diff --git a/plugins/modules/gcp_compute_address.py b/plugins/modules/gcp_compute_address.py index 1fbee38..f825738 100644 --- a/plugins/modules/gcp_compute_address.py +++ b/plugins/modules/gcp_compute_address.py @@ -92,9 +92,9 @@ options: - "* SHARED_LOADBALANCER_VIP for an address that can be used by multiple internal load balancers." - "* VPC_PEERING for addresses that are reserved for VPC peer networks." - - "* IPSEC_INTERCONNECT (Beta only) for addresses created from a private IP range - that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect - configuration. These addresses are regional resources." + - "* IPSEC_INTERCONNECT for addresses created from a private IP range that are + reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. + These addresses are regional resources." - This should only be set when using an Internal address. required: false type: str @@ -118,6 +118,22 @@ options: }}"' required: false type: dict + network: + description: + - The URL of the network in which to reserve the address. This field can only + be used with INTERNAL type with the VPC_PEERING and IPSEC_INTERCONNECT purposes. + - 'This field represents a link to a Network resource in GCP. It can be specified + in two ways. First, you can place a dictionary with key ''selfLink'' and value + of your resource''s selfLink Alternatively, you can add `register: name-of-resource` + to a gcp_compute_network task and then set this network field to "{{ name-of-resource + }}"' + required: false + type: dict + prefix_length: + description: + - The prefix length if the resource represents an IP range. + required: false + type: int region: description: - URL of the region where the regional address resides. @@ -234,9 +250,9 @@ purpose: - "* SHARED_LOADBALANCER_VIP for an address that can be used by multiple internal load balancers." - "* VPC_PEERING for addresses that are reserved for VPC peer networks." - - "* IPSEC_INTERCONNECT (Beta only) for addresses created from a private IP range - that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect - configuration. These addresses are regional resources." + - "* IPSEC_INTERCONNECT for addresses created from a private IP range that are reserved + for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. + These addresses are regional resources." - This should only be set when using an Internal address. returned: success type: str @@ -267,6 +283,17 @@ status: is currently being used by another resource and is not available. returned: success type: str +network: + description: + - The URL of the network in which to reserve the address. This field can only be + used with INTERNAL type with the VPC_PEERING and IPSEC_INTERCONNECT purposes. + returned: success + type: dict +prefixLength: + description: + - The prefix length if the resource represents an IP range. + returned: success + type: int region: description: - URL of the region where the regional address resides. @@ -301,6 +328,8 @@ def main(): purpose=dict(type='str'), network_tier=dict(type='str'), subnetwork=dict(type='dict'), + network=dict(type='dict'), + prefix_length=dict(type='int'), region=dict(required=True, type='str'), ) ) @@ -361,6 +390,8 @@ def resource_to_request(module): u'purpose': module.params.get('purpose'), u'networkTier': module.params.get('network_tier'), u'subnetwork': replace_resource_dict(module.params.get(u'subnetwork', {}), 'selfLink'), + u'network': replace_resource_dict(module.params.get(u'network', {}), 'selfLink'), + u'prefixLength': module.params.get('prefix_length'), } return_vals = {} for k, v in request.items(): @@ -437,6 +468,8 @@ def response_to_hash(module, response): u'subnetwork': response.get(u'subnetwork'), u'users': response.get(u'users'), u'status': response.get(u'status'), + u'network': response.get(u'network'), + u'prefixLength': response.get(u'prefixLength'), } diff --git a/plugins/modules/gcp_compute_address_info.py b/plugins/modules/gcp_compute_address_info.py index 2d093e5..0d5f785 100644 --- a/plugins/modules/gcp_compute_address_info.py +++ b/plugins/modules/gcp_compute_address_info.py @@ -164,9 +164,9 @@ resources: - "* SHARED_LOADBALANCER_VIP for an address that can be used by multiple internal load balancers." - "* VPC_PEERING for addresses that are reserved for VPC peer networks." - - "* IPSEC_INTERCONNECT (Beta only) for addresses created from a private IP - range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud - Interconnect configuration. These addresses are regional resources." + - "* IPSEC_INTERCONNECT for addresses created from a private IP range that are + reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. + These addresses are regional resources." - This should only be set when using an Internal address. returned: success type: str @@ -197,6 +197,17 @@ resources: is currently being used by another resource and is not available. returned: success type: str + network: + description: + - The URL of the network in which to reserve the address. This field can only + be used with INTERNAL type with the VPC_PEERING and IPSEC_INTERCONNECT purposes. + returned: success + type: dict + prefixLength: + description: + - The prefix length if the resource represents an IP range. + returned: success + type: int region: description: - URL of the region where the regional address resides. diff --git a/plugins/modules/gcp_compute_interconnect_attachment.py b/plugins/modules/gcp_compute_interconnect_attachment.py index 704b7fe..075fb0e 100644 --- a/plugins/modules/gcp_compute_interconnect_attachment.py +++ b/plugins/modules/gcp_compute_interconnect_attachment.py @@ -144,6 +144,38 @@ options: PARTNER type this will be managed upstream. required: false type: int + ipsec_internal_addresses: + description: + - URL of addresses that have been reserved for the interconnect attachment, Used + only for interconnect attachment that has the encryption option as IPSEC. + - The addresses must be RFC 1918 IP address ranges. When creating HA VPN gateway + over the interconnect attachment, if the attachment is configured to use an + RFC 1918 IP address, then the VPN gateway's IP address will be allocated from + the IP address range specified here. + - For example, if the HA VPN gateway's interface 0 is paired to this interconnect + attachment, then an RFC 1918 IP address for the VPN gateway interface 0 will + be allocated from the IP address specified for this interconnect attachment. + - If this field is not specified for interconnect attachment that has encryption + option as IPSEC, later on when creating HA VPN gateway on this interconnect + attachment, the HA VPN gateway's IP address will be allocated from regional + external IP address pool. + elements: dict + required: false + type: list + encryption: + description: + - 'Indicates the user-supplied encryption option of this interconnect attachment: + NONE is the default value, which means that the attachment carries unencrypted + traffic. VMs can send traffic to, or receive traffic from, this type of attachment.' + - IPSEC indicates that the attachment carries only traffic encrypted by an IPsec + device such as an HA VPN gateway. VMs cannot directly send traffic to, or receive + traffic from, such an attachment. To use IPsec-encrypted Cloud Interconnect + create the attachment using this option. + - Not currently available publicly. + - 'Some valid choices include: "NONE", "IPSEC"' + required: false + default: NONE + type: str region: description: - Region where the regional interconnect attachment resides. @@ -348,6 +380,35 @@ vlanTag8021q: PARTNER type this will be managed upstream. returned: success type: int +ipsecInternalAddresses: + description: + - URL of addresses that have been reserved for the interconnect attachment, Used + only for interconnect attachment that has the encryption option as IPSEC. + - The addresses must be RFC 1918 IP address ranges. When creating HA VPN gateway + over the interconnect attachment, if the attachment is configured to use an RFC + 1918 IP address, then the VPN gateway's IP address will be allocated from the + IP address range specified here. + - For example, if the HA VPN gateway's interface 0 is paired to this interconnect + attachment, then an RFC 1918 IP address for the VPN gateway interface 0 will be + allocated from the IP address specified for this interconnect attachment. + - If this field is not specified for interconnect attachment that has encryption + option as IPSEC, later on when creating HA VPN gateway on this interconnect attachment, + the HA VPN gateway's IP address will be allocated from regional external IP address + pool. + returned: success + type: list +encryption: + description: + - 'Indicates the user-supplied encryption option of this interconnect attachment: + NONE is the default value, which means that the attachment carries unencrypted + traffic. VMs can send traffic to, or receive traffic from, this type of attachment.' + - IPSEC indicates that the attachment carries only traffic encrypted by an IPsec + device such as an HA VPN gateway. VMs cannot directly send traffic to, or receive + traffic from, such an attachment. To use IPsec-encrypted Cloud Interconnect create + the attachment using this option. + - Not currently available publicly. + returned: success + type: str region: description: - Region where the regional interconnect attachment resides. @@ -393,6 +454,8 @@ def main(): name=dict(required=True, type='str'), candidate_subnets=dict(type='list', elements='str'), vlan_tag8021q=dict(type='int'), + ipsec_internal_addresses=dict(type='list', elements='dict'), + encryption=dict(default='NONE', type='str'), region=dict(required=True, type='str'), ) ) @@ -457,6 +520,8 @@ def resource_to_request(module): u'name': module.params.get('name'), u'candidateSubnets': module.params.get('candidate_subnets'), u'vlanTag8021q': module.params.get('vlan_tag8021q'), + u'ipsecInternalAddresses': replace_resource_dict(module.params.get('ipsec_internal_addresses', []), 'selfLink'), + u'encryption': module.params.get('encryption'), } return_vals = {} for k, v in request.items(): @@ -542,6 +607,8 @@ def response_to_hash(module, response): u'name': module.params.get('name'), u'candidateSubnets': module.params.get('candidate_subnets'), u'vlanTag8021q': module.params.get('vlan_tag8021q'), + u'ipsecInternalAddresses': replace_resource_dict(module.params.get('ipsec_internal_addresses', []), 'selfLink'), + u'encryption': module.params.get('encryption'), } diff --git a/plugins/modules/gcp_compute_interconnect_attachment_info.py b/plugins/modules/gcp_compute_interconnect_attachment_info.py index cd122b2..41795d7 100644 --- a/plugins/modules/gcp_compute_interconnect_attachment_info.py +++ b/plugins/modules/gcp_compute_interconnect_attachment_info.py @@ -265,6 +265,35 @@ resources: PARTNER type this will be managed upstream. returned: success type: int + ipsecInternalAddresses: + description: + - URL of addresses that have been reserved for the interconnect attachment, + Used only for interconnect attachment that has the encryption option as IPSEC. + - The addresses must be RFC 1918 IP address ranges. When creating HA VPN gateway + over the interconnect attachment, if the attachment is configured to use an + RFC 1918 IP address, then the VPN gateway's IP address will be allocated from + the IP address range specified here. + - For example, if the HA VPN gateway's interface 0 is paired to this interconnect + attachment, then an RFC 1918 IP address for the VPN gateway interface 0 will + be allocated from the IP address specified for this interconnect attachment. + - If this field is not specified for interconnect attachment that has encryption + option as IPSEC, later on when creating HA VPN gateway on this interconnect + attachment, the HA VPN gateway's IP address will be allocated from regional + external IP address pool. + returned: success + type: list + encryption: + description: + - 'Indicates the user-supplied encryption option of this interconnect attachment: + NONE is the default value, which means that the attachment carries unencrypted + traffic. VMs can send traffic to, or receive traffic from, this type of attachment.' + - IPSEC indicates that the attachment carries only traffic encrypted by an IPsec + device such as an HA VPN gateway. VMs cannot directly send traffic to, or + receive traffic from, such an attachment. To use IPsec-encrypted Cloud Interconnect + create the attachment using this option. + - Not currently available publicly. + returned: success + type: str region: description: - Region where the regional interconnect attachment resides.