ansible-collections/google.cloud
1
0
Fork 0
mirror of https://github.com/ansible-collections/google.cloud.git synced 2025-08-05 21:54:28 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge branch 'master' into master

Browse source
This commit is contained in:
Samir F 2025-07-29 11:05:57 -04:00 committed by GitHub
commit 03480489ee
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
255 changed files with 3886 additions and 661 deletions
Download patch file Download diff file Expand all files Collapse all files

75
plugins/inventory/gcp_compute.py
View file

@ -7,7 +7,6 @@ __metaclass__ = type
DOCUMENTATION = """
name: gcp_compute
plugin_type: inventory
short_description: Google Cloud Compute Engine inventory source
requirements:
- requests >= 2.18.4
@ -24,17 +23,20 @@ DOCUMENTATION = """
required: True
choices: ['google.cloud.gcp_compute', 'gcp_compute']
zones:
description: A list of regions in which to describe GCE instances.
description: A list of zones in which to describe GCE instances.
If none provided, it defaults to all zones available to a given project.
type: list
elements: string
folders:
description: A folder that contains many projects
type: list
required: False
elements: string
projects:
description: A list of projects in which to describe GCE instances.
type: list
required: False
elements: string
filters:
description: >
A list of filter value pairs. Available filters are listed here
@ -42,12 +44,14 @@ DOCUMENTATION = """
Each additional filter in the list will be added as an AND condition
(filter1 and filter2)
type: list
elements: string
hostnames:
description: A list of options that describe the ordering for which
hostnames should be assigned. Currently supported hostnames are
'public_ip', 'private_ip', 'name' or 'labels.vm_name'.
'public_ip', 'private_ip', 'name', 'hostname' or 'labels.vm_name'.
default: ['public_ip', 'private_ip', 'name']
type: list
elements: string
name_suffix:
description: Custom domain suffix. If set, this string will be appended to all hosts.
default: ""
@ -63,6 +67,7 @@ DOCUMENTATION = """
scopes:
description: list of authentication scopes
type: list
elements: string
default: ['https://www.googleapis.com/auth/compute']
env:
- name: GCP_SCOPES
@ -116,7 +121,7 @@ DOCUMENTATION = """
EXAMPLES = """
plugin: google.cloud.gcp_compute
zones: # populate inventory with instances in these regions
zones: # populate inventory with instances in these zones
- us-east1-a
projects:
- gcp-prod-gke-100
@ -243,6 +248,8 @@ class GcpInstance(object):
name = self._get_publicip()
elif order == "private_ip":
name = self._get_privateip()
elif order == "hostname":
name = self.json.get("hostname", self.json["name"] + self.name_suffix)
elif order == "name":
name = self.json["name"] + self.name_suffix
else:
@ -482,38 +489,38 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
session_responses.append(response_json)
page_token = "pageToken" in request_params
for response in session_responses:
if "items" in response:
# example k would be a zone or region name
# example v would be { "disks" : [], "otherkey" : "..." }
for zone_or_region, aggregate in response["items"].items():
if "zones" in zone_or_region:
if "disks" in aggregate:
zone = zone_or_region.replace("zones/", "")
for disk in aggregate["disks"]:
if (
"zones" in config_data
and zone in config_data["zones"]
):
# If zones specified, only store those zones' data
if "sourceImage" in disk:
self._project_disks[
disk["selfLink"]
] = disk["sourceImage"].split("/")[-1]
else:
self._project_disks[
disk["selfLink"]
] = disk["selfLink"].split("/")[-1]
for response in session_responses:
if "items" in response:
# example k would be a zone or region name
# example v would be { "disks" : [], "otherkey" : "..." }
for zone_or_region, aggregate in response["items"].items():
if "zones" in zone_or_region:
if "disks" in aggregate:
zone = zone_or_region.replace("zones/", "")
for disk in aggregate["disks"]:
if (
"zones" in config_data
and zone in config_data["zones"]
):
# If zones specified, only store those zones' data
if "sourceImage" in disk:
self._project_disks[
disk["selfLink"]
] = disk["sourceImage"].split("/")[-1]
else:
self._project_disks[
disk["selfLink"]
] = disk["selfLink"].split("/")[-1]
else:
if "sourceImage" in disk:
self._project_disks[
disk["selfLink"]
] = disk["sourceImage"].split("/")[-1]
else:
self._project_disks[
disk["selfLink"]
] = disk["selfLink"].split("/")[-1]
if "sourceImage" in disk:
self._project_disks[
disk["selfLink"]
] = disk["sourceImage"].split("/")[-1]
else:
self._project_disks[
disk["selfLink"]
] = disk["selfLink"].split("/")[-1]
return self._project_disks

315
plugins/lookup/gcp_parameter_manager.py Normal file
View file

@ -0,0 +1,315 @@
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = '''
name: gcp_parameter_manager
author: Google Inc. (@googlecloudplatform)
short_description: Get Parameters from Google Cloud as a Lookup plugin
description:
- retrieve parameter keys in parameter Manager for use in playbooks
- see https://cloud.google.com/iam/docs/service-account-creds for details on creating
credentials for Google Cloud and the format of such credentials
- once a parameter value is retreived, it is returned decoded. It is up to the developer
to maintain secrecy of this value once returned.
- if location option is defined, then it deals with the regional parameters of the
location
options:
key:
description:
- the name of the parameter to look up in parameter Manager
type: str
required: True
aliases:
- name
- parameter
- parameter_id
project:
description:
- The name of the google cloud project
- defaults to OS env variable GCP_PROJECT if not present
type: str
location:
description:
- If provided, it defines the location of the regional parameter.
type: str
render_secret:
description:
- support for rendering secrets
- defaults to false if not present
type: bool
auth_kind:
description:
- the type of authentication to use with Google Cloud (i.e. serviceaccount or machineaccount)
- defaults to OS env variable GCP_AUTH_KIND if not present
type: str
version:
description:
- the version name of your parameter to retrieve
type: str
required: False
service_account_email:
description:
- email associated with the service account
- defaults to OS env variable GCP_SERVICE_ACCOUNT_EMAIL if not present
type: str
required: False
service_account_file:
description:
- JSON Credential file obtained from Google Cloud
- defaults to OS env variable GCP_SERVICE_ACCOUNT_FILE if not present
- see https://cloud.google.com/iam/docs/service-account-creds for details
type: str
required: False
service_account_info:
description:
- JSON Object representing the contents of a service_account_file obtained from Google Cloud
- defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present
type: dict
required: False
access_token:
description:
- support for GCP Access Token
- defaults to OS env variable GCP_ACCESS_TOKEN if not present
type: str
required: False
on_error:
description:
- how to handle errors
- strict means raise an exception
- warn means warn, and return none
- ignore means just return none
type: str
required: False
choices:
- 'strict'
- 'warn'
- 'ignore'
default: 'strict'
scopes:
description:
- Authenticaiton scopes for Google parameter Manager
type: list
elements: str
default: ["https://www.googleapis.com/auth/cloud-platform"]
'''
EXAMPLES = '''
- name: Test parameter using env variables for credentials
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version') }}"
- name: Test parameter using explicit credentials
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test_version', project='project', auth_kind='serviceaccount',
service_account_file='file.json') }}"
- name: Test getting specific version of a parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test-version') }}"
- name: Test getting latest version of a parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key') }}"
- name: Test render specific version of a parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', version='test-version', render_secret=True) }}"
- name: Test render latest version of a parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', render_secret=True) }}"
- name: Test regional parameter using env variables for credentials
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version') }}"
- name: Test regional parameter using explicit credentials
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', project='project',
auth_kind='serviceaccount', service_account_file='file.json') }}"
- name: Test getting specific version of a regional parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version') }}"
- name: Test getting latest version of a regional parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1') }}"
- name: Test render specific version of a regional parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', version='test_version', render_secret=True) }}"
- name: Test render latest version of a regional parameter
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_parameter_manager', key='parameter_key', location='us-central1', render_secret=True) }}"
'''
RETURN = '''
_raw:
description: the contents of the parameter requested (please use "no_log" to not expose this parameter)
type: list
elements: str
'''
################################################################################
# Imports
################################################################################
import os
import base64
from ansible.plugins.lookup import LookupBase
from ansible.errors import AnsibleError
from ansible.utils.display import Display
try:
import requests
HAS_REQUESTS = True
except ImportError:
HAS_REQUESTS = False
try:
from ansible_collections.google.cloud.plugins.module_utils.gcp_utils import (
GcpSession,
)
HAS_GOOGLE_CLOUD_COLLECTION = True
except ImportError:
HAS_GOOGLE_CLOUD_COLLECTION = False
class GcpLookupException(Exception):
pass
class GcpMockModule(object):
def __init__(self, params):
self.params = params
def fail_json(self, *args, **kwargs):
raise AnsibleError(kwargs["msg"])
def raise_for_status(self, response):
try:
response.raise_for_status()
except getattr(requests.exceptions, "RequestException"):
self.fail_json(msg="GCP returned error: %s" % response.json())
class LookupModule(LookupBase):
def run(self, terms=None, variables=None, **kwargs):
self._display = Display()
if not HAS_GOOGLE_CLOUD_COLLECTION:
raise AnsibleError(
"""gcp_parameter lookup needs a supported version of the google.cloud
collection installed. Use `ansible-galaxy collection install google.cloud`
to install it"""
)
self.set_options(var_options=variables, direct=kwargs)
params = {
"key": self.get_option("key"),
"location": self.get_option("location"),
"version": self.get_option("version"),
"access_token": self.get_option("access_token"),
"scopes": self.get_option("scopes"),
"render_secret": self.get_option("render_secret"),
"on_error": self.get_option("on_error")
}
params['name'] = params['key']
# support GCP_* env variables for some parameters
for param in ["project", "auth_kind", "service_account_file", "service_account_info", "service_account_email", "access_token"]:
params[param] = self.fallback_from_env(param)
self._display.vvv(msg=f"Module Parameters: {params}")
fake_module = GcpMockModule(params)
result = self.get_parameter(fake_module)
return [base64.b64decode(result)]
def fallback_from_env(self, arg):
if self.get_option(arg):
return self.get_option(arg)
else:
env_name = f"GCP_{arg.upper()}"
if env_name in os.environ:
self.set_option(arg, os.environ[env_name])
return self.get_option(arg)
def raise_error(self, module, msg):
if module.params.get('on_error') == 'strict':
raise GcpLookupException(msg)
elif module.params.get('on_error') == 'warn':
self._display.warning(msg)
return None
def get_latest_version(self, module, auth):
url = (self.make_url_prefix(module) + "parameters/{name}/versions?orderBy=create_time desc&filter=disabled=false").format(
**module.params
)
response = auth.get(url)
self._display.vvv(msg=f"List Version Response: {response.status_code} for {response.request.url}: {response.json()}")
if response.status_code != 200:
self.raise_error(module, f"unable to list versions of parameter {response.status_code}")
version_list = response.json()
if "parameterVersions" in version_list and len(version_list["parameterVersions"]) > 0:
# Extract name from the first index
version_name = version_list["parameterVersions"][0]["name"]
return version_name.split('/')[-1]
else:
self.raise_error(module, f"unable to list parameter versions via {response.request.url}: {response.json()}")
def get_parameter(self, module):
auth = GcpSession(module, "parametermanager")
if module.params.get('project') is None:
self.raise_error(module, "The project is required. Please specify the Google Cloud project to use.")
if module.params.get('version') == 'latest' or module.params.get('version') is None:
module.params['version'] = self.get_latest_version(module, auth)
if module.params.get('render_secret') is None:
module.params['render_secret'] = False
# there was an error listing parameter versions
if module.params.get('version') is None:
return ''
if module.params.get('render_secret') is not None:
url = (self.make_url_prefix(module) + "parameters/{name}/versions/{version}:render").format(
**module.params
)
else:
url = (self.make_url_prefix(module) + "parameters/{name}/versions/{version}").format(
**module.params
)
response = auth.get(url)
self._display.vvv(msg=f"Response: {response.status_code} for {response.request.url}: {response.json()}")
if response.status_code != 200:
self.raise_error(module, f"Failed to lookup parameter value via {response.request.url} {response.status_code}")
return ''
response_json = response.json()
if module.params.get('render_secret') is not None:
if 'renderedPayload' not in response_json:
self.raise_error(module, "The parameter version is disabled or the response does not contain the 'renderedPayload' field.")
return ''
return response_json['renderedPayload']
else:
if 'payload' not in response_json or 'data' not in response_json['payload']:
self.raise_error(module, "The parameter version is disabled or the response does not contain the 'data' field.")
return ''
return response_json['payload']['data']
def make_url_prefix(self, module):
if module.params.get('location') and module.params.get('location') != 'global':
return "https://parametermanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/"
return "https://parametermanager.googleapis.com/v1/projects/{project}/locations/global/"

58
plugins/lookup/gcp_secret_manager.py
View file

@ -5,8 +5,7 @@ from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = '''
author:
- Dave Costakos <dcostako@redhat.com>
author: Google Inc. (@googlecloudplatform)
name: gcp_secret_manager
short_description: Get Secrets from Google Cloud as a Lookup plugin
description:
@ -15,6 +14,8 @@ DOCUMENTATION = '''
credentials for Google Cloud and the format of such credentials
- once a secret value is retreived, it is returned decoded. It is up to the developer
to maintain secrecy of this value once returned.
- if location option is defined, then it deals with the regional secrets of the
location
options:
key:
@ -31,6 +32,10 @@ DOCUMENTATION = '''
- The name of the google cloud project
- defaults to OS env variable GCP_PROJECT if not present
type: str
location:
description:
- If provided, it defines the location of the regional secret.
type: str
auth_kind:
description:
- the type of authentication to use with Google Cloud (i.e. serviceaccount or machineaccount)
@ -59,7 +64,7 @@ DOCUMENTATION = '''
description:
- JSON Object representing the contents of a service_account_file obtained from Google Cloud
- defaults to OS env variable GCP_SERVICE_ACCOUNT_INFO if not present
type: jsonarg
type: str
required: False
access_token:
description:
@ -84,6 +89,7 @@ DOCUMENTATION = '''
description:
- Authenticaiton scopes for Google Secret Manager
type: list
elements: str
default: ["https://www.googleapis.com/auth/cloud-platform"]
'''
@ -103,6 +109,23 @@ EXAMPLES = '''
- name: Test getting specific version of a secret (new version)
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', version='2') }}"
- name: Test regional secret using env variables for credentials
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1') }}"
- name: Test regional secret using explicit credentials
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', project='project', auth_kind='serviceaccount',
service_account_file='file.json') }}"
- name: Test getting specific version of a regional secret (old version)
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', version='1') }}"
- name: Test getting specific version of a regional secret (new version)
ansible.builtin.debug:
msg: "{{ lookup('google.cloud.gcp_secret_manager', key='secret_key', location='us-central1', version='2') }}"
'''
RETURN = '''
@ -168,6 +191,7 @@ class LookupModule(LookupBase):
self.set_options(var_options=variables, direct=kwargs)
params = {
"key": self.get_option("key"),
"location": self.get_option("location"),
"version": self.get_option("version"),
"access_token": self.get_option("access_token"),
"scopes": self.get_option("scopes"),
@ -199,13 +223,28 @@ class LookupModule(LookupBase):
# to be set if secret versions get disabled
# see https://issuetracker.google.com/issues/286489671
def get_latest_version(self, module, auth):
url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions?filter=state:ENABLED".format(
url = (self.make_url_prefix(module) + "secrets/{name}/versions?filter=state:ENABLED").format(
**module.params
)
response = auth.get(url)
self._display.vvv(msg=f"List Version Response: {response.status_code} for {response.request.url}: {response.json()}")
if response.status_code != 200:
self.raise_error(module, f"unable to list versions of secret {response.status_code}")
if response.status_code >= 500: # generic server error
self.raise_error(
module,
f"server error encountered while looking for secret '{module.params['name']}', code: {response.status_code}"
)
elif response.status_code >= 400: # generic client request error
self.raise_error(
module,
f"client error encountered while looking for secret '{module.params['name']}', code: {response.status_code}"
)
elif response.status_code >= 300: # all other possible errors
self.raise_error(
module,
f"unable to list versions for secret '{module.params['name']}', code: {response.status_code}"
)
else:
pass
version_list = response.json()
if "versions" in version_list:
versions_numbers = []
@ -234,7 +273,7 @@ class LookupModule(LookupBase):
if module.params['calc_version'] is None:
return ''
url = "https://secretmanager.googleapis.com/v1/projects/{project}/secrets/{name}/versions/{calc_version}:access".format(
url = (self.make_url_prefix(module) + "secrets/{name}/versions/{calc_version}:access").format(
**module.params
)
response = auth.get(url)
@ -244,3 +283,8 @@ class LookupModule(LookupBase):
return ''
return response.json()['payload']['data']
def make_url_prefix(self, module):
if module.params['location']:
return "https://secretmanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/"
return "https://secretmanager.googleapis.com/v1/projects/{project}/"

2
plugins/modules/gcp_appengine_firewall_rule_info.py
View file

@ -150,7 +150,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_bigquery_dataset_info.py
View file

@ -311,7 +311,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/bigquery']

3
plugins/modules/gcp_bigquery_table.py
View file

@ -253,6 +253,7 @@ options:
data .
required: false
type: int
default: 0
source_format:
description:
- The data format.
@ -328,6 +329,7 @@ options:
when reading the data.
required: false
type: int
default: 0
csv_options:
description:
- Additional properties to set if sourceFormat is set to CSV.
@ -368,6 +370,7 @@ options:
when reading the data.
required: false
type: int
default: 0
bigtable_options:
description:
- Additional options if sourceFormat is set to BIGTABLE.

2
plugins/modules/gcp_bigquery_table_info.py
View file

@ -590,7 +590,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(dataset=dict(type='str')))
module = GcpModule(argument_spec=dict(dataset=dict(type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/bigquery']

2
plugins/modules/gcp_bigtable_instance_info.py
View file

@ -188,7 +188,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

12
plugins/modules/gcp_cloudbuild_trigger.py
View file

@ -1536,7 +1536,7 @@ def main():
),
),
pubsub_config=dict(type='dict', options=dict(topic=dict(required=True, type='str'), service_account_email=dict(type='str'))),
webhook_config=dict(type='dict', options=dict(secret=dict(required=True, type='str'))),
webhook_config=dict(type='dict', options=dict(secret=dict(required=True, type='str', no_log=True))),
build=dict(
type='dict',
options=dict(
@ -1568,7 +1568,11 @@ def main():
queue_ttl=dict(type='str'),
logs_bucket=dict(type='str'),
timeout=dict(default='600s', type='str'),
secrets=dict(type='list', elements='dict', options=dict(kms_key_name=dict(required=True, type='str'), secret_env=dict(type='dict'))),
secrets=dict(
type='list',
elements='dict',
no_log=True,
options=dict(kms_key_name=dict(required=True, type='str'), secret_env=dict(type='dict', no_log=True))),
steps=dict(
required=True,
type='list',
@ -1580,7 +1584,7 @@ def main():
id=dict(type='str'),
entrypoint=dict(type='str'),
dir=dict(type='str'),
secret_env=dict(type='list', elements='str'),
secret_env=dict(type='list', elements='str', no_log=True),
timeout=dict(type='str'),
timing=dict(type='str'),
volumes=dict(
@ -1609,7 +1613,7 @@ def main():
worker_pool=dict(type='str'),
logging=dict(type='str'),
env=dict(type='list', elements='str'),
secret_env=dict(type='list', elements='str'),
secret_env=dict(type='list', elements='str', no_log=True),
volumes=dict(type='list', elements='dict', options=dict(name=dict(type='str'), path=dict(type='str'))),
),
),

2
plugins/modules/gcp_cloudbuild_trigger_info.py
View file

@ -814,7 +814,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_cloudfunctions_cloud_function_info.py
View file

@ -273,7 +273,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

4
plugins/modules/gcp_cloudscheduler_job.py
View file

@ -681,8 +681,8 @@ def main():
http_method=dict(type='str'),
body=dict(type='str'),
headers=dict(type='dict'),
oauth_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), scope=dict(type='str'))),
oidc_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))),
oauth_token=dict(type='dict', no_log=True, options=dict(service_account_email=dict(required=True, type='str'), scope=dict(type='str'))),
oidc_token=dict(type='dict', no_log=True, options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))),
),
),
region=dict(required=True, type='str'),

2
plugins/modules/gcp_cloudscheduler_job_info.py
View file

@ -379,7 +379,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_cloudtasks_queue_info.py
View file

@ -279,7 +279,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_compute_address_info.py
View file

@ -235,7 +235,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_autoscaler_info.py
View file

@ -320,7 +320,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_backend_bucket_info.py
View file

@ -252,7 +252,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

13
plugins/modules/gcp_compute_backend_service.py
View file

@ -88,7 +88,7 @@ options:
completely drained, offering 0% of its available Capacity. Valid range is
[0.0,1.0].
required: false
default: '1.0'
default: '1'
type: str
description:
description:
@ -422,6 +422,11 @@ options:
elements: str
required: false
type: list
fingerprint:
description:
- Fingerprint of this resource. A hash of the contents stored in this object. This
field is used in optimistic locking.
type: str
description:
description:
- An optional description of this resource.
@ -478,7 +483,7 @@ options:
- The load balancing algorithm used within the scope of the locality.
- The possible values are - * ROUND_ROBIN - This is a simple policy in which each
healthy backend is selected in round robin order.
- "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts
- "* LEAST_REQUEST - An algorithm which selects two random healthy hosts
and picks the host which has fewer active requests."
- "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing
to backends. The algorithm has the property that the addition/removal of a host
@ -566,6 +571,7 @@ options:
be used to disable ejection or to ramp it up slowly. Defaults to 0.
required: false
type: int
default: 0
enforcing_success_rate:
description:
- The percentage chance that a host will be actually ejected when an outlier
@ -1210,7 +1216,7 @@ localityLbPolicy:
- The load balancing algorithm used within the scope of the locality.
- The possible values are - * ROUND_ROBIN - This is a simple policy in which each
healthy backend is selected in round robin order.
- "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and
- "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and
picks the host which has fewer active requests."
- "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing
to backends. The algorithm has the property that the addition/removal of a host
@ -1490,6 +1496,7 @@ def main():
options=dict(
cache_key_policy=dict(
type="dict",
no_log=False,
options=dict(
include_host=dict(type="bool"),
include_protocol=dict(type="bool"),

4
plugins/modules/gcp_compute_backend_service_info.py
View file

@ -549,7 +549,7 @@ resources:
- The load balancing algorithm used within the scope of the locality.
- The possible values are - * ROUND_ROBIN - This is a simple policy in which
each healthy backend is selected in round robin order.
- "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts
- "* LEAST_REQUEST - An algorithm which selects two random healthy hosts
and picks the host which has fewer active requests."
- "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing
to backends. The algorithm has the property that the addition/removal of a
@ -762,7 +762,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

12
plugins/modules/gcp_compute_disk.py
View file

@ -570,14 +570,20 @@ def main():
provisioned_iops=dict(type='int'),
zone=dict(required=True, type='str'),
source_image_encryption_key=dict(
type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
type='dict',
no_log=True,
options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
),
disk_encryption_key=dict(
type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
type='dict',
no_log=True,
options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
),
source_snapshot=dict(type='dict', no_log=True),
source_snapshot_encryption_key=dict(
type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
type='dict',
no_log=True,
options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
),
)
)

2
plugins/modules/gcp_compute_disk_info.py
View file

@ -375,7 +375,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_external_vpn_gateway_info.py
View file

@ -175,7 +175,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_firewall_info.py
View file

@ -322,7 +322,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_forwarding_rule_info.py
View file

@ -314,7 +314,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_global_address_info.py
View file

@ -205,7 +205,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_global_forwarding_rule_info.py
View file

@ -289,7 +289,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

1
plugins/modules/gcp_compute_health_check.py
View file

@ -457,7 +457,6 @@ options:
- Indicates whether or not to export logs. This is false by default, which
means no health check logging will be done.
required: false
default: 'false'
type: bool
project:
description:

2
plugins/modules/gcp_compute_health_check_info.py
View file

@ -527,7 +527,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_http_health_check_info.py
View file

@ -204,7 +204,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_https_health_check_info.py
View file

@ -204,7 +204,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

4
plugins/modules/gcp_compute_image.py
View file

@ -545,13 +545,13 @@ def main():
disk_size_gb=dict(type='int'),
family=dict(type='str'),
guest_os_features=dict(type='list', elements='dict', options=dict(type=dict(required=True, type='str'))),
image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))),
image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))),
labels=dict(type='dict'),
licenses=dict(type='list', elements='str'),
name=dict(required=True, type='str'),
raw_disk=dict(type='dict', options=dict(container_type=dict(type='str'), sha1_checksum=dict(type='str'), source=dict(required=True, type='str'))),
source_disk=dict(type='dict'),
source_disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))),
source_disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))),
source_disk_id=dict(type='str'),
source_image=dict(type='dict'),
source_snapshot=dict(type='dict'),

2
plugins/modules/gcp_compute_image_info.py
View file

@ -351,7 +351,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

34
plugins/modules/gcp_compute_instance.py
View file

@ -61,6 +61,13 @@ options:
- Whether the resource should be protected against deletion.
required: false
type: bool
discard_local_ssd:
description:
- Discards the contents of any attached Local SSD disks when changing status
to TERMINATED.
default: True
required: false
type: bool
disks:
description:
- An array of disks that are associated with the instances that are created from
@ -388,6 +395,19 @@ options:
field to "{{ name-of-resource }}"'
required: false
type: dict
nic_type:
description:
- Type of network interface card attached to instance.
- If unspecified it will use the default provided by GCP.
- As the next generation network interface which succeeds VirtIO, gVNIC
replaces VirtIO-Net as the only supported network interface in Compute
Engine for all new machine types (Generation 3 and onwards).
- Newer machine series and networking features require gVNIC instead of VirtIO.
required: false
type: str
choices:
- VIRTIO_NET
- GVNIC
scheduling:
description:
- Sets the scheduling options for this instance.
@ -1117,6 +1137,7 @@ def main():
state=dict(default='present', choices=['present', 'absent'], type='str'),
can_ip_forward=dict(type='bool', aliases=['ip_forward']),
deletion_protection=dict(type='bool'),
discard_local_ssd=dict(type='bool', required=False, default=True),
disks=dict(
type='list',
elements='dict',
@ -1124,7 +1145,9 @@ def main():
auto_delete=dict(type='bool'),
boot=dict(type='bool'),
device_name=dict(type='str'),
disk_encryption_key=dict(type='dict', options=dict(raw_key=dict(type='str'), rsa_encrypted_key=dict(type='str'))),
disk_encryption_key=dict(type='dict',
no_log=True,
options=dict(raw_key=dict(type='str', no_log=True), rsa_encrypted_key=dict(type='str', no_log=True))),
index=dict(type='int'),
initialize_params=dict(
type='dict',
@ -1133,7 +1156,7 @@ def main():
disk_size_gb=dict(type='int'),
disk_type=dict(type='str'),
source_image=dict(type='str', aliases=['image', 'image_family']),
source_image_encryption_key=dict(type='dict', options=dict(raw_key=dict(type='str'))),
source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))),
),
),
interface=dict(type='str'),
@ -1170,6 +1193,7 @@ def main():
network_ip=dict(type='str'),
subnetwork=dict(type='dict'),
stack_type=dict(type='str'),
nic_type=dict(type='str', choices=['VIRTIO_NET', 'GVNIC']),
),
),
scheduling=dict(
@ -1510,7 +1534,9 @@ class InstancePower(object):
return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/start".format(**self.module.params)
def _stop_url(self):
return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop".format(**self.module.params)
return "https://www.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances/{name}/stop?discardLocalSsd={discard_local_ssd}".format(
**self.module.params
)
def deletion_protection_update(module, request, response):
@ -1710,6 +1736,7 @@ class InstanceNetworkinterfacesArray(object):
u'networkIP': item.get('network_ip'),
u'stackType': item.get('stack_type'),
u'subnetwork': replace_resource_dict(item.get(u'subnetwork', {}), 'selfLink'),
u'nicType': item.get('nic_type'),
}
)
@ -1722,6 +1749,7 @@ class InstanceNetworkinterfacesArray(object):
u'networkIP': item.get(u'networkIP'),
u'stackType': item.get('stackType'),
u'subnetwork': item.get(u'subnetwork'),
u'nicType': item.get(u'nicType'),
}
)

2
plugins/modules/gcp_compute_instance_group_info.py
View file

@ -213,7 +213,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_instance_group_manager_info.py
View file

@ -288,7 +288,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

3
plugins/modules/gcp_compute_instance_info.py
View file

@ -621,7 +621,8 @@ def main():
argument_spec=dict(
filters=dict(type="list", elements="str"),
zone=dict(required=True, type="str"),
)
),
supports_check_mode=True
)
if not module.params["scopes"]:

6
plugins/modules/gcp_compute_instance_template.py
View file

@ -1019,7 +1019,9 @@ def main():
auto_delete=dict(type='bool'),
boot=dict(type='bool'),
device_name=dict(type='str'),
disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'), rsa_encrypted_key=dict(type='str'))),
disk_encryption_key=dict(type='dict',
no_log=True,
options=dict(raw_key=dict(type='str', no_log=True), rsa_encrypted_key=dict(type='str', no_log=True))),
index=dict(type='int'),
initialize_params=dict(
type='dict',
@ -1028,7 +1030,7 @@ def main():
disk_size_gb=dict(type='int'),
disk_type=dict(type='str'),
source_image=dict(type='str'),
source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))),
source_image_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))),
),
),
interface=dict(type='str'),

2
plugins/modules/gcp_compute_instance_template_info.py
View file

@ -560,7 +560,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_interconnect_attachment_info.py
View file

@ -320,7 +320,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_network_endpoint_group_info.py
View file

@ -192,7 +192,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_network_info.py
View file

@ -202,7 +202,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_node_group_info.py
View file

@ -219,7 +219,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_node_template_info.py
View file

@ -220,7 +220,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_region_autoscaler_info.py
View file

@ -320,7 +320,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

6
plugins/modules/gcp_compute_region_backend_service.py
View file

@ -476,7 +476,7 @@ options:
- The load balancing algorithm used within the scope of the locality.
- The possible values are - * ROUND_ROBIN - This is a simple policy in which each
healthy backend is selected in round robin order.
- "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts
- "* LEAST_REQUEST - An algorithm which selects two random healthy hosts
and picks the host which has fewer active requests."
- "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing
to backends. The algorithm has the property that the addition/removal of a host
@ -566,6 +566,7 @@ options:
be used to disable ejection or to ramp it up slowly. Defaults to 0.
required: false
type: int
default: 0
enforcing_success_rate:
description:
- The percentage chance that a host will be actually ejected when an outlier
@ -1222,7 +1223,7 @@ localityLbPolicy:
- The load balancing algorithm used within the scope of the locality.
- The possible values are - * ROUND_ROBIN - This is a simple policy in which each
healthy backend is selected in round robin order.
- "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and
- "* LEAST_REQUEST - An algorithm which selects two random healthy hosts and
picks the host which has fewer active requests."
- "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing
to backends. The algorithm has the property that the addition/removal of a host
@ -1507,6 +1508,7 @@ def main():
options=dict(
cache_key_policy=dict(
type='dict',
no_log=False,
options=dict(
include_host=dict(type='bool'),
include_protocol=dict(type='bool'),

4
plugins/modules/gcp_compute_region_backend_service_info.py
View file

@ -559,7 +559,7 @@ resources:
- The load balancing algorithm used within the scope of the locality.
- The possible values are - * ROUND_ROBIN - This is a simple policy in which
each healthy backend is selected in round robin order.
- "* LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts
- "* LEAST_REQUEST - An algorithm which selects two random healthy hosts
and picks the host which has fewer active requests."
- "* RING_HASH - The ring/modulo hash load balancer implements consistent hashing
to backends. The algorithm has the property that the addition/removal of a
@ -787,7 +787,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

4
plugins/modules/gcp_compute_region_disk.py
View file

@ -430,9 +430,9 @@ def main():
replica_zones=dict(required=True, type='list', elements='str'),
type=dict(type='str'),
region=dict(required=True, type='str'),
disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))),
disk_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))),
source_snapshot=dict(type='dict'),
source_snapshot_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str'))),
source_snapshot_encryption_key=dict(type='dict', no_log=True, options=dict(raw_key=dict(type='str', no_log=True))),
)
)

2
plugins/modules/gcp_compute_region_disk_info.py
View file

@ -293,7 +293,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

1
plugins/modules/gcp_compute_region_health_check.py
View file

@ -452,7 +452,6 @@ options:
- Indicates whether or not to export logs. This is false by default, which
means no health check logging will be done.
required: false
default: 'false'
type: bool
region:
description:

2
plugins/modules/gcp_compute_region_health_check_info.py
View file

@ -538,7 +538,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_region_instance_group_manager_info.py
View file

@ -301,7 +301,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_region_target_http_proxy_info.py
View file

@ -176,7 +176,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_region_target_https_proxy_info.py
View file

@ -183,7 +183,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

13
plugins/modules/gcp_compute_region_url_map.py
View file

@ -302,7 +302,6 @@ options:
is considered a match if the match criteria above are NOT met.
Defaults to false.
required: false
default: 'false'
type: bool
prefix_match:
description:
@ -364,7 +363,6 @@ options:
- Specifies that prefixMatch and fullPathMatch matches are case sensitive.
- Defaults to false.
required: false
default: 'false'
type: bool
metadata_filters:
description:
@ -499,7 +497,6 @@ options:
to the Access- Control-Allow-Credentials header. Defaults to
false.
required: false
default: 'false'
type: bool
allow_headers:
description:
@ -535,7 +532,6 @@ options:
- which indicates that the CORS policy is in effect. Defaults
to false.
required: false
default: 'false'
type: bool
expose_headers:
description:
@ -882,7 +878,6 @@ options:
used in TargetHttpProxys. Setting this true for TargetHttpsProxy
is not permitted. The default is set to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -926,7 +921,6 @@ options:
query portion of the original URL is retained. The default value
is false.
required: false
default: 'false'
type: bool
path_rules:
description:
@ -993,7 +987,6 @@ options:
to the Access- Control-Allow-Credentials header. Defaults to
false.
required: false
default: 'false'
type: bool
allow_headers:
description:
@ -1373,7 +1366,6 @@ options:
used in TargetHttpProxys. Setting this true for TargetHttpsProxy
is not permitted. The default is set to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -1416,7 +1408,6 @@ options:
is removed prior to redirecting the request. If set to false, the
query portion of the original URL is retained.
required: false
default: 'false'
type: bool
default_url_redirect:
description:
@ -1441,7 +1432,6 @@ options:
in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
The default is set to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -1483,7 +1473,6 @@ options:
removed prior to redirecting the request. If set to false, the query
portion of the original URL is retained.
required: false
default: 'false'
type: bool
tests:
description:
@ -1541,7 +1530,6 @@ options:
Setting this true for TargetHttpsProxy is not permitted. The default is
set to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -1582,7 +1570,6 @@ options:
prior to redirecting the request. If set to false, the query portion of
the original URL is retained.
required: false
default: 'false'
type: bool
region:
description:

2
plugins/modules/gcp_compute_region_url_map_info.py
View file

@ -1604,7 +1604,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

1
plugins/modules/gcp_compute_reservation.py
View file

@ -73,7 +73,6 @@ options:
this reservation. Otherwise, it can be consumed by VMs with affinity for any
reservation. Defaults to false.
required: false
default: 'false'
type: bool
specific_reservation:
description:

2
plugins/modules/gcp_compute_reservation_info.py
View file

@ -258,7 +258,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_resource_policy_info.py
View file

@ -346,7 +346,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_route_info.py
View file

@ -217,7 +217,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_router_info.py
View file

@ -222,7 +222,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

8
plugins/modules/gcp_compute_snapshot.py
View file

@ -388,10 +388,14 @@ def main():
source_disk=dict(required=True, type='dict'),
zone=dict(type='str'),
snapshot_encryption_key=dict(
type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
type='dict',
no_log=True,
options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
),
source_disk_encryption_key=dict(
type='dict', no_log=True, options=dict(raw_key=dict(type='str'), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
type='dict',
no_log=True,
options=dict(raw_key=dict(type='str', no_log=True), kms_key_name=dict(type='str'), kms_key_service_account=dict(type='str'))
),
)
)

2
plugins/modules/gcp_compute_snapshot_info.py
View file

@ -260,7 +260,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_ssl_certificate_info.py
View file

@ -171,7 +171,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_ssl_policy_info.py
View file

@ -207,7 +207,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_subnetwork_info.py
View file

@ -226,7 +226,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_target_http_proxy_info.py
View file

@ -171,7 +171,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_target_https_proxy_info.py
View file

@ -193,7 +193,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_target_instance_info.py
View file

@ -178,7 +178,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_target_pool_info.py
View file

@ -224,7 +224,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_target_ssl_proxy_info.py
View file

@ -183,7 +183,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_target_tcp_proxy_info.py
View file

@ -175,7 +175,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_target_vpn_gateway_info.py
View file

@ -186,7 +186,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

27
plugins/modules/gcp_compute_url_map.py
View file

@ -70,6 +70,11 @@ options:
the resource.
required: false
type: str
fingerprint:
description:
- Fingerprint of this resource. A hash of the contents stored in this object. This
field is used in optimistic locking.
type: str
header_action:
description:
- Specifies changes to request and response headers that need to take effect for
@ -357,7 +362,6 @@ options:
to the Access- Control-Allow-Credentials header. Defaults to
false.
required: false
default: 'false'
type: bool
allow_headers:
description:
@ -737,7 +741,6 @@ options:
used in TargetHttpProxys. Setting this true for TargetHttpsProxy
is not permitted. The default is set to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -780,7 +783,6 @@ options:
is removed prior to redirecting the request. If set to false, the
query portion of the original URL is retained.
required: false
default: 'false'
type: bool
route_rules:
description:
@ -948,7 +950,6 @@ options:
is considered a match if the match criteria above are NOT met.
Defaults to false.
required: false
default: 'false'
type: bool
prefix_match:
description:
@ -1010,7 +1011,6 @@ options:
- Specifies that prefixMatch and fullPathMatch matches are case sensitive.
- Defaults to false.
required: false
default: 'false'
type: bool
metadata_filters:
description:
@ -1145,7 +1145,6 @@ options:
to the Access- Control-Allow-Credentials header. Defaults to
false.
required: false
default: 'false'
type: bool
allow_headers:
description:
@ -1181,7 +1180,6 @@ options:
- which indicates that the CORS policy is in effect. Defaults
to false.
required: false
default: 'false'
type: bool
expose_headers:
description:
@ -1531,7 +1529,6 @@ options:
- Setting this true for TargetHttpsProxy is not permitted. Defaults
to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -1569,7 +1566,6 @@ options:
is removed prior to redirecting the request. If set to false, the
query portion of the original URL is retained. Defaults to false.
required: false
default: 'false'
type: bool
default_url_redirect:
description:
@ -1594,7 +1590,6 @@ options:
in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
The default is set to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -1636,7 +1631,6 @@ options:
removed prior to redirecting the request. If set to false, the query
portion of the original URL is retained.
required: false
default: 'false'
type: bool
default_route_action:
description:
@ -1733,7 +1727,6 @@ options:
- If true, headerValue is set for the header, discarding any
values that were set for that header.
required: false
default: 'false'
type: bool
response_headers_to_remove:
description:
@ -1767,7 +1760,6 @@ options:
- If true, headerValue is set for the header, discarding any
values that were set for that header.
required: false
default: 'false'
type: bool
url_rewrite:
description:
@ -1960,14 +1952,12 @@ options:
that the actual request can include user credentials.
- This translates to the Access-Control-Allow-Credentials header.
required: false
default: 'false'
type: bool
disabled:
description:
- If true, specifies the CORS policy is disabled. The default value
is false, which indicates that the CORS policy is in effect.
required: false
default: 'false'
type: bool
fault_injection_policy:
description:
@ -2095,7 +2085,6 @@ options:
Setting this true for TargetHttpsProxy is not permitted. The default is
set to false.
required: false
default: 'false'
type: bool
path_redirect:
description:
@ -2136,7 +2125,6 @@ options:
prior to redirecting the request. If set to false, the query portion of
the original URL is retained. The default is set to false.
required: false
default: 'false'
type: bool
default_route_action:
description:
@ -2231,8 +2219,6 @@ options:
exist for the header.
- If true, headerValue is set for the header, discarding any values
that were set for that header.
required: false
default: 'false'
type: bool
response_headers_to_remove:
description:
@ -2266,7 +2252,6 @@ options:
- If true, headerValue is set for the header, discarding any values
that were set for that header.
required: false
default: 'false'
type: bool
url_rewrite:
description:
@ -2456,14 +2441,12 @@ options:
the actual request can include user credentials.
- This translates to the Access-Control-Allow-Credentials header.
required: false
default: 'false'
type: bool
disabled:
description:
- If true, specifies the CORS policy is disabled. The default value is
false, which indicates that the CORS policy is in effect.
required: false
default: 'false'
type: bool
fault_injection_policy:
description:

2
plugins/modules/gcp_compute_url_map_info.py
View file

@ -2487,7 +2487,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

2
plugins/modules/gcp_compute_vpn_tunnel_info.py
View file

@ -247,7 +247,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(filters=dict(type='list', elements='str'), region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute']

6
plugins/modules/gcp_container_cluster.py
View file

@ -1528,7 +1528,9 @@ def main():
accelerators=dict(type='list', elements='dict', options=dict(accelerator_count=dict(type='str'), accelerator_type=dict(type='str'))),
disk_type=dict(type='str'),
min_cpu_platform=dict(type='str'),
taints=dict(type='list', elements='dict', options=dict(key=dict(type='str'), value=dict(type='str'), effect=dict(type='str'))),
taints=dict(type='list',
elements='dict',
options=dict(key=dict(type='str', no_log=False), value=dict(type='str'), effect=dict(type='str'))),
shielded_instance_config=dict(
type='dict', options=dict(enable_secure_boot=dict(type='bool'), enable_integrity_monitoring=dict(type='bool'))
),
@ -1538,7 +1540,7 @@ def main():
type='dict',
options=dict(
username=dict(type='str'),
password=dict(type='str'),
password=dict(type='str', no_log=True),
client_certificate_config=dict(type='dict', options=dict(issue_client_certificate=dict(type='bool'))),
),
),

2
plugins/modules/gcp_container_cluster_info.py
View file

@ -859,7 +859,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone'])))
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone'])), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

4
plugins/modules/gcp_container_node_pool.py
View file

@ -764,7 +764,9 @@ def main():
accelerators=dict(type='list', elements='dict', options=dict(accelerator_count=dict(type='int'), accelerator_type=dict(type='str'))),
disk_type=dict(type='str'),
min_cpu_platform=dict(type='str'),
taints=dict(type='list', elements='dict', options=dict(key=dict(type='str'), value=dict(type='str'), effect=dict(type='str'))),
taints=dict(type='list',
elements='dict',
options=dict(key=dict(type='str', no_log=False), value=dict(type='str'), effect=dict(type='str'))),
shielded_instance_config=dict(
type='dict', options=dict(enable_secure_boot=dict(type='bool'), enable_integrity_monitoring=dict(type='bool'))
),

3
plugins/modules/gcp_container_node_pool_info.py
View file

@ -450,7 +450,8 @@ import json
def main():
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']), cluster=dict(required=True, type='dict')))
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str', aliases=['region', 'zone']), cluster=dict(required=True, type='dict')),
supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

6
plugins/modules/gcp_dns_managed_zone.py
View file

@ -508,8 +508,12 @@ def main():
default_key_specs=dict(
type='list',
elements='dict',
no_log=False,
options=dict(
algorithm=dict(type='str'), key_length=dict(type='int'), key_type=dict(type='str'), kind=dict(default='dns#dnsKeySpec', type='str')
algorithm=dict(type='str'),
key_length=dict(type='int', no_log=False),
key_type=dict(type='str'),
kind=dict(default='dns#dnsKeySpec', type='str')
),
),
),

2
plugins/modules/gcp_dns_managed_zone_info.py
View file

@ -308,7 +308,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(dns_name=dict(type='list', elements='str')))
module = GcpModule(argument_spec=dict(dns_name=dict(type='list', elements='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite']

2
plugins/modules/gcp_dns_resource_record_set_info.py
View file

@ -160,7 +160,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(managed_zone=dict(required=True, type='dict')))
module = GcpModule(argument_spec=dict(managed_zone=dict(required=True, type='dict')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite']

2
plugins/modules/gcp_filestore_instance_info.py
View file

@ -213,7 +213,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(zone=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(zone=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_iam_role_info.py
View file

@ -156,7 +156,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/iam']

2
plugins/modules/gcp_iam_service_account_info.py
View file

@ -155,7 +155,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/iam']

3
plugins/modules/gcp_kms_crypto_key.py
View file

@ -104,6 +104,7 @@ options:
- If set to true, the request will create a CryptoKey without any CryptoKeyVersions.
You must use the `google_kms_key_ring_import_job` resource to import the CryptoKeyVersion.
required: false
default: false
type: bool
project:
description:
@ -284,7 +285,7 @@ def main():
purpose=dict(default='ENCRYPT_DECRYPT', type='str'),
rotation_period=dict(type='str'),
version_template=dict(type='dict', options=dict(algorithm=dict(required=True, type='str'), protection_level=dict(type='str'))),
key_ring=dict(required=True, type='str'),
key_ring=dict(required=True, type='str', no_log=False),
skip_initial_version_creation=dict(type='bool', default=False),
)
)

2
plugins/modules/gcp_kms_crypto_key_info.py
View file

@ -198,7 +198,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(key_ring=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(key_ring=dict(required=True, type='str', no_log=False)), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloudkms']

2
plugins/modules/gcp_kms_key_ring_info.py
View file

@ -151,7 +151,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(location=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloudkms']

3
plugins/modules/gcp_logging_metric.py
View file

@ -528,7 +528,8 @@ def main():
labels=dict(
type='list',
elements='dict',
options=dict(key=dict(required=True, type='str'), description=dict(type='str'), value_type=dict(default='STRING', type='str')),
options=dict(key=dict(required=True, type='str', no_log=False),
description=dict(type='str'), value_type=dict(default='STRING', type='str')),
),
display_name=dict(type='str'),
),

2
plugins/modules/gcp_logging_metric_info.py
View file

@ -302,7 +302,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_mlengine_model_info.py
View file

@ -169,7 +169,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_mlengine_version_info.py
View file

@ -260,7 +260,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(model=dict(required=True, type='dict')))
module = GcpModule(argument_spec=dict(model=dict(required=True, type='dict')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

649
plugins/modules/gcp_parameter_manager.py Normal file
View file

@ -0,0 +1,649 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt
# or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
################################################################################
# Documentation
################################################################################
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ["preview"], 'supported_by': 'community'}
DOCUMENTATION = '''
---
module: gcp_parameter_manager
description:
- Access and Update Google Cloud Parameter Manager objects
- Create new parameters.
- Create new parameters with format.
- Create new parameters with labels.
- Create new parameters with format and labels.
- Add/Remove parameter version.
- Remove parameter.
short_description: Access and Update Google Cloud Parameter Manager objects
author: Google Inc. (@googlecloudplatform)
requirements:
- python >= 3.7
- requests >= 2.32.3
- google-auth >= 2.39.0
options:
project:
description:
- The Google Cloud Platform project to use. Defaults to OS env variable
GCP_PROJECT if not present
type: str
auth_kind:
description:
- The type of credential used.
type: str
required: true
choices:
- application
- machineaccount
- serviceaccount
- accesstoken
service_account_contents:
description:
- The contents of a Service Account JSON file, either in a dictionary or as a
JSON string that represents it.
type: jsonarg
service_account_file:
description:
- The path of a Service Account JSON file if serviceaccount is selected as type.
type: path
service_account_email:
description:
- An optional service account email address if machineaccount is selected and
the user does not wish to use the default email.
type: str
access_token:
description:
- An OAuth2 access token if credential type is accesstoken.
type: str
scopes:
description:
- Array of scopes to be used
type: list
elements: str
env_type:
description:
- Specifies which Ansible environment you're running this module within.
- This should not be set unless you know what you're doing.
- This only alters the User Agent string for any API requests.
type: str
name:
description:
- Name of the parameter to be used
type: str
required: true
aliases:
- key
- parameter
- parameter_id
format:
description:
- Format of the parameter to be used.
type: str
default: UNFORMATTED
choices:
- UNFORMATTED
- JSON
- YAML
location:
description:
- Location of the parameter to be used
type: str
default: global
version:
description:
- Name of the parameter to be used
type: str
required: false
aliases:
- version_id
- parameter_version_id
value:
description:
- The parameter value that the parameter should have
- this will be set upon create
- If the parameter value is not this, a new version will be added with this value
type: str
state:
description:
- whether the parameter should exist
default: present
choices:
- absent
- present
type: str
return_value:
description:
- if true, the value of the parameter will be returned unencrypted to Ansible
- if false, no value will be returned or decrypted
type: bool
default: true
labels:
description:
- A set of key-value pairs to assign as labels to a parameter
- only used in creation
- Note that the "value" piece of a label must contain only readable chars
type: dict
default: {}
'''
EXAMPLES = '''
- name: Create a new parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
- name: Create a new parameter with version
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
value: super_parameter
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
- name: Create a new structured parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
format: JSON
value: '{"key":"value"}'
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
- name: Create a parameter with labels
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
value: super_parameter
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
labels:
key_name: "ansible_rox"
- name: Create a structured parameter with labels
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
format: JSON
value: '{"key":"value"}'
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
labels:
key_name: "ansible_rox"
- name: Ensure the parameter exists, fail otherwise and return the value
google.cloud.gcp_parameter_manager:
name: parameter_key
state: present
- name: Ensure parameter exists but don't return the value
google.cloud.gcp_parameter_manager:
name: parameter_key
state: present
return_value: false
- name: Add a new version of a parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
value: updated super parameter
state: present
- name: Delete version 1 of a parameter (but not the parameter itself)
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
state: absent
- name: Delete parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
state: absent
- name: Create a new regional parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
- name: Create a new regional parameter with version
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
value: super_parameter
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
- name: Create a new structured regional parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
format: JSON
value: '{"key":"value"}'
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
- name: Create a regional parameter with labels
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
value: super_parameter
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
labels:
key_name: "ansible_rox"
- name: Create a structured regional parameter with labels
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
format: JSON
value: '{"key":"value"}'
state: present
auth_kind: serviceaccount
service_account_file: service_account_creds.json
labels:
key_name: "ansible_rox"
- name: Ensure the regional parameter exists, fail otherwise and return the value
google.cloud.gcp_parameter_manager:
name: parameter_key
state: present
- name: Ensure regional parameter exists but don't return the value
google.cloud.gcp_parameter_manager:
name: parameter_key
state: present
return_value: false
- name: Add a new version of a regional parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
value: updated super parameter
state: present
- name: Delete version 1 of a regional parameter (but not the regional parameter itself)
google.cloud.gcp_parameter_manager:
name: parameter_key
version: version_key
state: absent
- name: Delete parameter
google.cloud.gcp_parameter_manager:
name: parameter_key
state: absent
'''
RETURN = '''
resources:
description: List of resources
returned: always
type: complex
contains:
name:
description:
- The name of the parameter
returned: success
type: str
location:
description:
- The location of the regional parameter
returned: success
type: str
version:
description:
- the version of the parameter returned
returned: success
type: str
url:
description:
- the Google Cloud URL used to make the request
returned: success
type: str
status_code:
description:
- the HTTP status code of the response to Google Cloud
returned: success
type: str
msg:
description:
- A message indicating what was done (or not done)
returned: success, failure
type: str
value:
description:
- The decrypted parameter data value, please use care with this
returned: success
type: str
payload:
description:
- The base 64 parameter payload
returned: success
type: dict
'''
################################################################################
# Imports
################################################################################
from ansible_collections.google.cloud.plugins.module_utils.gcp_utils import (
navigate_hash,
GcpSession,
GcpModule
)
# for decoding and validating parameters
import json
import base64
def get_auth(module):
return GcpSession(module, 'parameter-manager')
def make_url_prefix(module):
if module.params.get('location') is not None and module.params.get('location') != 'global':
return "https://parametermanager.{location}.rep.googleapis.com/v1/projects/{project}/locations/{location}/"
return "https://parametermanager.googleapis.com/v1/projects/{project}/locations/global/"
def self_parameter_link(module):
return (make_url_prefix(module) + "parameters/{name}").format(**module.params)
def self_parameter_version_link(module):
return (make_url_prefix(module) + "parameters/{name}/versions/{version}").format(**module.params)
def self_parameter_list_link(module):
return (make_url_prefix(module) + "parameters").format(**module.params)
def self_parameter_version_list_link(module):
return (make_url_prefix(module) + "parameters/{name}/versions").format(**module.params)
def check_parameter_exist(module, allow_not_found=True):
auth = get_auth(module)
param_list = list_parameters(module)
if param_list is None:
return None
link = self_parameter_link(module)
access_obj = return_if_object(module, auth.get(link), allow_not_found)
if access_obj is None:
return None
return access_obj
def check_parameter_version_exist(module, allow_not_found=True):
auth = get_auth(module)
version_list = list_parameter_versions(module)
if version_list is None:
return None
link = self_parameter_version_link(module)
access_obj = return_if_object(module, auth.get(link), allow_not_found)
if access_obj is None:
return None
return access_obj
def create_parameter(module):
# build the payload
payload = dict()
if module.params.get('format'):
payload['format'] = module.params.get('format')
if module.params.get('labels'):
payload['labels'] = module.params.get('labels')
url = (make_url_prefix(module) + "parameters?parameter_id={name}").format(**module.params)
auth = get_auth(module)
# validate create
return return_if_object(module, auth.post(url, payload), False)
def create_parameter_version(module):
# build the payload
b64_value = base64.b64encode(module.params.get('value').encode("utf-8")).decode("utf-8")
payload = {
u'payload': {
u'data': b64_value
}
}
auth = get_auth(module)
url = (make_url_prefix(module) + "parameters/{name}/versions?parameter_version_id={version}").format(**module.params)
# validate create
return return_if_object(module, auth.post(url, payload), False)
def list_parameters(module):
url = self_parameter_list_link(module)
auth = get_auth(module)
return return_if_object(module, auth.get(url), True)
def list_parameter_versions(module):
# filter by only enabled parameter version
url = self_parameter_version_list_link(module)
auth = get_auth(module)
return return_if_object(module, auth.get(url), True)
def delete_parameter(module):
auth = get_auth(module)
url = self_parameter_link(module)
return return_if_object(module, auth.delete(url), True)
def delete_parameter_version(module):
auth = get_auth(module)
url = self_parameter_version_link(module)
return return_if_object(module, auth.delete(url), True)
def return_if_object(module, response, allow_not_found=False):
# If not found, return nothing.
if allow_not_found and response.status_code == 404:
return None
if response.status_code == 409:
module.params['info'] = "exists already"
return None
# probably a code error
if response.status_code == 400:
module.fail_json(msg="unexpected REST failure: %s" % response.json()['error'])
# If no content, return nothing.
if response.status_code == 204:
return None
try:
module.raise_for_status(response)
result = response.json()
result['url'] = response.request.url
result['status_code'] = response.status_code
if "name" in result:
result['location'] = result['name'].split("/")[3]
result['name'] = result['name'].split("/")[5]
if len(result['name'].split("/")) == 8:
result['version'] = result['name'].split("/")[-1]
# base64 decode the value
if "payload" in result and "data" in result['payload']:
result['value'] = base64.b64decode(result['payload']['data']).decode("utf-8")
except getattr(json.decoder, 'JSONDecodeError', ValueError):
module.fail_json(msg="Invalid JSON response with error: %s" % response.text)
if navigate_hash(result, ['error', 'errors']):
module.fail_json(msg=navigate_hash(result, ['error', 'errors']))
return result
def main():
module = GcpModule(
argument_spec=dict(
state=dict(default='present', choices=['present', 'absent'], type='str'),
name=dict(required=True, type='str', aliases=['key', 'parameter', 'parameter_id']),
version=dict(required=False, type='str', aliases=['version_id', 'parameter_version_id']),
location=dict(required=False, type='str', default='global'),
value=dict(required=False, type='str'),
format=dict(required=False, type='str', default='UNFORMATTED', choices=['UNFORMATTED', 'JSON', 'YAML']),
return_value=dict(required=False, type='bool', default=True),
labels=dict(required=False, type='dict', default=dict())
)
)
try :
if module.params.get('scopes') is None:
module.params['scopes'] = ["https://www.googleapis.com/auth/cloud-platform"]
if module.params.get('project') is None:
module.fail_json(msg="The project is required. Please specify the Google Cloud project to use.")
state = module.params.get('state')
changed = False
fetch = check_parameter_exist(module, allow_not_found=True)
fetch_version = None
if fetch:
fetch_version = check_parameter_version_exist(module, allow_not_found=True)
if state == 'present':
# if parameter not exist
if not fetch:
# doesn't exist, must create
if module.params.get('version') and module.params.get('value'):
# create a new parameter
fetch = create_parameter(module)
fetch = create_parameter_version(module)
changed = True
# specified present and verison is provided but value is not provided
elif module.params.get('version') and module.params.get('value') is None:
module.fail_json(
msg="parameter '{name}' not present in '{project}' and no value for the parameter version is provided".format(**module.params)
)
# specified present and verison is not provided
# that no parameter could be created without a version
elif module.params.get('value'):
module.fail_json(msg="parameter '{name}' not present in '{project}' and no version for the parameter is provided".format(**module.params))
# specified present but no value
# that no parameter version could be created without a value to encrypt
else:
fetch = create_parameter(module)
changed = True
elif not fetch_version:
# doesn't exist, must create
if module.params.get('version') and module.params.get('value'):
fetch = create_parameter_version(module)
changed = True
# specified present and verison is provided but value is not provided
elif module.params.get('version') and module.params.get('value') is None:
module.fail_json(msg="parameter '{name}' present in '{project}' and no value for the parameter version is provided".format(**module.params))
# specified present and verison is not provided
# that no parameter could be created without a version
elif module.params.get('value'):
module.fail_json(msg="parameter '{name}' present in '{project}' and no version for the parameter is provided".format(**module.params))
# specified present but no value
# that no parameter could be created without a value to encrypt
else:
module.fail_json(
msg="parameter '{name}' present in '{project}' and no value and version for the parameter is provided".format(**module.params)
)
else:
# parameter and parameter version both exist
# check if the value is the same
# if not, delete the version and create new one
# if the value is the same, do nothing
if "value" in fetch_version and module.params.get('value', '') is not None:
if fetch_version['value'] != module.params.get('value'):
fetch['msg'] = 'values not identical, but parameter version name is same'
# Delete existing version and create new one
fetch = delete_parameter_version(module)
fetch = create_parameter_version(module)
changed = True
else:
module.exit_json(msg="parameter '{name}' is already exist and value is the same".format(**module.params))
elif module.params.get('value', '') is None:
module.fail_json(msg="parameter '{name}' present in '{project}' and no value for the parameter version is provided".format(**module.params))
else:
if fetch is None:
fetch = {}
module.exit_json(msg="parameter {name} is not exist".format(**module.params))
if fetch_version is None and module.params.get('version'):
fetch = {}
module.exit_json(msg="parameter version {version} is not exist".format(**module.params))
if module.params.get('version'):
version = delete_parameter_version(module)
if version is not None:
fetch = version
changed = True
else:
module.exit_json(msg="parameter version {version} is already deleted".format(**module.params))
else:
versions = list_parameter_versions(module)
if versions is not None:
version = versions.get('parameterVersions', None)
if version is None:
param = delete_parameter(module)
if param is not None:
changed = True
fetch = param
else:
module.exit_json(msg="parameter {name} is already deleted".format(**module.params))
else:
module.fail_json(msg="parameter {name} has nested version resources".format(**module.params))
else:
module.exit_json(msg="parameter {name} is not exist".format(**module.params))
# # pop value data if return_value == false
if module.params.get('return_value') is False:
if "value" in fetch:
fetch.pop('value')
if "payload" in fetch:
fetch.pop('payload')
if "msg" in fetch:
fetch['msg'] = "{} | not returning parameter value since 'return_value' is set to false".format(fetch['msg'])
else:
fetch['msg'] = "not returning parameter value since 'return_value' is set to false"
fetch['changed'] = changed
fetch['name'] = module.params.get('name')
except Exception as e:
module.fail_json(msg=f"An unexpected error occurred: {str(e)}")
module.exit_json(**fetch)
if __name__ == "__main__":
main()

8
plugins/modules/gcp_pubsub_subscription.py
View file

@ -93,7 +93,7 @@ options:
max_duration:
description:
- Subscription writes a new output file if the specified value of max duration is exceeded. Min 60s, max 600s.
required: true
required: false
type: str
max_bytes:
description:
@ -108,7 +108,7 @@ options:
output_format:
description:
- Specify the format of the output files that are to be stored in a Cloud Storage bucket as text or avro.
required: true
required: false
type: str
write_metadata:
description:
@ -654,7 +654,9 @@ def main():
push_config=dict(
type='dict',
options=dict(
oidc_token=dict(type='dict', options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))),
oidc_token=dict(type='dict',
no_log=False,
options=dict(service_account_email=dict(required=True, type='str'), audience=dict(type='str'))),
push_endpoint=dict(required=True, type='str'),
attributes=dict(type='dict'),
),

2
plugins/modules/gcp_pubsub_subscription_info.py
View file

@ -333,7 +333,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub']

2
plugins/modules/gcp_pubsub_topic_info.py
View file

@ -180,7 +180,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub']

1
plugins/modules/gcp_redis_instance.py
View file

@ -60,7 +60,6 @@ options:
to "true" AUTH is enabled on the instance.
- Default value is "false" meaning AUTH is disabled.
required: false
default: 'false'
type: bool
authorized_network:
description:

2
plugins/modules/gcp_redis_instance_info.py
View file

@ -291,7 +291,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')))
module = GcpModule(argument_spec=dict(region=dict(required=True, type='str')), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

4
plugins/modules/gcp_resourcemanager_project_info.py
View file

@ -86,7 +86,7 @@ options:
description:
- Indicates the number of projects that should be returned by the API
request
type: str
type: int
notes:
- for authentication, you can set service_account_file using the C(GCP_SERVICE_ACCOUNT_FILE)
env variable.
@ -190,7 +190,7 @@ import json
def main():
module = GcpModule(argument_spec=dict(
page_size=dict(type='int')
))
), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloud-platform']

2
plugins/modules/gcp_runtimeconfig_config_info.py
View file

@ -135,7 +135,7 @@ import json
def main():
module = GcpModule(argument_spec=dict())
module = GcpModule(argument_spec=dict(), supports_check_mode=True)
if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/cloudruntimeconfig']

Some files were not shown because too many files have changed in this diff Show more