- name: Add a new policy rule to the end of policy
bigip_firewall_rule:
name: foo-rule
parent_policy: foo
delegate_to: localhost
Are you looking at specifically these 4 combinations that are possibly with Policy?
place-after last
place-after first
place-before last
place-before first
Thank you for replying.
kind of,
place-after [first | last | [rule name]] place-before [first | last | [rule name]]
In my case I am trying to add the rule before a specific deny rule.
Do you have an expectation of how this would work idempotently (not adding the rule every time the playbooks is run)?
Closing this now. Reopen if you still face the issue. Thanks!
ISSUE TYPE
in a policy with 100 + rules it's not possible to use the bigip_firewall_policy to re-add all the rules.
COMPONENT NAME
bigip_firewall_rule
ANSIBLE VERSION
PYTHON VERSION
BIGIP VERSION
CONFIGURATION
OS / ENVIRONMENT
SUMMARY
I am trying to basically to add new firewall rule in a specific order.
STEPS TO REPRODUCE
EXPECTED RESULTS
I wanted to add the new rule below the testMike
ACTUAL RESULTS
instead it deleted all my other rules and left me with just those two rules in the policy. I had about 20 other rules before I ran the playbook.