community.windows.win_firewall – Enable or disable the Windows Firewall

Note

This plugin is part of the community.windows collection (version 1.7.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.windows.

To use it in a playbook, specify: community.windows.win_firewall.

Synopsis

  • Enable or Disable Windows Firewall profiles.

Requirements

The below requirements are needed on the host that executes this module.

  • This module requires Windows Management Framework 5 or later.

Parameters

Parameter Choices/Defaults Comments
inbound_action
string
added in 1.1.0 of community.windows
    Choices:
  • allow
  • block
  • not_configured
Set to allow or block inbound network traffic in the profile.
not_configured is valid when configuring a GPO.
outbound_action
string
added in 1.1.0 of community.windows
    Choices:
  • allow
  • block
  • not_configured
Set to allow or block inbound network traffic in the profile.
not_configured is valid when configuring a GPO.
profiles
list / elements=string
    Choices:
  • Domain
  • Private
  • Public
Default:
["Domain", "Private", "Public"]
Specify one or more profiles to change.
state
string
    Choices:
  • disabled
  • enabled
Set state of firewall for given profile.

See Also

See also

community.windows.win_firewall_rule

The official documentation on the community.windows.win_firewall_rule module.

Examples

- name: Enable firewall for Domain, Public and Private profiles
  community.windows.win_firewall:
    state: enabled
    profiles:
    - Domain
    - Private
    - Public
  tags: enable_firewall

- name: Disable Domain firewall
  community.windows.win_firewall:
    state: disabled
    profiles:
    - Domain
  tags: disable_firewall

- name: Enable firewall for Domain profile and block outbound connections
  community.windows.win_firewall:
    profiles: Domain
    state: enabled
    outbound_action: block
  tags: block_connection

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
enabled
boolean
always
Current firewall status for chosen profile (after any potential change).

Sample:
True
profiles
string
always
Chosen profile.

Sample:
Domain
state
list / elements=string
always
Desired state of the given firewall profile(s).

Sample:
enabled


Authors

  • Michael Eaton (@michaeldeaton)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/windows/win_firewall_module.html