--- - name: Allow MySQL traffic ufw: rule={{ item.rule }} port={{ item.port }} proto={{ item.proto }} with_items: - { rule: 'allow', port: '3306', proto: 'tcp' } notify: - restart ufw become: yes