As mentioned in the ufw module docs , the name (or app) parameter uses the applications registered in /etc/ufw/applications.d that have the INI format and see something like this:
[CUPS] title=Common UNIX Printing System server description=CUPS is a printing system with support for IPP, samba, lpd, and other protocols. ports=631
You can usually use ufw allow application-profile so that an application defined either in /etc/ufw/applications.d or /etc/services opens iptables for things that are not necessarily defined in /etc/ufw/applications.d .
Unfortunately, Ansible ufw module instead builds the ufw command in this format:
/usr/sbin/ufw allow from any to any app 'application-profile'
which uses only the /etc/ufw/applications.d list and will not read /etc/services .
In your case, you can simply specify the ports as they are well known, potentially using a named variable to further explain your Ansible code:
- name: Allow webservery things ufw: rule: allow port: '{{ item }}' with_items: - '{{ http_port }}' - '{{ https_port }}' - '{{ ssh_port }}' tags: - security
And then define the variables somewhere (e.g. your default values):
http_port: 80 https_port: 443 ssh_port: 22
As an aside, you may notice that I have simplified your list of dictionaries with one key into a simpler direct list, which simplifies your task a bit.
Alternatively, you can easily create application templates using the Ansible template.