ansible-collections/google.cloud
1
0
Fork 0
mirror of https://github.com/ansible-collections/google.cloud.git synced 2025-04-09 04:10:27 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

add firewall logging controls (#3780) (#261)

Browse source 
* add firewall logging controls

* make backward compatible

* check enable_logging in expand

* update docs

* update expand logic to fix failing test

Signed-off-by: Modular Magician <magic-modules@google.com>
This commit is contained in:
The Magician 2020-07-28 08:53:46 -07:00 committed by GitHub
parent b6df15b40d
commit c87bb52d1b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
plugins/modules/gcp_compute_firewall.py
View file

@ -143,18 +143,24 @@ options:
version_added: '2.8' version_added: '2.8'
log_config: log_config:
description: description:
- This field denotes whether to enable logging for a particular firewall rule. - This field denotes the logging options for a particular firewall rule.
If logging is enabled, logs will be exported to Stackdriver. - If logging is enabled, logs will be exported to Cloud Logging.
required: false required: false
type: dict type: dict
version_added: '2.10' version_added: '2.10'
suboptions: suboptions:
enable_logging: enable:
description: description:
- This field denotes whether to enable logging for a particular firewall rule. - This field denotes whether to enable logging for a particular firewall rule.
If logging is enabled, logs will be exported to Stackdriver. If logging is enabled, logs will be exported to Stackdriver.
required: false required: false
type: bool type: bool
metadata:
description:
- This field denotes whether to include or exclude metadata for firewall logs.
- 'Some valid choices include: "EXCLUDE_ALL_METADATA", "INCLUDE_ALL_METADATA"'
required: false
type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The - Name of the resource. Provided by the client when the resource is created. The
@ -406,17 +412,22 @@ disabled:
type: bool type: bool
logConfig: logConfig:
description: description:
- This field denotes whether to enable logging for a particular firewall rule. If - This field denotes the logging options for a particular firewall rule.
logging is enabled, logs will be exported to Stackdriver. - If logging is enabled, logs will be exported to Cloud Logging.
returned: success returned: success
type: complex type: complex
contains: contains:
enableLogging: enable:
description: description:
- This field denotes whether to enable logging for a particular firewall rule. - This field denotes whether to enable logging for a particular firewall rule.
If logging is enabled, logs will be exported to Stackdriver. If logging is enabled, logs will be exported to Stackdriver.
returned: success returned: success
type: bool type: bool
metadata:
description:
- This field denotes whether to include or exclude metadata for firewall logs.
returned: success
type: str
id: id:
description: description:
- The unique identifier for the resource. - The unique identifier for the resource.
@ -539,7 +550,7 @@ def main():
destination_ranges=dict(type='list', elements='str'), destination_ranges=dict(type='list', elements='str'),
direction=dict(type='str'), direction=dict(type='str'),
disabled=dict(type='bool'), disabled=dict(type='bool'),
log_config=dict(type='dict', options=dict(enable_logging=dict(type='bool'))), log_config=dict(type='dict', options=dict(enable=dict(type='bool'), metadata=dict(type='str'))),
name=dict(required=True, type='str'), name=dict(required=True, type='str'),
network=dict(default=dict(selfLink='global/networks/default'), type='dict'), network=dict(default=dict(selfLink='global/networks/default'), type='dict'),
priority=dict(default=1000, type='int'), priority=dict(default=1000, type='int'),
@ -817,10 +828,10 @@ class FirewallLogconfig(object):
self.request = {} self.request = {}
def to_request(self): def to_request(self):
return remove_nones_from_dict({u'enable': self.request.get('enable_logging')}) return remove_nones_from_dict({u'enable': self.request.get('enable'), u'metadata': self.request.get('metadata')})
def from_response(self): def from_response(self):
return remove_nones_from_dict({u'enable': self.request.get(u'enable')}) return remove_nones_from_dict({u'enable': self.request.get(u'enable'), u'metadata': self.request.get(u'metadata')})
if __name__ == '__main__': if __name__ == '__main__':

12
plugins/modules/gcp_compute_firewall_info.py
View file

@ -195,17 +195,23 @@ resources:
type: bool type: bool
logConfig: logConfig:
description: description:
- This field denotes whether to enable logging for a particular firewall rule. - This field denotes the logging options for a particular firewall rule.
If logging is enabled, logs will be exported to Stackdriver. - If logging is enabled, logs will be exported to Cloud Logging.
returned: success returned: success
type: complex type: complex
contains: contains:
enableLogging: enable:
description: description:
- This field denotes whether to enable logging for a particular firewall - This field denotes whether to enable logging for a particular firewall
rule. If logging is enabled, logs will be exported to Stackdriver. rule. If logging is enabled, logs will be exported to Stackdriver.
returned: success returned: success
type: bool type: bool
metadata:
description:
- This field denotes whether to include or exclude metadata for firewall
logs.
returned: success
type: str
id: id:
description: description:
- The unique identifier for the resource. - The unique identifier for the resource.