2016-12-23 11:43:39 +00:00
|
|
|
heat_template_version: ocata
|
2016-08-15 15:24:06 -04:00
|
|
|
|
|
|
|
description: >
|
|
|
|
TripleO Firewall settings
|
|
|
|
|
|
|
|
parameters:
|
2016-08-11 23:07:46 +02:00
|
|
|
ServiceNetMap:
|
|
|
|
default: {}
|
|
|
|
description: Mapping of service_name -> network name. Typically set
|
|
|
|
via parameter_defaults in the resource registry. This
|
|
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
|
|
type: json
|
2016-08-17 09:26:05 -04:00
|
|
|
DefaultPasswords:
|
|
|
|
default: {}
|
|
|
|
type: json
|
2016-08-15 15:24:06 -04:00
|
|
|
EndpointMap:
|
|
|
|
default: {}
|
|
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
|
|
via parameter_defaults in the resource registry.
|
|
|
|
type: json
|
2016-08-26 13:48:39 -04:00
|
|
|
ManageFirewall:
|
2016-10-04 09:59:56 -04:00
|
|
|
default: true
|
2016-08-26 13:48:39 -04:00
|
|
|
description: Whether to manage IPtables rules.
|
|
|
|
type: boolean
|
|
|
|
PurgeFirewallRules:
|
|
|
|
default: false
|
|
|
|
description: Whether IPtables rules should be purged before setting up the new ones.
|
|
|
|
type: boolean
|
2016-08-15 15:24:06 -04:00
|
|
|
|
|
|
|
outputs:
|
|
|
|
role_data:
|
|
|
|
description: Role data for the TripleO firewall settings
|
|
|
|
value:
|
|
|
|
service_name: tripleo_firewall
|
2016-08-26 13:48:39 -04:00
|
|
|
config_settings:
|
|
|
|
tripleo::firewall::manage_firewall: {get_param: ManageFirewall}
|
|
|
|
tripleo::firewall::purge_firewall_rules: {get_param: PurgeFirewallRules}
|
2016-08-15 15:24:06 -04:00
|
|
|
step_config: |
|
|
|
|
include ::tripleo::firewall
|