0

I though I correctly followed this YAML tutorial (for formatting a YAML file) and this ansible example from official ansible document to create an Azure Network Security Group using following ansible playbook. But when I run the playbook in Azure Cloud Shell, I get the error shown below:

Create_network_security_group.yaml:

---
- hosts: localhost

  tasks:
  - azure_rm_securitygroup:
      resource_group: rg-cs-ansible
      name: nsg-cs-web
      rules:
          - name: 'allow_rdp'
            protocol: TCP
            destination_port_range: 3389
            access: Allow
            priority: 1001
            direction: Inbound
          - name: 'allow_web_traffic'
            protocol: TCP
            destination_port_range:
              - 80
              - 443
            access: Allow
            priority: 1002
            direction: Inbound
          - name: 'allow_powershell_remoting'
            protocol: TCP
            destination_port_range:
              - 5985
              - 5986

Error:

[localhost]: FAILED! => {"changed": false, "msg": "value of protocol must be one of: Udp, Tcp, *, got: TCP found in rules"}

nam
  • 21,967
  • 37
  • 158
  • 332

1 Answers1

0

Based on official and "latest" documentation at this URL. Notice the example, the case of the protocol is "Tcp", not "TCP"

Also, the error message you shared is also suggesting to use Tcp, Udp, * as the possible inputs and it got TCP.

[localhost]: FAILED! => {"changed": false, "msg": "value of protocol must be one of: Udp, Tcp, *, got: TCP found in rules"}
P....
  • 17,421
  • 2
  • 32
  • 52
  • I changed to `Tcp`. But now I'm getting similar error but a different message although I do have `priority` defined as `priority: 1001` and `priority: 1002` respectively: `[localhost]: FAILED! => {"changed": false, "msg": "missing required arguments: priority found in rules"}` – nam Oct 29 '20 at 19:47
  • for 3rd rule its not there, is it expected ? I am not expect, so asking – P.... Oct 29 '20 at 20:46
  • 3rd rule `allow_powershell_remotin` is not having priority defined – P.... Oct 29 '20 at 20:48
  • No it's not expected. Also, I have posted a separate post [here](https://stackoverflow.com/q/64598994/1232087) since I thought you answered the issue posted above. – nam Oct 29 '20 at 20:49
  • I think it is needed and mandatory , see https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_securitygroup_module.html#parameter-rules/priority – P.... Oct 29 '20 at 20:52
  • I see. Let me try the priority in third rule, as well. – nam Oct 29 '20 at 20:53